Create custom VPC in AWS
In this article we will see how to create a custom VPC ( Virtual Private Cloud ) in AWS.
- AWS Account.
- Some knowledge about basic AWS services like VPC, EC2.
- Networking knowledge is required.
Virtual Private Cloud
Amazon Virtual Private Cloud (Amazon VPC) is a service that lets you launch AWS resources in a logically isolated virtual network that you define. You have complete control over your virtual networking environment, including selection of your own IP address range, creation of subnets, and configuration of route tables and network gateways. You can use both IPv4 and IPv6 for most resources in your virtual private cloud, helping to ensure secure and easy access to resources and applications.
You can create a public-facing subnet for your web servers that have access to the internet. It also lets you place your backend systems, such as databases or application servers, in a private-facing subnet with no internet access. Amazon VPC lets you to use multiple layers of security, including security groups and network access control lists, to help control access to Amazon EC2 instances in each subnet.
Follow below steps to Create and Verify your custom VPC
Step 1 : Create a VPC
- Sign in to your AWS Management Console.
- Click on the VPC service under Networking and Content Delivery.
- Click on the “Your VPCs” appearing on the left side of the console.
- Click on the Create VPC to create your own custom VPC.
- Fill the details to create a custom VPC.
Name tag: It is the name of the VPC that you give to your VPC. I have given MyVPC.
IPv4 CIDR block: Provide the IPv4 address. I have provided the address block of Class C – 192.168.10.0/24.
IPv6 CIDR block: You can also provide IPv6 CIDR block.
Tenancy: We make it as Default.
- VPC has been created.
- When we create custom VPC , three services i.e Route Table, Network ACL and Security Groups are created automatically along with it .
Step 2 : Create 2 Subnets inside VPC
- In order to use VPC , we have to create subnets inside it. Click Subnets on the left side of console.
- Click Create Subnet button and enter the details .
- Now we have to create one more subnet as shown below .
- The top 2 subnets shown below are the one we have created inside our VPC , rest are the default subnets.
- In VPC we have one public subnet and one private subnet. Till now, both subnets Subnet 1 and Subnet 2 are private. So, lets make one of them as public.
- Now we will make Subnet 1 as a public subnet. To make a subnet public, click on the Actions drop down menu and then click on the Modify auto assign IP settings.
- Check the Auto-assign IPv4 box, and then save.
Step 3 : Create IGW (Internet Gateway) and Attach to VPC
- Now to get into the VPC, we need to create an Internet gateway. Click on the Internet Gateways and then click on the create internet gateway.
- The below screen shows that internet gateway MyIGW has been created but is detached from the VPC.
- To attach the internet gateway to VPC, Click on the Actions drop-down menu and then click on the Attach to VPC.
- Select the VPC to which you want to attach your internet gateway and then click Attach.
Step 4 : Add IGW in Route Table
- We have to add route of internet gateway inside the route table that is created for our custom VPC.
Click on Route Tables on left side of the console.
- Search for route table that is created for your VPC. Then click on Routes tab and Edit Routes to add the IGW route.
- Click on Add route and add Destination as – 0.0.0.0/0 to provide route for internet. and select Internet gateway from Target drop-down menu. Click on save routes .
- From the above route table we observe that the subnets we create are automatically associated with the main route table which would be a security concern. To overcome this , we can also create another route table which would be public, and the main table would be private.
We have now created our own VPC and the 2 subnets inside it where one is a public subnet and another one is private subnet . We have also added route for internet gateway so as to access it via internet. In next article , we will create an EC2 instance inside the custom VPC and try to launch it.
You must log in to post a comment.