Create VPC With Public & Private Subnets

In this tutorial , We will learn the Concept of VPC and how we can create VPC and subnets (Public & Private).

What Is VPC?

Amazon Virtual Private Cloud is the AWS service where you can create resources such as databases , Servers in the virtual network.

For each Account and Each Region will have one VPC created by default.

Each VPC is logically isolated from Other VPC’s in the Cloud.

In other words , Amazon VPC operates like a own data center.

UnderStanding Subnets

As We are going to Create Two subnets ,

  • One Subnet as Public Subnet Where we create our Web Servers.
  • Another One Subnet as Private Subnet where we will create the Databases.

Points To Remember

  • A Subnet associated with a Route Table having Internet Gateway is called as Public Subnet.
  • A Subnet associated with a Route Table having NAT Gateway is called as private Subnet.

Creating A Custom VPC

We will create a VPC ( a custom VPC ), To do so Login to VPC Console.

In the Left Pane , Choose Your VPCs , As I said earlier , Each Region will have a VPC created by Default.

The VPC which we create is referred as Custom VPC.

Click Create VPC

Provide a Name for the VPC and mention the IPv4 CIDR Block and leave the rest of the configuration to default and Click Create.

Important Note:

When you create a VPC , It will automatically create a Route Table , Network ACL and Security Group for that VPC.

Creating Public Subnet

Now We have to create a Public Subnet.

To make a subnet as Public , We need to create a Internet Gateway and We have to add a rule in the Route Table accordingly.

To Create a subnet , In the left pane , Choose Subnets , Click Create subnet

Naming the subnet as Publicsubnet , Under VPC , Select the VPC which you have created.

Under Availability Zone , You can select one of the AZ or Amazon will choose any one of the AZ and place the subnet there.

If your VPC CIDR is /16 , You can use the entire CIDR for the subnet or You can use the CIDR value anywhere between /16 and /28.

Now , To treat the subnet as Public , We have to create an Internet Gateway.

In the left pane , Click Internet Gateways , Choose Create internet gateway

Give a name for the IGW and click Create.

By default , If you create an IGW , It wont be attached with any VPC , So you should see the state as Detached.

To attach it with the VPC , Under Actions , Click Attach to VPC.

Select the VPC and Click Attach.

Now the status of the IGW is changed to Attached.

Next , We will work on making a subnet as Public.

Its not recommended to make any modifications to the Main Route Table.

We will create a separate route tables for public subnet.

Creating Route Table

To create a Route Table , Click Create route table , Give a name and choose the VPC and Click Create.

Next We have add the subnet to this route table.

Choose Route Tables in the left pane,

Select the Route table which we have created now.

You can see that no subnets where associated with the Route Table.

Click Edit subnet associations

Select the Subnet and Click Save.

Now the subnet is associated with the route Table.

Click Routes , We will add a rule in such as way that the subnet will be considered Public.

Click Edit routes,Click Add route

Destination should be 0.0.0.0/0 and the Target should the Internet Gateway.

Click Save routes.

Now we have successfully created a Public Subnet.

Creating Private Subnet

The process of creating a subnet is the same.To make subnet as Private , We have to create a NAT Gateway , Configure the route table accordingly.

Choose Subnets , Click Create subnet

Give a name for the subnet , Choose the VPC , Enter the CIDR value , Click Create subnet.

Next Create a Route Table for Private Subnet,

Click Route Tables , select Create route table

Enter the name and select the VPC , Click Create.

Now We have associate the subnet with this Route table.

Select the route table , Select Subnet Associations , Click Edit subnet associations , Select the subnet and click Save.

Creating NAT Gateway

In the left pane , Choose NAT Gateways,

Click Create NAT Gateway.

Important Note

The NAT Gateway should be created in the Public subnet and should be attached with the private subnet.

Select the Public Subnet , Which we created earlier and for EIP , Click Allocate Elastic IP Address

Click Create a NAT Gateway.

Once the NAT Gateway , You can straight away edit the Route Table , Click Edit route tables

Select the route table which we have created for private subnet,

Choose Routes , Click Edit routes

Destination can be from anywhere or from a particular subnet and the Target be the NAT Gateway.

Click Save routes

Now We have successfully created a Private Subnet.

Wrapping Up

We have gone through the process of creating a Custom VPC , Creation of Public and Private Subnet by configuring the Route Table with Internet and NAT Gateways.

Hope you found it helpful.Thanks for referring this article.

Please do check out my other Publications.

Monitor SSL Certificate Expiry Using Lambda

Send MySQL RDS Logs To Cloudwatch

Create EC2 Instance Using Terraform

Run Commands Remotely Using Systems Manager

Setup S3 Bucket Cross Region Replication