An Illustrated Hands-on Intro to AWS VPC Networking

Quick Intro If you're one of those who knows a bit of networking but you feel uncomfortable touching AWS networking resources, then this article is for you. We're going to go through real AWS confi...
Published Nov 05, 2019
Version 1.0
AWS
cloud
devcentral basics
devops
vpc
RobMorin's avatar
RobMorin
Icon for Nimbostratus rankNimbostratus
Sep 22, 2020

Here are the steps i did... Did I forget something??

 

  •  
  • Create VPC
    • Go to VPC console
  • Click on create VPC
    • Enter Name tag: Hardent CIDR Block
  • Enter IPv4 CIDR BLOCK: 192.168.0.0/16
    • NO IPv6 CIDR Block needed, leave that selected
      • Click Create button
    • Tenancy: Default
  • Create Subnets
  • Go to Subnets console
  • We now create public subnet
    • Click on Create Subnet 
      • Click Create button
    • Name tag: Hardent Public Subnet
    • VPC: Hardent CIDR Block
    • VPC CIDRs: 192.168.0.0/16
    • Availability zone: ca-central-1a
    • IPv4 CIDR block: 192.168.1.0/24
  • We now create private subnet
    • Click on Create Subnet 
      • Click Create button
    • Name tag: Hardent Private Subnet
    • VPC: Hardent CIDR Block
    • VPC CIDRs: 192.168.0.0/16
    • Availability zone: ca-central-1a
    • IPv4 CIDR block: 192.168.2.0/24
  • Create Route Tables
  • Go to Route Tables console
  • We now create private route Table
    • Click on create route table
      • Click create button
    • Name tag: Private route table
    • VPC:  Hardent CIDR Block
  • We now create public route Table
    • Click on create route table
      • Click create button
    • Name tag: Public route table
    • VPC:  Hardent CIDR Block
  • Create Internet Gateway
  • Go to Internet gateway console
    • Click create internet gateway
    • Name tag: Hardent Internet Gateway
  • Click create
  • Now we attach to our VPC
    • Check the checkbox next to Hardent Internet gateway
      • Choose Hardent CIDR Block
    • The click Actions, top right hand corner
    • Select attach to VPC
  • Edit Hardent Public routing table
  • Go to Route Tables console
    • Check the checkbox next to Hardent Public Routing Table
      • Click save routes
    • Click the routes tab below
    • Click the edit routes button
    • Click add route
    • Destination: 0.0.0.0/0
    • Target: Hardent Internet Gateway
  • Create a public subnet for NAT Gateway
  • Go to Subnets console
    • We now create public subnet for NAT Gateway
      • Click create button
    • Name tag: NAT Public Subnet
    • VPC: Hardent CIDR Block
    • Availability zone: ca-central-1a
    • IPv4 CIDR Block: 192.168.3.0/24
    • Forget about ipv6
  • Create NAT gateway for public subnet with public IPv4 address
  • Go to NAT Gateways console
    • Click create NAT Gateway
      • Click Create NAT Gateway
    • Subnet: NAT Public Subnet
    • Elastic IP, click on create new EIP
  • Associate NAT Public Subnet to Private Route Table
  • Go to route table console
    • Check the checkbox next to Hardent Private Route Table
      • Click the save button
    • Click the tab , Subnet Associations
    • Click Edit subnet associations
    • Make sure that 192.168.2.0/24 and 192.168.3.0/24 are checked
  • Create default route in private routing table to NAT Gateway
  • Go to routing table console
    • Check the checkbox next to Hardent Private Route Table
      • Click save routes button
    • Click the routes tab
    • Click edit routes
    • Click Add route
    • Destination: 0.0.0.0/0
    • Target: NAT Gateway

What we've done so far:

  • Created a custom VPC
  • Created 2 Subnets (Private and Public)
  • Created 2 Route tables (one for each Subnet)
    • Attached Public Subnet to Public RT and Private Subnet to Private RT
  • Created 1 Internet Gateway and added default routes (IPv4) to our Public RT
  • Created 1 NAT Gateway and added default IPv4 route to our Private RT

 

  • Creating or launching an instance in new custom VPC
  • Go to EC2 console
    • Create an instance, this you should know how to do, we will show only the custom stuff that is need to assign this instance to our custom subnet
  • When on the "Configure Instance Details" screen
    • Network: Hardent CIDR Block
      • Now continue on as normal to launch your instance.
    • Subnet: Hardent Public Subnet
    • Auto Assign Public IP: enabled
    • IPv6 not needed
  • Create new security group to assign to new instance to work with new custom subnets
  • Go to Security Groups console
    • Click create security group
      • Click create button
    • Security group name: Hardent Default Security Group
    • Description: Default Hardent security group
    • VPC: Hardent CIDR Block
  • Edit the inbound rules for the new Hardent default security group
    • Check the checkbox next to Hardent default security group
      • Click save rules button
    • Click on inbound rules tab
    • Now click Edit inbou Click the And rules on the right hand side
    • Click the Add rule button
    • Custom under type = TCP: SSH
    • Custom under source = Anywhere
  • Assign new Security Group to Instance
  • Go to instance console
    • Check the checkbox next to the instance you want to modify
      • Click the save button
    • Click on the actions button top right corner
    • Select Networking then Security groups
    • Click in the "Select Security groups" text box
    • Select Hardent Security Group
    • Click add security group button to the right of the text box
    • You will see it drop to the bottom, now click on the old security group and click on the remove button

 

Now try SSHing to the instance using the ssh keys or password