{"id":3122,"date":"2019-08-31T12:24:57","date_gmt":"2019-08-31T12:24:57","guid":{"rendered":"https:\/\/www.testpreptraining.com\/tutorial\/?page_id=3122"},"modified":"2020-05-01T11:25:20","modified_gmt":"2020-05-01T11:25:20","slug":"vpc","status":"publish","type":"page","link":"https:\/\/www.testpreptraining.ai\/tutorial\/aws-certified-security-specialty\/vpc\/","title":{"rendered":"VPC"},"content":{"rendered":"\n<ul class=\"wp-block-list\"><li>VPC is networking layer for Amazon EC2,<\/li><li>You can build a private virtual network in AWS.<\/li><li>control the various aspects of the Amazon VPC,\nincluding \u2013<ul><li>Selecting\nown IP address range<\/li><\/ul><ul><li>Creating\nown subnets<\/li><\/ul><ul><li>Configuring\nown route tables, network gateways, and security settings. <\/li><\/ul><\/li><li>In a region, create multiple Amazon VPCs<\/li><li>each VPC is logically isolated even if sharing\nIP address space<\/li><li>Specify IPv4 address range during VPC creation <\/li><li>Address range of VPC cannot be changed after VPC\nis created. <\/li><li>VPC address range may be large as \/16 (65,536\navailable addresses) or as small as \/28 (16 available addresses) <\/li><li>VPC address range should not overlap any other\nnetwork with which they are to be connected.<\/li><\/ul>\n\n\n\n<figure class=\"wp-block-image\"><img loading=\"lazy\" decoding=\"async\" width=\"512\" height=\"370\" src=\"https:\/\/www.testpreptraining.ai\/tutorial\/wp-content\/uploads\/2019\/09\/image-147.png\" alt=\"\" class=\"wp-image-3734\"\/><\/figure>\n\n\n\n<p><strong>VPC Components<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>Subnets <ul><li>segment\nof an VPC\u2019s IP address range to launch EC2 instances, Amazon RDS databases, and\nother AWS resources. <\/li><\/ul><ul><li>smallest\nsubnet is a \/28 (or 16 IP addresses). <\/li><\/ul><ul><li>AWS\nreserves first four IP addresses and the last IP address of every subnet for\ninternal networking purposes.<\/li><\/ul><\/li><li>Route tables <ul><li>A\nlogical construct within VPC having set of rules (or routes) applied to subnet\nand used to determine where network traffic is directed. <\/li><\/ul><ul><li>With\nroute table EC2 instances in different subnets in a VPC to communicate with\neach other. <\/li><\/ul><ul><li>Route\ntable has default route called local route, to communication within Amazon VPC,\nand this route cannot be modified or removed.<\/li><\/ul><\/li><li>DHCP or Dynamic Host Configuration Protocol is\nused to configure \u2013 <ul><li>DHCP\npasses configuration information to hosts on a TCP\/IP network like domain name,\ndomain name server, and the netbios-node-type. <\/li><\/ul><ul><li>AWS\nautomatically creates and associates a DHCP option set for the Amazon VPC upon\ncreation and sets two options: <ul><li>domain-name-servers\n(defaulted to AmazonProvidedDNS) <\/li><\/ul><ul><li>domain-name\n(defaulted to the domain name for region). <\/li><\/ul><\/li><\/ul><ul><li>AmazonProvidedDNS\nis an Amazon Domain Name System (DNS) server, and this option enables DNS for\ninstances that need to communicate over the Amazon VPC\u2019s IGW.<\/li><\/ul><\/li><li>Security groups <ul><li>A\nvirtual stateful firewall controlling inbound and outbound network traffic to\nAWS resources and EC2 instances. <\/li><\/ul><ul><li>EC2\ninstances should be launched into a security group. <\/li><\/ul><ul><li>If\nnot specified at launch, then instance will be in default security group for\nVPC, which allows communication between all resources within security group,\nallows all outbound traffic, and denies all other traffic.<\/li><\/ul><\/li><li>Network Access Control Lists (ACLs) <ul><li>Acts\nas stateless firewall on a subnet level. <\/li><\/ul><ul><li>It\nis list of rules, which is sequenced by numbers<\/li><\/ul><ul><li>AWS\nevaluates the numbered list, starting with lowest values, first<\/li><\/ul><ul><li>Each\nrule tells about, which traffic to allow or deny in\/out of specific subnet<\/li><\/ul><ul><li>Amazon\nVPCs have modifiable default network ACL associated with every subnet that\nallows all inbound and outbound traffic.