From the course: AWS Certified SysOps Administrator - Associate (SOA-C02) Cert Prep

Amazon VPC overview - Amazon Web Services (AWS) Tutorial

From the course: AWS Certified SysOps Administrator - Associate (SOA-C02) Cert Prep

Start my 1-month free trial Buy for my team

Amazon VPC overview

- [Instructor] The Amazon VPC is a virtual network in a sense that these geographically distributed servers are virtually connected to each other, perform a single network. This network is regional in scope, meaning your VPC can only exist within one AWS region. This virtual network works like a traditional network on your on-premises data center. It also has a CIDR block, a main route table, multiple subnets, and other external network connections. But unlike your traditional on-premises network, an Amazon VPC can leverage on the scalable, global infrastructure of AWS at a fraction of the cost. A VPC is not just limited within a single data center, it can span to multiple data centers and availability zones within an AWS region. A virtual network can be subdivided by two or more subnetworks, or subnets for short. In AWS, a subnet must reside entirely within one availability zone only. One subnet cannot span to two or more AZs. However, you can have multiple subnets in the same availability zone. As you know, an availability zone is basically just composed of one or more data centers. The EC2 instances in the same subnet can freely communicate with each other as if they're located in the same building. In reality, these servers are scattered in one or more data centers. If one server needs access to another server that resides in another subnet, you need to configure your main route table to connect these two subnets. By default, all of the subnets of your Amazon VPC are interconnected. You can also create a custom route table that you can associate with your subnet. You can create a public or private subnet for VPC. A public subnet is perfect for web servers that are meant to be publicly accessible over the internet. Alternatively, you can place your backend systems, like databases or application servers, in a private subnet with no internet access. You can also set up security groups and network access control lists to manage the incoming traffic going in or going out of your Amazon EC2 instances, which are hosted in your VPC.

Contents