Public cloud computing is a service that can be accessed over the internet. It provides resources, on a shared basis, for hosting applications and data on distributed computing resources. Cloud providers host a pool of services for computer servers, storages, networks, application platforms and software services that are assigned to customers based on their needs. Cloud providers take responsibility of managing computing resources so that customers can concentrate on building applications or services quickly. AWS is the biggest public cloud service provider.

AWS provides most of the networking services that we are going to explore for free. It also lets customers experiment with some of the other services for free at a lower scale. We need to have an account and the required permissions in AWS to execute the recipes provided throughout this book. Creating some of the services may cost some money, so please look into the AWS pricing page (https://aws.amazon.com/pricing/services/) for different services and understand the cost impact that execution of some recipes will have.

In this section, we shall come to understand the building blocks of AWS Cloud. We are going to use or create the following components through this book.

• Region: AWS Cloud currently has data centers in 16 cities and is also coming up in new locations throughout the world. Each region is completely isolated from the others. You need to choose one region to create network components.
• Availability Zone (AZ): Each region of AWS Cloud has multiple physically isolated and separate data centers called availability zone. Some network components span across multiple AZs in a region like VPC. Components like subnet are confined within an AZ. AWS provides various networking services as Platform as a Service (PaaS). Examples are:
  • Route 53: Distributed, scalable and highly available Domain Name System (DNS)
  • Direct connect: This provides a dedicated low latency and high bandwidth network connectivity between a data center and an AWS VPC.
  • ELB: This is a high availablility and scalable load balancing service provided by AWS.
  • AWS VPC: VPC is a virtual network built in the AWS Cloud similar to a network in a data center. It is isolated from other VPCs that are created in your account or other accounts. You can choose the Classless Inter-Domain Routing (CIDR) range of the VPC and can create instances with the IP address within that range. Virtual Routing and Forwarding (VRF) in conventional networking is equivalent to a VPC in AWS, whereas VLAN is synonymous to a subnet. You can isolate instances in separate VLANs or subnets.

The following figure gives the default VPC components which include Internet gateway, Virtual private gateway, Router, Route table, Subnet, Network ACL and Security group.

Source: http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/images/security-diagram.png