Features
- launch instances into a subnet
- assign custom IP ranges in each subnet
- configure route tables between subnets
- better security control over aws resources
- attach internet gateway to VPC
- instance security groups
- subnet network access control lists (ACLS)
- consists of IGWs (Virtual Private Gateways), Route Tables, Network Access Control Lists, Subnets, Security Groups
- Security Groups are Statefull, Network Access Control Lists are Stateless
- 10.0.0.0/16 ⇒ 65536 IP
10.0.0.0/24 ⇒ 256 IP
10.0.1.0/28 ⇒ 16 IP
- create a VPC ⇒ default Route Table, Network ACL, Security Group is automatically created. (subnet, internet gateway isn't created)
- us-east-1a in your AWS account is different to us-east-1a in another account (the AZ's are randomized)
- AWS reserve 5 IP within a subnet (you cannot use those)
- n Subnet → 1 AZ (
n AZ → 1 subnet)
- 1 Internet Gateway ↔ 1 VPC
- n Security Group → 1 VPC (
1 Security Group → n VPC )
- By default can have 5 VPCs in each region
- each route table contains a default route (local route), which enables communication within the Amazon VPC, this route cannot be modified or removed