Multi-cloud Series Blog 1: Azure VNET vs AWS VPC vs GCP VPC

Dear readers/subscribers,

I started my multi-cloud journey after completing Azure and AWS certification before started my preparation for Google Cloud Professional architect exam. Soon I learned about differences and the wayt these 3 cloud providers have constructed their cloud services. To clear the air and make it easy to understand I decided to start a multi-cloud blog series. In this article we’ll compare Azure VNET vs AWS VPC vs GCP VPC.

Azure Vnet or AWS VPC or GCP VPC is a logical isolated network construct which enables you to launch cloud resources into a virtual network. You can think of this virtual network as your traditional network that you’d build in your on-premise data center. In nut shell it’s a Virtual Private datacenter in cloud. Let’s understand the difference among these three network constructs.

Features

Cloud Providers

Azure VNET AWS VPC GCP VPC
VNET/VPC Scope Region Region Global (spans across region). They are not associated with any particular region or zone.
Subnet Scope Region (spans across AZs) Availability Zone Region (spans across AZs)
VNET/VPC CIDR Need to define CIDR block for VNET Need to define CIDR block for VPC No CIDR block is defined for VPC. VPC is just a container for subnets.
VNET/VPC CIDR Expansion Yes can be expanded by adding additional CIDR blocks to VNET Yes can be expanded by adding additional CIDR blocks to VPC Yes can be expanded by adding new contiguous or non-contiguous subnets
Subnet CIDR Expansion No it can’t be expanded (except when it’s empty) No it can’t be expanded. Yes can be expanded but not shrunk.
Subnet CIDR Block Derived from VNET CIDR block Derived from VPC CIDR block Independent and can be any non-contiguous CIDR block assigned to Subnets
VNET/VPC Types Only one type. There is 2 types: default and non-default 3 types: auto mode, default auto mode and custom mode
VNET/VPC Type conversion NA NA. Can’t be converted. Default VPC can be deleted, however if you want to recover the deleted VPC then you will have to call AWS support. You can switch non-default auto mode to custom mode but this conversion is one-way. Custom mode networks cannot be changed to auto mode networks.
Reserved IPs 5 (first 4 and last) IP’s in each subnet are reserved 5 (first 4 and last) IP’s in each subnet are reserved 4 (first 2 and last 2) IP’s in each subnet are reserved
Internet Access Turned on by default for all resources inside VNET. Turned on by default for default VPC but turned off for non-default VPC ( created without using VPC Wizard) Turned on by default for default auto mode VPC but turned off for new auto mode or custom mode VPC
VNET/VPC peering Regional and Global VNET peering Regional and inter-regional VPC peering Since VPC is a global construct in GCP hence VPC peering is global in nature.

I tried to summarize everything about VPC and VNET in easiest possible way, however it’s not possible to cover all features here and I’ll be covering more services and details in my next Multi-Cloud blog series. If you have any feedback or questions please feel free to leave your comments below!

Thanks,

Niraj Kumar|Azure Architect-MCSD, AWS SA-A, MCSA-O365, MCT, PMP

Reference:

Azure Beginner’s Series | Azure Security

Greetings Readers!

Thank you for taking time to read this article! As part of AzureTalk-Beginner’s online series , this week we covered Azure Security. We discussed following topics:

  • Azure Data Center Security
  • Azure Trust Center
  • Security, Privacy, compliance and transparency principles
  • Azure Security Center
  • Data Encryption (At rest, in-transit)
  • Azure Key Vault and analytics

The recorded session is made available for viewing and you can watch entire Azure Talk on Azure Security here.

Recorded Session-Entire Presentation

You can find slides used for the session in below section.

Azure Security slides

Join our AzureTalk Telegram group with more than 3100 community members to get answers of your Azure related questions.

If you would like to be part of future sessions, please do register at http://register.kloudezy.com/

Thank you for taking time to read my article! If you found it useful please like, comment and share!

Niraj Kumar, MCT & Enterprise Cloud architect.

AzureTalk Telegram Group
O365 & EMS Talk Telegram Group
AzureDevOpsPro Telegram Group

Reference:

AzureTalk: AMAQ(Ask Me Any Question)

Hi Readers,

I conducted an online session in a series of sessions as part of AzureTalk and this time I decided to take questions from audience. It was an AMAQ(Ask Me Any Question) session with the audience.

There were many questions including designing, architecting, securing Azure cloud. Some of the questions included followings:

  • How do we plan and architect an enterprise infrastructure move from On-Prem to Azure cloud? What planning and due diligence are needed for a successful cloud migration?
  • How should you plan & design an Azure subscription Model? Centralized or Decentralized?
  • How to design a highly available Web application? What Azure components can be utilized to design a typical Web Application?
  • What are available tools for application assessment, migration?
  • How to secure and protect azure infrastructure? What measures can be taken to secure public cloud?
  • How and what to do to prevent DDOS  against infrastructure hosted in Azure?
  • How and when to select right cloud for customer Azure Vs Aws?
  • Future of cloud revolution!
    • Phase 1- Migration from On-Prem Data center to IaaS running in cloud.
    • Phase 2- Migration from IaaS to PaaS.
    • Phase 3- Migration from PaaS and building our own custom application to SaaS.
  • The future belongs to Hybrid cloud. Azure Stack will give strategic advantage to Microsoft in Hybrid cloud space.
  • What container orchestration tool to use Docker or Kubernetes.

The recorded session is made available for viewing and you can watch entire Azure TalkAMAQ(Ask Me Any Question) session here.

Azure Talk: AMAQ Part 1

Azure Talk: AMAQ Part 2

What is Azure Talk?

It’s a weekly 1 hour session to cover wide array of topics on Microsoft Azure. Session includes 3 logical sections.

  • 1st part I’ll walk you through “Azure Concept Of The Week” by utilizing a deck.
  • 2nd part we do a live demo and implement what we discussed earlier.
  • 3rd part Q & A session.

These are live sessions and you will get an opportunity to ask questions. Recorded sessions are published onto our AzureTalk Youtube channel. You could also join our AzureTalk Telegram group to get answers to Azure related queries. Many active community members readily answer questions!

If you would like to be part of future sessions, please do register at https://www.kloudezy.com/

Thank you for taking time to read my article and if you found it useful please do like, comment and share!

Cheers!

Niraj Kumar, MCT & Lead Azure Cloud architect.

Reference: