- Related: What You Should Know About VPC Security Groups
Infrastructure as a Service (IaaS), clouds are often classified as one of three types: private, hybrid, or public. However, there is a fourth type: the virtual private cloud (VPC). A VPC is an isolated virtual segment within Amazon Web Services (AWS). AWS VPCs are most commonly used to expose resources (such as Web servers), to the Internet. It would be a bad idea for public Internet traffic to flow through subnets that contain your private back-end resources. Although it is relatively simple to create a VPC in AWS, there are often significant configurations required once a VPC is in place. You will need to create a virtual firewall (which AWS refers as a security group). Log in to AWS console and click on the VPC link from the list of services. This link is located under the Networking and Content delivery section. AWS will then open the VPC Dashboard. Figure 1. [Click on the image to see a larger view.] Figure 1: This dashboard is for VPCs. You will notice in the figure that there is already one VPC. This is the default VPC. This article will show you how to create an extra VPC that is separate from the default VPC. Click on the Start VPC Wizard button in Figure 1. AWS will prompt to choose a VPC configuration. The wizard offers you four options, as shown in Figure 2.
- VPC with a Single Subnet Public
- VPC with Public Subnets and Private Subnets
- VPC with Private and Public Subnets and Hardware VPN Access
- VPC with a private subnet only and hardware VPN access
[Click on the image to see a larger version.] Figure 2: AWS lets you choose from four types of virtual private cloud. In real life, the type of VPC you choose will depend on whether you require public access subnets, private or VPN access. The rest of the configuration tasks will vary depending on which option is chosen. This article will show you how to create a simple VPC using a single public network. Click the Select button shown in Figure 2. If you have chosen to create a VPC using a single public subnet then the next screen will ask you for some basic information about your VPC. First, you will need to create a Classless Inter-Domain Route (CIDR) block. AWS defaults to creating an IPv4 CIDR Block, which is specified as 10.0.0.0/16. This block type allows the creation of 65.531 IP addresses. If you’re curious, AWS allows for the creation IPv6 CIDR block blocks. However, the IPv6 option will be disabled by default. If you choose to use IPv6, AWS will create the CIDR blocks for you, rather than you entering the block specifications. Figure 3 shows the CIDR block options. [Click on the image to see a larger view.] Figure 3: AWS asks you to provide a number of pieces of information that will be used for the creation of the VPC. Next, you will need to give a name to the VPC you are creating. AWS allows you to create multiple VPCs. Therefore, AWS uses names to distinguish between VPCs. The VPC Name field can be found just below the CIDR block option. Next, you will need the CIDR of the public IP address. You have a variety of options depending on whether you choose to use an IPv4 CIDR or an IPv6 one. Figure 3 shows that the default public subnet uses 10.0.0.0/24 (wit