Amazon VPC (Virtual Private Cloud) let you define a private network in the cloud.
In this post we will discuss Amazon VPC and VPC Peering in general. We will also detail how to set up a peering connection between your VPC and CloudAMQP VPC.
Amazon VPC let you set up a private network within the Amazon Web Services. It is a service that provides isolation and security. It is built on a deny-all-by-default security - as we have to explicitly permit inbound and outbound traffic to the instance. In other words: VPC instances are not internet addressable by default.
Amazon VPC is a logically isolated portion of Amazon Web Services. VPC gives you a virtual network where you can launch instances with particular rules and policies to get access to the Internet. VPC provides much more granular control over security.
A subnet is a range of IP addresses in your VPC. You can use a public subnet for resources that must be connected to the Internet, and a private subnet for resources that will not be connected to the Internet.
An Internet Gateway enables your resources wthin the subnets to connect to the Internet.
A Routing tables is a service that manages Network traffic of any instance inside a subnet.
VPC significantly simplifies setting up security groups and network access control lists (ACL). This is because you can configure it to allow traffic from an entire subnet or your entire VPC, without having to worry about IP addresses. Amazon VPC provides two features that can be used to increase security in your VPC:
Security groups: A security group acts as a virtual firewall that can control both inbound and outbound traffic from an Amazon EC2 instance.
Network access control lists (ACLs): Differently from Security Groups, ACLs operates at subnet level and evaluate traffic entering and exiting a subnet.
A VPC peering connection is a networking connection between two VPCs that enables you to route traffic between them using private IP addresses. Instances in either VPC can communicate with each other as if they are within the same network. You can create a VPC peering connection between your VPC and a dedicated CloudAMQP VPC instance.
Launch a CloudAMQP cluster in AWS VPC
Select to create your plan in a dedicated VPC.Dedicated VPC is only available for our dedicated plans, a dedicated plan is Big Bunny or any plan larger then Big Bunny.
Select VPC subnetWhen you create your VPC you get to select the VPC subnet, make sure that it does not overlap with any VPC subnets you want to peer with.
Send VPC connection information to CloudAMQPOpen the details for your new instance as soon as the new instance is created and navigate to the VPC Peering tab.
Enter your AWS Account ID and your VPC ID and Press save. CloudAMQP will now request to set up a VPC peering connection to you.
Accept the VPC peering connection request from CloudAMQPThe request can be accepted from Amazon VPC console at https://console.aws.amazon.com/vpc/.
- Navigation to Peering Connections
- Select Requests pending my approval from the filter list.
- Select the VPC peering connection, and click Accept request. A confirmation dialog box will now open, click Yes to Accept. A second confirmation dialog asks you to modify route tables directly, click Modify my route tables now.
- In the Destination field for the routing table, enter the IP address range to which the network traffic in the VPC peering connection must be directed. Enter the VPC Subnet you entered when you created the Dedicated VPC instance in CloudAMQP. (If you by some reason forgot can you find the information from the navigation tab Peering Connections - if the connection is accepted.)
- Select the VPC peering connection from the Target list, and then click Save. The target ID is the ID of the Peering connection that you created. You can read more about routing tables here.