logo
Courses Blog About us Contact us Login

For All Of Those Keen To Understand The Concepts Of Networking In The AWS World, A Quick Go-Through Of This Article Will Help You Understand The Basics Concepts.

Amazon’s Virtual Private Cloud (VPC) Is An AWS Networking Service. It Is A Foundation For Computing Categories, Meaning, Other AWS Services, Such As Elastic Compute Cloud (EC2), Cannot Be Accessed Without A VPC Network.

Why Use VPC?

A VPC Runs On Shared Infrastructure, And Also Offers A Layer Of Isolation Between The Cloud Customers Sharing Resources. AWS VPC Is A Wonderful Option For Organizations Moving To The Cloud, Needing An Affordable Alternative To Use A Private Cloud Environment, And Wanting To Take Benefit Of Public Cloud Resources And Savings.

What Is VPC?

A Virtual Private Cloud (VPC) As The Name Suggests, Gives You A Private Environment Inside A Public Cloud. To Simplify This Term, Let’s Take An Example Of A Hotel Or A Resort That Is A Public Place But The Room Allotted To You Is Your Private Space In That Hotel Or Resort.

Each VPC Creates An Isolated Virtual Network Environment In The AWS Cloud, Dedicated To Your AWS Account. Other AWS Resources And Services Operate Inside VPC Networks To Provide Cloud Services. 

In This Article, We Will Deep Dive To Understand VPC Fully As It Is Crucial To Launch AWS Resources Into A Virtual Network That You’ve Defined. We Will Have An In-Depth Discussion Of AWS VPC And Its Features, How It Works. Its Essential Components Are CIDR Notation And Basic AWS Services. 

 Let’s Start From Scratch And Explore How To Configure VPC

How To Set Up An AWS VPC ?

We Can Configure A VPC With The AWS Management Console By Choosing The VPC Option Or With The AWS Command Line Interface And AWS Software Development Kit (SDK). Once chosen, the VPC becomes Operational After 

 Choosing An IP Address Range 

 Creating Subnets 

 Creating Routes To The Internet 

 Authorizing Traffic To And From The VPC

                  If You Want To Learn Practically How VPC Is Set Up Or How It Work 

                                              Click Here For More Information 

AWS VPC TYPES

  • IPv4 : Defined By Descibing IPv4 Address Space 
  • IPv6 : Defined By Describing IPv6 Address Space
  • Dual Stack : Uses both IPv4 + IPv6

Components Of AWS VPC

These Are Various Main Components Of AWS VPC That Are Required To Add The Functionality Of VPC, Let Us See How

Subnet :

A Subnet Is A Range Of IP Addresses In Your VPC. You Can Launch AWS Resources, Such As EC2 Instances, Into A Specific Subnet.

Type Of Subnets :

Public Subnet : Accessible Via The Internet. Uses An Internet Gateway To Reach The Internet. 

Private Subnet : Cannot Be Accessed Directly Via The Internet.

  • Can Use A NAT GATEWAY So That Instances In The Private Subnet Can Connect To Services Outside Your VPC.

  • A NAT GATEWAY Must Be Created With An INTERNET GATEWAY.

Security Groups :

A Security Group Is A Virtual Firewall That Controls The Inbound And Outbound Traffic Means What Is Allowed Or Denied To The Resource Within VPC ( Like EC2, RDS Database, Etc)

Network ACL :

Network ACL Is An Optional Layer Of Security And Associated With A Subnet In A VPC To Filter The Traffic To And From The Subnet.

Points To Be Remembered :

Stateful : Any Traffic Allowed In, Is Automatically Allowed Out.

Stateless : Both Traffic In And Out Must Be Explicitly Allowed

The Key Difference Between Stateful And Stateless Is That Stateless Applications Don’t Store Data Whereas Stateful Applications Require Backing Storage.

Let’s Try To Understand It With An Example In Stateful, If You Allow An Incoming Port 80, The Outgoing Port 80 Will Be Automatically Opened.

In Stateless, Any Changes Applied To An Incoming Rule Will Not Be Applied To The Outgoing Rule.

