AWS VPC

Virtual Private Cloud

AWS

AWS Networking

Licensing

Licensing

Virtual private cloud (VPC) — A virtual network dedicated to the AWS account.

There is no additional charge for using Amazon VPC. You pay the standard rates for the instances and other Amazon EC2 features that you use. There are charges for using a Site-to-Site VPN connection, PrivateLink, Traffic Mirroring, and a NAT gateway.

https://docs.aws.amazon.com/vpc/latest/userguide/what-is-amazon-vpc.html

EC2 and RDS instances can be part of a VPC along with aby of the supporting components listed below...

Subnet — A range of IP addresses in your VPC.
Route table — A set of rules, called routes, that are used to determine where network traffic is directed.
Internet gateway — A gateway that you attach to your VPC to enable communication between resources in your VPC and the internet.
VPC endpoint — Enables you to privately connect your VPC to supported AWS services and VPC endpoint services powered by PrivateLink without requiring an internet gateway, NAT device, VPN connection, or AWS Direct Connect connection. Instances in your VPC do not require public IP addresses to communicate with resources in the service. Traffic between your VPC and the other service does not leave the Amazon network.

https://docs.aws.amazon.com/vpc/latest/userguide/what-is-amazon-vpc.html

VPN - Virtual Private Network

https://docs.aws.amazon.com/vpc/latest/userguide/vpn-connections.html

EC2

RDS

Monitoring

VPC Flow Logs
IPAM (Amazon VPC Address Manager)
Traffic Mirroring
Reachability Analyzer
Network Access Analyzer
CloudTrail Logs

AWS Network Diagnostics

VPC Contents

Use these queries to help you understand the AWS components in your VPC...

EC2

vpc="vpc-xxxxxxxxxxxxx"

aws ec2 describe-internet-gateways --filters 'Name=attachment.vpc-id,Values='$vpc --output json | grep InternetGatewayId

aws ec2 describe-subnets --filters 'Name=vpc-id,Values='$vpc --output json | grep SubnetId

aws ec2 describe-route-tables --filters 'Name=vpc-id,Values='$vpc --output json | grep RouteTableId

aws ec2 describe-network-acls --filters 'Name=vpc-id,Values='$vpc --output json | grep NetworkAclId

aws ec2 describe-vpc-peering-connections --filters 'Name=requester-vpc-info.vpc-id,Values='$vpc --output json | grep VpcPeeringConnectionId

aws ec2 describe-vpc-endpoints --filters 'Name=vpc-id,Values='$vpc --output json | grep VpcEndpointId

aws ec2 describe-nat-gateways --filter 'Name=vpc-id,Values='$vpc --output json | grep NatGatewayId

aws ec2 describe-security-groups --filters 'Name=vpc-id,Values='$vpc --output json | grep GroupId

aws ec2 describe-instances --filters 'Name=vpc-id,Values='$vpc --output json | grep InstanceId

aws ec2 describe-vpn-connections --filters 'Name=vpc-id,Values='$vpc--output json | grep VpnConnectionId

aws ec2 describe-vpn-gateways --filters 'Name=attachment.vpc-id,Values='$vpc --output json | grep VpnGatewayId

aws ec2 describe-network-interfaces --filters 'Name=vpc-id,Values='$vpc --output json | grep NetworkInterfaceId

Delete VPC

Important Note: if your VPC is part of a CloudFormation Stack then you should delete the VPC via CloudFormation, not directly

Cloudformation

aws ec2 delete-vpc --vpc-id vpc-xxxxxxxxxxx

Bibliography

https://docs.aws.amazon.com/vpc/ https://docs.aws.amazon.com/vpc/latest/userguide/what-is-amazon-vpc.html https://docs.aws.amazon.com/vpc/latest/userguide/how-it-works.htmlhttps://docs.aws.amazon.com/vpc/latest/userguide/vpn-connections.html https://docs.aws.amazon.com/vpc/latest/userguide/monitoring.htmlhttps://aws.amazon.com/premiumsupport/knowledge-center/troubleshoot-dependency-error-delete-vpc/ https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/delete-vpc.html https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_VPC.html https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-subnet.html
https://cloudacademy.com/blog/top-13-amazon-virtual-private-cloud-best-practices/
https://d1.awsstatic.com/whitepapers/aws-amazon-vpc-connectivity-options.pdf