Amazon AWS Virtual Private Cloud (AWS VPC) lets you provision a logically isolated section of the Amazon Web Services (AWS) cloud where you can launch Amazon AWS resources in a virtual network that you define. You have complete control over your virtual networking environment, including selection of your own IP address range, creation of subnets, and configuration of route tables and network gateways. You can use both IPv4 and IPv6 in your Amazon AWS Virtual Private Cloud for secure and easy access to resources and applications. Amazon AWS Virtual Private Cloud provides all the same benefits as the rest of the AWS platform. You can instantly scale your resources up or down, select EC2 instances types and sizes that are right for your applications, and pay only for the resources you use — all within Amazon’s proven infrastructure. You can use AWS VPC to host multi tier web applications and strictly enforce access and security restrictions between your web servers, application servers, and databases.
You can control access between the servers and subnets using inbound and outbound packet filtering provided by network access control lists and security groups. To create an Amazon AWS Virtual Private Cloud that supports this use case, you can select Amazon AWS Virtual Private Cloud with public and private subnets in the AWS VPC wizard. You can easily customize the network configuration for your AWS Virtual Private Cloud. You can create a public facing subnet for your web servers that has access to the Internet, and place your backend systems such as databases in a private facing subnet with no Internet access. You can leverage multiple layers of security, including security groups and network access control lists, to help control access to EC2 instances in each subnet. Additionally, you can create a Hardware Virtual Private Network (VPN) connection between your corporate data center and your Amazon AWS Virtual Private Cloud and leverage the AWS Cloud as an extension of your corporate data center.
Extend Your Network Into The Amazon AWS Virtual Private Cloud
You can move corporate applications to the cloud, launch additional web servers, or add more compute capacity to your network by connecting your Amazon AWS Virtual Private Cloud to your corporate network. Because your Amazon AWS Virtual Private Cloud can be hosted behind your corporate firewall, you can seamlessly move your IT resources into the cloud without changing how your users access these applications. You can select AWS VPC with a private subnet only and Amazon Hardware VPN access from the AWS VPC console wizard to create an AWS VPC that supports this use case. You can periodically backup your mission critical data from your data center to a small number of EC2 instances with AWS Elastic Block Store (AWS EBS) volumes, or import your virtual machine images to EC2. In the event of a disaster in your own data center, you can quickly launch replacement compute capacity in AWS to ensure business continuity.
Websites And apps In The Amazon AWS Virtual Private Cloud
Host a simple, public facing website. You can host a basic web application, such as a blog or simple website in an AWS VPC, and gain the additional layers of privacy and security afforded by AWS VPC. You can help secure the website by creating security group rules which allow the web server to respond to inbound HTTP and SSL requests from the Internet while simultaneously prohibiting the web server from initiating outbound connections to the Internet. You can create an AWS VPC that supports this use case by selecting AWS VPC with a single public subnet only from the AWS VPC console wizard. You can create an AWS VPC where instances in one subnet, such as web servers, communicate with the Internet while instances in another subnet, such as application servers, communicate with databases on your corporate network. An IPsec AWS VPN connection between your AWS VPC and your corporate network helps secure all communication between the application servers in the cloud and databases in your data center.
AWS Virtual Private Cloud
You can create an Amazon AWS Virtual Private Cloud (VPC) quickly and easily using the AWS Management Console and have us manage your AWS cloud with AWS Cloud Managed Services. You can select one of the common network setups that best match your needs and press “Start AWS VPC Wizard.” Subnets, IP ranges, route tables, and security groups are automatically created for you. AWS VPC provides advanced security features such as security groups and network access control lists to enable inbound and outbound filtering at the instance level and subnet level. In addition, you can store data in AWS S3 and restrict access so that it’s only accessible from instances in your AWS VPC. Optionally, you can also choose to launch Dedicated Instances which run on hardware dedicated to a single customer for additional isolation. All traffic to and from instances in your AWS VPC can be routed to your corporate data center over an encrypted IPsec hardware AWS VPN connection.
Amazon AWS Virtual Private Cloud