<\/li><\/ul><\/li><\/ul>\n\n\n\n<p><strong><span style=\"text-decoration: underline;\">Optional Components of Amazon VPC<\/span><\/strong><\/p>\n\n\n\n<p><strong>Internet Gateways\n(IGWs) <\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>A horizontally scaled, redundant, and highly\navailable Amazon VPC component for communication between instances in VPC and\nInternet. <\/li><li>It gives a target in VPC route tables for\nInternet-routable traffic<\/li><li>performs network address translation for\ninstances having public IP addresses. <\/li><li>All the EC2 instances, present in a VPC, know\nonly their own private IP addresses<\/li><li>IGW has a map of EIP address (public IP address\nof the instance) and the private IP address<\/li><li>IGW is responsible to translate requests to and\nfro, amongst instance and internet<\/li><\/ul>\n\n\n\n<p><strong>Elastic IP (EIP)\naddresses <\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>AWS manages a pool of public IP addresses in\neach region <\/li><li>The public IP addresses in AWS region, can be\nassigned to resources in the VPC<\/li><li>It is a static, public IP address in pool for\nregion <\/li><li>can allocate it to account (pull from the pool) <\/li><li>Can release them (return to the pool). <\/li><li>It is a set of IP addresses that remain fixed\nwhile the underlying infrastructure may change over time.<\/li><\/ul>\n\n\n\n<p><strong>Elastic Network\nInterfaces (ENIs) <\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>A virtual network interface that can attach to\nan instance in an Amazon VPC. <\/li><li>ENIs are only available within an VPC<\/li><li>They are associated with a subnet upon creation.<\/li><\/ul>\n\n\n\n<p><strong>Endpoints <\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>It allows to create a private connection between\nVPC and another AWS service without access over Internet or NAT instance, VPN\nconnection, or AWS Direct Connect. <\/li><li>multiple endpoints can be made, for a single\nservice<\/li><\/ul>\n\n\n\n<p><strong>Peering <\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>It refers to a networking connection but, between\n2 VPCs hence called as VPC peering connection<\/li><li>It enables instances in either Amazon VPC to\ncommunicate with each other as if they are within the same network. <\/li><li>It is neither a gateway nor an VPN connection <\/li><li>Peering helps to prevent SPOF or single point of\nfailure, for communication. <\/li><li>Connections are developed by using a\nrequest\/accept protocol amongst the VPCs, as<ul><li>First,\nthe requesting VPC owner will send request to peer to peer VPC\u2019s owner. <\/li><\/ul><ul><li>Identification\nof requested peer is done by <ul><li>Only\nVPC ID if both are in same AWS account<\/li><\/ul><ul><li>Both\naccount ID and VPC ID are used if both are in different accounts<\/li><\/ul><\/li><\/ul><\/li><li>Peer VPC\u2019s owner need to accept within one week of request receipt, else it expires <\/li><\/ul>\n","protected":false},"excerpt":{"rendered":"<p>VPC is networking layer for Amazon EC2, You can build a private virtual network in AWS. control the various aspects of the Amazon VPC, including \u2013 Selecting own IP address range Creating own subnets Configuring own route tables, network gateways, and security settings. In a region, create multiple Amazon VPCs each VPC is logically isolated&#8230;<\/p>\n","protected":false},"author":1,"featured_media":0,"parent":2474,"menu_order":26,"comment_status":"closed","ping_status":"closed","template":"","meta":{"_acf_changed":false,"footnotes":""},"categories":[2],"tags":[7,239],"class_list":["post-3122","page","type-page","status-publish","hentry","category-amazon-aws","tag-aws","tag-vpc"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v22.1 