Release: Amazon Virtual Private Cloud on 2011-08-03

Release Notes>Release: Amazon Virtual Private Cloud on 2011 08 03
Support for VPC in five AWS Regions, VPCs in multiple Availability Zones, multiple VPCs per AWS account, multiple VPN connections per VPC, Microsoft Windows Server 2008 R2 and Microsoft SQL Server Reserved Instances, and a new API version: 2011-07-15


Submitted By: Francis@AWS
Release Date: August 3, 2011 7:00 AM GMT
Latest Version: 2011-07-15
Latest WSDL:
Created On: August 4, 2011 4:04 AM GMT
Last Updated: September 12, 2012 5:04 AM GMT

New Features

Feature Description
General availability of Amazon VPC Amazon VPC is no longer a beta and is now generally available.
Support for VPC in US-West (N.California), Asia Pacific (Singapore), Asia Pacific (Tokyo) You can create VPCs in any of the five AWS Regions (US-East (Virginia), US-West (N.California), EU-West (Ireland), Asia Pacific (Singapore), or Asia Pacific (Tokyo)).
Support for VPC in multiple Availability Zones in each Region You can create a VPC that spans multiple Availability Zones in a Region. Since each VPC can have multiple subnets, you can put each subnet in a distinct Availability Zone. Virtual private gateways and Internet gateways are regional objects, and can be accessed from any Availability Zone.
Support for multiple VPN Connections per VPC You can create multiple VPN connections to a single VPC. This can be used to connect multiple branch offices to a single VPC, or to provide redundant VPN connections from a single location.
VPN Connection Status You can view the status of each VPN Connection on the AWS Management Console and via API/CLI. Status includes connection state (up or down), tunnel state, time since last state change, and descriptive text for connection errors.
Support for multiple VPCs per AWS account per Region You can create multiple, fully-independent VPCs in a single Region without having to use additional AWS accounts. You can, for example, create production networks, development networks, staging networks, and test networks as needed.
Support for Microsoft Windows Server 2008 R2 You can use Microsoft Windows Server 2008 R2 within your VPC.
Support for Microsoft SQL Server Reserved Instances You can purchase Reserved Instances for Microsoft Windows with SQL Server running within your VPC.
Support for Yamaha RTX1200 routers You can use the Yamaha RTX1200 router to establish hardware VPN connections to your Amazon VPC. The configuration for the RTX1200 can be downloaded from the VPN Connections page of the AWS Management Console.
VPN Gateway changed to Virtual Private Gateway The term "VPN gateway" has been changed to "virtual private gateway."

Resolved Issues

Issue Resolution
Elastic Load Balancing is not available for use within a VPC. Update (November 21, 2011): Beginning with the November 21, 2011 release of Elastic Load Balancing (API Version 2011-11-15), you can use Elastic Load Balancing within a VPC. For more information, go to How Do I Use Elastic Load Balancing in Amazon VPC in the Amazon Elastic Load Balancing Developer Guide.
Amazon Relational Database Service is not available for use within a VPC. Update (January 24, 2012): Beginning with the January 24, 2012 release of Amazon Relational Database Service (Amazon RDS) (API Version 2012-01-15), you can use Amazon RDS within a VPC. For more information, go to Amazon RDS and Amazon Virtual Private Cloud (VPC) in the Amazon RDS User Guide.
CC2 instance types are not supported in a VPC. Update (April 26, 2012): Beginning April 26, 2012, you can use cc2.8xlarge instances in a VPC.
Read replicas in Amazon Relational Database Services are not supported in a VPC. Update (May 17, 2012): Beginning May 17, 2012, you can use Amazon Relational Database Service (RDS) Read-Replicas in a VPC.

Version History

Release Date WDSL Description
2011-03-27 2011-02-28.ec2.wsdl Support for Dedicated Instances
2011-03-14 2011-01-01.ec2.wsdl Support for Internet Gateway, route tables, elastic IP addresses, security groups, network access control lists, NAT instances, instance metadata, and new instance attributes
2010-12-02 2010-11-15.ec2.wsdl Support for Auto Scaling
2010-09-19 2010-08-31.ec2.wsdl Support for tags
2010-09-07 2010-06-15.ec2.wsdl Support for AWS Management Console
2010-09-02 2010-06-15.ec2.wsdl Support for Identity and Access Management (IAM)
2010-07-12 2010-06-15.ec2.wsdl Support for user-specified IP address
2010-05-19 2009-10-31.ec2.wsdl Support for Juniper SSG and ISG Running ScreenOS
2010-05-04 2009-07-15.ec2.wsdl Support for VPC in EU-West (Ireland) Region
2010-03-22 2009-07-15.ec2.wsdl Support for AWS SDK for Java
2010-02-11 2009-07-15.ec2.wsdl Support for EBS-backed EC2 instances in VPC, support for high-memory instances
2009-12-14 2009-07-15.ec2.wsdl Support for VPCs up to /16 in size
2009-11-11 2009-07-15.ec2.wsdl Support for AWS SDK for .NET
2009-08-27 2009-07-15.ec2.wsdl Initial launch of AWS VPC

