AWS VPC Components
- VPC: private network
- Subnet: subnet of vpc belonging to some zone (AZ)
- Elastic IP Address: this is public ip address and is charagble.
- By default vpc’s are private when we create. To connect to internet we have two options
- internet gateway: Bi-directional access i.e. instances in vpc can access internet and can be accessed from internet
- Egress only internet gateway: Uni direction: instances in vpc can access internet
- In default vpc, there is an internet gateway present
- There will be a default route table in every vpc. Route table is equivilent to router. Route tables allows all routing with in vpc by default.
- We can create more route tables in vpc. Route tables can be attached to subnets. If you dont attach any router to subnet then default router will be used.
- To allow or deny access at subnet level we have Network ACL and to allow or deny access at network interface level we have security groups.
Action
- Create a vpc with cidr range 192.168.0.0/22
- Create four subnets
- web1: 192.168.0.0/24 (AZ-a)
- web2: 192.168.1.0/24 (AZ-b)
- db1: 192.168.2.0/24 (AZ-a)
- db2: 192.168.3.0/24 (AZ-b)
- Once we create a vpc we get
- one default router
- one default nacl
- one default security group
- Lets create vpc
-
Lets see what are the resources that got created by default
-
Lets create a subnets
-
Lets create an ec2 instance in our vpc
- web 1 subnet
- web 1 subnet
- Now if we try communicating with this ec2 instance nothing works, as our vpc is private with no internet connectivity
- We have to attach internet gateway to AWS VPC
- Then as demonstrated in the class we get access to vm.
