The Amazon Virtual Private Cloud (Amazon VPC) allows you to launch AWS resources into a custom virtual network. This virtual network closely matches a typical network you'd run in your own data centre, but with the added benefit of AWS's scalable infrastructure.
VPC ideas on Amazon
The networking layer of Amazon EC2 is called Amazon VPC. See What is Amazon EC2? if you're unfamiliar with the service. To gain a quick introduction, look through the Amazon EC2 User Guide for Linux Instances.
VPCs are defined by the following key concepts:
A virtual private cloud (VPC) is a specialised virtual network for your AWS account.
In your VPC, a subnet is a set of IP addresses.
Classless Inter-Domain Routing (CIDR) is a block in the CIDR protocol. A mechanism for allocating IP addresses and aggregating routes over the internet
A route table is a set of rules for determining where network traffic should be directed.
DHCP options sets: When EC2 instances are launched into VPC subnets, they receive configuration information (such as domain name and domain name server).
Internet gateway – A gateway that connects your VPC to the internet, allowing communication between your VPC's resources and the internet.
Egress-only internet gateways allow an EC2 instance in a subnet to access the internet but restrict internet resources from initiating communication with the instance.
VPC endpoint — Allows you to connect your VPC to AWS services and VPC endpoint services powered by PrivateLink without the use of an internet gateway, NAT device, VPN connection, or AWS Direct Connect connection. To communicate with resources in the service, instances in your VPC do not need public IP addresses.
A managed AWS service that allows EC2 instances in private subnets to connect to the internet, other VPCs, or on-premises networks via NAT gateways.
A NAT instance is a public subnet EC2 instance that allows instances in private subnets to access to the internet, other VPCs, or on-premises networks.
