How does AWS Work?

AWS (Amazon Web Services) is a cloud computing platform that provides a wide range of services to individuals and businesses. It works by allowing users to access computing resources, such as servers, storage, and databases, over the internet. These resources are hosted in data centres around the world, which are managed and maintained by AWS. When a user wants to use AWS services, they simply sign up for an account and select the services they need. They can then configure and manage these services through a web-based console or using APIs (Application Programming Interfaces). AWS works on a pay-as-you-go model, which means that users only pay for the resources they use, and they can easily scale up or down as needed. This makes it a cost-effective and flexible solution for businesses of all sizes. Overall, AWS works by providing a secure, reliable, and scalable cloud computing platform that allows users to easily access and manage a wide range of computing resources.

what is the region?

In AWS, a region is a geographical location where AWS has its data centres. Each region is completely independent and has multiple data centres, which are called Availability Zones. When you choose a region for your AWS resources, you are selecting a specific geographic location where your data will be stored and processed. AWS has multiple regions around the world, and each region is designed to provide low latency, high throughput, and high availability to its users. In simple terms, a region is like a physical location where you can store and access your data and applications in the cloud.

what is the availability zone?

An Availability Zone (AZ) is a data centre in a specific region where you can store and access your data and applications in the cloud. It is like a building where your data is stored and processed. AWS has multiple availability zones in each region.

Services Of AWS (ex :)

Amazon EC2:

Amazon EC2 is a web service that provides resizable computing capacity in the cloud. It allows you to rent virtual servers in the cloud and run your applications on them.

Amazon Simple Storage Service (S3):

Amazon Simple Storage Service (S3) is a cloud-based storage service that allows you to store and retrieve data from anywhere on the web. It is a scalable, secure, and highly available object storage service.

Amazon Aurora:

Amazon Aurora is a cloud-based relational database service that is highly scalable, secure, and available. It is designed to provide high performance and low latency for your applications.

Highly scalable means:

Highly scalable means that a system or service can handle an increasing workload without compromising performance or stability. In simpler terms, it means that the system can easily adapt to changes in demand without any issues.

High performance means:

High performance means that a system or service can process a large amount of data or requests quickly and efficiently, without slowing down or crashing. In other words, it can handle a high workload without any issues.

Low latency means:

Low latency means a short delay between the time when a user sends a request and the time when the system responds to that request. In simpler terms, it means a fast response time.

Amazon DynamoDB:

Amazon DynamoDB is a fully managed NoSQL database service it is a cloud-based database service that allows you to store and retrieve data quickly and easily, without worrying about the underlying infrastructure.

VPC:

Amazon VPC for On-Premises Network Engineers – Part 1 | AWS Partner Network (APN) Blog

In simple terms, VPC (Virtual Private Cloud) is a virtual network that you can create within AWS. It allows you to create a private network in the cloud, with its IP address range, subnets, and routing tables. You can launch Amazon EC2 instances (virtual servers) inside the VPC and have complete control over their networking. This means you can create multiple subnets, configure security groups, and set up network access control lists (ACLs) to control traffic flow. VPC provides a high level of security and isolation for your resources, as they are not accessible from the internet unless you explicitly allow them.

Types of VPC

Two types of VPC

Default VPC: A Default VPC is a preconfigured VPC that AWS creates for you when you create your AWS account. It includes default subnets, route tables, security groups, and network ACLs. You can launch instances into a default VPC without needing to do any additional configuration. It is designed to make it easy for users to get started with AWS by providing a preconfigured network environment.

Custom VPC: A Custom VPC is a virtual network that you can create within AWS. Unlike the Default VPC, you can customize a Custom VPC to meet your specific requirements. You can choose your IP address range, subnets, route tables, and security groups. Custom VPCs provide more control and flexibility over your network environment.

What is an IP Address

An IP (Internet Protocol) address is a unique numerical identifier that is assigned to every device connected to the internet. It allows devices to communicate with each other over the internet by sending and receiving data packets. In simpler terms, it's like a phone number for your device on the internet.

There are two types of IP addresses - IPv4 and IPv6. IPv4 is the older version and uses a 32-bit address format, while IPv6 is the newer version and uses a 128-bit address format. IPv4 addresses are limited in number and are being exhausted, while IPv6 addresses provide a much larger address space and are becoming more widely used.

There are three classes of IPv4 addresses: Class A, Class B, and Class C. Class A addresses are used for large networks, Class B addresses are used for medium-sized networks, and Class C addresses are used for small networks. There are also special addresses, such as the loopback address (127.0.0.1) and the broadcast address (255.255.255.255).

Class A IP addresses range from 1.0.0.0 to 126.0.0.0 and are used for large networks.

