Amazon Releases Virtual Private Cloud Service

Amazon Web Services announced today a limited public beta of Virtual Private Cloud (Amazon VPC), a service that makes it possible for customers to create their own logically isolated set of Amazon EC2 instances to connect to their existing network over a secured VPN connection. With this, Amazon is taking a major step in making its cloud computing services even more enterprise-friendly than they already were.

Amazon CTO Werner Vogels published a detailed blog post regarding this service, in which he acknowledges that enterprises tend to find it challenging to transition applications and services to the cloud when they have often invested years of resources and tons of money setting up their own IT infrastructure (datacenters, networks, etc.). He also says ‘private clouds’, which are basically emulations of cloud computing inside private networks, are not true clouds as far as he’s concerned and that Amazon VPC adequately fills the void.

What can you do with Amazon VPC:

- Create a Virtual Private Cloud and assign an IP address block to the VPC. The address block needs to be CIDR block such that it will be easy for your internal networking to route traffic to and from the VPC instance. These are addresses you own and control, most likely as part of your current datacenter addressing practice.
- Divide the VPC addressing up into subnets in a manner that is convenient for managing the applications and services you want run in the VPC.
- Create a VPN connection between the VPN Gateway that is part of the VPC instance and an IPSec-based VPN router on your own premises. Configure your internal routers such that traffic for the VPC address block will flow over the VPN.
- Start adding AWS cloud resources to your VPC. These resources are fully isolated and can only communicate to other resources in the same VPC and with those resources accessible via the VPN router. Accessibility of other resources, including those on the public internet, is subject to the standard enterprise routing and firewall policies.

A more detailed, technical outline of the offering can be found on the Amazon developer blog.

The Amazon Virtual Private Cloud is currently limited to the EC2 cloud compute service, though Amazon said it will include other web services (e.g. S3) in the future. Pricing, as usual, is based on usage.

Share it: