This section of the AWS Certified Solutions Architect - Professional learning path introduces you to the core networking concepts and services relevant to the SAP-C02 exam. We start with an introduction to the AWS Virtual Private Network (VPC) and networking services. We then understand the options available and learn how to select and apply AWS networking, DNS, and content delivery services to meet specific design scenarios relevant to the AWS Certified Solutions Architect - Professional exam.
Want more? Try a Lab Playground or do a Lab Challenge!
Learning Objectives
- Get a foundational understanding of VPCs, their security, and connectivity
- Learn about VPC sharing using the AWS Resource Access Manager
- Discover inter-regional and intra-regional communication patterns in AWS
- Learn about AWS Direct Connect, along with its implementation, configuration, and connectivity options
- Understand routing in AWS, including static and dynamic routing
- Understand the basics of networking, including Elastic IP addresses, Elastic Network Interfaces, networking with EC2, VPC endpoints, and AWS Global Accelerator
- Learn about the DNS and content delivery services Amazon Route 53 and Amazon CloudFront
Hello and welcome and I'm going to be talking to you about VPCs. Virtual Private Clouds. Now to understand what a VPC is, let's just take a look at the AWS infrastructure.
So, here is the AWS Cloud. Very simple. And a VPC resides inside of the AWS Cloud and it's essentially your own isolated segment of the AWS Cloud itself, so here is your VPC sitting inside the AWS Cloud.
Now by default when you create your VPC, the only person that has access to this is your own AWS account, just you. It is totally isolated and no one else can gain access to your VPC other than your own AWS account. Now obviously there are millions upon millions of other VPCs within the AWS network created by other customers all across the world. So, there are millions of customer VPCs. However, they do not have access to your VPC and likewise, you do not have access to their VPC.
Now what do you use a VPC for? Well, essentially it allows you to start deploying resources within your VPC, for example, different compute resources or storage or database and other network infrastructure among others and this allows you to start building and deploying your solutions within the Cloud.
Now by default from a limitation perspective, you are allowed up to five VPCs per region per AWS account and it's very simple to create a VPC. All you need to do is to give it a name, when you create your VPC and also define an IP address range that the VPC can use and this is done in the form of a CIDR block which stands for Classless Inter-Domain Routing. And I'll talk more about that when I talk more about subnets in a few minutes.
So, just to recap at a high level, simply put, a VPC is an isolated segment of the AWS public cloud that allows you to provision and deploy resources in a safe and secure manner. I now want to dive deeper into the VPC architecture and start talking about subnets and how you can segment your VPC out into different areas across multiple availability zones for resiliency and high availability, so let's take a look.
Danny has over 20 years of IT experience as a software developer, cloud engineer, and technical trainer. After attending a conference on cloud computing in 2009, he knew he wanted to build his career around what was still a very new, emerging technology at the time — and share this transformational knowledge with others. He has spoken to IT professional audiences at local, regional, and national user groups and conferences. He has delivered in-person classroom and virtual training, interactive webinars, and authored video training courses covering many different technologies, including Amazon Web Services. He currently has six active AWS certifications, including certifications at the Professional and Specialty level.