Exploring Networking essentials in AWS

Networking with VPC

Learning Outcome

5

Differentiate between Security Groups and NACLs

4

Understand Internet Gateway (IGW) and NAT Gateway

3

Learn what Amazon VPC is and why it is used

2

Understand CIDR notation and IP ranges

1

Understand basic networking concepts and IP addressing

Earlier, we learned that

 What is Networking?

Networking is the practice of connecting systems so they can communicate

  • Data transfer

  • Resource sharing

  • Internet access

  • Secure communication

It enables

In AWS, networking is built using VPC

What is an IP Address?

An IP address is a unique identifier for a device on a network

Types

IPv4 (e.g., 192.168.1.1)

IPv6

IP addresses help systems

Identify each other

Send and receive data

 Public IP vs Private IP

Public IP Address

Private IP Address

  • Private IP Address
  • Used by public-facing resources
  • Example: Web servers

  • Used inside private networks

  • Not reachable from the internet

  • More secure

  • Example: Databases

Understanding CIDR Notation

CIDR defines the IP address range of a VPC

Example:

10.0.0.0/16

CIDR helps in:

All subnets come from the VPC CIDR.

IP planning

Network isolation

What is Amazon VPC?

A Virtual Private Cloud (VPC) is an isolated network in AWS

It helps:

Control inbound and outbound traffic using security groups and network ACLs

 

Define custom IP address ranges and subnets

Secure your AWS resources from public access

Where you can deploy resources like EC2 instances, databases, and load balancers

Understanding VPC IP Addressing

When creating a VPC

  • You assign a CIDR block

  • All subnets derive IPs from this range

Example

VPC CIDR

10.0.0.0/16

Subnet CIDR

10.0.1.0/24

Subnets in a VPC

Has route to Internet Gateway

No direct internet access

Used for web servers

Used for databases, backend

Resources can have public IPs

More secure

Internet Gateway (IGW)

Required for public subnets

Internet Gateway allows:

Internet access for VPC resources

Enables inbound and outbound traffic

Internet access for VPC resources

NAT Gateway

NAT Gateway allows:

Private subnet resources to access internet

Without allowing inbound internet traffic

 Used for updates, patching, downloads

Routing in a VPC

Routing decides where network traffic goes

AWS uses Route Tables to control traffic flow

Routes define

Destination

Target (IGW, NAT, local)

Route Tables

Each subnet must be associated with a route table

Route tables define:

Where network traffic should go

Common routes

Local VPC traffic

Internet traffic

NAT traffic

Acts at instance level

Works at subnet level

Security Groups

(Stateful)

Network ACLs

(Stateless)

Primary security for EC2

 Secondary layer of security

Return traffic must be explicitly allowed

Allow and deny rules

Return traffic is automatically allowed

Only allow rules

Security in VPC

Summary

4

Security Groups and NACLs secure the network

3

VPC provides isolated cloud networking

2

CIDR defines IP ranges

1

Networking enables communication

Quiz

Which AWS component allows private subnet resources to access the internet without being exposed?

A. Internet Gateway

B. Security Group

C. NAT Gateway

D.Route Table

Quiz-Answer

Which AWS component allows private subnet resources to access the internet without being exposed?

A. Internet Gateway

B. Security Group

C. NAT Gateway

D.Route Table

 DynamoDB is a

A. Relational database

B. NoSQL database

C. Data warehouse

D.File storage service

Networking with VPC

By Content ITV

Networking with VPC

  • 0

More from Content ITV