Scribd Logo
Upload

Welcome to Scribd!

  • Lesson 2 VPC

    Uploaded by

    Naveen Dileesha
    7 views20 pages
    The document discusses Amazon Virtual Private Cloud (VPC). VPC allows users to provision virtual networks that are logically isolated and dedicated to their AWS account. Key components of a VPC include subnets, route tables, security groups, and availability zones. VPC provides security, customization, and monitoring benefits compared to traditional data centers.

    Original Description:

    Original Title

    Lesson-2-VPC

    Copyright

    © © All Rights Reserved

    Available Formats

    PPTX, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    The document discusses Amazon Virtual Private Cloud (VPC). VPC allows users to provision virtual networks that are logically isolated and dedicated to their AWS account. Key components of a VPC include subnets, route tables, security groups, and availability zones. VPC provides security, customization, and monitoring benefits compared to traditional data centers.

    Copyright:

    © All Rights Reserved
    Download as PPTX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as pptx, pdf, or txt
    7 views20 pages

    Lesson 2 VPC

    Uploaded by

    Naveen Dileesha
    The document discusses Amazon Virtual Private Cloud (VPC). VPC allows users to provision virtual networks that are logically isolated and dedicated to their AWS account. Key components of a VPC include subnets, route tables, security groups, and availability zones. VPC provides security, customization, and monitoring benefits compared to traditional data centers.

    Copyright:

    © All Rights Reserved
    Download as PPTX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as pptx, pdf, or txt
    of 20

    Virtual Private Cloud

    Core AWS Services


    • Virtual Private Cloud (VPC)
    • Elastic Compute Cloud (EC2)

    2
    Core AWS Services
    Amazon Virtual Private Cloud (VPC)

    Understand the VPC concepts

    o Networking
    o Subnets
    o Security
    o Virtual Private Network (VPN)
    Virtual Private Cloud (VPC)
    When we start using AWS, the VPC is a type of ecosystem:

    • everything shares the same network

    VPC usually consists of:


    • Subnets
    • Route Tables
    • EC2 Servers
    • Network ACLs
    • Security Groups
    • Availability Zones
    Virtual Private Cloud (VPC)
    VPC allow you to provision virtual networks hosted on AWS
    cloud and dedicated to your AWS account

    o Have complete control over your virtual networking


    environment
    o VPCs are logically isolated from other virtual networks
    o Many AWS resources, such as EC2 instances are launched
    into VPCs
    o VPCs key features are configurable:
    • IP Address Ranges
    • Routing
    • Network Gateways
    • Security Settings
    Virtual Private Cloud (VPC) benefits
    o Secure and monitored network connections
    o Amazon VPC provides advanced security features that
    allow you to perform inbound and outbound filtering at the
    instance and subnet level.
    o Amazon VPC also has monitoring features that let you
    perform functions like out-of-band monitoring and inline
    traffic inspection, which help you screen and secure traffic
    Virtual Private Cloud (VPC) benefits
    o Simple set-up and use
    o With Amazon VPC's simple set-up, you spend less time
    setting up, managing, and validating,
    o You can create a VPC easily using the AWS Management
    Console or Command Line Interface (CLI).
    o VPC automatically creates the subnets, IP ranges, route
    tables, and security groups you need.
    Virtual Private Cloud (VPC) benefits
    o Customizable virtual network
    o Amazon VPC helps you control your virtual networking
    environment by letting you choose your own IP Address
    range, create your own subnets, and configure route tables
    to any available gateways.
    o You can customize the network configuration by creating a
    public-facing subnet for your web servers that has access to
    the internet.
    o Place your backend systems, such as databases or
    application servers, in a private-facing subnet.
    Virtual Private Cloud (VPC)
    o Each VPC lives in a region
    o VPCs can include resources in more than one Available
    Zone
    o Possible to create multiple VPCs in the same AWS account
    and regions
    VPCs and Subnets
    o A subnet defines a range of IP addresses in a VPC.
    o Launch AWS resources into a subnet that you select
    o Each subnet must reside entirely within one Availability
    Zone and cannot span zones
    VPC Example
    o Create an public facing subnet for web servers
    o Create a private facing subnet for application and database
    servers
    o Create a Virtual Private Network (VPN) connection
    between organization data center and AWS VPC
    VPC Route Tables
    o Your VPC has an implicit router, and you use route tables
    to control where network traffic is directed.
    o Each subnet in your VPC must be associated with a route
    table, which controls the routing for the subnet (subnet
    route table).
    o You can explicitly associate a subnet with a particular route
    table.
    VPC Servers
    o Web servers and application servers in your VPC can
    leverage Amazon EC2 elasticity and Auto Scaling features
    to grow and shrink as needed
    o You can launch your Amazon EC2 resources, such as
    instances, into the subnets of your VPC. Your VPC closely
    resembles a traditional network that you might operate in
    your own data center, with the benefits of using scalable
    infrastructure from AWS.
    Security in VPC
    AWS provides various
    security features to protect
    the virtual network
    environments

    o Security Groups

    o Network Access Control


    List (ACL)

    o Key Pairs
    VPC Network ACL
    o The Network Access Control List (ACL) is an optional
    security layer for your VPC. It acts as a firewall for
    controlling traffic flow o and from one or more subnets.
    Network ACLs can be set up with rules similar to your
    security groups
    o By default, each network ACL denies all inbound traffic to
    and outbound traffic from the associated subnet until you
    add rules. You can associate a network ACL with multiple
    subnets.
    VPC Security group
    o Security groups act as a firewall for
    associated Amazon EC2 instances,
    controlling both inbound and
    outbound traffic at the instance
    level. When you launch an instance,
    you can associate it with one or
    more security groups that you've
    created
    o Rules are added to each security
    group, which allows traffic to or
    from its associated instances.
    Basically, a security group controls
    inbound and outbound traffic for
    one or more EC2 instances
    VPC availability zone
    o Region and Availability Zone
    Concepts. Each Region is
    completely independent. Each
    Availability Zone is isolated, but
    the Availability Zones in a Region
    are connected through low-latency
    links
    o Regions and Availability Zones
    allow anyone to create worldwide
    infrastructure with ease. They also
    allow for many options for creating
    redundancy within your platform.
    By properly using these
    components, you can create world-
    class level systems in terms of both
    scale and reach
    VPN Connections
    Ways to extend organization on-premises networks to the
    AWS cloud and securely access them from anywhere
    VPN complete system

    You might also like