Teclime

Create Secure AWS VPC

Atif Ramzan

·

Today we are gonna learn how we can create a secure vpc using AWS best practices. AWS VPC stand for virtual private cloud.

Below points we will be covering in this post

  • Create VPC
  • Create public and private subnets
  • Create route tables and attach to public and private subnets
  • Create Internet gateway and attach to vpc
  • Create nat gateway and add a route to private subnet
  • Launch an ec2 instance in private and public subnet for internet connectivity
  • Use AWS Firewall Network to filter the inbout traffic for vpc

Create VPC

Goto the navigation and search VPC

  • Click on Create VPC
  • For learning purpose we will use VPC only option. Name your vpc teclime-vpc
  • Add vpc cidr i.e 10.0.0.0/16
  • Add your tags according to your environment and leave other configurations as default.

Create Subnets

Next we need to create subnets. We will be creating public and private subnets

  • Create public subnet with cidr 10.0.1.0/24
  • Create private subnet with cidr 10.0.2.0/24

Create Route Tables

Next we need to create route tables, create two route tables for public and private. After that we need to associate it

Create Internet Gateway

Creating internet gateway is very simple we just need to create it and attach it to the vpc.

  • Create Internet gateway
  • Once you have created the internet gateway you need to attach it to the VPC. Select internet gateway –> Actions –> Attach to VPC –> Your VPC

Create Nat Gateway

Creating a nat gateway is pretty straight forward.

  • Goto Nat Gateway –> Create Nat Gateway
  • Select public subnet (Make sure you have select the public subnet)
  • Allocate the EIP 

Now we need to add routes to public and private subnet for internet and nat gateway. For public route table select public-rt-1 and click on edit routes

For private subnet we need to add the route for nat gateway. Goto private route table private-rt-1 and click on edit routes. Add the below route for nat gateway

Launch EC2 Instance for Internet Connectivity

Next we need to verify that we have connectivity in the ec2 instance provisioned in the private subnet. Please use this link. Use the below screenshot network settings for ec2

Comments

Leave a Reply

Your email address will not be published. Required fields are marked *