Now that you understand the services that go into making a web app, you'll need to understand how to connect those services to each other. For this, AWS offers the networking services. Like everything we'll cover in this course, networking is a large and complicated subject. We'll be glossing over the details of how networking works to give you a quick high level understanding of the tools that AWS offers. If you'd like to learn more about the tools or networking generally, CloudAcademy offers many courses and labs in these technologies, so check those out once you're finished with this course.

First and most important of the networking tools is the Virtual Private Cloud service, or VPC. Virtual Private Cloud is how you'll connect together your EC2 instances, EBS volumes, RDS databases, elastic loud balancers, and more to create a fully functioning web app. In an on-premise setup, your networks would be created by literally wiring up your servers to each other, but on the Cloud, we have to do it all virtually. To do this, you create a private Cloud in VPC. This private Cloud will house all of your instances, volumes, and more. With VPC, you can create subnetworks, smaller networks with rules on how they can connect to each other. A common use case is to have two subnets, one public facing and one private. You put your front end code on EC2 instances in the public facing subnet and then users on the internet can connect to your website. You then put your back-end code and your databases and volumes and more on the private subnet. This way, users can only connect to your data through your front-end servers, giving malicious actors fewer ways to attack your system and data. Architecting these sorts of network solutions will make your app more secure.

Amazon's CloudFront service can make load times very fast for end users by hosting your data across multiple machines around the world. This way, when a user in, say, Mozambique tries to access your website, they will see a version stored on a web server in Africa rather than having to getting routed under the sea to servers in the US. While you might not often think of it, these real world distances can have a big effect on the user's experience of your website. With CloudFront, you don't have to think about it at all. Amazon just takes care of it for you.

VPC works with Route53 in order to provide domain name services. This is the backend internet architecture that maps a domain, for instance, cloudacademy.com, to some resource in the AWS Cloud, such as the EC2 server actually running cloudacademy.com. You have a lot of fine grain control over where your domains and subdomains point in your VPC. They can point to a specific EC2 instance, or to a load balancer, which will route your traffic elsewhere within a subnet. Also, Route53 can work directly with CloudFront to ensure that traffic goes to a server near the end user.

Finally, there are times when you want a strong connection between your corporate offices and the Amazon Cloud. For these use cases, you should look into AWS Direct Connect. Direct Connect offers a dedicated, secure network connection between your computer systems and the Amazon Cloud. This is very useful when you're transferring large amounts of data to the Amazon Cloud, such as during a migration, or if you need a hybrid solution where, for instance, your code runs in the Amazon Cloud, but your databases need to be housed in an on-premise machine so that you can manage them directly. The Direct Connect network connection, and thus, your local machines, can live within your Amazon private Cloud, making these machines much easier to connect to your Cloud services. Amazon's networking services are robust and flexible and will allow you to architect the solution that makes the most sense for your use case, whether you're an individual building a niche app, or a large business, which needs both Cloud and on-premise infrastructure to work together seamlessly.