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>VPC - Testprep Training Tutorials<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.testpreptraining.ai\/tutorial\/aws-certified-security-specialty\/vpc\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"VPC - Testprep Training Tutorials\" \/>\n<meta property=\"og:description\" content=\"VPC is networking layer for Amazon EC2, You can build a private virtual network in AWS. control the various aspects of the Amazon VPC, including \u2013 Selecting own IP address range Creating own subnets Configuring own route tables, network gateways, and security settings. In a region, create multiple Amazon VPCs each VPC is logically isolated...\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.testpreptraining.ai\/tutorial\/aws-certified-security-specialty\/vpc\/\" \/>\n<meta property=\"og:site_name\" content=\"Testprep Training Tutorials\" \/>\n<meta property=\"article:modified_time\" content=\"2020-05-01T11:25:20+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.testpreptraining.ai\/tutorial\/wp-content\/uploads\/2019\/09\/image-147.png\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data1\" content=\"4 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.testpreptraining.ai\/tutorial\/aws-certified-security-specialty\/vpc\/\",\"url\":\"https:\/\/www.testpreptraining.ai\/tutorial\/aws-certified-security-specialty\/vpc\/\",\"name\":\"VPC - Testprep Training Tutorials\",\"isPartOf\":{\"@id\":\"https:\/\/www.testpreptraining.ai\/tutorial\/#website\"},\"datePublished\":\"2019-08-31T12:24:57+00:00\",\"dateModified\":\"2020-05-01T11:25:20+00:00\",\"breadcrumb\":{\"@id\":\"https:\/\/www.testpreptraining.ai\/tutorial\/aws-certified-security-specialty\/vpc\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.testpreptraining.ai\/tutorial\/aws-certified-security-specialty\/vpc\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.testpreptraining.ai\/tutorial\/aws-certified-security-specialty\/vpc\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.testpreptraining.ai\/tutorial\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"AWS Certified Security Specialty\",\"item\":\"https:\/\/www.testpreptraining.ai\/tutorial\/aws-certified-security-specialty\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"VPC\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.testpreptraining.ai\/tutorial\/#website\",\"url\":\"https:\/\/www.testpreptraining.ai\/tutorial\/\",\"name\":\"Testprep Training Tutorials\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\/\/www.testpreptraining.ai\/tutorial\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.testpreptraining.ai\/tutorial\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.testpreptraining.ai\/tutorial\/#organization\",\"name\":\"Testprep Training\",\"url\":\"https:\/\/www.testpreptraining.ai\/tutorial\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.testpreptraining.ai\/tutorial\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.testpreptraining.com\/tutorial\/wp-content\/uploads\/2020\/07\/tpt-logo-6.png\",\"contentUrl\":\"https:\/\/www.testpreptraining.com\/tutorial\/wp-content\/uploads\/2020\/07\/tpt-logo-6.png\",\"width\":583,\"height\":153,\"caption\":\"Testprep Training\"},\"image\":{\"@id\":\"https:\/\/www.testpreptraining.ai\/tutorial\/#\/schema\/logo\/image\/\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"VPC - Testprep Training Tutorials","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.testpreptraining.ai\/tutorial\/aws-certified-security-specialty\/vpc\/","og_locale":"en_US","og_type":"article","og_title":"VPC - Testprep Training Tutorials","og_description":"VPC is networking layer for Amazon EC2, You can build a private virtual network in AWS. control the various aspects of the Amazon VPC, including \u2013 Selecting