Ojasa Mirai
Cloud
Learning Level
Networking Basics ā š VPCs, Firewalls, and Connectivity
Cloud networking creates isolated, private networks for your applications. Understanding networking is critical for security and performance.
šÆ Virtual Private Cloud (VPC)
A VPC is your private network in the cloud. Think of it as renting a building and creating internal networks.
Your VPC (Private Network)
āāā Subnet 1 (10.0.1.0/24)
ā āāā Web servers (isolated)
āāā Subnet 2 (10.0.2.0/24)
ā āāā Database servers (isolated)
āāā Router
āāā Internet Gateway (connects to internet)Benefits:
- Isolation: Only your resources in your VPC
- Control: You define network structure
- Security: Restrict who can access what
- Privacy: Private IP addresses for internal communication
Cloud VPCs:
- AWS: VPC
- GCP: VPC Network
- Azure: Virtual Network
š” Firewalls and Security Groups
Firewalls control which traffic is allowed in/out.
Inbound Rules: What can access your servers?
Outbound Rules: What can your servers access?
Example:
Inbound Rules:
- Allow HTTP (port 80) from anywhere
- Allow HTTPS (port 443) from anywhere
- Allow SSH (port 22) from office IP only
Outbound Rules:
- Allow all outbound trafficWhy this matters:
Without firewall rules, your database could be world-accessible (bad).
With rules, only your app servers can access database (good).
š Network Architecture Example
Internet (Public)
ā
[Load Balancer]
ā
VPC (Private Network)
āāā [Web Server 1]
āāā [Web Server 2]
āāā [Web Server 3]
āāā [Database]Traffic flow:
1. User requests come from internet
2. Load balancer routes to web servers
3. Web servers connect to database (private)
4. Database inaccessible from internet
5. Result: Secure, scalable architecture
š° Connectivity Options
Internet-connected
Resources accessible from internet. Use for web servers, APIs.
Private (No Internet)
Resources only accessible within VPC. Use for databases, internal services.
Hybrid
Connect your on-premise network to cloud VPC.
Example: Company network ā VPN ā Cloud VPC
All systems work as if same network.
šØ Real-World Example: E-commerce Architecture
Users on Internet
ā
Load Balancer (public, available to all)
ā
Web Servers (public subnet, can receive requests)
ā
App Servers (private subnet, internal only)
ā
Database (private subnet, internal only)Security:
- Users can't directly access database
- Users can't directly access app servers
- Only web servers exposed to internet
- Database completely protected
š Key Networking Concepts
| Concept | Purpose |
|---|---|
| VPC | Your private network in cloud |
| Subnet | Smaller networks within VPC |
| Security Group | Firewall rules for resources |
| Route Table | How traffic flows through network |
| NAT Gateway | Allow private resources to access internet |
| VPN | Encrypt connection from home/office to cloud |
| DNS | Map domain names to IP addresses |
ā Networking Best Practices
1. Least Privilege: Only allow necessary traffic
2. Multi-tier: Separate web, app, database layers
3. Private Databases: Never expose databases to internet
4. Monitoring: Log and monitor network traffic
5. DDoS Protection: Use cloud provider's DDoS protection
š Key Takeaways
- ā VPC is your isolated private network
- ā Security groups act as firewalls
- ā Subnet separates resources by function
- ā Databases should never be public
- ā Load balancers distribute traffic
- ā VPN secures remote connections
- ā Proper networking is critical for security
Want advanced patterns? š Networking Basics (Experienced)
Resources
Ojasa Mirai
Master AI-powered development skills through structured learning, real projects, and verified credentials. Whether you're upskilling your team or launching your career, we deliver the skills companies actually need.
Learn Deep ā¢ Build Real ā¢ Verify Skills ā¢ Launch Forward