Amazon VPC is the network layer for Amazon Elastic Compute Cloud, Amazon EC2, and allows you to create your own virtual network within AWS.
You control various aspects of your Amazon VPC, including selecting your own range of IP addresses, creating your own subnets, and setting up your own route tables, network gateways, and security settings.
Within a region, you can create multiple VPCs, and each Amazon VPC is logically isolated even if it shares its IP address space.
When you create a VPC, you must specify the range of IPv4 addresses by choosing a Classless Inter-Domain Routing (CIDR) block, such as: 220.127.116.11/16. The VPC address range can not be changed after creation. A range of VPC addresses can be as large as / 16, that is 65,536 available addresses, or as small as / 28, 16 addresses available, and should not overlap any other network with which they must be connected.
The Amazon VPC service was launched after the Amazon EC2 service. Therefore, there were for two time two different network platforms available on AWS: EC2-Classic and EC2-VPC. The AWS EC2 was originally released with a single network shared with other AWS, where customers called it EC2-Classic. As such, AWS accounts created prior to the arrival of the Amazon VPC service could initiate instances on the EC2-Classic and EC2-VPC network. AWS accounts created after December 2013 only support instances using EC2-VPC. The AWS accounts that support EC2-VPC will have a default VPC created in each region with a default subnet created in each Availability Zone. The assigned CIDR block of the VPC will be 172.31.0.0/16.
An Amazon VPC consists of the following components:
- Route tables
- DHCP Options
- Security Groups
- Network Access Control Lists (ACLs)
An Amazon VPC has the following optional components:
- Internet Gateways (IGWs)
- Elastic IP Addresses (EIP)
- Elastic Network Interfaces (ENIs)
- Network address translation (NAT) instances and NAT gateways
- Virtual Private Gateway (VPG), Client Gateways (CGWs), and Virtual Private Networks (VPNs)
In the following articles I will detail each aspect of each component mentioned above.Sobre o autor: Guilherme Teles é um cara qualquer que não dorme direito e acaba escrevendo. Sou Certificado CISSP, CHFI, CEH, LPIC-3, AWS CDA, AWS SAA, AWS SOA Quer assinar a newsletter do site e receber esse e outros artigos? Clique aqui! Aproveite e navegue pelo smeu blog. Quem sabe você não está exatamente precisando de uma ajuda ?