AWS VPC - Virtual Private Cloud

Virtual Private Cloud (VPC)

Think of a VPC as a virtual center in the cloud.When you setup your AWS account you get a default VPC but there are cases where is not what you need.

VPC (AWS Definition): Amazon VPC lets you provision a logically isolated section of the AWS Cloud where you can launch AWS resources in a virtual network that you define. You have complete control over your virtual networking environment, including selection of your own IP address range, creation of subnets, and configuration of route tables and network gateways.

You can easily customize the network configuration for your Amazon Virtual Private Cloud. For example, you can create, you can create you own public facing subnet containing your webservers that have access to the Internet, and place you backend systems such as databases and application servers in private-facing subnet with no Internet access. You can leverage multiple layers of security, including security groups and network access control lists, to help control access to Amazon EC2 instances in each subnet.

Additionally you can create a Hardware Virtual Private Network (HVPN) connection between your corporate datacenter and your VPC and leverage the AWS cloud as an extension of your corporate datacenter.

What can you do with a VPC?

• Launch instances in a subnet of your choosing.
• Assign custom IP address ranges in each subnet.
• Configure route tables between subnets.
• Create internet gateway and attach it to your VPC.
• Much better security control over your AWS resources.
• Instance security groups.
• Subnet network access control lists (ACLs).

Default VPC vs Custom VPC

• Default VPC is user friendly, allowing you to immediately deploy instances. 
• All subnets in default VPCs have a route out to the Internet.
• Each EC2 instance has both a public and private IP address.

VPC Peering

• Allows you to connect one VPC with another via a direct network route using private IP address.
• Instances behave as if they were in the same private network.
• You can peer VPC with other AWS accounts as well as with other VPCs in the same account.
• Peering is in a star configuration, for example, one central VPC peers with 4 others. No transitive peering.