Download - VPC Hands-on
AWS Certification ExamVPC Hands-on
Outline
• VPC
• Public / Private Subnet
• Route Table
• Security Group
• NAT
How to create?
How to create?
• Manually from Web Console
• Using CLI
• Automation Tool
• CloudFormation
• Terraform etc…
Let’s start creating.
Privatesubnet10.0.3.0/24 Privatesubnet10.0.4.0/24
Publicsubnet10.0.2.0/24Publicsubnet10.0.1.0/24
InternetGateway
Router
WebWeb
Bas>on NatGW
ELB
AvailabilityZoneA AvailabilityZoneBVPC10.0.0.0/16
Step 1
Publicsubnet10.0.1.0/24
InternetGateway
Router
Web
AvailabilityZoneA VPC10.0.0.0/16
Points of Step 1
• Subnet and Default Route Table
• Security Group
• Inbound / Outbound
• Public and Private Subnet
• Internet Gateway
Step 2
Make Step1 more secure.
Privatesubnet10.0.3.0/24
Publicsubnet10.0.1.0/24
InternetGateway
Router
Web
Bas>on
ELB
AvailabilityZoneA VPC10.0.0.0/16
Points of Step 2
• Access from public to private subnet
• Security Group for Internal Traffic
• Bastion Server
Step 3
Solve the problem of internet access from private
area.
Privatesubnet10.0.3.0/24
Publicsubnet10.0.1.0/24
InternetGateway
Router
Web
Bas>on NatGW
ELB
AvailabilityZoneA VPC10.0.0.0/16
Points of Step 3
• NAT Gateway (or Instance)
• Allow instances in private subnet to access internet.
Step 4
Availability
Privatesubnet10.0.3.0/24 Privatesubnet10.0.4.0/24
Publicsubnet10.0.2.0/24Publicsubnet10.0.1.0/24
InternetGateway
Router
WebWeb
Bas>on NatGW
ELB
AvailabilityZoneA AvailabilityZoneBVPC10.0.0.0/16
Points of Step 4
• Nothing (as the context of this session).
• Further detail about Scaling and High Availability will be at next session!
Further Learning
• Network ACL
• Hybrid IT architecture
• Scalability and Availability
• Deployment
• Cost saving
FIN.