Geek Logbook

Tech sea log book

Recent Posts

Categories

#50projectsIn50days Airflow Amazon Web Services Apache Iceberg AWS Azure bash bastion host Batch CAP Coders At Work Data data lakes Data Warehouse Docker Edsger W. Dijkstra Excel Git Hadoop HDFS Hellerstein Hive Javascript Networking NoSql Power Bi Powershell Python Redash S3 Social Skills Software Developer Spark Spark: The Definitive Guide SQL SSH terraform Testing The Elements of Programming Style Traversy Media Ubuntu Understanding Distributed Systems Virtual Box whale-alert Yaml

Archives

Understanding Subnets, Gateways, and Route Tables in AWS

When designing applications in AWS, it’s crucial to understand how networking components interact within a Virtual Private Cloud (VPC). This post will cover subnets, gateways, and route tables, specifically in the context of the AWS Free Tier.

Everything Lives Inside a VPC

A VPC (Virtual Private Cloud) is a logically isolated section of AWS where you can launch AWS resources. Within a VPC, assets are organized into subnets to manage and control communication, improving security and availability.

Dividing Assets into Subnets

To enhance security and structure within the VPC, we divide our assets into:

  • Public Subnet: A subnet that has direct access to the internet.
  • Private Subnet: A subnet that does not have direct internet access but can communicate with the public subnet or other AWS services securely.

Traffic Flow: Gateways and Route Tables

Traffic inside a VPC is managed through gateways and route tables.

Internet Gateway (IGW)

An Internet Gateway (IGW) allows public subnets to communicate with the internet. If a resource needs public internet access (e.g., a web server), it must reside in a public subnet with a route to the IGW.

Route Tables

Route tables define how traffic is directed within the VPC. AWS uses different types of route tables:

  • Public Route Table: Enables communication between a public subnet and the internet via the Internet Gateway.
  • Private Route Table: Ensures that private subnets communicate securely without direct internet exposure.

NAT Gateway

A NAT (Network Address Translation) Gateway allows resources in a private subnet to initiate outbound internet connections while preventing unsolicited inbound traffic. It acts as an intermediary for internet-bound packets.

Communication Between Assets in a VPC

Any resource within the VPC can communicate with another resource in the same VPC, provided that security groups and network ACLs permit it. This setup ensures that internal traffic remains secure while allowing controlled external communication.

Conclusion

Understanding how subnets, gateways, and route tables interact is fundamental to designing secure and scalable AWS architectures. By properly segmenting networks and defining routing rules, you can protect critical assets while enabling necessary communication.

For a deeper dive into AWS networking, check out this AWS Skill Builder course.

Tags:
Previous Article
Next Article