AWS Associate Architect Certification Lecture 15 — Virtual private cloud Theory Part 1

Hi All,

Lets start with a new topic today, Virtual Private cloud or VPC.

1. What is VPC?

A virtual private cloud is a virtual network that closely resembles a traditional networking that you operate in your own data center , with the benefits of using the scalable infrastructure of AWS.

OR in a simple words ..

VPC is a virtual network or data center inside AWS for one client.

2. It is logically isolated from other virtual network in the AWS cloud

3. Max 5 VPC can be created and 200 subnets in 1 VPC

4. We can attach max 5 elastic IPs

5. Once we create VPC , DHCP(Dynamic Host Configuration Protocol) , NACL(Network Access Control List) , Security Groups
will be automatically created.

6. A VPC is confined to an AWS Region and does not extend between regions

7. Lets take one scenario :

a. Aws cloud — inside there is a region — Mumbai
b. VPC created in Region not in AZ.
c. VPC — CIDR — 10.0.0.0/16
d. If I create VPC with above CIDR — then I can not create another VPC with same CIDR
e. CIDR — ClassLESS Inter-Domain routing
f. Then create 2 Different subnet in each AZ- One private subnet and one public subnet
g. Subnet is AZ specific and VPC is region specific
h. Public subnet can go on internet but private subnet can not.
i. Public subnet is connected to Internet gateway
j. 2 subnets will have different routing table
in both routing table , local entry 10.0…. and value will be LOCAL. It will be k. default and you can not delete it from route table
l. Private subnet routing table is MAIN routing table.
m. Public subnet routing table is custom routing table.
n. In private subnet routing table we didnt give Internet gateway ip address. so it wont connect with internet.
o. In public subnet routing table, we give IGW id -
p. NAT gateway created in public subnet but used for private subnet.
q.Router is inside region. Its not physical router. its virtual implied router.
VPC is nothing but a router.

8. Once you create VPC you can not change its CIDR.

9. If you need a different CIDR size, then create a new CIDR.

10. Different subnet within VPC can not overlap.

11. You can however expand your VPC CIDR by adding new /Extra IP address ranges (Except GovCloud and AWS china).

Components of VPC :

The following are components of VPC.

1. CIDR and IP address subnets

2. Implied router and routing table

3. Internet gateway

4. Security groups

5. Network ACL

6. Virtual private gateway

7. peering connections

8. Elastic IP

We will discuss these in next lecture.