AWS Classroomnotes 10/Aug/2022

NAT Gateways

  • Private subnets in AWS will not be able to be accessed from internet directly, which is the primary motive.
  • But vms in private subnets might require to access internet which will not be provide by AWS VPC
  • If your complete VPC is private and requires internet connection, you can use egress internet gateways.
  • AWS has NAT Gateway which needs a public ip address and we add a route in route table of private subnet to forward the packets to NAT Gateway.
  • As demonstrated in the class the machines in private subnet have no access to internet
  • Lets create a NAT Gateway in the public subnet
  • Now add a new route to private route table to forward the packets to NAT Gateway

Activity1 : Use AWS CLI to create a VPC

  • Steps:

    • Create VPC with cidr range of
    • Create and attach internet gateway
    • Create a public subnet of range
      • Create a public route table and associate public subnet to public rt
      • Add a route to internet gateway
    • Create a private subnet of range
      • Create a private route table and associate private subnet to public rt
      • Add a route to internet gateway
    • Create a security group which opens
      • ICMP from anywhere
      • HTTP from anywhere
      • SSH from anywhere
  • Configuring AWS CLI: Refer Here for image demonstration
  • What we have executed so far
# Create VPC
aws ec2 create-vpc --cidr-block "" --tag-specifications "ResourceType=vpc,Tags=[{Key=Name,Value=activity1}]"
# vpc-00e47bed2b1784ce7

# Create internet gateway
aws ec2 create-internet-gateway --tag-specifications "ResourceType=internet-gateway,Tags=[{Key=Name,Value=activity1}]"
# igw-0230a9d2bcc4d0f04

# attach internet gateway
aws ec2 attach-internet-gateway --vpc-id "vpc-00e47bed2b1784ce7" --internet-gateway-id "igw-0230a9d2bcc4d0f04"

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

About continuous learner

devops & cloud enthusiastic learner