AWS VPC
Virtual Private Cloud is a virtual network that you can provision within AWS.
It allows to create a logically isolated section of the AWS cloud where you can launch AWS resources in a defined virtual network.
When you create VPC, you define the IP address for the VPC, subnets, and route tables. You cal also configure security groups, network access control lists, and internet gateways.
Using VPC, you can launch AWS resources such as EC2 instances, RDS databases, and Elastic Load Balancers in a virtual network that you control.
you can launch AWS resources such as EC2 instances, RDS databases, and Elastic Load Balancers in a virtual network that you control.
Components
Subnets: Logical partitions of the VPC IP address range.
Each subnet can be associated with a different availability zone(AZ), and can be either public or private.
Public - connected to internet via internet gateway.
private - not directly accesible from the internet.
Route tables: A Set of rules, called routes, that are used to determine where network traffic is directed.
Each subnet in a VPC must be associated with a route table, which controls the routing for the subnet. You can custom route tables and assocciate them with specific subnets to provide fine-grained control over network traffic.
Internet Gateway: A horizontally scaled, redundant, and higly available VPC component that allows communication btw instances in your VPC and the internets.
It serves as a conection point btw the VPC and internet.
NAT Gateway: A VPC component allows instances in a private subnet of a Virtual Private Cloud (VPC) to connect to the internet, while preventing the internet from initiating connections with the instances.
Security Groups: A virtual firewalls for your instances to control inbound and outbound traffic. You can create and configure security groups for your instances to restrict access to specific ports or IP.
Network Access Control Lists(ACLs): ACL act as a firewall for controlling traffic in and out of subnets. A way to control inbound and outbound traffic at the subnet level.
VPC peering peering allows you to connect two VPCs together to create a private, low-latency connection btw them.
VPC endpoint: A service that enables you to connect to AWS services privately, without requiring an internet gateway, NAT device, VPN connection, or a Direct Connect connection.
With VPC endpoints, you can keep traffic between your VPC and AWS services within the AWS network, improving security and reducing exposure to internet-based threats.
