Amazon Virtual Private Cloud User Guide API Version 2014-06-15 Amazon Virtual Private Cloud User Guide Amazon Virtual Private Cloud: User Guide Copyright © 2014 Amazon Web Services, Inc. and/or its affiliates. All rights reserved. The following are trademarks of Amazon Web Services, Inc.: Amazon, Amazon Web Services Design, AWS, Amazon CloudFront, Cloudfront, Amazon DevPay, DynamoDB, ElastiCache, Amazon EC2, Amazon Elastic Compute Cloud, Amazon Glacier, Kindle, Kindle Fire, AWS Marketplace Design, Mechanical Turk, Amazon Redshift, Amazon Route 53, Amazon S3, Amazon VPC. In addition, Amazon.com graphics, logos, page headers, button icons, scripts, and service names are trademarks, or trade dress of Amazon in the U.S. and/or other countries. Amazon©s trademarks and trade dress may not be used in connection with any product or service that is not Amazon©s, in any manner that is likely to cause confusion among customers, or in any manner that disparages or discredits Amazon. All other trademarks not owned by Amazon are the property of their respective owners, who may or may not be affiliated with, connected to, or sponsored by Amazon. Amazon Virtual Private Cloud User Guide Table of Contents What is Amazon VPC? ................................................................................................................... 1 Amazon VPC Concepts .......................................................................................................... 1 VPCs and Subnets ........................................................................................................ 1 Supported Platforms ...................................................................................................... 2 Accessing the Internet .................................................................................................... 2 Accessing a Corporate or Home Network .......................................................................... 4 How to Get Started with Amazon VPC ....................................................................................... 4 Services that Support Amazon VPC ......................................................................................... 5 Accessing Amazon VPC ......................................................................................................... 5 Pricing for Amazon VPC ......................................................................................................... 6 Amazon VPC Limits ............................................................................................................... 6 Scenarios for Amazon VPC ............................................................................................................. 7 Scenario 1: VPC with a Public Subnet Only ................................................................................ 7 Configuration for Scenario 1 ............................................................................................ 8 Basic Components for Scenario 1 .................................................................................... 8 Routing for Scenario 1 .................................................................................................... 9 Security for Scenario 1 ................................................................................................... 9 Implementing Scenario 1 .............................................................................................. 10 Scenario 2: VPC with Public and Private Subnets ...................................................................... 12 Configuration for Scenario 2 .......................................................................................... 13 Basic Components for Scenario 2 ................................................................................... 13 Routing for Scenario 2 .................................................................................................. 14 Security for Scenario 2 ................................................................................................. 15 Implementing Scenario 2 .............................................................................................. 17 Scenario 3: VPC with Public and Private Subnets and Hardware VPN Access ................................ 22 Configuration for Scenario 3 .......................................................................................... 22 Basic Configuration for Scenario 3 .................................................................................. 23 Routing for Scenario 3 .................................................................................................. 23 Security for Scenario 3 ................................................................................................. 25 Implementing Scenario 3 .............................................................................................. 27 Scenario 4: VPC with a Private Subnet Only and Hardware VPN Access ....................................... 31 Configuration for Scenario 4 .......................................................................................... 31 Basic Components for Scenario 4 ................................................................................... 32 Routing for Scenario 4 .................................................................................................. 33 Security for Scenario 4 ................................................................................................. 33 Implementing Scenario 4 .............................................................................................. 34 Your VPC and Subnets ................................................................................................................. 37 Your VPC ........................................................................................................................... 37 Your New VPC ............................................................................................................ 37 VPC Sizing ................................................................................................................. 38 Connections Between Your VPC and Your Corporate or Home Network ................................. 39 Creating a VPC ........................................................................................................... 39 Deleting Your VPC ........................................................................................................ 40 Subnets in Your VPC ............................................................................................................ 40 Your VPC with Subnets ................................................................................................. 40 Subnet Sizing ............................................................................................................. 42 Subnet Routing ........................................................................................................... 42 Subnet Security ........................................................................................................... 42 Adding a Subnet to Your VPC ......................................................................................... 43 Launching an Instance into Your Subnet ........................................................................... 43 Deleting Your Subnet .................................................................................................... 44 CLI Overview ...................................................................................................................... 44 Your Default VPC and Subnets ....................................................................................................... 46 Default VPC Basics .............................................................................................................. 46 Availability .................................................................................................................. 46 API Version 2014-06-15 iii Amazon Virtual Private Cloud User Guide Components ............................................................................................................... 47 Default Subnets ........................................................................................................... 48 Detecting Your Supported Platforms and Whether You Have a Default VPC .................................... 48 Detecting Platform Support Using the Console .................................................................. 48 Detecting Platform Support Using the Command Line ........................................................ 49 Launching an EC2 Instance into Your Default VPC ..................................................................... 49 Launching an EC2 Instance Using the Console ................................................................. 49 Launching an EC2 Instance Using the Command Line ....................................................... 49 Deleting Your Default VPC ..................................................................................................... 50 Security in Your VPC .................................................................................................................... 51 Comparison of Security Groups and Network ACLs ................................................................... 51 Security Groups .................................................................................................................