AWS Networking – VPC (Virtual Private Cloud)
-
AWS VPC is a service for enabling network to AWS Resources
- In AWS Every Region will have a Default VPC created by AWS which has internet gateway. All these days when you were creating ec2 instance you were using default vpc.
- Note: Never ever mess with default vpc.
-
Networking Components (For today)
- VPC: This is a private network scoped to a region
- Subnet: This is subnet part of some vpc scoped to AZ
- Elastic network interface: This is network interface which assigns a private ip and private dns name to any resource connected (ec2)
- Security Group: Rules around elastic network interface for incoming traffic (ingress) and outgoing traffic (egress)
- Route Table: Router for a network. Every vpc will have a default route table. This route table comes into action if subnet doesnot have its own route table.
- Internet Gateway: This provides dual internet access
Experiment 1: Create a vpc with 3 subnets in 3 zones
- AWS resources do not have names, they have tags. Tag is Key value pair.
- Tag with Key = Name and value = something is generally shown as Name in UI (Console)
- AWS has a unique id for every resource which we create
- Lets create a vpc with 3 subnets
- Lets filter the view based on vpc created
- view subnets
- view route tables
- Lets tag this as default route table
- Lets create an ec2 instance in this vpc in subnet 1
- IP and Security groups are assigned to elastic network interface
- As of now we cannot access this machine as we dont have route from internet to vpc. For this we need to deal with
- internet gateway
- modify route table to establish connection to internet gateway
- Lets create an internet gateway and attach it to vpc
-
Now establish connection between default/main route table and internet gateway
