Warning
You're browsing the documentation for an old version of Webiny. Consider upgrading your project to Webiny 5.39.x.
What you’ll learn
  • how the necessary cloud infrastructure resources are deployed within the default VPC

Diagram
anchor

Webiny Cloud Infrastructure - API - Default VPCWebiny Cloud Infrastructure - API - Default VPC
(click to enlarge)

Description
anchor

As mentioned in the introduction section, the API project application’s cloud infrastructure comes with two setups - development and production. The difference between the two is a bit different setup when it comes to networking and Amazon ElasticSearch Service. In the production setup, these are configured a bit differently, mainly for improving your project’s security posture and availability.

In the development setup, your project is deployed into the default Virtual Private Cloud (VPC), which is automatically created for every AWS Account.

Virtual Private Clouds (VPCs) is a topic that requires some general networking knowledge and knowledge on AWS-specific concepts like regions, availability zones, different network gateways, and so on. Be sure to read about itexternal link before going through this section.

You can also check this Understanding the Default Virtual Private Cloudexternal link article. It clearly lays out a lot of useful information about AWS’s default VPC setup.

In the diagram above, we can see that the default VPC setup (a setup controlled by AWS) consists of three subnets c d e that span across three availability zones (AZs). All of these subnets are public subnets, since they can both receive and send network traffic to the public internet. Note that the number of availability zones may vary, depending on the region you’re deploying into (some regions only have two AZs).We can also see that Lambda functions are located in all three subnets. This is because, by default, AWS runs Lambda functions in multiple AZs to ensure it is highly available in case of an AZ failure. The same cannot be said for the Amazon ElasticSearch Service h, which is only deployed in a single AZ C.

As mentioned, the default VPC setup can be a reasonable choice when it comes to development environments. But for production, since some of the cloud infrastructure resources may require that they are not exposed to the public internet, the Custom VPC may be a better solution.

FAQ
anchor

Is Amazon ElasticSearch Service Deployed Into Multiple AZs?
anchor

In the dev setup, it is deployed into a single AZ, just for cost reasons. But yes, production workloads should use two or three AZs, hence the prod setup. Check out the Amazon ElasticSearch Service’s FAQ pageexternal link for more information.