AWS VPC (Virtual Private Cloud)
What is VPC in AWS?
Amazon Virtual Private Cloud (Amazon VPC) gives you full control over your virtual networking environment, including resource placement, connectivity, and security. Get started by setting up your VPC in the AWS service console.
What’s the use of VPC and its components?
Virtual Private Cloud (VPC) is a logically isolated network from other virtual networks in the AWS cloud where you can launch the AWS resources. It gives all the benefits of the traditional network that you have for your own data center. Resources and applications are accessed through IPv4 or IPv6 in your AWS VPC.
What are the main components that are required to build a Custom VPC?
- IPv4 and IPv6 address blocks.
- Subnet creation.
- Route tables.
- Internet connectivity.
How to create a Custom VPC?
- Before you create your custom VPC first you need to select the appropriate region that is close to your user for the better access.
- Name tag: Optionally provide a name for your VPC. Doing this will be easy to identify when you have multiple VPC’s
- IPv4 CIDR block: Specify an IPv4 CIDR block (or IP address range) for your VPC. (Ex:10.0.0.0/16 or 192.168.0.0/16)
- IPv6 CIDR block: Optionally associate an IPv6 CIDR block with your VPC.
- Tenancy: Select Default to ensure that instances launched in this VPC. For more information about tenancy please refer to Configuring instance tenancy with a launch configuration in the Amazon EC2 Auto Scaling User Guide.
Note: When you are creating a custom VPC all the other network services must be configured manually.
How to create a subnet in Custom VPC?
Depending upon the selected region the availability zones can be utilized for the services.
E.g., Northern Virginia has 6 Availability Zone & Ohio has 3 Availability Zone.
Navigate to the Subnets in the VPC console & select create subnet.
Before creating the subnet you need to choose the VPC from the dropdown list that you have created earlier.
In the subnet settings create a subnet name e.g., Public_Subnet_01 / Private_Subnet_01 this will make it easy to identify while configuring the routes.
Choose the availability zone as you prefer to e.g., us-east-1a
Create the CIDR e.g., 10.0.0.0/24
Note: You can create multiple subnets at once, but you need to be sure to select the correct availability zone and to change the CIDR values.
How to attach an Internet gateway to Custom VPC?
Navigate to the Internet gateways in the VPC console & select create internet gateway.
An internet gateway is a virtual router that connects a VPC to the internet. To create a new internet gateway specify the name for the gateway below.
In the internet gateway settings type the name tag as you prefer & click create. Once the IGW is created we may need to attach it to the VPC which we have created. To associate this select the IGW & go to Actions and select the “Attach to VPC’’ option. Now, search for the VPC name and select & attach it.
How to configure the route tables in Custom VPC?
Navigate to the Route tables in the VPC console & select the create route table.
In the route table settings create a name tag the route e.g., public route table and select the VPC & click create route table.
Once you create the route table, select it and click routes. You will see the local CIDR values that are visible while creating the VPC. If you need to give access to the internet for this newly created route table click edit routes & add route. In the destination type 0.0.0.0/0 to give access to the internet and select “Internet Gateway” in the target section where it will populate the IGW which we have created earlier.
Once everything is done click “Save changes”.
After this we need to associate the public subnet to route the internet traffic. For this we need to select the subnet association tab. On the “Explicit subnet associations” section, click edit subnet associations. Select the public subnet which we have created and click “Save associations”.
Following these steps will help you to create a Custom VPC in AWS.
Additional Information about CIDR — IP address notations to remember:
0.0.0.0/0 means all IP addresses10.0.0.0/8 means 10.ANYTHING — Class A10.0.0.0/16 means 10.0.ANYTHING — Class B10.0.0.0/24 means 10.0.0.ANYTHING — Class C10.0.0.0/32 means single/static IP address
About the author
Muralidharan is an IT Admin Executive at KBX Digital and has more than 11+ years experience in System & Network administration. His core interest is in cloud computing & he is a Certified Solution Architect Associate in AWS.
About KBX Digital
At KBX Digital we use server-less technology to auto scale micro-services to serve millions of customers.