1.

Instance
An instance is like a virtual computer that you can rent from AWS. You can use it
to run programs, websites, or store data, just like you would on a physical
computer.
2. Subnet
A subnet is a smaller network within a bigger network (VPC). It helps organize and
control how your instances connect to each other and to the internet.
Public subnet: Allows instances to connect to the internet.
Private subnet: Keeps instances hidden from the internet for security.
3. Elastic Network Interface (ENI)
An ENI is like a network adapter (similar to a Wi-Fi card) for your instance. It
gives the instance an IP address, allowing it to communicate over a network. Each
instance has one by default, but you can add more if needed.
4. Public Traffic
Public traffic is data that comes from or goes to the internet. For example, if you
have a website, public traffic is all the user visits and requests coming from the
internet.
5. Private Traffic
Private traffic stays inside the network and doesn’t go to the internet. It’s often
used for secure internal communications, like when a website connects to a database
that shouldn’t be exposed to the public.
6. Internet Gateway
An Internet Gateway is like a door that connects your public subnet to the
internet, allowing instances in that subnet to send and receive data from the
internet.
7. NAT Gateway
A NAT Gateway allows instances in a private subnet to access the internet only for
outgoing requests, like downloading updates. It blocks incoming traffic to keep the
instances secure.
8. Security Groups
Security groups are like rules or filters around an instance that control what kind
of data can enter or leave. They can allow things like web traffic but block others
for security.
9.route tables - it keep record for all route polcy which data and service to send
and recieve how

eg--- The website (hosted on an EC2 instance in the VPC) interacts with RDS
(database) for storing user and order data, with S3 for storing product images, and
possibly with DynamoDB for fast lookups of product information.
The website itself is publicly accessible (through EC2), but sensitive data like
user orders and product information are stored securely in private subnets (RDS,
DynamoDB).
S3 and DynamoDB are not inside the VPC, but they can still be accessed securely via
private endpoints to ensure data transfer is private.

In AWS, a Virtual Private Cloud (VPC) is a virtual network where you can deploy and
manage your cloud resources securely and isolate them from other users' resources.
Here’s a breakdown of the different instances and resources that come under a VPC:

1. EC2 Instances
EC2 (Elastic Compute Cloud) Instances are virtual servers you create in AWS.
When launched within a VPC, these instances can be placed in public or private
subnets depending on access needs (public-facing web servers or private database
servers).
EC2 instances in a VPC get an IP address, either public or private, based on the
subnet.
2. Subnets
A subnet is a subdivision of the VPC, providing logical segmentation within the
network.
Public Subnets allow access to the internet (when connected to an Internet
Gateway).
Private Subnets are isolated from the internet, often used for resources that don’t
need public exposure, like databases.
3. Internet Gateway
An Internet Gateway is a resource that connects the VPC to the internet, allowing
resources in public subnets to send and receive traffic.
It’s essential for any instance that needs public internet access, like web
servers.
4. NAT Gateway and NAT Instance
NAT (Network Address Translation) Gateway: Allows instances in private subnets to
access the internet without exposing them to inbound traffic from the internet.
NAT Instance: Similar functionality to NAT Gateway but runs on an EC2 instance,
providing outbound internet access for private resources.
5. Elastic Load Balancer (ELB)
Elastic Load Balancers distribute incoming traffic across multiple instances for
high availability and redundancy.
They can be deployed within a VPC to manage traffic among instances in public and
private subnets.
6. RDS Instances
RDS (Relational Database Service) Instances are managed database services.
When launched in a VPC, RDS instances can be placed in private subnets for secure
database access, limiting access only to applications within the VPC.
7. Elastic Network Interface (ENI)
ENI is a virtual network card attached to EC2 instances, providing network
connectivity.
ENIs allow instances to have multiple IP addresses or different security groups,
useful for multi-network setups.
8. Security Groups
Security Groups act as virtual firewalls for instances, defining inbound and
outbound traffic rules.
They apply at the instance level and control what kind of traffic can enter or
leave the instance.
9. Network Access Control Lists (NACLs)
NACLs are stateless firewalls at the subnet level.
They provide an additional layer of security by allowing or denying specific
traffic types to entire subnets.
10. Route Tables
Route Tables control the traffic routing within the VPC, defining which subnets can
reach each other and how traffic moves to and from the internet or other AWS
services.
11. Peering Connections
VPC Peering allows traffic to flow between two VPCs, either within the same AWS
account or across different accounts.
Useful for interconnecting VPCs for applications that need to communicate without
going over the public internet.
12. VPN Connections and Direct Connect
VPN Connections link a VPC to an on-premises network via the internet for secure,
encrypted communication.
Direct Connect provides a dedicated, private connection between a VPC and on-
premises infrastructure, suitable for high-bandwidth and secure communication
needs.
13. Endpoints
VPC Endpoints allow resources in a VPC to privately connect to AWS services (like
S3 or DynamoDB) without needing a public IP address or going over the internet.
There are two types: Interface Endpoints (which use ENIs) and Gateway Endpoints
(for services like S3 and DynamoDB).
14. Elastic File System (EFS)
EFS is a managed file storage service that can be mounted by EC2 instances within a
VPC.
It provides shared storage, often used by multiple instances within the same VPC.

