AWS Academy Introduction(AWS01) — Subnet
AWS cloud is a giant cloud, and I guarantee you will or have already heard about AWS cloud. I already mentioned that this list would introduce AWS and their services differently. I will technically present services in the first part, and the second part will explain the service with things that you use daily or can see in daily life. It is enough of an introduction so let’s jump to the Subnets.
You can read about Subnets in 2 ways in the story:
- Subnet — technically.
- Subnet — non technically.
Subnet — technically
A subnet is a range of IP addresses in your VPC. You can launch AWS resources, such as EC2 instances, into a specific subnet. When you create a subnet, you specify the IPv4 CIDR block for the subnet, which is a subset of the VPC CIDR block. Each subnet must reside entirely within one Availability Zone and cannot span zones. By launching instances in separate Availability Zones, you can protect your applications from the failure of a single zone.
In a previous article, I explained the VPC in technical and non-technical ways, and therefore I won’t explain VPC again. Based on the configuration of VPC, there are three types of subnets:
- Public subnet: The subnet’s IPv4 or IPv6 traffic is routed to an internet gateway or an egress-only internet gateway and can reach the public internet.
- Private subnet: The subnet’s IPv4 or IPv6 traffic is not routed to an internet gateway or egress-only internet gateway and cannot reach the public internet.
- VPN-only subnet: The subnet doesn’t have a route to the internet gateway, but it has its traffic routed to a virtual private gateway for a Site-to-Site VPN connection. Currently, we do not support IPv6 traffic over a Site-to-Site VPN connection.
Subnet — non technically.
You can imagine subnets as a room in a hotel. Some spaces are open, and some rooms are closed. In some rooms, you can add anything you want such as a couch, television, bed and much other stuff. In the world of AWS cloud, coach, television, and mattress can be perceived as services. Coach and bed take some places and do not take some electricity, bud television takes same electricity, and for that, you have to pay. In the AWS cloud, some services are free or cost a tiny bit of money, and some services cost a massive amount of money.
Public subnet:
A public subnet is a subnet that is more and less open to the entire world. Everybody can go around your hotel room and check what you have inside. It is like someone going around your open window and saying: “Hey man, nice bed, nice computer”. The window of your room is still available for any visitors, and anyone can use your bed or computer.
Private subnet:
A private subnet is different from a public subnet in many ways. You can imagine the room as a dark space with no visibility. The only window in the room can make available light rays to the room. The room is close to anyone. Only you can make available the room for strangers, and only you can take away the access to the room. It is like a flat with one room, and if you can make a space available for strangers, you can give them a key.
VPN-only subnet:
This routing is quite different from the previously mentioned. The communication does not work directly from subnet to subnet, but the subnet requests contact through VPC. The first VPC creates a communication canal to the second VPC. The second VPC pushes the communication to a specific subnet. It is like having two rooms close to each other, but if you want to get a computer from one room to another and you do not want to throw it, you have to go downstairs to your hotel, go up to the second hotel and leave the computer in the second room.
