AWS Networking - Virtual Private Cloud (VPC) & Subnets

When hosting your work on the cloud, networking plays a crucial role in connecting everything.

So, what’s a network? A network is simply a group of connected devices that communicate with each other. These communications could be requests sent from one device or responses to those requests. In the cloud, you want your AWS resources (like servers) to talk to each other and sometimes with the internet. You must understand some basic cloud networking concepts, starting with IP addresses, VPCs, and subnets.

What’s an IP Address?

Each device in a network has its unique IP (Internet Protocol) address. This is a series of numbers that helps identify and connect the device within the network. Think of it like a house number for your device, making sure data gets sent to the right place.

Most often, you'll encounter IPv4, which is a 32-bit address like this: 192.101.0.2. This format consists of four groups of numbers, where each number is between 0 and 255.

CIDR Notation

When working with IP addresses, you’ll also come across CIDR (Classless Inter-Domain Routing) notation. It represents a range of IP addresses that can be assigned to your network. For example, 192.101.0.0/24 this means the first 24 bits are fixed, while the last 8 bits can change, representing all addresses between 192.101.0.0 and 192.101.0.255. This helps ensure that your network gets the right number of IP addresses without wasting any.

What’s a VPC?

A VPC (Virtual Private Cloud) is like a secure, private box in the cloud where your AWS resources live. It's isolated from the public internet by default, giving you full control over how your resources communicate.

Each VPC exists within an AWS region and can span multiple availability zones (essentially different data centers in the same region). You can think of a VPC as your cloud-based private network, where resources can freely communicate with each other unless you set specific rules to allow or restrict this.

When you create a VPC, you define a CIDR block to allocate IP addresses within that network. Any resources, like EC2 instances, that you launch inside the VPC will be assigned an IP address from that block.

What’s a Subnet?

A subnet is a smaller network within your VPC. You can use subnets to group resources that require different levels of access. For example, you might want some resources to be public, like web servers that need internet access, and others to be private, like databases that should stay hidden from the outside world.

You can create public or private subnets depending on the needs of your application. Subnets live inside availability zones and are assigned their own CIDR block, a portion of the VPC’s CIDR range. Resources in subnets within the same VPC can still communicate with each other, even if they’re in different availability zones.

By understanding VPCs, subnets, and IP addresses, you gain more control over how your resources communicate in the cloud, ensuring security and efficiency in your cloud infrastructure.

References

1. What is IPv4?

2. What is my IP?

3. What is CIDR?

4. What is Amazon VPC?