Frequently asked questions

What is a virtual private cloud (VPC)?

A virtual private cloud (VPC) is a public cloud offering that enables an enterprise to establish its own private cloud-like computing environment on a shared public cloud infrastructure. A VPC gives an enterprise the ability to define and control a virtual network that is logically isolated from all other public cloud tenants, creating a private, security-rich place on the public cloud.

What are the advantages of a VPC?

A VPC can help you control the size of your virtual network and deploy cloud resources whenever your business needs them. It is supported by redundant resources and highly fault-tolerant availability-zone architectures. And because the VPC is a logically isolated network, your data and applications won’t share space or mix with those of the cloud provider’s other customers. And finally, a VPC helps you take advantage of savings on hardware costs and labor time.

What are the business benefits of a VPC?

A VPC provides for flexible business growth as you adapt to changes in your business needs. In a digital world, customers expect uptime of nearly 100%. The high availability of VPC environments supports this goal. VPCs enjoy high levels of security at the instance level, the subnet level, or both, reducing risk across the entire data lifecycle. And with reduced costs and fewer demands on your internal IT team, you can focus your efforts on business innovation.

How secure is a VPC?

VPCs achieve high levels of security by creating virtualized replicas of the security features that control access to the resources that are housed in traditional data centers. You can define virtual networks in logically isolated parts of the public cloud. You can control which IP addresses have access to which resources.

Access control lists (ACLs) are lists of rules that limit who can access a particular subnet in your VPC. The ACL defines the set of IP addresses or applications that are granted access to the subnet.

You can create groups of resources, which may be situated in more than one subnet, and can assign uniform-access rules to them. Security groups act like virtual firewalls, controlling the flow of traffic to your virtual servers, no matter which subnet they reside in.

Can I connect my VPC to my other IBM Cloud workloads?

Yes. You can set up access to your IBM Cloud® classic infrastructure from one VPC in each region.

How to set up access to classic infrastructure

Can the size of a subnet be changed after it’s created?

No. A subnet cannot be resized after it has been created.

What is the limit on the number of characters in a VPC name?

Currently, the limit is 100. If this limit is exceeded, you might receive an "internal error" message.

Can my VPC resource name begin with a number?

No. Although the name can contain numbers, it must begin with a letter.

Are there restrictions on which characters I can use in a VPC resource name?

Yes. The user interface blocks consecutive double dashes, underscores and periods from being part of a virtual server instance (VSI) name.

During creation of a packet gateway, do I need to reserve the floating IP address?

If an existing floating IP address is not specified, the API automatically creates a floating IP address along with the public gateway. Your floating IP address will appear when you query all the floating IP addresses.

What enforces the rule that there must be only one public gateway per zone for a VPC?

The VPC API service enforces this limit.

How do I obtain the cloud resource name (CRN) of a VPC?

To obtain the CRN of a VPC, click Menu > Resource list from the IBM Cloud console. Expand VPC Infrastructure to list your VPCs. Select a VPC and then click the Status entry to view its details. Use the icon to copy the CRN and paste it where needed.