Internet Gateway : A Gateway That Connects The Public Subnet To The Internet.

NAT Gateway : Provides One-Way Connection From Private Subnet To External Resources. External Resources Can’t Initiate A Connection To Your Resources In The Private Subnet.

Route Tables : Route Tables Contain The Rules (Routes) That Determine How Network Traffic Is Directed Inside Your VPC And Subnets.

VPC Creates A Default Route Table Called The Main Route Table. The Main Route Table Is Automatically Associated With All VPC Subnets.

Here, You Have Two Options :

Update And Use The Main Route Table To Direct Network Traffic.

 Create Your Own Route Table To Be Used For Individual Subnet Traffic.

Elastic IP Addresses (EIPs)

EIPs Are Static Public IPv4 Addresses That Are Permanently Allocated To Your AWS Account (EIP Is Not Offered For IPv6). EIPs Are Used For Public Internet Access To :

  • An Instance 
  • An AWS Elastic Network Interface (ENI)
  • Other Services Needing A Public IP Address 

You Allocate EIPs For Long-Term Permanent Network Usage.

Features of VPC :

AWS VPC Span Multiple Availability Zone 

AWS VPC Can Have /16 To /28 CIDR Address Space 

The Subnets Should Have A MIn /28 CIDR Address 

A Total Of 5 IP Addresses From The Subnet Are Reserved By AWS VPC for It's Use

VPC Flow Logs : It Is A Feature That Enables You To Capture Information About The IP traffic going To And From Network Interfaces In Your VPC.

VPC Reachability Analyzer: It Performs Connectivity Testing Between A Source Resource And A Destination Resource In Your Virtual Private Clouds (VPCs). 

It Enables You To Analyze And Debug Networking Reach-Ability Between Two Resources In Your VPC And Identifies The Blocking Component When They Are Unreachable.

VPC Endpoints : It Enables Private Connections Between A Virtual Private Cloud (VPC) And Support Services, Without Requiring That You Use An Internet Gateway, NAT Device, VPN Connection, Or AWS Direct Connect Connection. Therefore, Your VPC Is Not Exposed To The Public Internet 

VPC PEERING : Direct Connectivity Between VPC To VPC Is Called VPC Peering.

AWS VPN :

VPN Creates A Private Network Connection Between Devices Through The Internet. VPNs Use Encryption To Keep The Information Confidential While Connecting Over Public Wi-Fi Networks. Based On The Connectivity, There Can Be Only Two VPN Tunnels In VPN Based cloud.in VPN The Network Is Connected To A Public Network So Sometimes Security Can Be Challenged 

Direct Connect :

Direct Connect Is A Service That Allows Enterprise Customers To Have Easy Access To Their AWS Environment. It Bypasses The Public Internet And Establishes A Secure, Dedicated Connection From Your Infrastructure To AWS.IN Direct Connect The Encrypted Connection Is Created Between The User’s Router And AWS Direct Connect Router. Direct Connect Is More Reliable In Performance But Significantly More Expensive Than VPN.

Conclusion :

AWS VPC Is One Of The Most Used Services As VPC Enables You To Build Your Own Virtual Private Network In The AWS Cloud And Can Use It For Many Purposes Like Hosting Websites, Migrating Workloads To The AWS Cloud, Or For Backup And Disaster Recovery. For This, No Physical Infrastructure Is Required. You Have Your Own Network Space And So Have Better Control Over How To Use Your Network.

If You Want To Learn AWS Cloud Practitioner And AWS Solution Architect From Scratch With All The Prerequisites, Including Linux For AWS, Docker Basics For AWS, Networking For AWS. Get Lifetime Access And 24*7 Support, As Well As Exam Preparation. Click Here For More Information Or Contact Us On +91 98257 57737 For Any Queries

Rashmi Chawla 
From CloudFolks HUB 

Launch your GraphyLaunch your Graphy
100K+ creators trust Graphy to teach online
CloudFolks HUB 2025 Privacy policy Terms of use Contact us Refund policy