Known Issues

CC1 and t1.micro instances CC1 and t1.micro instances are not supported for use in a VPC at this time.
Amazon ElastiCache Amazon ElastiCache is not available for use in a VPC at this time.
AWS Elastic Beanstalk AWS Elastic Beanstalk is not available for use in a VPC at this time.
Amazon Relational Database Services Amazon RDS for Oracle Database and Amazon RDS for Microsoft SQL Server are not available for use in an Amazon VPC at this time.
VPC Dashboard filtered view If you have created more than one VPC and choose to filter the VPC dashboard view to only view a single VPC, the resource counts for Security Groups, Internet Gateways, Virtual Private Gateways, Customer Gateways, and VPN Connections will show the values for all VPCs.
Older API Version Clients and Latest Console Display Different Results If you use a client that is based on an older API version of Amazon VPC (earlier than version 2011-01-01), but you also use the AWS Management Console to manage your VPC resources, you'll see different results between the two interfaces.
Elastic IP Addresses Not Interchangeable Any EC2 Elastic IP addresses your AWS account has cannot be used with your VPC, and any VPC Elastic IP addresses you have can't be used with EC2.
Security Groups Not Interchangeable Any EC2 security groups your AWS account has cannot be used with your VPC, and any VPC security groups you have can't be used with EC2.
Traffic Sent to Overlapping IP Address Ranges Is Dropped For customers using the optional IPsec VPN gateway: If your VPC's IP address range overlaps with an IP address range in use within your existing IT infrastructure, Amazon VPC will drop any traffic to said range. To avoid this, create your VPC so it does not overlap with current or expected future subnets in your network.
Broadcast and Multicast Unsupported in a VPC You are unable to employ either broadcast or multicast within your VPC.
Ordering of DHCP Option Values Not Guaranteed When you specify DHCP options, some options (e.g., DNS servers) accept multiple values. The ordering of these values is not guaranteed. After creating the options, you should use the DescribeDhcpOptions operation (or the ec2-describe-dhcp-options command) to confirm the order in which the options will be delivered to instances.
Tags for Amazon VPC Resources Not Supported in the Console You can tag your Amazon VPC resources using the API or command line tools, but those tags are not available to work with in the AWS Management Console.
Configuration Changes for Windows Server 2008 AMIs If you've created your own Windows Server 2008 AMIs from Amazon's Windows Server 2008 base images prior to v1.02, you need to make a couple of changes to your existing configuration in order to activate your instances' licensing when launching in a VPC. In some cases, you might need to make changes for v1.02 as well, depending on your needs.

Manually Locate VPC Activation Endpoints

If you want to launch a Windows Server 2008 AMI in a VPC, you must manually set the Windows Activation endpoint in your instance if either of the following conditions are true:
  • You have created your own Windows Server 2008 AMI but opted not to Sysprep that image using the Amazon Ec2Config utility (this is true for all Windows Server 2008 AMI versions)
  • You have created your own AMI from an Amazon version prior to 1.02 (even if Sysprep was used)

The activation IP addresses for VPC instances are:

  • (backup)

To set the endpoint manually, execute the following commands from the command line:

Slmgr.vbs /skms
Slmgr.vbs /ato

Update EC2Config Service Settings

If you're using an AMI that was created from an Amazon public Windows Server 2008 image prior to v1.02, then you should also make a change to one of the Activation Settings files in the Ec2Config service to reflect the new discovery hierarchy, which includes the preceding endpoints for VPC activation.

To make this change, overwrite the file C:\Program Files\Amazon\Ec2ConfigService\Settings\ActivationSettings.xml with the following XML. Once you do that, anytime you Sysprep your image with the Ec2Config service utility, your freshly launched instance will be able to locate its KMS servers in any environment.

©2017, Amazon Web Services, Inc. or its affiliates. All rights reserved.