Deploying Infrastructure on AWS: EC2, VPC, and Route 53 Explained

Md Sharjil AlamMd Sharjil Alam
7 min read

A Hands-On Guide to the Foundational Trio of the AWS Cloud


Figure 1: A high-level overview of the services we'll cover.

If you're starting your journey with Amazon Web Services (AWS), you'll quickly discover a foundational trio of services: EC2, VPC, and Route 53. Mastering these is the key to building almost any application in the cloud. They provide the compute power, the secure network, and the global routing needed to bring your ideas to life.

In this article, we won't just define these services. We'll explore their core components and then walk through a hands-on lab to deploy a live web server, showing you exactly how they work together.

πŸ“š Table of Contents

  • What is EC2 (Elastic Compute Cloud)?

  • What is Amazon VPC (Virtual Private Cloud)?

  • What is Amazon Route 53?

  • Hands-On Lab: Building Our Live Infrastructure

  • Bonus: The AWS Shared Responsibility Model

  • Conclusion


πŸ“¦ What is EC2 (Elastic Compute Cloud)?

Amazon EC2 (Elastic Compute Cloud) provides secure and resizable compute capacity in the cloud. In simple terms, it's a virtual server that you can rent from AWS. This lets you run applications without buying or managing physical hardware.

EC2 Instance Types

AWS knows that one size doesn't fit all. That's why EC2 offers various "instance types," each optimized for different tasks.

TypeDescriptionUse Case Example
🧍 General PurposeA balance of compute, memory, and networkingWeb servers, Dev/Test environments
⚑ Compute OptimizedHigh-performance processorsGaming servers, scientific modeling
🧠 Memory OptimizedLarge amounts of RAM for data-intensive workIn-memory databases, real-time analytics
πŸ’Ύ Storage OptimizedHigh-speed local disk I/OBig data analysis, data warehousing
πŸš€ Accelerated ComputeHardware accelerators (GPUs, FPGAs)Machine learning, video rendering

🌐 What is Amazon VPC (Virtual Private Cloud)?

Amazon VPC gives you your own logically isolated section of the AWS Cloud. Think of it as your personal, private data center network in the cloud. You have complete control over this network, including your own IP address ranges, subnets, route tables, and network gateways.

Figure 2: The basic architecture of a Virtual Private Cloud (VPC).

Key VPC Components

  • Subnets: A segment of your VPC’s IP address range where you can place groups of isolated resources. They can be Public (accessible from the internet) or Private (not directly accessible).

  • Route Tables: A set of rules that determines where network traffic from your subnet is directed.

  • Internet Gateway (IGW): The gateway you attach to your VPC to allow communication with the internet.

  • NAT Gateway: A service that allows instances in a private subnet to connect to the internet (e.g., for software updates), but prevents the internet from initiating a connection with those instances.

  • Security Groups (SG) & Network ACLs (NACL): Your VPC's firewalls.

Security in Your VPC: SG vs. NACL

Understanding the difference between Security Groups and NACLs is crucial for network security.

FeatureSecurity Group (SG)Network ACL (NACL)
LayerInstance-level firewallSubnet-level firewall
StateStateful (Outbound traffic is auto-allowed if inbound is)Stateless (Outbound rules must be set separately)
DefaultDenies all inbound trafficAllows all traffic (inbound and outbound)
Use CaseSecuring specific applications (e.g., a web server)Broad, stateless protection for an entire subnet

🌍 Amazon Route 53: DNS and Routing

Amazon Route 53 is a highly available and scalable cloud Domain Name System (DNS) web service. Its primary job is to translate human-friendly domain names (like your-app.com) into the IP addresses that computers use to connect.

Figure 3: Route 53 connecting a domain to various AWS resources.

Why is it called "Route 53"?
DNS servers use the well-known network Port 53. The name is a clever reference to its core function of routing traffic through this port.

Key Capabilities:

  • Domain Registration: Buy and manage domains directly within AWS.

  • DNS Resolution: Maps your domain to AWS resources (EC2, S3, Load Balancers).

  • Health Checks: Monitors the health of your endpoints and automatically reroutes traffic away from unhealthy ones.

  • Routing Policies: Advanced traffic management like routing users based on latency, geographic location, or weighted distribution.


πŸ› οΈ Hands-On Lab: Building Our Live Infrastructure

Theory is great, but building is better. Let's launch a real web server using all three services.

Our Goal

We will build the architecture shown below: Route 53 will direct internet traffic through an Internet Gateway into our VPC's public subnet, where our EC2 web server lives.

Figure 4: The architecture we are about to build.

Step 1: Launch Your EC2 Instance & VPC
AWS has made this easier than ever. We can create the VPC, subnet, security group, and EC2 instance in one go.

  1. Navigate to the EC2 Dashboard in the AWS Console and click "Launch instances".

  2. Name: Give your server a name, like my-web-server.

  3. AMI: Choose an Amazon Machine Image, such as Amazon Linux 2 (Free Tier eligible).

  4. Instance Type: Select t2.micro (also Free Tier eligible).

  5. Key Pair: Create a new key pair. Give it a name, download the .pem file, and save it somewhere safe. You will not be able to download it again.

