top of page

I have my own AWS VPC, now you can too!

Sorry about that title. You see, that's all I'm reading these days on the web (thanks to ads and revenue models of our current internet business),


Anyway, this blog post is crafted in a way that it'll help you develop an understanding of AWS VPC, Internet Gateways, Routes, Subnets, Security Groups, NACLs, like no other blog post ever written. (Ah, the ads lingo crept in again).


**Me: Resets mindset after listening to a couple of songs**


Alright, let's get started!


Before jumping into creating a VPC, understand what is VPC.


What is VPC?

Amazon VPC stands for Virtual Private Cloud. It's like marking your territory in the AWS cloud.

Think of traditional servers with traditional networks that you'd operate in your own data center. VPC is the same thing but on AWS Cloud, with the benefits of using the scalable infrastructure of AWS.

This means you have the complete liberty to configure network access within and outside of the AWS cloud, howsoever you choose.

In the process of doing that, you'll likely end up defining:

  1. Subnets: You can define subnets within VPC.

  2. Security Groups

  3. Network ACL

  4. Routes

  5. Internet Gateway

  6. NAT Gateway and so on.


Let's do it hands-on, jump to your console!

Major terms used in the video are VPC, CIDR Block, Subnets, Routes, NACLs, Security Group and Instance (or EC2 Instance) and here are the definitions for the same, in case you'd like a reference before diving into the video:

  • Virtual private cloud (VPC) — A virtual network dedicated to your AWS account.

  • Subnet — A range of IP addresses in your VPC.

  • CIDR block —Classless Inter-Domain Routing. An internet protocol address allocation and route aggregation methodology. For more information, see Classless Inter-Domain Routing

  • Route table — A set of rules, called routes, that are used to determine where network traffic is directed.

  • Security groups: Acts as a virtual firewall to control inbound and outbound traffic for an AWS resource, such as an EC2 instance. Each VPC comes with a default security group, and you can create additional security groups. A security group can be used only in the VPC for which it's created.

  • Network ACLs: An optional layer of security for your VPC that acts as a firewall for controlling traffic in and out of your subnets.





In the video, we saw how a default VPC is configured in AWS, CIDR block, the associated subnets within it, routes, NACLs and Security Groups.

We also launched our own VPC and tried to deploy an EC2 instance, only to realize that we'd need a subnet in order to do so!


So, let's learn how to create a subnet and make it public!


Some extra terms you'd need to know before jumping into the video:

  • Internet Gateway - A gateway that you attach to your VPC to enable communication between resources in your VPC and the internet. Without this, your VPC can have no interaction with the public internet.

  • EC2 Instance - Amazon EC2 allows you to develop and deploy applications faster. You can use Amazon EC2 to launch as many or as few virtual servers as you need, configure security and networking, and manage storage eliminating the need for physical hardware.


In this video we'll create a Subnet, we will then deploy an EC2 instance into that subnet, assign it a public IP.

Now, try to reach the EC2 instance by pining it and see whether we are able to ping it or not. We'll notice that you can't ping an EC2 instance (despite it having a public IP) unless you attach a public internet gateway to the subnet it's deployed in.

And once you do that, NACLs and Security Groups need to be configured appropriately to ping it successfully.


So, that was all about creating your own VPC and configuring a public subnet in it.

But how do you configure a private subnet, can EC2 instances in different instances but the same VPC ping each other? What else can you do with Security Groups and NACLs?


Well, all these questions shall be answered in the upcoming videos on my Youtube channel, you can subscribe here to stay tuned!


That's all for this post folks, hope it was resourceful. If you have any queries, feel free to reach out to me on Twitter or through my website :)


Take care.

Ciao.



Comments


bottom of page