Amazon Virtual Private Cloud (Amazon VPC) lets you provision a logically-isolated section of the Amazon Web Services (AWS) cloud where you can launch AWS resources in a virtual network that you define.
You have complete control over your virtual networking environment, including selection of your IP address range, creation of subnets, and configuration of route tables and network gateways.
You can easily customize the network configuration for your Amazon VPC. For example, you can create a public-facing subnet for your web servers that has access to the internet, and place your backend systems, such as databases or application servers, in a private-facing subnet with no internet access.
You can leverage multiple layers of security, including security groups and network access control lists (ACLs), to help control access to Amazon EC2 instances in each subnet.
Additionally, you can create a hardware Virtual Private Network (VPN) connection between your corporate datacenter and your VPC and leverage the AWS cloud as an extension of your corporate datacenter.
CloudCheckr provides various reports for keeping track of your VPC usage:
- List of VPCs
- Traffic Analysis
- Common Searches
- Customer Gateways
- Internet Gateways
- NAT Gateways
- Network ACLs
- Peering Connections
- Route Tables
- VPN Connections
- Virtual Private Gateways
To review the VPC features, go to the left navigation pane and select Security > Secure Configuration > VPC.
The VPC Summary report provides a high-level overview of all of the VPC traffic associated with your account.
This page has summary and detail tables on your VPC.
- VPCs: the total number of VPC's associated with your account
- Subnets: the total number of subnets associated with your AWS account
- Customer Gateways: the total number of customer gateways associated with your account; customer gateways connect your corporate network to a VPC using a VPN
- Internet Gateways: the total number of internet fateways associated with your AWS account; internet gateways connect your VPC to the public internet
- Publicly Accessible Subnets: the total number of publicly accessible subnets associated with your account
- Private Subnets: the total number of private subnets assocaited with your account
- DHCP Option Sets: the total number of DHCP option sets associated with your AWS account
The VPCs by Region chart shows you the total number of VPCs associated with the regions listed, and includes the following parameters:
- Region: the region where the subnet is located
- VPC: the number of VPC's locates in theat region
List of VPCs
The list of VPCs report provides a filter so you can search the entire inventory of VPCs associated with your AWS account.
The filter option allows you to filter by Region and VPC ID, and the results include:
- VPC ID
- Instance Tenancy
- DHCP Option Set
This report also includes valuable CIDR information:
- Number of Hosts in the CIDR Range
- Usable IPs
- Wildcard Bits
It also includes the following information:
- Internet Gateways
- Route Tables
- Network ACLs
- Available Resources in the VPC
- Subnets in the VPC
The traffic analysis report provides details on the gateways that permit traffic to move through to your VPC.
Traffic to a VPC flows from an internet gateway or virtual private gateway.
Once into the subnet, the traffic is verified by VPC security groups before reaching a resource (such as an EC2 instance).
CloudCheckr also provides information on the route tables and subnets associated with your VPCs.
The Traffic Analysis report allows you to filter by region and VPC ID.
This report helps you build a common search.
Click here for more information on how to use this report.
To peform a common search:
- Select an option.
- Type any parameters if applicable.
- Click Search.
The List of Network ACLs report, with all the appropriate filters, will open.
- From the List of Network ACLs report, modify your search.
Cloudcheckr takes the information on your subnets and divides them in to two reports:
- Summary: a summary of the subnets associated with your AWS account that includes charts with your subnets by region and by VPC.
- List of Subnets: a detail report of subnets associated with your AWS account that allows you to filter by availability zone, region, state, subnet ID, tag, or VPC.
Cloudcheckr takes the infomation on your network ACLs and divides it into two separate reports:
- Summary: the ACL summary report is a high-level summary of all the ACL activity associated with your AWS account that includes the number of network ACL outbound rules, the inbound rules, and a chart for network ACLs by region and by VPC.
- List of ACL: the list of ACLs report provides information on every ACL associated with your AWS account, and allows you to filter information by parameters such as protocol list, region, VPC, and more.