AWS SERIES
Amazon Web Services Day 7

Photo by Alex Kulikov on Unsplash

Amazon Web Services Day 7

AWS NETWORKING

THARUN 's photo
THARUN
·

5 min read

Table of contents

VPC

Amazon VPC can be referred to as the private cloud inside the cloud. It is a logical grouping of servers in a specified network. The servers that you are going to deploy in the Virtual Private Cloud(VPC) will be completely isolated from the other servers that are deployed in the Amazon Web Services. You can have complete control of the IP address to the virtual machines and route tables and gateways to the VPC. With the help of security groups and network access control lists, you can protect your application more.

You can launch AWS resources into a defined virtual network using Amazon Virtual Private Cloud (Amazon VPC). With the advantages of utilizing the scalable infrastructure of AWS, this virtual network closely mimics a conventional network that you would operate in your own data center. /16 user-defined address space maximum (65,536 addresses)

Subnetes

To reduce traffic, the subnet will divide the big network into smaller, connected networks. Up to /16, 200 user-defined subnets.

Route Tables

Route Tables are mainly used to Define the protocol for traffic routing between the subnets.

Network Access Control Lists

Network Access Control Lists (NACL) for VPC serve as a firewall by managing both inbound and outbound rules. There will be a default NACL for each VPC that cannot be deleted.

Internet Gateway(IGW)

he Internet Gateway (IGW) will make it possible to link the resources in the VPC to the Internet.

Network Address Translation (NAT)

Network Address Translation (NAT) will enable the connection between the private subnet and the internet.

Amazon VPC (Virtual Private Cloud) Fundamentals

  • If the subnet has internet access then it is called Public Subnet.

  • If the subnet doesn’t have internet access then it is called Private Subnet.

  • A subnet must reside entirely within one Availability Zone.

  • An entire subnet must be contained within a single Availability Zone.

  • Access between instances is managed by VPC Security Groups for both inbound and outgoing traffic (EC2 Security Groups can only define inbound rules).

  • We can specify Subnet IP Routing with the aid of the Route Table.

  • If a server/instance which is in a private subnet wants to reach the internet then it must have NAT in a public subnet.

Subnet

  • A subnet is a smaller portion of the network that typically includes all the machines in a certain area.

  • We can add as many as subnets we need in one availability zone. Each subnet must reside entirely within one availability zone.

  • The public subnets will be attached to Internet Gateway which enables Internet access.

  • The private subnets will not have internet access.

  • Each and every subnet which is presented in VPC must be associated with the routing table.

Internet Gateway

  • With the help of IGW (Internet Gateway), the resources present (e.g: EC2) in the VPC will enable to access the Internet.

  • One VPC can’t have more than one IGW

  • If resources are running in a certain VPC then IGW can not be detached from that particular VPC.

Route Table

  • Route Table contains a set of rules, called route which helps us to route the network traffic.

  • A single VPC can have as many as route tables it requires.

  • If the dependencies are attached to the route table then they can’t be deleted.

NACL Network Access Control Lists

  • The NACL security layer for VPC serves as a firewall to manage traffic entering and leaving one or more subnets.

  • The NACL for the default VPC is active and connected to the default subnets.

Classless Inter-Domain Routing (CIDR)

  • A technique for allocating IP addresses and for IP routing is called classless Inter-Domain Routing (CIDR), and its range is 0-32.

  • When setting up a VPC, we must specify a set of IPv4 addresses using classless Inter-Domain Routing (CIDR), for (Example:10.0.0.0/16 For our VPC, this will serve as the main CIDR block).

Create VPC

Setp 1: Login into AWS Console and navigate to the VPC as shown below.

AWS Console VPC

Step 2: After navigating to the AWS VPC know click on create VPC.

Create VPC

Step 3: Configure all the details required to create as shown in the image below. Some of the most required settings to configure VPC was as follows

  • Nmae of the Network.

  • IPv4 CIDR.

  • And tags of VPC after that click on create VPC.

Create VPC

Step 4: Virtual Private Cloud Created successfully with the required setting to us.

VPC Created

Step 6: Check the VPC dashboard weather the VPC created is avalibile to use as shown in the image below GFG-VPC.

image-(2)

Amazon VPC (Virtual Private Cloud) is a service that allows you to create a private network within the AWS cloud, offering full control over your server environment, including IP addressing, route tables, and gateways. VPCs enable resources to launch into isolated networks similar to traditional data centers, with subnets dividing networks for traffic management. Key components include Route Tables for traffic routing, NACLs as firewalls, and Internet Gateways for internet access. Public and private subnets are used to manage internet connectivity, with NAT enabling private subnet internet access. The setup involves defining network parameters like IPv4 CIDR and creating necessary resources in the AWS console.