What is Amazon VPC? - Amazon Virtual Private Cloud
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China.

What is Amazon VPC?

Amazon Virtual Private Cloud (Amazon VPC) enables you to launch Amazon resources into a virtual network that you've defined. This virtual network closely resembles a traditional network that you'd operate in your own data center, with the benefits of using the scalable infrastructure of Amazon.

Amazon VPC concepts

Amazon VPC is the networking layer for Amazon EC2. If you're new to Amazon EC2, see What is Amazon EC2? in the Amazon EC2 User Guide for Linux Instances to get a brief overview.

The following are the key concepts for VPCs:

  • Virtual private cloud (VPC) — A virtual network dedicated to your Amazon account.

  • Subnet — A range of IP addresses in your VPC.

  • Route table — A set of rules, called routes, that are used to determine where network traffic is directed.

  • Internet gateway — A gateway that you attach to your VPC to enable communication between resources in your VPC and the internet.

  • VPC endpoint — Enables you to privately connect your VPC to supported Amazon services and VPC endpoint services powered by PrivateLink without requiring an internet gateway, NAT device, VPN connection, or Amazon Direct Connect connection. Instances in your VPC do not require public IP addresses to communicate with resources in the service. Traffic between your VPC and the other service does not leave the Amazon network. For more information, see Amazon PrivateLink and VPC endpoints.

  • CIDR block —Classless Inter-Domain Routing. An internet protocol address allocation and route aggregation methodology. For more information, see Classless Inter-Domain Routing in Wikipedia.

Access Amazon VPC

You can create, access, and manage your VPCs using any of the following interfaces:

  • Amazon Web Services Management Console — Provides a web interface that you can use to access your VPCs.

  • Amazon Command Line Interface (Amazon CLI) — Provides commands for a broad set of Amazon services, including Amazon VPC, and is supported on Windows, Mac, and Linux. For more information, see Amazon Command Line Interface.

  • Amazon SDKs — Provides language-specific APIs and takes care of many of the connection details, such as calculating signatures, handling request retries, and error handling. For more information, see Amazon SDKs.

  • Query API — Provides low-level API actions that you call using HTTPS requests. Using the Query API is the most direct way to access Amazon VPC, but it requires that your application handle low-level details such as generating the hash to sign the request, and error handling. For more information, see the Amazon EC2 API Reference.

Pricing for Amazon VPC

There's no additional charge for using a VPC. There are charges for some VPC components, such as NAT gateways, Reachability Analyzer, and traffic mirroring. For more information, see Amazon VPC Pricing.

Amazon VPC quotas

There are quotas on the number of Amazon VPC components that you can provision. You can request an increase for some of these quotas. For more information, see Amazon VPC quotas.