Understanding virtual private cloud (VPC)

What is an AWS VPC?

An AWS virtual private cloud (VPC) is a virtual network associated with your AWS account. It represents a logical network that is isolated from other resources in the AWS public cloud. VPCs consist of several discrete components and have been described loosely as a “mini datacenter” that runs in AWS. In the VPC, organizations host EC2 instances and other AWS resources. Management of the VPC is done through the AWS Management Console, or through software automation using Terraform or CloudFormation.

Some common use cases for VPCs include:

• Hosting Web Applications
• Hosting a Web or E-commerce site
• Migrating workloads to the AWS cloud
• Extending a Data Center to the cloud (Hybrid Cloud)
• Backup or Disaster Recovery

For cloud networking, VPCs enable the account owner a great deal of flexibility and control over the networking and security environment. This includes the capability to define security groups, network access control lists, create IP subnets, establish IP address ranges, configure route tables and determine which EC2 instances are publicly accessible. Additional AWS services such as Amazon S3 can be deployed in the VPC and organizations can limit S3 access to only those EC2 instances within the VPC.

Common networking use cases for VPCs include:

• VPC to VPC peering
• VPC to On-premise data center
• Branch location to VPC connectivity
• Remote User to VPC based application
• Multicloud Peering (AWS VPC to Azure VNET or Google Cloud VPC)
• VPC to an Internet resource (VPC egress traffic)

Finally, setting up a VPC is straightforward through the AWS Management Console by choosing the VPC option. Once chosen, the VPC becomes operational after (1) Choosing an IP address range; (2) Creating Subnets; (3) Creating routes to the Internet and (4) Authorizing traffic to and from the VPC.