AWS crucial components

Let's dive in and understand some crucial AWS components on a higher level. All these components are imperative to form any AWS complete infrastructure.

VPC (Virtual Private Cloud) - It is like our personal cloud network within the whole cloud network. It offers isolation from the network to keep our system secure. It enables us to use security features like security groups, NACLs, and more. In a VPC, we can create our resources in a known CIDR range of IP addresses, making it easy to manage everything.

AWS Internet Gateway - It acts as a gateway for traffic between the internet and the instances in our VPC. It provides two main connections: firstly, the outbound traffic from instances in the public subnet to access the internet, and secondly, the inbound traffic from the internet to connect to the instances with public IPs.

It is connected to a VPC and routed to the public subnet through the VPC route table.

NAT (Network Address Translation) - It is an AWS component that enables the instances in the private subnet to access the internet without the internet being able to initiate any connection to the instances in the private subnet.

There are two types: NAT gateway and NAT instances. The NAT gateway is fully managed by AWS, enabling the instances in the private subnet to access the internet. On the other hand, NAT instances offer more flexibility but require manual management and act as Network Address Translation for the instances in the private subnet.

Traffic from the instances in the private subnet is sent to the NAT gateway in the public subnet, where the private IP of the instances is translated to the public IP of the NAT gateway.

AWS Aurora - It is a fully managed relational database offered by AWS. It is compatible with MySQL and PostgreSQL. It is very high-performing, scales automatically, is highly available and provides data encryption at rest and in transit.

VPC endpoint - It is used to connect our VPC to other supported AWS services and VPC endpoint services powered by AWS PrivateLink, privately without the need for any internet connectivity.

There are two types: VPC endpoint interface and VPC endpoint gateway. The VPC endpoint interface uses AWS PrivateLink as the underlying technology to connect our VPC to other AWS services and our own services hosted on AWS.

The VPC endpoint gateway is used specifically to connect to AWS S3 and DynamoDB.

Using the VPC endpoints eliminates the need to use NAT devices, internet gateway, and VPN, simplifying the network configuration.

DynamoDB - It is a fully managed NoSQL database by AWS. The data is stored in key-value pairs and is used in situations where high throughput is needed. It is designed to handle large amounts of data with high performance and reliability.

DynamoDB has a flexible schema that allows storing data in various formats, ranging from simple key-value data to complex data structures. It is easily integrated with other AWS services like Lambda, S3, CloudWatch, and others.

Lambda - It is a serverless computing service offered by AWS. It is an event-driven computing resource. Being fully managed by AWS, it can scale up easily with increasing workloads.

Lambda works on a pay-as-you-go model, where you have to pay only for the compute time for the requests.

A Lambda function is a small piece of code that executes a specific task and can be written using multiple languages like Python, Node.js, Java, and more.

CloudWatch - It is a monitoring, logging, and alerting tool offered by AWS. It offers various metrics to track the performance of AWS resources and to keep track of any health issues.

It easily integrates with almost all AWS resources, making tracking very easy and centralized. It offers dashboard creation, where in one view, we can see all our metrics for all the resources.

It can be used to create alerts, and when some pre-configured thresholds are reached, trigger events can be sent to Lambda, SQS, SNS, as per our configurations.

It also provides log collection from various AWS services, which can be searched, filtered, and analyzed to troubleshoot issues.

VGW (Virtual private gateway) - It provides connectivity between the on-premise network and AWS VPC over the internet via VPN.

Direct Connect - It is used to connect your on-premise network with AWS over a private connection, which provides a consistent, secure, and low-latency connection.

VPC Peering - It is a networking connection between two VPCs that allows data to be shared over the AWS network itself, without needing to connect over the internet. This keeps security high and latency low.