Class B IP addresses range from 128.0.0.0 to 191.255.255.255 and are used for medium-sized networks.

Class C IP addresses range from 192.0.0.0 to 223.255.255.255 and are used for small networks.

There are three types of IPv6 addresses: unicast, multicast, and anycast. Unicast addresses identify a single network interface, multicast addresses are used to send data to multiple devices, and anycast addresses identify a group of devices that provide the same service.

What is Subnet?

A subnet is a smaller network created from a larger network. It allows you to divide a larger network into smaller, more manageable networks. Subnets have their IP address range and can have their own security policies and routing tables. In AWS, a subnet is a range of IP addresses in your VPC. You can launch Amazon EC2 instances (virtual servers) inside a subnet and have complete control over their networking.

What is CIDR notation?

CIDR notation is a way to represent a range of IP addresses in a compact and easy-to-read format. It is often used in networking to specify the IP address range for a subnet or network. In CIDR notation, an IP address is followed by a forward slash (/) and a number, which represents the number of bits in the network prefix. For example, 192.168.0.0/24 represents a network with an IP address range from 192.168.0.0 to 192.168.0.255, where the first 24 bits represent the network prefix.

What are Routing Tables?

In simple words, a routing table is a set of rules that determine how network traffic is directed. It is like a map that tells network devices which path to take to reach a particular destination. Routing tables are used to ensure that network traffic takes the most efficient path and reaches its destination quickly and securely. In AWS, routing tables are used in VPCs to specify the traffic routes between subnets and the internet gateway.

What is ACL?

ACL (Access Control List) is a set of rules that control network traffic and block unauthorized access to resources. It is like a security guard that checks the identity of people trying to enter a building and only allows authorized individuals to enter. In AWS, ACLs can be used to control traffic flow in and out of subnets in the VPC. ACLs can be configured to allow or deny traffic based on rules that match the traffic's source IP address, destination IP address, protocol, and port number.

What is Availability Zone?

What is a Security Group?

A security group is like a virtual firewall that controls inbound and outbound traffic for your AWS resources. It acts as a barrier between your resources and the internet, allowing you to specify which traffic should be allowed or denied based on rules that you define. You can think of a security group as a set of traffic rules that determine who can access your resources and how they can access them.

what is the difference between ACL and security group?

In easy words, both ACLs and security groups are used to control network traffic and block unauthorized access to resources in AWS. However, there is a difference between them.

ACLs are used to control traffic flow in and out of subnets in the VPC. ACLs can be configured to allow or deny traffic based on rules that match the traffic's source IP address, destination IP address, protocol, and port number.

On the other hand, security groups act as virtual firewalls for your AWS resources. They control inbound and outbound traffic for your resources and allow you to specify which traffic should be allowed or denied based on the rules that you define. Security groups are associated with individual instances, whereas ACLs are associated with subnets.

How does VPC work?

AWS VPC Creation - Step by Step - DEV Community

what is an internet gateway?

it enables your VPC resources to connect and communicate with the internet.

What is a NAT gateway?

A NAT (Network Address Translation) Gateway is a service that allows instances in a private subnet to connect to the internet or other AWS services while preventing the internet or those services from initiating a connection with those instances. It does this by translating the private IP addresses of instances into public IP addresses, and vice versa. In simple terms, NAT Gateway acts as an intermediary between the internet and your private instances, allowing them to access the internet and other AWS services securely.

How will you design an infrastructure for a big application?

To design an infrastructure for a big application, you need to identify the application's requirements and choose the appropriate AWS services to build the architecture. You can use VPC to create a private network, with subnets, routing tables, and security groups to control traffic flow and access. Additionally, you can use load balancers, auto-scaling, and monitoring tools to ensure that your application can handle the expected workload and traffic. Finally, you should regularly test and optimize your infrastructure to ensure that it meets your application's performance and availability needs.

Hands-on :

default vpc

How to create vpc:

Go to create VPC

Create VPC

What is AMI?

AMI stands for Amazon Machine Image. In simple terms, it is a pre-configured virtual machine image that is used to create EC2 instances. An AMI contains all the information necessary to launch an instance, including the operating system, application server, and any additional software. It is like a snapshot of a virtual machine that you can use to create identical instances. AMIs are available for a wide range of operating systems and applications, and you can also create your own custom AMIs.

What is Instance Type?

Instance type refers to the hardware configuration of an EC2 instance. In simple terms, it is like choosing the size of a virtual machine, with different combinations of CPU, memory, storage, and networking capacity. Each instance type is designed to meet different workloads and performance needs, and they vary in price based on their capabilities. Choosing the right instance type is important for ensuring that your application runs smoothly and efficiently on the cloud.