AWS Core Building BlocksDiscover the essential AWS components like VPCs, subnets, security groups, and more that form the foundation of secure and scalable cloud infrastructure.
ByAnis Mer_

AWS Core Building Blocks

A Quick Overview

AWS is like a massive digital toolbox for building just about anything in the cloud. Whether you're deploying a simple app or a sprawling enterprise system, there are a few key building blocks you'll work with repeatedly. Let’s break them down:

Why These Building Blocks Matter

These core components form the foundation of any secure and scalable AWS setup. Mastering them allows you to confidently design, deploy, and manage infrastructure for any workload.

Visual Mental Model

Think of your AWS infrastructure as a city:

  • VPC is the city itself, defining its boundaries.
  • Subnets are the neighborhoods.
  • CIDR assigns postal codes to homes and offices.
  • Routing Tables are the roads connecting neighborhoods.
  • NAT is the security checkpoint allowing people to leave private areas but keeping outsiders out.
  • Security Groups and NACLs are the police and gated fences keeping things secure.
  • EBS is the storage facility housing your city's data.
  • Elastic IPs are like permanent street addresses, ensuring public-facing services always have the same reachable location.

Core Building Blocks

Here’s a quick overview of the key components:

  1. VPC (Virtual Private Cloud)
    Your private space in AWS — a virtual office building where you can set up floors (subnets), control access, and decide who gets in and out.

  2. Subnets
    Subnets divide your office into public-facing areas (for customers) and private spaces (for internal work). They help organize and secure your network.

  3. CIDR (Classless Inter-Domain Routing)
    CIDR is your network's addressing system — a bit like assigning zip codes to your office building so mail (or data) gets delivered to the right place.

  4. Routing Tables
    Routing tables are like roadmaps, ensuring traffic flows smoothly between different parts of your network and the outside world.

  5. NAT (Network Address Translation)
    NAT acts like your office receptionist, allowing internal employees (private instances) to make outgoing calls (access the internet) while keeping them hidden from direct outside access.

  6. Security Groups
    Security groups are the bouncers of AWS, controlling who gets to talk to your servers and what kind of traffic they can handle. They operate at the instance level, meaning each virtual server (EC2 instance) can have its own personalized set of rules.

  7. NACLs (Network Access Control Lists)
    Think of NACLs as the outer layer of defense — a set of rules governing what kind of traffic can enter and leave your subnets. Unlike security groups, NACLs operate at the subnet level, applying rules to all resources within a specific subnet.

Quick Mentions

  • EBS (Elastic Block Store): Think of this as your virtual hard drive. Every EC2 instance needs storage, and EBS provides reliable, high-performance block storage. We’ll dive deeper into this when we cover EC2.
  • Elastic IPs: Elastic IPs are like permanent street addresses for your public-facing services. Unlike dynamic IPs, they remain fixed unless explicitly released or reassigned, offering reliability for resources that need a consistent public endpoint.

Building Block Dependencies

Understanding how these components interact is key:

  • Subnets live inside a VPC.
  • CIDR blocks define the IP ranges for your VPC and its subnets.
  • Routing tables guide traffic within and outside the VPC.
  • NAT connects private subnets to the internet but requires routes in the routing table.
  • Security Groups control instance-level traffic, while NACLs govern subnet-level traffic.

Each piece fits together like a puzzle, creating a secure and functional network.

What’s Next?

Next, we’ll explore how to create your own Virtual Private Cloud (VPC) from scratch and lay the foundation for secure infrastructure.

Back