[AWS Beginners] A quick explanation of what Amazon VPC is!
table of contents
Introduction
Hello
I'm currently working in the Systems Solutions Department as an apprentice engineer
Have you ever heard of AWS's VPC service?
I'd like to explain it to those who have recently started using AWS, or those who have heard of it but don't really understand it.
What is a VPC?
It is often said that engineers should always refer to primary sources.
Now in my third year, I have come to realise that this is true.
So let's take a look (suddenly)
With Amazon Virtual Private Cloud (Amazon VPC), you can launch AWS resources in a logically isolated virtual network that you've defined. This virtual network closely resembles a traditional network that you'd operate in your own data center, with the benefits of using the scalable infrastructure of AWS.
Quote: AWS official documentation ( https://docs.aws.amazon.com/vpc/latest/userguide/what-is-amazon-vpc.html )
Amazon Virtual Private Cloud (Amazon VPC) lets you launch AWS resources in a logically isolated virtual network that you define. A virtual network resembles a traditional network you operate in your own data center, with the benefits of using the scalable AWS infrastructure
〇 Quote: AWS official documentation ( https://docs.aws.amazon.com/ja_jp/vpc/latest/userguide/what-is-amazon-vpc.html )
Yes, I'm using some difficult words, but to summarise, it boils down to the following:
A virtual network where AWS resources can be built
What's good?
The major benefits include:
- Saves time and money
- Easy to customize
Saves time and money
In a traditional on-premise environment, for example, when installing a server, it was necessary to prepare a location within the company, set it up in a data centre, or even rent a server, which was time-consuming.
On top of that, it was also necessary to open a network line, which was extremely time-consuming and costly.
However, you can easily create a dedicated network by using Amazon VPC
Easy to customize
When building an on-premise network, it takes time and effort to thoroughly research its use and prepare routers and other components.
Also, once operations have started, preparations can be difficult if changes are required.
Of course, even if you use Amazon VPC, you will still need to investigate the scope of the impact and carry out the actual changes, but it's great that you don't need to touch any physical components and can operate it from the AWS console, etc.!
Important Words You Must Know!
Now that I think I've (hopefully) conveyed the benefits, I'd like to introduce some important terms you should know to better understand Amazon VPC
1. Region
As you may know, AWS is an American company, but companies all over the world use AWS.
Even though it is a cloud service, physical distance can affect things like communication speeds, so AWS owns data centers around the world, each of which is physically separated.
These separate areas around the world are called regions
As of June 2024, Japan has Tokyo (ap-northeast-1) and Osaka (ap-northeast-3)
Although this is off topic, AWS recently announced plans to invest in Japan, so it seems likely that the number of regions will increase in the future.
https://aws.amazon.com/jp/about-aws/whats-new/2024/01/aws-commits-2trillion-yen-investment-into-japan-ai-and-digital-transformation-from-2023-to-2027/
2. Availability Zone (AZ)
Within each region, there are multiple independent locations
called "Availability Zones."
You can select an Availability Zone within each account, but even if the name is the same, the Availability Zone it refers to will vary depending on the account.
The image below shows that the Availability Zones "us e 1-az1 / us e 1-az2 / us e 1-az3" in the us-east-1 region refer to different zones for Account1111111111 and Account22222222.
〇 Reference: AWS official documentation ( https://docs.aws.amazon.com/ja_jp/AWSEC2/latest/UserGuide/using-regions-availability-zones.html#availability-zones-describe )
3. Subnets
A subnet is a segment of a virtual network created as a VPC, with a specific IP address range.
It is like creating another virtual network within a VPC.
Within this subnet, you will create what are called public subnets and private subnets.
A public subnet is a network that can communicate directly with the Internet,
while a private subnet is a network that cannot be directly connected to external networks.
Each subnet must specify an Availability Zone; for example, you can place a public subnet and a private subnet in the ap-northeast-1a Availability Zone in the Tokyo region
Once the subnet has been successfully created, you can create EC2 and RDS resources there
4. Internet Gateway
It acts as a gateway that allows communication between a VPC created on your AWS account and the outside world, the Internet
Without it, resources within your VPC cannot access the outside world, the Internet
5. Route Table
The rules that determine network routes within a VPC are called "routes," and
the resources that describe these routes are called "route tables."
For example, if you want to allow an EC2 instance created within a VPC to access the external Internet, you need to add a route from the IP address of the resource you want to allow to the Internet gateway in this route table
6. Security Groups
You can set rules that allow access to resources created within the same VPC
Specifically, enter the IP address, protocol, and port number of the access source.
For example, if you want to connect to EC2 via SSH, you can connect to EC2 by adding the following settings.
| Access source IP | protocol | Port number |
| XXX.XXX.XXX.XXX | SSH | 22 |
Finally...
What do you think?
I hope that you now have a vague idea of what a VPC is.
6
Loading...6 
The person who wrote this article
About the author
