Amazon Virtual Private Cloud (Amazon VPC) lets you provision a logically isolated section of the Amazon Web Services (AWS) cloud where you can launch AWS resources in a virtual network that you define. You have complete control over your virtual networking environment, including selection of your own IP address range, creation of subnets, and configuration of route tables and network gateways. You can use both IPv4 and IPv6 in your VPC for secure and easy access to resources and applications.
You can easily customize the network configuration for your Amazon Virtual Private Cloud. For example, you can create a public-facing subnet for your webservers that has access to the Internet, and place your backend systems such as databases or application servers in a private-facing subnet with no Internet access. You can leverage multiple layers of security, including security groups and network access control lists, to help control access to Amazon EC2 instances in each subnet.
Additionally, you can create a Hardware Virtual Private Network (VPN) connection between your corporate datacenter and your VPC and leverage the AWS cloud as an extension of your corporate datacenter.
VPN Connection Pricing
- $0.05 per VPN Connection-hour
- $0.048 per VPN Connection-hour for connections to the Tokyo Region and Osaka-Local Region
- $0.065 per VPN Connection-hour for AWS GovCloud (US) Region
If you choose to create a VPN Connection to your VPC using a Virtual Private Gateway, you are charged for each "VPN Connection-hour" that your VPN connection is provisioned and available. Each partial VPN Connection-hour consumed is billed as a full hour. You also incur standard AWS data transfer charges for all data transferred via the VPN Connection. If you no longer wish to be charged for a VPN Connection, you simply terminate your VPN Connection using the AWS Management Console, commandline interface, or API.
AWS PrivateLink Pricing
If you choose to create an Interface type VPC endpoint in your VPC, you are charged for each hour that your VPC endpoint is provisioned in each Availability Zone. Data processing charges apply for each Gigabyte processed through the VPC endpoint regardless of the traffic’s source or destination. Each partial VPC endpoint-hour consumed is billed as a full hour. If you no longer wish to be charged for a VPC endpoint, delete your VPC endpoints using the AWS Management Console, command line interface (CLI), or API.
|Region||Price per VPC Endpoint per AZ ($/hour)||Price per GB data processed ($)|
|US East (N. Virginia)||0.01||0.01|
|US East (Ohio)||0.01||0.01|
|US West (Oregon)||0.01||0.01|
|US West (N. California)||0.011
|Asia Pacific (Singapore)||0.013||0.01|
|Asia Pacific (Tokyo)||0.014||0.01|
|Asia Pacific (Seoul)
|Asia Pacific (Sydney)||0.013
|Asia Pacific (Mumbai)||0.013||0.01|
|South America (São Paulo)
If you choose to create a NAT gateway in your VPC, you are charged for each “NAT Gateway-hour" that your NAT gateway is provisioned and available. Data processing charges apply for each Gigabyte processed through the NAT gateway regardless of the traffic’s source or destination. Each partial NAT Gateway-hour consumed is billed as a full hour. You also incur standard AWS data transfer charges for all data transferred via the NAT gateway. If you no longer wish to be charged for a NAT gateway, simply delete your NAT gateway using the AWS Management Console, commandline interface, or API.
|Region||Price per NAT gateway ($/hour)||Price per GB data processed ($)|
|US East (N. Virginia)||0.045||0.045|
|US East (Ohio)||0.045||0.045|
|US West (Oregon)||0.045||0.045|
|US West (N. California)||0.048||0.048|
|Asia Pacific (Singapore)||0.059||0.059|
|Asia Pacific (Tokyo)||0.062||0.062|
|Asia Pacific (Seoul)
|Asia Pacific (Sydney)||0.059||0.059|
|Asia Pacific (Mumbai)||0.056||0.056|
|South America (São Paulo)
|AWS GovCloud (US)||0.054||0.054|
NAT Gateway Pricing Example
Let’s assume you created a NAT gateway and you have an EC2 instance routing to the Internet through the NAT gateway. Your EC2 instance behind the NAT gateway sends a 1 GB file to one of your S3 buckets. The EC2 instance, NAT gateway and S3 Bucket are in the same region US East (Ohio), and the NAT gateway and EC2 instance are in the same availability zone. We calculate your cost as follows:
- NAT Gateway Hourly Charge: NAT Gateway is charged on an hourly basis. For this region, the rate is $0.045 per hour.
- NAT Gateway Data Processing Charge: 1 GB data went through NAT gateway. The NAT Gateway Data Processing charge is applied and will result in a charge of $0.045.
- Data Transfer Charge: This is the standard EC2 Data Transfer charge. 1 GB data was transferred from the EC2 instance to S3 via the NAT gateway. There was no charge for the data transfer from the EC2 instance to S3 as it is Data Transfer Out to Amazon EC2 to S3 in the same region. There was also no charge for the data transfer between the NAT Gateway and the EC2 instance since the traffic stays in the same availability zone using private IP addresses. There will be data transfer charge between your NAT Gateway and EC2 instance if they are in the different availability zone. Please visit the Data Transfer section of the EC2 Pricing page for more details.
Except as otherwise noted, our prices are exclusive of applicable taxes and duties, including VAT and applicable sales tax. For customers with a Japanese billing address, use of AWS is subject to Japanese Consumption Tax. Learn more.