Virtual Private Cloud (VPC) is a term that’s been thrown around for a while now, but many people still don’t know what it means. Let me tell you: Virtual Private Cloud (VPC) and AWS Subnet are two of the most important parts of Amazon Web Services. A VPC is like your own private network inside the cloud. You can create as many subnets in your VPC as you want to use with different security settings like default access, no access, or read-only. Let’s take a deep dive into this.
What is virtual private cloud (VPC)?
- A virtual private cloud (VPC) is a network dedicated to your Amazon Web Services account, which you can create in multiple regions and share between accounts.
- Using VPCs gives you more control over the isolation of environments with their resources from each other – selection of IP address ranges, subnets configuration and route tables are possible.
- You’ll be able to use IPv4 or IPv6 depending on what suits best for your needs; Both have advantages when it comes to security but also easy accesses if needed. When deciding whether using one or another type protocol makes sense consider that not all services support both protocols so make sure before choosing either option!
Let’s create Virtual Private Cloud (VPC)
- Log in to the AWS Management Console
- In search bar type “VPC”
- Click on Your VPCs to the left
- Select Create VPC
- Here we will use “DemoVPC” as our nametag
- The next step is to choose the IPV4 CIDR block, which is “10.0.0.16”, which is the biggest CIDR block
- We will leave IPV6 as the default option for now
Tenancy refers to how we launch our EC2 instances
- Choose Default, which means shared, and Dedicated, which means dedicated hardware, and click Create
- We have created a VPC and have defined a CIDR block
DemoVPC seems to come with Main route table and Main network ACL that have already been created for us when we create it
So what we need to keep in mind is that this IPV4 CIDR block isn’t the only one available.
- If you want to edit CIDR, you can right click on Available and choose Edit
- Click on Edit CIDR and then click on Add new IPV4 CIDR
- Assign it to “10.1.0.0/16” which is the next CIDR
- Save it, and it will be automatically associated
- Thus, you can expand your VPC size up to 5 CIDRs with IPV4
Congratulations!! we have created VPC sucesfully..
What is AWS Subnet?
Subnet is “part of the network”, in other words, part of entire availability zone. Each subnet must reside entirely within one Availability Zone and cannot span zones. Subnets are a logical boundary for your AWS VPC across which you can control routing configuration to enforce security policies such as not using Internet access or limiting traffic flow based on regulations like HIPPA (for medical use only).
- Basically, a subnet is a segment or partition of the IP address range of a VPC where you can isolate a group of resources
- The Amazon VPC allows customers to create virtual networks and subnets within them. A VPC subnet is mapped to a specific Availability Zone, and subnet placement facilitates EC2 instances being placed in multiple Availability Zones.
- Subnets are created by specifying the CIDR block for the subnet, which is a subset of the VPC CIDR block. One subnet may reside only in one Availability Zone and cannot be cross zones
Now it’s time to add subnets
- We will create two subnets in two AZs
- One Private Subnet and One Public Subnet
- Back at the VPC dashboard, click on the Subnets link on the left-hand side
We will define Public Subnet and Private Subnet here, and we will make them different sizes since Public Subnet is smaller than Private Subnet
A public subnet is for load balancers only, but a private subnet is for all your applications
- So, let’s go ahead and click on Create Subnet
- In VPC choose your DemoVPC
- We will name it as “PublicSubnetA” because it is going to be in AZ A
- In Availability Zone here we are choosing us-east-1a because our VPC is in that region
- In IPV4 CIDR block we will choose “10.0.0.0/24” which will give us 256 Ips
- Click on Create Subnet
- Now we will create our second subnet
- We will call it as PublicSubnetB and choose the same DemoVPC
- For AZ we will choose us-east-1b
- In IPV4 CIDR block we will increase the third octet by one and choose it as 10.0.1.0/24
- Click on Create subnet
- So, we have created 2 Public Subnets in our DemoVPC
- Now we will create 2 Private subnets
- Choose the same DemoVPC
- We will call it as PrivateSubnetA and we will select us-east-1a as our AZ
- In IPV4 CIDR block we will choose much bigger IP as 10.0.16.0/20
- Click on Create Subnet
- Finally, we will create our last subnet
- Choose the DemoVPC and we will call it as PrivateSubnetB
- For AZ choose us-east-1b
- For IPV4 CIDR block we will increase it and make it as 10.0.32.0/20
- Click on Create Subnet
We now have 4 subnets of different sizes in 2 AZs, so we have a kind of High Availability setup. It is noteworthy that the Provisioned IPs are different from the Available IPs.
As you see just for Public Subnet IPV4 CIDR block is /24 which means 256 IPs but available IPs are 251. It is because AWS will reserve five IP addresses from each subnet.
AWS reserves the first four IP addresses and the last IP address in each subnet CIDR block.
Virtual Private Cloud (VPC) is a term that’s been thrown around for the past few years, but many people still don’t know what it means. A VPC is like your own private network inside of the cloud. You can create as many subnets in your VPC as you want with different security settings like default access, no access or read-only. When it comes to AWS Subnet and VPC, let’s take a deep dive into this topic so we’re all on the same page about these two important parts of Amazon Web Services. To learn more and enroll best cloud computing courses check our course pages.