Amazon VPC (Virtual Private Cloud) let you define a private network in the cloud.
In this post we will discuss Amazon VPC and VPC Peering in general. We will also detail how to set up a peering connection between your VPC and CloudAMQP VPC.
Amazon VPC let you set up a private network within the Amazon Web Services. It is a service that provides isolation and security. It is built on a deny-all-by-default security - as we have to explicitly permit inbound and outbound traffic to the instance. In other words: VPC instances are not internet addressable by default.
Amazon VPC is a logically isolated portion of Amazon Web Services. VPC gives you a virtual network where you can launch instances with particular rules and policies to get access to the Internet. VPC provides much more granular control over security.
A subnet is a range of IP addresses in your VPC. You can use a public subnet for resources that must be connected to the Internet, and a private subnet for resources that will not be connected to the Internet.
An Internet Gateway enables your resources wthin the subnets to connect to the Internet.
A Routing tables is a service that manages Network traffic of any instance inside a subnet.
VPC significantly simplifies setting up security groups and network access control lists (ACL). This is because you can configure it to allow traffic from an entire subnet or your entire VPC, without having to worry about IP addresses. Amazon VPC provides two features that can be used to increase security in your VPC:
Security groups: A security group acts as a virtual firewall that can control both inbound and outbound traffic from an Amazon EC2 instance.
Network access control lists (ACLs): Differently from Security Groups, ACLs operates at subnet level and evaluate traffic entering and exiting a subnet.
A VPC peering connection is a networking connection between two VPCs that enables you to route traffic between them using private IP addresses. Instances in either VPC can communicate with each other as if they are within the same network. You can create a VPC peering connection between your VPC and a dedicated CloudAMQP VPC instance.
Launch a CloudAMQP cluster in AWS VPC
Create your plan in a dedicated VPC.Dedicated VPC is only available for our dedicated plans, a dedicated plan is Big Bunny or any plan larger than Big Bunny.
Select VPC subnetWhen you create your VPC you get to select the VPC subnet, make sure that it does not overlap with any VPC subnets you want to peer with.
Create peering request to CloudAMQPOpen the details for your new instance as soon as the new instance is created and navigate to the VPC tab. At the top of the page you find the information needed to create the peering request.
Login to your AWS account, go to VPC and click Peering Connections. Click Create Peering Conneciton and create a request from your VPC to your CloudAMQP VPC.
Accept the peering requestTo accept the peering request, go to the VPC tab in the CloudAMQP console and click the Accept button for the pending request.
Create a route to CloudAMQP VPCIn AWS, navigate to VPC and Your VPCs. Select the VPC you created a peering request from. Click on the Route table in the Description tab to go to the route table associated with your VPC.
Now click the Routes tab, then Edit routes finally Add route. Enter the subnet for your CloudAMQP vpc, select Peering connection in the target dropdown and then selet the peering conncetion you created.
Hit the Save routes button and you are done!
You can read more about routing tables here.