When you are hosting your application in the cloud, you would be worried about the security of your resources in the cloud, especially data in transit. No one would want their data to be snooped or would not want unauthorized access to their servers which are in the cloud. For such scenarios, VPC i.e. Virtual Private Cloud comes into the picture.
Virtual Private Cloud is essentially an isolated network (logically) from other tenants’ network on the cloud. VPC is a terminology introduced by AWS, however, other IaaS providers also have similar concepts. In Google Cloud also you get “Virtual Private Cloud”, however in Azure, you get “virtual network”.
Key features of VPC
Since this is your own private network in the cloud, you get a lot of control in configuration and implementation. One can define subnets, routes, network ACL (access control lists). Additionally, you also get control of which subnets can have access to the internet and which do not.
In VPC, the network administrator can set up their resources such as virtual machines, containers or databases. These resources could be in a single subnet or multiple subnets. There could be routes defined which will allow only certain subnets to access a given subnet. This gives a very good control to the network administrator over her network.
Typical VPC implementation in AWS
Are there any differences in VPC by AWS and Azure?
Although they are very similar in concept, VPC in AWS and Virtual Network in Azure have some differences.
- AWS provides a wizard to create Virtual Private Cloud with 4 different basic options. Azure doesn’t have a wizard.
- AWS allows you to use Security Groups and Network ACL both to control access. However, in Azure, you can use only one of them at a time.
- AWS provides custom routing tables to control access within the VPC. However Azure doesn’t have such feature.
Related Links
- Wikipedia Link
- AWS VPC
- Azure Virtual Network Documentation
- Comparison of AWS VPC and Azure Virtual Network
One Reply to “VPC – Virtual Private Cloud”