AWS — VPC

4 min readApr 5, 2025

What is VPC?

Amazon Virtual Provate Cloud ( Amazon VPC ) enables to provision a logically isolated section of the AWS cloud where you can launch AWS resources in a virtual network that you have defined.

AWS resources are automatically provisioned in a ready to use deafult VPC or we can create additional own VPC.

VPC is a regional entity and span across all of the Availability Zones in the region.
Each subnet must reside entirely within one Availability Zone and cannot span zones.
We can launch AWS resources, such as EC2 instances, into a specific subnet.

Components of Amazon VPC:

Amazon VPC comprises a variety of objects that will be familiar to customers with existing networks:

A Virtual Private Cloud: A logically isolated virtual network in the AWS cloud. You define a VPC’s IP address space from ranges you select.
Subnet: A segment of a VPC’s IP address range where you can place groups of isolated resources.
Internet Gateway: The Amazon VPC side of a connection to the public Internet.
NAT Gateway: A highly available, managed Network Address Translation (NAT) service for your resources in a private subnet to access the Internet.
Virtual private gateway: The Amazon VPC side of a VPN connection.
Peering Connection: A peering connection enables you to route traffic via private IP addresses between two peered VPCs.
VPC Endpoints: Enables private connectivity to services hosted in AWS, from within your VPC without using an Internet Gateway, VPN, Network Address Translation (NAT) devices, or firewall proxies.
Egress-only Internet Gateway: A stateful gateway to provide egress only access for IPv6 traffic from the VPC to the Internet.

Key Benefits of using VPC:

You can define your own network space, and control how your network and the Amazon EC2 resources inside your network are exposed to the internet.
You can also leverage more granular access to and from the Amazon EC2 instances in your virtual network.

Connectivity Options for my Amazon VPC:

You may connect your Amazon VPC to:
- The internet (via an internet gateway)
- Your corporate data center using an AWS Site-to-Site VPN connection (via the virtual private gateway)
- Both the internet and your corporate data center (utilizing both an internet gateway and a virtual private gateway)
- Other AWS services (via internet gateway, NAT, virtual private gateway, or VPC endpoints)
- Other Amazon VPCs (via VPC peering connections)

Creating a VPC:

When creating a VPC, we must specify an IPv4 CIDR Block for the VPC. Then we can add subnets, route tables, security groups, network access control list, an internet gateway, and other gateways as necessary.

Steps to Create a VPC in AWS

1.Log in to AWS Console
- Navigate to AWS Management Console and sign in.

2. Open the VPC Dashboard
- In the AWS search bar, type “VPC”.
- Click on VPC under Services to open the VPC Dashboard.

3. Start VPC Creation
- In the VPC Dashboard, click “Create VPC” (for the new VPC experience) or “Your VPCs” → “Create VPC” (legacy).

4. Configure VPC Settings
- Resources to create: Choose “VPC only” (or a predefined setup like “VPC with public and private subnets”).

Name tag: Enter a descriptive name (e.g- dev-vpc-01).
IPv4 CIDR block: Specify a range (e.g- 10.0.0.0/16 ).
(Optional) Enable IPv6 CIDR block if needed.
(Optional) Select a Tenancy (default is Shared).

5. Create Subnets (Optional)
- If not auto-generated, manually create subnets under Subnets → Create subnet.
- Assign CIDR blocks (e.g- 10.0.1.0/24 for a public subnet).

6. Configure Route Tables & Internet Gateway (Optional)
- Attach an Internet Gateway (IGW) for public access.
- Update Route Tables to route traffic (0.0.0.0/0 → IGW for public subnets).

Review & Create