Fundamental Networking: Setting VPC, subnets, IGW, Route table and instance on AWS

AWS is one of the platform that you can run your web server or application quickly and easily

This is a course learning note on AWS Fundamental:Going Cloud Native, provide by AWS through Coursera. There are more settings regarding security and accessibility by setting Roles, Groups, Users, permission policies, or issues on balancing your incoming traffic by utilizing Load Balancer, but we are not going to talk about that in this post.

VPC, an Amazon Virtual Private Cloud, in which we put all our application and services in, so that we can have full control on how internet traffic goes in and out.

Following Steps

Creating VPC & public subnet

Creating Internet Gateway

Creating Route Table

Creating VPC & a public subnet

First of all, building a VPC. There are two basic choices the customer have to make when building VPC, the region(physical infrastructure located in different countries), and IP range.

Go to console, select VPC, click Launch VPC Wizard, and choose the single public subnet.

In the section, define VPC IPv4 CIDR block as 10.10.0.0/16, which means the first 16 digits are frozen, leave remaining 16 digits (65531 IP addressed) wildcard(available). Then give a name to the VPC. In the public subnet section, define public subnet IPv4 CIDR as 10.10.1.0/24, which we make public subnet IP range is the subset of VPC IP range. In this case, we follow the instruction from AWS course instructor and freeze the first 24 digits and leave the remaining 8 digits(251 IP address) wildcard. And choose an availability zone, which depends on the region you select, you can look up the availability zone code here. Then click Create VPC.

After the VPC and a public subnet was established, we need to set up Internet Gateway that attached to the VPC, then create a routing table that associates with the subnet, so that access from the internet can talk to your application in the subnet.

Creating Internet Gateway

So go to Internet Gateway, and select Create Internet Gateway, then give it a name, click create.

Then we need to attach this Internet Gateway (IGW) to VPC, so select the IGW that you just created, click Action and select Attach to VPC, then choose the VPC you just created and attach to it. If you cannot find your own VPC in this step, that means the system automatically attach your IGW to an existing VPC. If you intend to attach your IGW to a different VPC, just select your new IGW and detach from previous VPC, then you can re-attach it to a different one.

Creating Route Table

Then we need to create a route table, that allows the internet access to be routed to the public subnet. So go to Route table and click Create route table.

Give it a name, and select the VPC we created from previous steps and click create.

So now we can see the route table has been created, we need to select it and go to the Route table, then select Edit routes. And we will add a new route. In this case we will just enter 0.0.0.0/0, which mean everyone who comes in, and select the internet gateway we created from previous steps.

Then we need to associate route table with subnet. So select subnet association and Edit subnet association. Then select our public subnet then click save.

Now, we have VPC and a public subnet set up, IGW created and route table was associated with public subnet. It is time to launch an EC2 instance in the public subnet, then your application is ready to go.

If you ever want to launch a database in your system, then you may want to consider create a private subnet, that no internet access will be able to talk to it. It is fairly easy to set up a private subnet. Just go to Subnet, select create subnet, give it a name, and select our VPC, in this case, we set the private subnet IPv4 CIDR block as 10.10.2.0/24, so that it does not belong to the IP range of public subnet.

You can also create a subnet in different availability zones. Just go to subnets, select create subnet, choose different availability zone within the same region, assign IPv4 CIDR block as 10.10.3.0/24, or 10.10.4.0/24 depends your cases, just make sure there are belong to the subset of you VPC IP range. If you want to make this second subnet in different availability zone to be public, then associate your route table to the second subnet as well.