AWS Networking

updated: 10th of March 2023

published: 2nd of February 2023

Intro

Apparently, there is still networking in the cloud. Who would have thunk it? This post is a high level overview of the AWS networking infrastructure and services. As I skip along the path to obtaining the AWS Advanced Networking Speciality certification I will update this post, and will also link to other posts I create, where having more detailed information makes sense.

Public vs Private Zones

The AWS network is split up into two zones; the Public Zone and the Private Zone. Some AWS services such as S3 live in the Public zone which has access to and from the internet. Services in the Private Zone, by default have no access to or from the internet or other services in AWS.

blog/aws-networking/aws-public-vs-private.png

Region

A Region is a collection of physical data centres that are logically grouped in a regional cluster. An AWS region has a minimum of 3, isolated and physically seperate Availbility Zones (AZ).

The following diagram shows the ap-southeast-2 (Sydney) region.

blog/aws-networking/aws-region.png

Availability Zone

An Availability Zone (AZ) is 1 (or more) physically isolated data centres with redundant power, networking and connectivity located within a Region.

AZs in a Region are seperated by many kilometres, but all are within a 100km radius of each other.

AZs are connected by high bandwidth, low-latency networking allowing for sychronous replication and high-availability applications. Additionally, all traffic between AZs is encrypted.

The following diagram show the ap-southeast-2 (Sydney) regions availability zones.

blog/aws-networking/aws-availability-zone.png

Edge Location

An Edge Location is a Point-of-Presence (PoP) that is located closer to end users than a Region. Edge locations peer with Telecom Carries via CloudFront to deliver low-latency access to some AWS services.

The following diagram shows an AWS Edge Location.

blog/aws-networking/aws-edge-location.png

Edge Cache

An Edge Cache is a Regional PoP that is used to cache content close to the users via a CloudFront distribution.

The following diagram shows an AWS Edge Cache.

blog/aws-networking/aws-edge-cache.png
Note
Not all Edge Locations have an Edge Cache.

VPC

A Virtual Private Cloud (VPC) is a logically isolated virtual network that by default, is segregated from other customers and the internet.

The following diagram shows a AWS VPC topology.

blog/aws-networking/aws-edge-cache.png

My notes on AWS VPCs can be found here.

https://learn.cantrill.io/courses/1231680/lectures/31757251

https://aws.amazon.com/about-aws/global-infrastructure/?p=ngi&loc=0

https://aws.amazon.com/cloudfront/features/?p=ugi&l=ap&whats-new-cloudfront.sort-by=item.additionalFields.postDateTime&whats-new-cloudfront.sort-order=desc