own IP address range Creating own subnets Configuring own route tables, network gateways, and security settings. In a region, create multiple Amazon VPCs each VPC is logically isolated...","og_url":"https:\/\/www.testpreptraining.ai\/tutorial\/aws-certified-security-specialty\/vpc\/","og_site_name":"Testprep Training Tutorials","article_modified_time":"2020-05-01T11:25:20+00:00","og_image":[{"url":"https:\/\/www.testpreptraining.ai\/tutorial\/wp-content\/uploads\/2019\/09\/image-147.png"}],"twitter_card":"summary_large_image","twitter_misc":{"Est. reading time":"4 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/www.testpreptraining.ai\/tutorial\/aws-certified-security-specialty\/vpc\/","url":"https:\/\/www.testpreptraining.ai\/tutorial\/aws-certified-security-specialty\/vpc\/","name":"VPC - Testprep Training Tutorials","isPartOf":{"@id":"https:\/\/www.testpreptraining.ai\/tutorial\/#website"},"datePublished":"2019-08-31T12:24:57+00:00","dateModified":"2020-05-01T11:25:20+00:00","breadcrumb":{"@id":"https:\/\/www.testpreptraining.ai\/tutorial\/aws-certified-security-specialty\/vpc\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.testpreptraining.ai\/tutorial\/aws-certified-security-specialty\/vpc\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/www.testpreptraining.ai\/tutorial\/aws-certified-security-specialty\/vpc\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.testpreptraining.ai\/tutorial\/"},{"@type":"ListItem","position":2,"name":"AWS Certified Security Specialty","item":"https:\/\/www.testpreptraining.ai\/tutorial\/aws-certified-security-specialty\/"},{"@type":"ListItem","position":3,"name":"VPC"}]},{"@type":"WebSite","@id":"https:\/\/www.testpreptraining.ai\/tutorial\/#website","url":"https:\/\/www.testpreptraining.ai\/tutorial\/","name":"Testprep Training Tutorials","description":"","publisher":{"@id":"https:\/\/www.testpreptraining.ai\/tutorial\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.testpreptraining.ai\/tutorial\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.testpreptraining.ai\/tutorial\/#organization","name":"Testprep Training","url":"https:\/\/www.testpreptraining.ai\/tutorial\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.testpreptraining.ai\/tutorial\/#\/schema\/logo\/image\/","url":"https:\/\/www.testpreptraining.com\/tutorial\/wp-content\/uploads\/2020\/07\/tpt-logo-6.png","contentUrl":"https:\/\/www.testpreptraining.com\/tutorial\/wp-content\/uploads\/2020\/07\/tpt-logo-6.png","width":583,"height":153,"caption":"Testprep Training"},"image":{"@id":"https:\/\/www.testpreptraining.ai\/tutorial\/#\/schema\/logo\/image\/"}}]}},"_links":{"self":[{"href":"https:\/\/www.testpreptraining.ai\/tutorial\/wp-json\/wp\/v2\/pages\/3122","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.testpreptraining.ai\/tutorial\/wp-json\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/www.testpreptraining.ai\/tutorial\/wp-json\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/www.testpreptraining.ai\/tutorial\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.testpreptraining.ai\/tutorial\/wp-json\/wp\/v2\/comments?post=3122"}],"version-history":[{"count":3,"href":"https:\/\/www.testpreptraining.ai\/tutorial\/wp-json\/wp\/v2\/pages\/3122\/revisions"}],"predecessor-version":[{"id":3735,"href":"https:\/\/www.testpreptraining.ai\/tutorial\/wp-json\/wp\/v2\/pages\/3122\/revisions\/3735"}],"up":[{"embeddable":true,"href":"https:\/\/www.testpreptraining.ai\/tutorial\/wp-json\/wp\/v2\/pages\/2474"}],"wp:attachment":[{"href":"https:\/\/www.testpreptraining.ai\/tutorial\/wp-json\/wp\/v2\/media?parent=3122"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.testpreptraining.ai\/tutorial\/wp-json\/wp\/v2\/categories?post=3122"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.testpreptraining.ai\/tutorial\/wp-json\/wp\/v2\/tags?post=3122"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}