Amazon Web Services (AWS) has added a number of networking features to its Virtual Private Cloud (VPC) offering, allowing users to build data centers in the cloud that can be private, accessed from the Internet or both, the company said on Tuesday.
Originally, VPC made it possible for companies to connect their existing data centers and isolated computing resources in Amazon's cloud using an encrypted VPN (Virtual Private Network) connection.
The upgrade will expand the ways VPCs can be used. For example, users can now create a public-facing network for Web servers, while back-end systems such as databases or application servers are placed in a private network with no Internet access.
The added features allow users to build a virtual network architecture, with full control over routing and subnets. IT staff can use Network Address Translation (NAT) and an Internet Gateway to communicate with users on the Internet. To improve security they can add traffic filtering with Network ACLs (Access Control List) and Security Groups to subnets and instances. An "instance" is Amazon's term for the way it packages computing capacity in the cloud.
Instead of dealing with cables, routers and switches, users can create their network programmatically in the cloud, Amazon said in a blog post.
A new VPC Wizard helps users get started with one of four predefined network architectures: a VPC with a single public subnet; with public and private subnets; with Internet and VPN access; or with just VPN access.
Companies can start with one of the predefined architectures and then modify it to suit their needs, or simply bypass the wizard altogether and build a custom VPC piece-by-piece, according to Amazon.
Amazon's VPC service was first announced on Aug. 26, 2009. The service is still labeled a beta on Amazon Web Services' Web site, and use of the service is limited to, for example, 20 Elastic Compute Cloud (EC2) instances and 20 subnets per VPC. Users who want more can fill in a form and ask Amazon for permission. Currently, VPC lacks a service level agreement.
Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.