AWS VPC( virtual private Cloud)

A VPC (Virtual Private Cloud) in AWS is a logically isolated network dedicated to your AWS account where you can launch AWS resources, such as EC2 instances, RDS databases, and more, in a virtual network that you define. It allows you to control your network configuration, including IP address ranges, subnets, routing, and security.

Key Components of an AWS VPC:

1. Subnets:

   • Subnets divide your VPC into smaller segments. There are two types of subnets:

     • Public Subnets: Expose resources to the internet (e.g., web servers).

     • Private Subnets: Resources are not exposed to the internet (e.g., databases).

2. Route Tables:

   • Define how traffic is directed within the VPC and to external networks. Each subnet must be associated with a route table.

3. Internet Gateway (IGW):

   • A component that allows instances in a public subnet to connect to the internet.

4. NAT Gateway / NAT Instance:

   • Provides outbound internet connectivity for instances in private subnets while keeping them unreachable from the internet.

5. Elastic IP (EIP):

   • A static, public IP address that you can associate with your instances or other AWS resources in your VPC.

6. Security Groups:

   • Act as virtual firewalls that control inbound and outbound traffic at the instance level.

7. Network ACLs (Access Control Lists):

   • Operate as a stateless firewall for controlling traffic at the subnet level.

8. VPC Peering:

   • Connects two VPCs to allow communication between them. It can be across different accounts and regions.

9. Endpoints:

   • Allow secure private connections to AWS services without using the public internet.

10. DHCP Options Set:

    • Defines custom DNS settings for the VPC.

11. Bastion Host:

    • A special instance that you use to securely access instances in private subnets via SSH or RDP.