Virtual Private Cloud (VPC)

Explore the basics of Virtual Private Cloud (VPC) and understand AWS’s default VPC settings.

We'll cover the following

Virtual Private Cloud
- Key components of VPC
- Default VPC

In this lesson, we’ll explore Virtual Private Clouds (VPCs), which are the foundation of AWS. Understanding VPCs is important because they help us create safe, expandable, and custom-made cloud spaces. With VPCs, we can control how information moves around, which keeps things safe and helps us manage our resources better. Through this lesson, we’ll see why VPCs are crucial in today’s cloud world and learn how to use them to build and look after our cloud-based projects.

Virtual Private Cloud

Virtual Private Cloud (VPC) in Amazon Web Services is an important component for constructing flexible and secure cloud architectures. Functioning as an isolated virtual network environment within the AWS cloud, a VPC enables users to define their own virtual network topology, including IP address ranges, subnets, route tables, and network gateways.

Press + to interact

Key components of VPC

The following are some key components that are important to establish and manage a networking environment:

Subnets: Within a VPC, subnets are like smaller neighborhoods, dividing the overall IP address range into manageable segments. Each subnet is associated with a specific Availability Zone (AZ), which ensures redundancy and fault tolerance. For example, you might have one subnet for web servers and another for databases, each located in different AZs, to mitigate the impact of failures.
Route tables: Think of route tables as traffic directors within the VPC. They determine how network traffic flows between subnets and external networks like the internet. For instance, a route table might specify that traffic destined for the internet should be directed through the internet gateway, while internal traffic stays within the VPC.
Internet gateways: Internet gateways are the connection points between the VPC and the wider internet. They allow instances within the VPC to communicate with resources outside the VPC, such as websites, APIs, and external databases.
Elastic IP addresses (EIP): EIPs are like reserved parking spots for instances within the VPC. They provide a static IP address that can be associated with an instance, ensuring that the instance maintains the same public-facing IP address even if it’s stopped and restarted.

Press + to interact

Default VPC

By default, when you create an AWS account, AWS creates a default VPC for you in each AWS Region. The default VPC comes pre-configured with a set of default subnets, route tables, internet gateways, and network access control lists (ACLs). This simplifies the process of launching instances and other resources without needing to create a custom VPC. The default VPC comes pre-configured with the following settings:

VPC configuration: A VPC with a size /16 IPv4 CIDR block (172.31.0.0/16), providing up to 65,536 private IPv4 addresses.
Default subnets: A size /20 default subnet in each Availability Zone, providing up to 4,096 addresses per subnet. Some addresses are reserved for AWS use.
Internet gateway: An internet gateway connected to the default VPC, allowing instances to communicate with the internet.
Route configuration: A route in the main route table that points all traffic (0.0.0.0/0) to the internet gateway.
Security group and network ACL: A default security group and network access control list (ACL) associated with the default VPC.
DHCP options set: The default DHCP options set for your AWS account is associated with your default VPC.

Press + to interact

Get hands-on with 1300+ tech skills courses.

Introduction

AWS Fundamentals

Understanding Cloud Computing Essentials— From Zero to Hero

Identity and Access Management

Securing AWS Resources: Managing Access with IAM

AWS IAM Permission Boundaries

Using AWS IAM Access Analyzer

Compute Services

Understanding AWS Compute Services — From Zero to Hero

Amazon EC2: Elastic Compute Cloud

Working with Instances: An Amazon EC2 Walkthrough

Managing Instance Volumes Using EBS

Networking

Understanding Networking Services in AWS—From Zero to Hero

Controlling VPC Traffic Using Network ACLs

Managing Peer Connections between Amazon Virtual Private Clouds

Accessing AWS Services over AWS PrivateLink Using VPC Endpoints

Monitoring IP Traffic Using VPC Flow Logs

Route 53

Serverless Computing

Getting to Know AWS Lambda

Building and Deploying Serverless Applications with AWS SAM

Developing RESTful Microservices with API Gateway and DynamoDB

Building a WebSocket-Based Chat Application Using API Gateway

Mastering AWS AppSync Lambda Resolvers

Application Integration

Getting Started with Amazon Simple Queue Service (SQS)

Handling Amazon SNS Notifications with AWS Lambda

Build a Fanout Serverless Architecture using SNS, SQS, and Lambda

Decoupling Serverless Applications with Amazon EventBridge

Getting Started with AWS Step Functions

Containers

Getting Started with Amazon ECS

Create an EKS Cluster and Deploy an Application

High Availability and Scalability

Managing Application Traffic Using Elastic Load Balancers

Understanding Auto Scaling Group (ASG) in AWS

Mastering Amazon EC2 Dynamic Scaling Policies

Storage

Understanding AWS Storage Options—From Zero to Hero

Simple Storage Service (S3)

Working with AWS S3 Cross-Region Replication

Resizing Images with S3 Batch Operations and AWS Lambda

Managing Data Access with Amazon S3 Access Points

File Storage and Transfer

Getting Started with Amazon FSx for Windows File Server

Databases

Working with Relational Databases: A Beginner's Guide to AWS RDS

Getting Started with Amazon Aurora Database Engine

Working with NoSQL Databases: A Beginner's Guide to AWS DynamoDB

Exploring Graphs with Amazon Neptune

Getting Started with Amazon Keyspaces

Achieving Ultra-Fast Performance Using Amazon MemoryDB for Redis

Improving Database Performance with Amazon ElastiCache for Redis

Migration and Transfer

Use of AWS Database Migration Service from Aurora MySQL to S3

Security and Compliance

Getting Started with AWS Key Management Service (KMS)

Encrypting S3 Buckets and EBS Volumes Using KMS

Protecting Web Applications Using AWS WAF

Managing Aurora DB Credentials and API Keys Using Secrets Manager

Finding Vulnerabilities on EC2 Instances Using AWS Inspector

Deployment Services

Mastering AWS Deployment Services—From Zero to Hero

CloudFormation

Getting to Know AWS CloudFormation

AWS CloudFormation Updates: Change Sets and Stack Policies

Mastering AWS CloudFormation Helper Scripts

Machine Learning

Understanding Machine Learning Services on AWS—From Zero to Hero

Deploying a Machine Learning Model with Amazon SageMaker

Getting Started with Amazon Fraud Detector

Build an Educative Chatbot with Conversational AI Using AWS Lex

Content Delivery and Optimization

Analytics

Analyzing S3 Data and CloudTrail Logs Using Amazon Athena

Getting Started with Amazon EMR

Getting Started with Amazon Redshift

Building ETL Pipelines on AWS

Create a Data Lake with Lake Formation and Analyze It with Athena