Getting Started with AWS Networking: An Absolute Beginner's Guide to Cloud Networking.

Introduction

Ever found yourself banging your head against the wall trying to connect your local machine to an AWS EC2 instance? I sure have.
There was a time when I spent countless sleepless nights wrestling with "operation timeout" errors, convinced I'd configured everything perfectly. The frustration was real, and my confidence took a hit. But then, I had an epiphany: the issue wasn't my setup, it was my understanding of AWS networking fundamentals. So, I decided to hit the reset button, go back to basics, and truly grasp how AWS networking works.

In this article, I'll walk you through my journey of discovery, breaking down complex concepts into bite-sized, relatable pieces. Think of it as a friendly guide to help you navigate the sometimes-confusing world of AWS networking.

It would be great if you're somewhat familiar with a few networking basics. Think of it like knowing the general layout of a city before exploring its neighbourhoods. Concepts like:

• IP addresses (the 'home addresses' of devices)

• Subnets (smaller neighbourhoods within the city)

• Routing (the paths data takes to travel around)

If these terms sound a bit foreign, a quick peek at some beginner-friendly resources can help you get up to speed. So, you'll get the most out of our exploration into AWS networking. Let's dive in and understand this together.

Understanding AWS Global Infrastructure: Regions and Availability Zones

Imagine AWS as a huge marketplace, bustling with activity. Vendors (that's us) set up stalls (our resources from AWS) to showcase our goods (website, software or applications). Just as in a physical market, the location of your stall can influence foot traffic and sales i.e, If your store is located in a less suitable or low-traffic area, your sales will be affected. In the AWS marketplace, this translates to Regions and Availability Zones (AZs).​

• Regions: Think of these as the different sections of the marketplace. Each region is a distinct geographic area, and choosing the right one for your stall (resources) can impact your reach and performance. Factors like latency, local regulations from authorities, and proximity to your target audience play a very big role here.​

• Availability Zones (AZs): Within each region are multiple AZs, and each AZ is made up of one or more separate data centers that operate independently with their own power, networking, and cooling infrastructure. Setting up shop in multiple AZs is like having stalls in different high-traffic areas of the market. It boosts your visibility, ensures you're always accessible (even if one area has a hiccup), and helps you serve customers better.

Building Your Virtual Storefront: Virtual Private Cloud (VPC)

Now that we've picked our prime spot in the market, it's time to build our stall. In AWS, this is the VPC, a fenced-off area where you can arrange your goods (AWS resources in this case) just the way you like. It's like creating your own little corner in the vast AWS marketplace, offering security and customization. Setting up a VPC is like laying the foundation and fencing your stall, ensuring you have the right space, layout, and security to attract and serve customers effectively.

Defining Your Store's Layout: Subnets and CIDR Blocks

Subnets: These are like the different sections of your stall, each dedicated to a specific type of product.They are of 2 types, Private subnet and public subnet. In AWS, these two subnets allow you to group your AWS resources based on security and operational needs. In a market store, you might have a section for your most valuable items in a more secured segment(private subnet) of the store and other items in a more free segment(public subnet). This is exactly how subnets might apply in the real world.

CIDR Blocks: Classless Inter-Domain Routing (CIDR) Blocks are like the pricing labels for your products. Just like a price label tells you how much something costs or how many items you’re buying, a CIDR block tells you how many IP addresses you have in that network block for your VPC and its subnets, ensuring each resource has a unique identifier. Choosing the right CIDR block is crucial, it determines how many AWS resources you can have and helps avoid conflicts with other stalls (networks) in the market(AWS)

Establishing Connections: Route Tables, Gateways, and Security

Back to our stall analogy, no stall operates in isolation; communication is key. Just like in a busy market, no individual stall (vendor) can succeed completely on its own. Each stall depends on communication and collaboration, whether it’s with customers, suppliers, or neighboring vendors. In the cloud system, different services must constantly exchange data, this translates to there being a need for a network built to be able to communicate with its counterpart. This communication is facilitated by various components:​

Route Tables: Think of these as the signposts in the market, directing customers (data packets) to the right stalls (resources). They determine how traffic flows within your VPC and to/from the internet.​

Internet Gateway (IGW): This is the gateway between your stall and the outside world. It allows your resources to communicate with customers (users) on the internet, ensuring your goods (applications) are accessible to all.​

Network Address Translation (NAT) Gateway: For those exclusive, behind-the-scenes items (private resources embedded in the private subnet) that you don't want everyone to see but still need to access certain services, the NAT Gateway acts as a middleman, ensuring secure and controlled communication.​

Security Groups and Network ACLs: These are your stall's security measures. Security Groups act as bouncers, controlling who gets in (inbound traffic) and who leaves (outbound traffic) for your resources. Network Access Control Lists (ACLs) provide an additional layer of security, acting as gatekeepers at the subnet level, ensuring only authorized traffic flows in and out.​

Conclusion

Starting your journey in the cloud can seem extremely daunting at first but breaking down this knowledge into this analogy can make it all approachable and understandable. From understanding Regions and Availability Zones to setting up Virtual Private Clouds (VPCs), subnets, and implementing essential security measures, each component plays a vital role in building a secure and efficient cloud environment.

Now don't get it twisted, I understand that there is a lot more intricacies about AWS networking but the purpose of this article is to help absolute beginners break down these foundational knowledge. There are so many other complex concepts, but as you progress in your learning journey, you build up as you go. AWS offers a lot of resources, including tutorials and guides, to support your growth in this field.