What you’ll learn
- how the necessary cloud infrastructure resources are deployed within the default VPC
As mentioned in the introduction section, the API project application's cloud infrastructure comes with two setups - development and production. The difference between the two is a bit different setup when it comes to networking and Amazon ElasticSearch Service. In the production setup, these are configured a bit differently, mainly for improving your project's security posture and availability.
In the development setup, your project is deployed into the default Virtual Private Cloud (VPC), which is automatically created for every AWS Account.
Virtual Private Clouds (VPCs) is a topic that requires some general networking knowledge and knowledge on AWS-specific concepts like regions, availability zones, different network gateways, and so on. Be sure to read about it before going through this section.
You can also check this Understanding the Default Virtual Private Cloud article. It clearly lays out a lot of useful information about AWS's default VPC setup.
In the diagram above, we can see that the default VPC setup (a setup controlled by AWS) consists of three subnets
We can also see that Lambda functions are located in all three subnets. This is because, by default, AWS runs Lambda functions in multiple AZs to ensure it is highly available in case of an AZ failure. The same cannot be said for the Amazon ElasticSearch Service
As mentioned, the default VPC setup can be a reasonable choice when it comes to development environments. But for production, since some of the cloud infrastructure resources may require that they are not exposed to the public internet, the Custom VPC may be a better solution.
Is Amazon ElasticSearch Service
dev setup, it is deployed into a single AZ, just for cost reasons. But yes, production workloads should use two or three AZs, hence the
prod setup. Check out the Amazon ElasticSearch Service's FAQ page for more information.