Default VPC

Diagram

Description

As mentioned in the introduction section, the API project application’s cloud infrastructure comes with two setups - development and production. The difference between the two is a bit different setup when it comes to networking and Amazon ElasticSearch Service. In the production setup, these are configured a bit differently, mainly for improving your project’s security posture and availability.

In the development setup, your project is deployed into the default Virtual Private Cloud (VPC), which is automatically created for every AWS Account.

In the diagram above, we can see that the default VPC setup (a setup controlled by AWS) consists of three subnets c d e that span across three availability zones (AZs). All of these subnets are public subnets, since they can both receive and send network traffic to the public internet. Note that the number of availability zones may vary, depending on the region you’re deploying into (some regions only have two AZs).We can also see that Lambda functions are located in all three subnets. This is because, by default, AWS runs Lambda functions in multiple AZs to ensure it is highly available in case of an AZ failure. The same cannot be said for the Amazon ElasticSearch Service h, which is only deployed in a single AZ C.

As mentioned, the default VPC setup can be a reasonable choice when it comes to development environments. But for production, since some of the cloud infrastructure resources may require that they are not exposed to the public internet, the Custom VPC may be a better solution.

FAQ

Is Amazon ElasticSearch Service Deployed Into Multiple AZs?

In the dev setup, it is deployed into a single AZ, just for cost reasons. But yes, production workloads should use two or three AZs, hence the prod setup. Check out the Amazon ElasticSearch Service’s FAQ page for more information.