Creation of Public Subnet and Private Subnet in VPC and Test Connectivity

Amazon Virtual Private Cloud (Amazon VPC) is a service that lets us launch AWS resources in a logically isolated virtual network that we define. Amazon VPC is the networking layer for Amazon EC2. VPC helps user to customize their virtual networking environment as they like, such as selecting their own IP address, Adding subnets, Configuring route tables and network gateways.

 

Basic components of VPC

 

Virtual private cloud (VPC) — A virtual isolated network dedicated to your AWS account.

Subnet — A range of IP addresses in your VPC.

Route table — A set of rules, called routes, that are used to determine where network traffic is directed.

Internet gateway — A gateway that you attach to your VPC to enable communication between resources in your VPC and the internet.

VPC endpoint — Enables you to privately connect your VPC to supported AWS services and VPC endpoint services. Instances in your VPC do not require public IP addresses to communicate with resources in the service.

 

Public Subnet

A public subnet is a subnet that is associated with a route table that has a route to an Internet gateway. This connects the VPC to the Internet and to other AWS services.

 

Private Subnet

A private subnet is a subnet that is associated with a route table that doesn’t have a route to an internet gateway. Instances in the private subnet are backend servers they don’t accept the traffic from the internet.

 

Why Public Subnet

The resources in the public subnet can send outbound traffic directly to the Internet and vice versa. For example web server needs to be accessed by users from the internet.

 

Why Private Subnet

Resources like database may require connection to internet for updates/patches but should not be accepting request from the internet. In such cases a private subnet is to be used.

 

ImageSource:   https://docs.aws.amazon.com/vpc/latest/userguide/images/default-vpc-diagram.png

Creation of VPC

  • Sign-in with the AWS management console and select the service called VPC(Virtual Private Cloud). In that service under the virtual private cloud navigate into your VPCs there we have to select create VPC.

 

  • Create the VPC in the name of my_demo_vpc and give a IP address of 10.0.0.0/16
  • In the left navigation pane, select “subnets” to create public and private subnets.

 

  • For a public subnet give a IP address as 10.0.1.0/24 and for a private subnet give a IP address as 10.0.2.0/24

Public Subnet

Private Subnet

Creation of internet gateway

 

  • In the left navigation pane ,select the “Internet Gateways” to create the internet gateway after the creation of internet gateway attach it with VPC.

Creation Of Route Table

 In the left navigation pane, select “Route Table”,

  • Rename renaming the existing default route table to “private_RT”. Choose this route table and select the Subnet Associations tab and configure the VPC and private subnet in the private route table.
  • Create route table and name it as “public_RT” and configure the VPC , public subnet by selecting Subnet Associations tab. Choose the route table and edit the Routes tab to add one more route with destination as “0.0.0.0/0” and target as the newly created internet gateway.

Public Route Table

Private Route Table

Creation of EC2 Instances

 

  • Create two EC2 instances as Public EC2 and private EC2

 

  • Find the steps to create the EC2 instances in the following link:

https://docs.aws.amazon.com/efs/latest/ug/gs-step-one-create-ec2resources.html

 

  • Launch one instance in the created public subnet and another instance in the created private subnet.

 

  • In that EC2 instances, configure the VPC, subnets and security groups. To check the connectivity of VPC.

 

  • Check the VPC Connectivity from local to public subnet and public instance to private subnet

Results from Ec2 instances

Local to Public subnet

Public Instance to Private Subnet

Above results denotes that connectivity of public and private subnets has properly associated with VPC and it has been tested using EC2 instances.

 

 

Written by:

Venkatesh Prabhu & Umashankar N

Updated on February 19, 2021

Subscribe to our Newsletter1CloudHub