Creating own Custom Virtual Private Cloud (VPC) in AWS

Creating own Custom Virtual Private Cloud (VPC) in AWS

VPC

AWS VPC allows users to define a logically isolated virtual network in the AWS cloud. This virtual network closely resembles a traditional network that you might operate in your own data center, with the benefits of using scalable AWS infrastructure. Within a VPC, you can deploy AWS resources such as EC2 instances, RDS databases, and more, ensuring they are securely isolated and can communicate with each other.

Steps on how to set up an Amazon VPC :

Go to the AWS Management Console (https://aws.amazon.com/) and sign in to your account.

In the AWS Management Console, search for and select "VPC" or find it under "Networking & Content Delivery."

Step 1 : Click "Create VPC"

Define a name for VPC and specify the IPv4 CIDR block (10.0.0.0/16)

I have used 10.0.0.0/16 CIDR Block for VPC, Now We have 65,536 ip address

We have two options in tenancy (default and dedicated). Dedicated cost is too high. So, I have chosen Default.

Then, Click Create VPC

Step 2 : Create a Public & Private subnet for different Available AZs by assigning different CIDR blocks

For, Public subnet i need 256 ip address

For, Private subnet i need 256 ip address

In the left side menu click subnet & Click Create subnet

Select existing VPC "MY_VPC"

Enter Subnet name for "Public Subnet"

Choose AZ for "Public Subnet"

Enter IPV4 with CIDR block for "Public Subnet"

Click Create subnet

Now, Successfully public subnet created.

Now, Need to create Private Subnet

Successfully created Public & Private subnet

Step 3 : Create Internet Gateway & Attach it to the VPC

Click create internet gateway

Set Name & Click "Create internet gateway"

Internet Gateway successfully created

Now, it is showing detached mode, Need to attach Internet Gateway to VPC

Select available VPC and Click "Attach internet gateway"

Now, Successfully attached

Step 4 : Create Routing table for One as Public & One as private by associating the appropriate subnet to it

Enter Route table name for "Public", Select VPC & Select "Create route table"

Enter Route table name for "Private", Select VPC & Select "Create route table"

Now, successfully created Public, Private route table

Now need to associate to Public subnet & Private subnet

Click Subnet associations & Click "edit subnet associations"

Now, click public subnet and Click "save associations"

click private subnet and Click "save associations"

Now, Routing table successfully associate to Public & Private subnet

Step 5 : Edit the route table's Route alone and Map the IGW, not the Private and leave it as it is.

Note: I will give internet connection to "Public route table" Only.

Go to Route table, Select public route table, Click "Route", Click "Edit route"

Click "add route"

Select "Internet gateway" in empty box

Select "igw" choose "internet gateway" default

Select destination box, Select "0.0.0.0/0"

Step 6 : Create two security group,

one for public (Edit the inbound rule with RDP, HTTP/HTTPS, SSH and map 0.0.0.0/0 in the source)

one for private (Edit the inbound rule and map the "Security Group" of public in the source)

Now, Successfully "Public Security Group" Created

Now, Need to create Private secruity group

Copy the Public security group id ( sg-0d6808a8ed83081fb )

Create security group for private subnet

Note : To access private subnet ip from Public Subnet IP , add public subnet ip with CIDR block or public security group id in private security group

In this scenario, i have added public security group id in private security group

Click "Create security group"

Now successfully created "Private sec group"

Step 7 : Create two EC2 instances, one for Public subnet and another one Private subnet with proper security group

1st instance :

2nd instane

Now, Open the Public machine, Copy the Public IP address

Enter the credentials

now, we can access Public machine

Copy the private machine ip address

There is no public ip address, So, we can't open that machine

We need to access that private ip address only from public ip machine

Open RDP in inside public machine, Enter private ip & Username, password

Now, We can access private ip machine

Note : This connectivity called JumpBox / Bastion Host

Conclusion :

AWS VPC is a fundamental building block for designing and deploying scalable and secure cloud applications on AWS. By understanding its core concepts and features, you can leverage AWS VPC to create flexible and reliable network architectures that meet your organization's specific needs.

Start exploring AWS VPC today and discover how it can empower your cloud infrastructure with enhanced security, scalability, and connectivity.