Skip to main content

What is AWS VPC?

What is AWS VPC?
(Image credit: Pixabay)

Few of us could have predicted that data breaches would become so common and part of the major news cycle. It almost seems like there are leaks reported on a daily basis, such as compromised accounts on Facebook or credit card account leaks from major companies. With the proliferation of web and mobile apps in high abundance, there is also a constant stream of negative press related to criminals breaking into company data stores.

Fortunately, there’s one smart option for those who are concerned about deploying a new website, application, or cloud service and how that could open up an attack vector.

AWS VPC (Virtual Private Cloud) provides an isolated and secure virtual cloud for companies to deploy websites, apps, and other services. It’s a private, provisioned portion of the Amazon virtual cloud and has the extreme flexibility and scalability to help a tiny startup launch a new website or a massive enterprise deploy a new web application.

Security is a primary reason to use AWS VPC, but there’s also the flexibility to configure the virtual cloud the way you need to run it. This can include using either IPv4 or IPv6, setting your IP address range, creating subnets, and configuring gateways and route tables.

One example of how this works is with subnets. A large company might decide to use VPC because they have public-facing and private-facing applications. Launching a new rich application for consumers, they might create a subnet that is still secure and reliable. Yet they might also need a second subnet, configured according to their technical requirements, that is not available to consumers nor over the public Internet.

The private subnet might be intended only for a legacy backup system or a secure database used only by internal employees who access the server over a private network and not the internet. This type of control over what your web server in the cloud can do, for both public and private applications, means you can take control of your security infrastructure.

Within the subnets, you can use EC2 (Elastic Compute Cloud) instances that you deploy and control instead of relying on a data center at your own site and having to configure, maintain, and update the IT infrastructure for your various apps and data stores.

Because the VPC is all part of Amazon Web Services, you also can deploy Amazon S3 (Simple Storage Service) within each instance, and even restrict which AWS account can access the subnets. One way to understand how this all works and the benefits is to think of VPC as a private container for your web apps, each one secured and restricted in a way that reduces the chances of a data breach. You’re in full control of where the data resides within your own private cloud, which instances are deployed, and how the storage is configured.

Benefits and examples of AWS VPC

Because of all the flexibility in having your own AWS Virtual Private Cloud, companies can scale and deploy business apps and reach an audience faster, without the typical concerns over data breaches and configuring the infrastructure. Companies can deploy the VPC right from the AWS Management Console. This is all template-driven so that you can focus more on the apps, your database, and your new website rather than the complexity of configuration and setup.

As with many Amazon Web Services, the VPC also helps you reduce the costs associated with a private cloud. One example of this is when a company is faced with the need to deploy a secure disaster recovery portal. In the past, creating the infrastructure for disaster recovery is a major undertaking, especially when there are complex regulations and compliance issues involved. It is often an expensive, time-consuming endeavor. Companies know they need to plan for a major event that is weather-related (e.g., a tornado that destroys local servers) or some other catastrophic event, but actually doing so is not an easy process.

With VPC, you can use your own private cloud as a disaster recovery site for a much lower cost than doing it on your own with a second data center location. You also have the benefit of using EC2 instances to add compute performance if the primary infrastructure is not available. There are additional benefits related to extending the compute performance of an existing data center or server room, even for companies with an extensive array of web servers.

One last example of how a company might use VPC is for experimentation. Deciding to launch a new website is not typically something you can do overnight. Yet, even a small company can create business requirements, build the features and functions, and then rely on a virtual cloud for running the application without having to first make it secure and reliable.