VPC Lab

The project application requires a VPC with two subnets. One of the subnets will be public, meaning it can access the internet directly. The other subnet will be private to ensure that devices on the internet cannot access it directly.

In this lab you will create the required resources to get the subnets operational. This will require completing the following steps:

  1. Creating a VPC
  2. Creating a Public Subnet
  3. Creating a Private Subnet
  4. Creating an Internet Gateway
  5. Creating a Public Route Table
  6. Create a DNS Zone

You can get started by following the steps below.

Step 1: Create a VPC

VPCs are the resource in which subnets are created. To create them requires a CIDR block that specifies the IP addresses available within the VPC. Follow these steps to create the project VPC.

  1. Open the VPC Console
  2. Click on the Your VPCs menu option on the left side
  3. Click on the Create VPC button

  4. In the dialog that pops up use these values:

    1. Name tag: <your_name>-vpc

    2. CIDR block: 10.0.1.0\/24

    3. Tenancy: default

Step 2: Create the Subnets

In this project subnets will be used to deploy EC2 and RDS resources into. This project requires two subnets; one public and one private. The public subnet will host the EC2 app server. The private subnet will host the RDS database instance.

Step 2.1: Create the Public Subnet

  1. In the VPC Console, click on the Subnets menu option

  2. Click on the Create Subnet button

  3. In the dialog that opens use these values:

    1. Name tag: <your_name>-public-subnet

    2. VPC: <select your VPC>

    3. Availability Zone: ap-southeast-1a

    4. CIDR Block: 10.0.1.0\/26

Step 2.2: Create the App Private Subnet in Zone A

  1. In the VPC Console, click on the Subnets menu option

  2. Click on the Create Subnet button

  3. In the dialog that opens use these values:

    1. Name tag: <your_name>-private-subnet-za

    2. VPC: <select your VPC>

    3. Availability Zone: ap-southeast-1a

    4. CIDR Block: 10.0.1.64\/26

Step 2.2: Create the App Private Subnet in Zone B

  1. In the VPC Console, click on the Subnets menu option

  2. Click on the Create Subnet button

  3. In the dialog that opens use these values:

    1. Name tag: <your_name>-private-subnet-zb

    2. VPC: <select your VPC>

    3. Availability Zone: ap-southeast-1b

    4. CIDR Block: 10.0.1.128\/26

Step 3: Create an Internet Gateway

In order for public subnets to access the internet they need an Internet Gateway device. This device will provide communication capabilities between the devices in the public subnet and the internet. Follow these steps to create it.

  1. In the VPC Console, click on the Internet Gateway menu

  2. Click on the Create Internet Gateway button

  3. In the diaglog that opens input this value:

    1. Name tag: <your_name>-igw

  1. On the same page, click on the Attach to VPC button

  2. Select your VPC in the drop down and click the Yes, Attach button

Step 4: Create a Public Route Table

Within the VPC, route tables are used to define how to route to certain networks. For example, you can create a route table entry to ensure that all internet traffic is routed to the Internet Gateway device.

When you created your VPC a Route Table was automatically created. This Route Table is private and does not provide internet access. However, our Public Subnet needs internet access. So in this step we will create a public Route Table and associate it with the public subnet.

Step 4.1: Create a Public Route Table

  1. In the VPC Console click on the Route Tables menu

  2. Click on the Create Route Table button

  3. In the dialog that opens use these values:

    1. Name tag: <your_name>-pub-rt

    2. VPC: <select your VPC>

Step 4.2: Add an Internet Route

The purpose of this step is to configure the route table to route all internet traffic to the Internet Gateway device you created in the previous step.

  1. In the Route Table section, ensure that you have your public route table selected

  2. Click on the Routes tab

  3. Click on the Edit button

  4. Click on the Add another route button and use these values:

    1. Destination: 0.0.0.0\/0

    2. Target: <your_igw>

  1. Click on the Save button

Step 4.3: Add Public Route table to Public Subnet

Now we need to associate the public route table with the public subnet. Follow these steps.

  1. In the VPC Console open the Subnets menu

  2. Locate the public subnet you created in Step 2.1 and select it

  3. Click on the Route Table tab

  4. Click on the Edit button

  5. Locate the Change to: drop down and select the public route table you created in Step 4.1

  6. Click the Save button

Step 5: Create a DNS Zone

Our VPC will need access to an internal DNS zone. This can be created using the Route53 DNS service. Follow these steps to create it.

Step 5.1: Create an Internal Zone

  1. Open the Route53 Hosted Zones Console

  2. Click on the Created Hosted Zone button

  3. Use these settings:

    1. Domain Name: alpha
    2. Type: Private Hosted Zone for Amazon VPC
    3. VPC ID: (locate the VPC you created)

  4. Click the Create button

Step 5.2: Configure Your VPC DNS Settings

  1. Open the VPC Console

  2. Locate your VPC and select it

  3. From the Actions drop down select Edit DNS Resolution. In the dialog box select Yes and Save
  4. From the Actions drop down select Edit DNS Hostnames. In the dialog box select Yes and Save

results matching ""

    No results matching ""