Amazon VPC – Security in Amazon Virtual Private Cloud
This article revolves around all the security services available under Amazon VPC. Along with the basic security infrastructure of AWS cloud, VPC also comes with several advanced security services embedded in it. All these services are incorporated with VPC to ensure the maximum attainable security on AWS premise. Let us have a deeper vision of Security in the Amazon Virtual Private Cloud.
Observe the attached image and refer to the points written ahead.
Multiple levels of security:
It is clearly stated in the given diagram that, a VPC secures its components on various different levels. This increases the overall security of the VPC. For instance, refer to the attached image and understand the pointers.
- A private IP address has been temporarily dedicated to the VPC (1st level of security) no other organization or individual can access this particular range of IP addresses unless it has been reallocated to them.
- Each subnet (in case of private subnets) lying inside the VPC has its own unique IP address in between VPC’s IP address range allotted to it by the user. (2nd level of security) Thus, none of the subnets can be accessed by any other unauthorized user in the word. Only the public subnets are accessible to the audience.
- The launched EC2 instances and S3 buckets inside these subnets come with their default security constraints as well. (3rd level of security)
These were the various security levels inside the VPC.
To increase the total reliability of the VPC, security groups are created.
Security Groups are nothing but virtual firewalls designed for protecting all the EC2 instances residing under different subnets. We can assign one or more security groups to an instance launched in the VPC depending upon the user’s requirement. Even if you forget to assign a security group to the instance you have launched, Amazon VPC itself associates the new instance with the default security group.