Amazon Enables Cloud Services to Act More Physical

By Chris Preimesberger  |  Posted 2011-03-15 Print this article Print

Enterprises can now provision resources in a secure section of AWS Cloud and use a virtual network to determine which resources can be accessed via the Internet and which can only be accessed privately.

Amazon Web Services, which launched its first product (Simple Storage Service) five years ago this month, revealed March 15 that it has redesigned the access to its Virtual Private Cloud service. 

Users now can set up their own virtual networks within the Amazon cloud that they can control just as they control their own physical data center networks.

Amazon VPC now lets users specify which of their Amazon VPC resources they want to make directly accessible from their Internet connection and which they would like to maintain behind their firewalls. 

Previously, Amazon Elastic Cloud (EC2) users would provision a private section of the AWS cloud and launch AWS resources into it that were only accessible via a virtual private network (VPN) connection to a physical enterprise data center.

As a result, Amazon VPC was not directly accessible. Because VPNs in general are notorious for connectivity problems, interruptions in services were all too common. Starting on March 15, enterprises will no longer require a VPN or existing infrastructure resources in order to use the Amazon VPC, the Seattle-based company said. 

Enterprises now can define a virtual network topology in Amazon VPC that resembles a traditional network that they might operate in their own data center, the company said. Users will have complete control over the virtual networking environment, including selection of IP address range, creation of subnets, and configuration of route tables and network gateways. 

Users can customize the network configuration for Amazon VPC, for example, by creating a public-facing subnet for Web servers that have access to the Internet and placing back-end systems (such as databases or application servers) in a private-facing subnet with no Internet access.

If they choose, enterprises still can connect Amazon VPC to their own existing IT infrastructure with an encrypted VPN connection.

Specifically, Amazon VPC now enables enterprises to:

  • Create an Amazon Virtual Private Cloud on AWS' scalable infrastructure and specify its private IP address range from any range they choose.
  • Divide Amazon VPC's private IP address range into one or more public or private subnets to facilitate running applications and services in Amazon VPC.
  • Control inbound and outbound access to and from individual subnets using network access control lists.
  • Store data in Amazon S3 and set permissions so the data can only be accessed from within Amazon VPC.
  • Attach an Amazon Elastic IP Address to any Amazon VPC instance so it can be reached directly from the Internet.
  • Bridge Amazon VPC and an enterprise's own IT infrastructure with an encrypted VPN connection, extending enterprises' existing security and management policies to Amazon VPC instances as if they were running within an existing data center. 

Chris Preimesberger Chris Preimesberger was named Editor-in-Chief of Features & Analysis at eWEEK in November 2011. Previously he served eWEEK as Senior Writer, covering a range of IT sectors that include data center systems, cloud computing, storage, virtualization, green IT, e-discovery and IT governance. His blog, Storage Station, is considered a go-to information source. Chris won a national Folio Award for magazine writing in November 2011 for a cover story on and CEO-founder Marc Benioff, and he has served as a judge for the SIIA Codie Awards since 2005. In previous IT journalism, Chris was a founding editor of both IT Manager's Journal and and was managing editor of Software Development magazine. His diverse resume also includes: sportswriter for the Los Angeles Daily News, covering NCAA and NBA basketball, television critic for the Palo Alto Times Tribune, and Sports Information Director at Stanford University. He has served as a correspondent for The Associated Press, covering Stanford and NCAA tournament basketball, since 1983. He has covered a number of major events, including the 1984 Democratic National Convention, a Presidential press conference at the White House in 1993, the Emmy Awards (three times), two Rose Bowls, the Fiesta Bowl, several NCAA men's and women's basketball tournaments, a Formula One Grand Prix auto race, a heavyweight boxing championship bout (Ali vs. Spinks, 1978), and the 1985 Super Bowl. A 1975 graduate of Pepperdine University in Malibu, Calif., Chris has won more than a dozen regional and national awards for his work. He and his wife, Rebecca, have four children and reside in Redwood City, Calif.Follow on Twitter: editingwhiz

Submit a Comment

Loading Comments...
Manage your Newsletters: Login   Register My Newsletters

Rocket Fuel