Targeted at customers with existing IT investments, the Virtual Private Cloud (VPC) service provides a way for companies to create a logically separated set of Elastic Compute Cloud (EC2) instances and a secure VPN connection to their own networks.
Jeff Barr, Amazon Web Services strategist, said in a blog that the service requires three elements: a VPC instance, an IPSec VPN gateway, and a block of IP addresses provided by the customer. The VPC's address space can range from 16 addresses (known to network administrators as a /28 address range) to 16,384 addresses (a /18 address range), and the addresses can be divided up into subnets to further partition traffic.
All Internet-bound traffic is routed through the customer's network and outbound security systems before reaching the public network, Barr said.
Amazon.com Chief Technology Officer Werner Vogels described in a blog Amazon's vision for the service:
(CIOs) have bought into the cloud as a target for a significant portion of their services, as the benefits are too obvious to ignore, and most expect that their transition will be a continuous process. They would accelerate the adoption of cloud services if they could access a form of cloud that would give them the best of both worlds: the flexibility and cost-effectiveness of accessing a virtually infinite pool of resources without owning it, while being able to integrate those resources into their existing datacenter environments such that they could continue to leverage existing investments in their management and control infrastructure...
We have developed Amazon Virtual Private Cloud (Amazon VPC) to allow our customers to seamlessly extend their IT infrastructure into the cloud while maintaining the levels of isolation required for their enterprise management tools to do their work.
Not all Amazon Web Services capabilities are supported in Amazon VPC at the start, such as Amazon EC2 security groups, DevPay AMIs, and Internet-facing IP addresses. The VPN service has been tested with equipment from Cisco Systems and Juniper Networks.
VPC pricing is based on a $0.05 hourly charge for VPN access, plus a cost for data transfer into and out of the connection, ranging from $0.10/GB to $0.17/GB. Charges for other Amazon Web Services, including Amazon EC2, are billed separately at Amazon's standard rates.