1. Hosting the Server on AWS

AWS EC2 Instance: We start by launching an EC2 instance on AWS, which is
essentially a virtual server.
Setting up the Environment: On this EC2 instance, we install:
Apache: To serve content as a web server.
Flask: To handle the application logic, generate content, and manage back-end
processes.
mod_wsgi (Apache module): Allows Apache to communicate with the Flask app.
2. Configuring Apache as the Web Server
Apache’s Role: Apache acts as a “front” server that listens for HTTP requests
coming from users’ browsers.
mod_wsgi Module: Apache loads mod_wsgi, which allows it to connect to our Flask
application and handle Python requests.
Configuration File: We set up an Apache configuration file to tell Apache:
Where the Flask app is located.
Which requests should go to Flask for further processing.
3. User Sends a Request (HTTP Request)
Browser to Server: A user enters a URL (e.g., https://myapp.com/profile) in their
browser.
DNS Resolution: AWS’s Route 53 (or another DNS service) resolves myapp.com to the
IP address of our EC2 instance, where Apache is running.
4. Apache Receives the Request
Apache Decodes the Request: Apache interprets what the user is asking for.
If the request is for a static file (like an image or CSS file), Apache serves it
directly from the server without needing Flask.
If the request needs dynamic content (like /profile for a user’s profile page),
Apache uses mod_wsgi to pass the request to the Flask application.
5. Flask Application Processes the Request
Flask Receives the Request: Through mod_wsgi, Apache hands over the dynamic request
to Flask.
Generating Content:
Flask processes the request (e.g., fetching user data from a database if the
request is for /profile).
Flask generates an HTTP response, often in HTML format, based on the application
logic and data retrieval.
6. Apache Receives the Response from Flask
Back to Apache: Flask sends the generated HTML content back to Apache.
Sending the Response: Apache takes the response and prepares it for delivery back
to the user’s browser.
7. User’s Browser Receives the Content
The user’s browser displays the HTML, CSS, and JavaScript content it received,
rendering the page as intended.
For any additional requests (e.g., images, stylesheets), the browser repeats the
process, requesting static files that Apache can serve directly.
Simplified Summary
AWS (EC2): Hosts the server where Apache and Flask run.
Apache: Listens for incoming requests, serving static files directly or passing
dynamic requests to Flask via mod_wsgi.
Flask: Handles application logic and generates dynamic content.
Browser: Displays the content returned by Apache.
Each piece has a specific role:

AWS provides the infrastructure.

Apache is the gateway that manages HTTP requests.
Flask processes dynamic content and application logic.
mod_wsgi bridges Apache and Flask for smooth communication.
This setup ensures that web applications can handle both static and dynamic content
requests effectively.

Definition: An IP address (Internet Protocol address) is a unique numerical label

assigned to each device connected to a network that uses the Internet Protocol for
communication.

Purpose: IP addresses serve two main purposes:

Identifying Hosts: They identify devices on a network, such as computers,

smartphones, or servers.
Location Addressing: They provide the location of the device in the network,
allowing data to be routed correctly.
Format:

There are two types of IP addresses:

IPv4: This is the most common format, consisting of four numbers separated by dots
(e.g., 192.168.1.1). Each number can range from 0 to 255.
IPv6: This is a newer format designed to replace IPv4 due to its limitations. IPv6
addresses are longer and written in hexadecimal format (e.g.,
2001:0db8:85a3:0000:0000:8a2e:0370:7334).
What is DNS?
Definition: The Domain Name System (DNS) is like the phone book of the Internet. It
translates human-readable domain names (like www.example.com) into IP addresses
that computers use to identify each other on the network.
Purpose: DNS allows users to access websites using easy-to-remember domain names
instead of having to remember complex numerical IP addresses.
How DNS Works: Step-by-Step
User Enters a Domain Name: When you type a domain name (like www.example.com) into
your web browser, the browser needs to find out the corresponding IP address.

DNS Query:

The browser first checks its local cache to see if it has recently accessed the
domain and knows its IP address.
If it doesn't have the address, it sends a DNS query to a DNS resolver (usually
provided by your Internet Service Provider or ISP).
Resolving the Domain:

The DNS resolver looks for the IP address in its cache. If it doesn't find it, it
begins a series of queries:
Root Name Server: It first contacts a root name server, which knows where to find
the top-level domain servers (like .com, .org, etc.).
Top-Level Domain (TLD) Server: The root server directs the resolver to the
appropriate TLD server for the domain (e.g., .com for example.com).
Authoritative Name Server: The TLD server then directs the resolver to the
authoritative name server for the specific domain, which holds the actual IP
address for www.example.com.
Getting the IP Address: The authoritative name server responds with the IP address
associated with the domain name.

Returning the IP to the Browser: The DNS resolver sends the IP address back to the
browser.

Connecting to the Website: With the IP address, the browser can now connect to the
web server hosting the website. It sends a request to the server, which responds
with the web page content.

Summary
IP Address: A unique identifier for devices on a network, used for communication.
DNS: A system that translates human-friendly domain names into IP addresses,
allowing users to access websites easily.
This process happens quickly, often in a matter of milliseconds, making it seem
seamless to users as they browse the web.