Skip to main content

Default VPC

What you’ll learn
  • how the necessary cloud infrastructure resources are deployed within the default VPC


Webiny Cloud Infrastructure - API - Default VPC


As mentioned in the introduction section, the API project application's cloud infrastructure comes with two setups - development and production. The difference between the two is a bit different setup when it comes to networking and Amazon ElasticSearch Service. In the production setup, these are configured a bit differently, mainly for improving your project's security posture and availability.

In the development setup, your project is deployed into the default Virtual Private Cloud (VPC), which is automatically created for every AWS Account.


Virtual Private Clouds (VPCs) is a topic that requires some general networking knowledge and knowledge on AWS-specific concepts like regions, availability zones, different network gateways, and so on. Be sure to read about it before going through this section.

You can also check this Understanding the Default Virtual Private Cloud article. It clearly lays out a lot of useful information about AWS's default VPC setup.

In the diagram above, we can see that the default VPC setup (a setup controlled by AWS) consists of three subnets c d e that span across three availability zones (AZs). All of these subnets are public subnets, since they can both receive and send network traffic to the public internet. Note that the number of availability zones may vary, depending on the region you're deploying into (some regions only have two AZs).

We can also see that Lambda functions are located in all three subnets. This is because, by default, AWS runs Lambda functions in multiple AZs to ensure it is highly available in case of an AZ failure. The same cannot be said for the Amazon ElasticSearch Service h, which is only deployed in a single AZ C.

As mentioned, the default VPC setup can be a reasonable choice when it comes to development environments. But for production, since some of the cloud infrastructure resources may require that they are not exposed to the public internet, the Custom VPC may be a better solution.


Is Amazon ElasticSearch Service h deployed into multiple AZs?

In the dev setup, it is deployed into a single AZ, just for cost reasons. But yes, production workloads should use two or three AZs, hence the prod setup. Check out the Amazon ElasticSearch Service's FAQ page for more information.

Last updated on by Adrian Smijulj