Step 5
Step 5 — AWS essentials — VPC · EC2 · RDS · S3 · IAM
45 min
Step 5 — AWS essentials
AWS has 200+ services, but you start with these five.
1. VPC — virtual network
VPC (10.0.0.0/16)
├── Public Subnet (10.0.1.0/24) ← Internet Gateway
└── Private Subnet (10.0.2.0/24) ← NAT only
Web servers in Public, DBs in Private.
2. EC2 — virtual servers
t3.micro (free tier) → r7gd.metal. Pick by:
- vCPU + memory
- Storage (EBS gp3)
- OS (Amazon Linux 2023, Ubuntu 24.04)
aws ec2 run-instances \
--image-id ami-... \
--instance-type t3.micro \
--key-name my-key \
--security-group-ids sg-...
3. RDS — managed databases
PostgreSQL, MySQL, Aurora… AWS handles backups and patches.
EC2 (Public) ─┐
├─ RDS PostgreSQL (Private, 5432)
EC2 (Public) ─┘
Start small (db.t4g.micro ≈ $15/mo), scale up later.
4. S3 — object storage
aws s3 mb s3://my-bucket
aws s3 cp local.png s3://my-bucket/path/to/file.png
aws s3 sync ./build s3://my-static-site --delete
99.999999999% durability. First 5 GB free.
5. IAM — permissions
- User — person or external system
- Role — service (EC2, Lambda) borrows temporary creds
- Policy — JSON rules
- Group — set of users
Least privilege: never put AdministratorAccess keys in code.
6 (bonus). Cost Explorer
Daily glance prevents surprise bills.
Try it
Free-tier EC2 + RDS, connect EC2→RDS Postgres. Tear down after to stay free.
Going deeper
Next
Step 6 — Fly.io for the simple alternative.