week 5.2: Amazon VPC

Question 1

What is an Amazon VPC, and what two main capabilities does it provide for AWS resources?

Answer 1

A Virtual Private Cloud is a logically isolated virtual network within AWS where resources can be launched.

It provides:
* Isolation from other AWS networks
* Full control over networking configuration (IP ranges, subnets, routing, gateways)

Question 2

Which networking components can be configured inside an AWS VPC?

Answer 2

• IP address range (CIDR block)
• Subnets
• Route tables
• Network gateways
• Security layers (security groups / network ACLs)

Question 3

Why is a VPC described as logically isolated rather than physically isolated?

Answer 3

Because AWS customers share the same physical infrastructure, but networking rules and configurations isolate each VPC logically.

Question 4

What is the relationship between VPCs, Regions, and Availability Zones?

Answer 4

• A VPC belongs to one AWS Region
• It can span multiple Availability Zones within that region

Question 5

What is a subnet in AWS VPC networking?

Answer 5

A subnet is a range of IP addresses within a VPC used to divide the VPC into smaller networks.

Question 6

How do subnets relate to Availability Zones in AWS?

Answer 6

Each subnet exists in only one Availability Zone, but a VPC can contain multiple subnets across multiple AZs

Question 7

What are the two types of AWS subnets and how do they differ?

Answer 7

Public subnet
* Has access to the internet through an Internet Gateway

Private subnet
* No direct internet access

Question 8

What happens when you create a VPC with a CIDR block?

Answer 8

You assign the range of private IPv4 addresses that resources in that VPC can use.

Example:
10.0.0.0/16

Question 9

Why cannot the CIDR block of a VPC be changed after creation?

Answer 9

Because the entire VPC networking structure (subnets, routing, resources) depends on the original address range.

Question 10

What is the largest and smallest IPv4 CIDR block allowed when creating an AWS VPC?

Answer 10

Largest:
/16 → 65,536 addresses

Smallest:
/28 → 16 addresses

Question 11

Why must subnet CIDR blocks not overlap within a VPC?

Answer 11

Overlapping IP ranges would cause routing conflicts and prevent AWS from determining the correct destination network.

Question 12

In a subnet with CIDR block 10.0.0.0/24, why are only 251 addresses usable?

Answer 12

AWS reserves 5 IP addresses in every subnet.

Reserved addresses:
* Network address
* Router/internal communication
* DNS server
* Future use
* Broadcast address

Question 13

Which IP addresses are reserved in AWS for subnet 10.0.0.0/24?

Answer 13

Address Purpose
10.0.0.0 Network address
10.0.0.1 Internal communication
10.0.0.2 DNS server
10.0.0.3 Future use
10.0.0.255 Broadcast

Question 14

What is the difference between a public IPv4 address and an Elastic IP address in AWS?

Answer 14

Public IPv4
* Automatically assigned
* Can change when instance stops/starts

Elastic IP
* Manually allocated
* Static address
* Can be remapped to different instances

Question 15

Why might AWS charge for Elastic IP addresses?

Answer 15

To discourage users from reserving unused public IP addresses, which are limited global resources.