  6. Network Settings: Click "Edit".

    • For VPC, select "Create new VPC". The wizard will automatically create the VPC, a public subnet, and an Internet Gateway.

    • For Security Group, select "Create security group". Ensure it has two rules:

      • Allow SSH traffic from My IP.

      • Allow HTTP traffic from Anywhere.

  7. Click "Launch instance".

Step 2: Install a Web Server

  1. Once your instance is "Running," select it and copy its Public IPv4 address.

  2. Open your terminal or command prompt. First, make your key file read-only, then connect via SSH.

    Generated bash

           # For Mac/Linux. If on Windows, you can use PuTTY or WSL.
     chmod 400 /path/to/your-key-name.pem
    
     ssh -i /path/to/your-key-name.pem ec2-user@YOUR_PUBLIC_IP
    
  3. Once connected, run these commands to install and start a simple web server:

    Generated bash

           # Install Apache web server
     sudo yum update -y
     sudo yum install -y httpd
    
     # Start the web server
     sudo systemctl start httpd
     sudo systemctl enable httpd
    
     # Create a simple web page
     echo "<h1>Hello World! My AWS site, deployed by Sharjil, is live!</h1>" | sudo tee /var/www/html/index.html
    
  4. Open your browser and paste your EC2 instance's public IP address into the URL bar. You should see your "Hello World" message!

Step 3: Connect Your Domain with Route 53

  1. Navigate to the Route 53 dashboard.

  2. Go to Hosted zones and click on your domain name.

  3. Click "Create record".

  4. Leave the Record name blank to route traffic for your root domain (e.g., your-domain.com).

  5. Set Record type to A.

  6. In the Value field, paste your EC2 instance's Public IPv4 address.

  7. Click "Create records".

After a few minutes for DNS to propagate, you can now visit your domain name in the browser and see your live website!


πŸ” Bonus: The AWS Shared Responsibility Model

When using AWS, it's vital to understand who is responsible for what.

  • AWS's Responsibility (Security of the Cloud): AWS manages the security of the underlying hardware, software, networking, and facilities that run AWS services.

  • Your Responsibility (Security in the Cloud): You are responsible for securing your data, managing access (IAM), and configuring network controls like Security Groups and NACLs.

Automating secure infrastructure with DevOps tools like Jenkins or Terraform must always respect these boundaries.

πŸ“Œ Conclusion

EC2, VPC, and Route 53 are the pillars of modern cloud infrastructure on AWS. By mastering them, you've learned how to:

βœ… Deploy Compute: Launch and manage scalable virtual servers with EC2.
βœ… Secure Networks: Create isolated, secure virtual networks with VPC.
βœ… Route Traffic: Reliably connect users to your applications with Route 53.

You've not only learned the theory but have now successfully deployed a fully functional piece of cloud infrastructure.

πŸ”— Let’s Connect!

🏷️ Tags:

#AWS, #EC2, #VPC, #Route53, #CloudComputing, #DevOps, #TechBlog, #SharjilLearnsCloud

0
Subscribe to my newsletter

Read articles from Md Sharjil Alam directly inside your inbox. Subscribe to the newsletter, and don't miss out.

Written by

Md Sharjil Alam
Md Sharjil Alam

πŸš€ DevOps & Cloud Engineer | AWS | CI/CD | Terraform | Docker | Golang | Kubernetes I'm a DevOps & Cloud Engineer passionate about automating infrastructure and building reliable, scalable cloud systems. I bring hands-on experience with AWS services, CI/CD pipelines, and Infrastructure as Code to streamline software delivery and enhance operational efficiency. From writing backend logic in Golang to provisioning cloud infra with Terraform, and deploying Dockerized apps using Jenkins, I’ve worked across the stack to integrate development and operations seamlessly. πŸ”§ Core Skills: DevOps: Jenkins, GitHub Actions, Docker, Ansible, Terraform Cloud: AWS (EC2, S3, IAM, Lambda, Route 53, CloudWatch) IaC & Automation: Terraform, Ansible, Shell scripting Containerization & Orchestration: Docker, Kubernetes Backend Development: Golang, REST APIs, MySQL, MongoDB Frontend (for full-stack apps): ReactJS, JavaScript, Tailwind CSS Tools: Git, GitHub, Linux, VS Code πŸ› οΈ Project Highlights: βš™οΈ Built automated CI/CD pipelines with Jenkins, Docker, and GitHub Actions ☁️ Deployed and managed staging/production environments on AWS πŸ”§ Provisioned cloud infrastructure using Terraform and Ansible 🧠 Wrote backend APIs in Go and connected to full-stack apps πŸ“Š Set up IAM roles, monitoring (CloudWatch), and cloud security best practices πŸ“š I share learnings and tutorials on Hashnode. πŸ“© Let’s connect: mdsharjil32@gmail.com