This course provides the best Amazon Web Services (AWS) tutorial for beginners to learn about AWS cloud services.

Learn about the core AWS's services like compute, storage, networking services and how they work with other services like Identity, Mobile,  Routing, and Security. This course provides you with a good grasp an all you need to know of AWS services.

This course has been designed by three AWS Solution Certified Architects who have a combined industry experience of 17 years.  We aim to provide you with just the right depth of knowledge you need to have.

Kyle Murphy

Easy to read and very succinct ! Loved this course. Its better than most other courses  out there that are either half baked or way to detailed. 

Excellent,  time and money well spent on this. 

Richard Guajardo

Got what I was looking for. I used this for my interview prep with AWS. 

Worth it !

Tammy Rogers 

Loved all the architecture diagrams. It really helped in understanding how each service would be used. 

Pretty detailed. 

Learn the A to Z of  Amazon Web Services  (AWS)

# What is VPC?
A VPC is a logically isolated section of a data center where you have complete control over your virtual networking environment, including the selection of IP address ranges, etc.

Think about it like a virtual data center in the cloud.

Additionally, you can create a hardware Virtual Private Network (VPN) connection between your corporate data center and your VPC and leverage the AWS cloud as an extension of your corporate data center.
You can connect to a VPC through an internet gateway or a virtual private gateway.






# CIDR
CIDR is a notation for describing blocks of IP address and is used heavily in various networking configurations.

In IPV4, an address consists of 32 bits, these are represented in decimal by 4 octets of 8 bits each. Each 8 bits can have a value from 0 to 255 because 2^8 (2 to the 8th power) is 256, and because we count from zero.

IPv6 addresses are represented differently because they are much longer than IPv4 addresses. The IPv6 address size is 128-bits long, or 16 8-bit octets.

The decimal value that comes after that;
/8	highest address range
/12	
/16	
/28	lowest address range 
Soft limit 5 VPC by default


With a VPC you can: 
1. Launch instances into a subnet
1. Assign custom IP address ranges in each subnet
1. Configure route tables between subnet 
1. Create an internet gateway and attach it to your VPC
1. Create Network ACL for better security 
1. Instance security groups
1. Subnet network access control links (ACLs)


# NAT gateways
A NAT gateway is a Network Address Translation (NAT) service. You can use a NAT gateway so that instances in a private subnet can connect to services outside your VPC but external services cannot initiate a connection with those instances.

When you create a NAT gateway, you specify one of the following connectivity types:

**Public – (Default)**: Instances in private subnets can connect to the internet through a public NAT gateway, but cannot receive unsolicited inbound connections from the internet. You create a public NAT gateway in a public subnet and must associate an elastic IP address with the NAT gateway at creation. You route traffic from the NAT gateway to the internet gateway for the VPC. Alternatively, you can use a public NAT gateway to connect to other VPCs or your on-premises network. In this case, you route traffic from the NAT gateway through a transit gateway or a virtual private gateway.

**Private** – Instances in private subnets can connect to other VPCs or your on-premises network through a private NAT gateway. You can route traffic from the NAT gateway through a transit gateway or a virtual private gateway. You cannot associate an elastic IP address with a private NAT gateway. You can attach an internet gateway to a VPC with a private NAT gateway, but if you route traffic from the private NAT gateway to the internet gateway, the internet gateway drops the traffic.

The NAT gateway replaces the source IP address of the instances with the IP address of the NAT gateway. For a public NAT gateway, this is the elastic IP address of the NAT gateway. For a private NAT gateway, this is the private IP address of the NAT gateway. When sending response traffic to the instances, the NAT device translates the addresses back to the original source IP address.

NAT Gateways are a managed service which means that the cloud provider manages this for the customer. 

You would have to create a NAT Gateway in each Availability Zone. You should have a routing table to route to each NAT Gateway in each availability zone to be able to talk across different AD’s.

You would use a network ACL’s to control the traffic to and from the subnet in which your NAT gateway resides. 


Fundamental Building Blocks of AWS

AWS: Miscellaneous Services

AWS: Identity & Access Management (IAM)

AWS: Compute Offerings

AWS: Storage

AWS: Database Offerings

AWS: Routing

AWS: Virtual Private Cloud (VPC)

AWS: Application Services

AWS Well Architected Framework

Virtual Private Cloud (VPC)

What is VPC?

CIDR