Amazon VPC Overview:
Amazon VPC is a Virtual Private Cloud that provides you virtual private network where you can launch your AWS resources (such as EC2 instance) for your web applications and development. Amazon virtual private cloud is a logically isolated section of the AWS cloud which is dedicated to your AWS account.
Subnet: It is a range of IP addresses in your VPC, Where user can launch their resources such as EC2 instances within a defined IP range in the VPC.
Route Tables: These tables contain a set of rules which define the route or direction of the traffic. Route table must bind with subnets to manage or control the routing of the traffic. A subnet can only be associated with one route table at a time, but you can associate multiple subnets with the same route table.
Internet gateway: is a VPC component that allows the instances in your VPC to communicate with the internet.
DHCP option set: The Dynamic Host Configuration Protocol (DHCP) provides a standard for passing configuration information to hosts on a TCP/IP network.
Elastic IPs: It is a dedicated or Static Internet Protocol version 4 address for dynamic cloud computing.
NAT Gateway: NAT (Network Address Translation) gateways helps the users to connect their instances in private subnet to the internet or other AWS services.
You can configure your own VPC network with Amazon predefined VPC configuration ways, as mentioned below:
- VPC with a Single Public Subnet
- VPC with Private and Public Subnets
- VPC with Public/Private Subnets and Hardware VPN Access
- VPC with a Private Subnet Only and Hardware VPN Access
VPC with a Single Public Subnet: In this configuration, the instance will run in an isolated section of the Amazon cloud with direct access to the internet. Network ACL and security groups help the user to provide control over inbound and outbound network traffic.
The VPC with Private and Public Subnets: This configuration adds a private subnet whose instances are not addressable from the Internet. Instances in the private subnet can establish outbound connections to the Internet via the public subnet using Network Address Translation (NAT).
The VPC with Private and Public Subnets and Hardware VPN Access: This configuration adds IPsec VPN connections between your Amazon VPC and your data center (DC) which extends your DC to the cloud while also providing direct access to the Internet for public subnet instances in your Amazon VPC.
The VPC with a Private Subnet Only and Hardware VPN Access: Your instances run in a private, isolated section of the AWS cloud with a private subnet whose instances are not addressable from the Internet. You can connect this private subnet to your corporate data center via an IPsec Virtual Private Network (VPN) tunnel.
The user is charged for creating the NAT gateway and using the NAT gateway within the AWS account. Customer is charged based on the following:
- NAT Gateway Hourly Charge: $0.045 per hour
- NAT Gateway Data Processing Charge: $0.045 three for 1 GB data processed by the NAT gateway