VPC (Virtual Private Cloud) falls under the "Network and Content Delivery" service of AWS (Amazon Web Services). VPC gives us a virtual private isolated cloud. In short, we can have a private network that is isolated from all other networks on AWS. We have full control over all components responsible for building the network. We can have IPs, CIDR (Classless Inter-Domain Routing) blocks of our choice. We can define our own rules in routing tables. We may have a public network, a private network or a private network with Internet access. We can have security groups that help limit the network and access it. We can have peering between two isolated networks, from site to site VPN.
Some of the components of the VPC are charged for their use. Click here to know the pricing on VPC and to understand the VPC service in more detail you can refer to AWS official documentation.
VPC can be created in two ways, either using the guide from AWS or manually.
In this article, we will see how to create a VPC using the wizard because this is the easiest way to start.
- AWS Account ( Create if you do not have one).
What to do?
- Primary components of a VPC in brief.
- Login to AWS.
- Create a VPC using the AWS Wizard.
- Delete VPC
Primary Components for VPC in Brief
The main components of a VPC are as mentioned below.
- Virtual Private Cloud : Logically isolated private network on AWS.
- Subnet : Logical breakdown of VPC to create multiple subnets.
- Internet Gateway : Component responsible for establishing a connection with the Internet
- NAT Gateway : Network Address Translation (NAT) service for our resources in a private subnet for Internet access, but the Internet has not access the resources that belong to this subnet and keep it private.
- Route tables : Component responsible for determining where network traffic from our subnet is directed.
Log in to AWS
- Click here to go to AWS login page.
When we hit above the link, we will see a web page as follows where we have to log in using our login credentials.
When we have successfully logged in to AWS we will see the main console with all the services listed as follows.
Creating a VPC
As mentioned, there are two ways to use that you can create a VPC. If you want to create a VPC manually, this requires your deep understanding of the VPC and its components. The second way is to use the wizard that does all the work for you.
In this article we will create a VPC using the wizard .
Now that you are on the main console, scroll down and click "VPC" under "Network and content delivery" to go to VPC Dashboard
Click on "Start VPC Wizard". This guide will help us create a VPC with just a few clicks.
Here we have four options available to create a VPC.
- VPC with a single public subnet.
- VPC with public and private subnets.
- VPC with public and private subnets and hardware VPN access and
- VPC with only one private subnet and hardware VPN access.
to create a VPC with public and private subnets.
To create a VPC with a public and private subnet, select the second option from the left panel.
Here you can specify the CIDR block, which means the IP interval for the public and private subnet. Both of these networks have different IP ranges. Both of these subnets will be a subset of the main VPC CIDR.
Let's understand this.
Lord, VPC CIDR 10.10. 0.0 / 16 means it will have IP in the range of 10.10. *. * That is, it will have 32-16 = 16, 2 ^ 16 = 65536 IPs
Public Subnet 10.10.0.24 means, 10.10.0. * That is, it will have 32-24 = 8, 2 ^ 8 = 256 IP and
Private Subnet 10.10.1.24 means, 10.10.1. * That is, it will have 32-24 = 8, 2 ^ 8 = 256 IPs.
Give the desired name for a public and private subnet.
To assign an Elastic IP (Public IP) to a NAT Gateway, you must have it first.
An Elastic IP is an IP that can be accessed from the Internet.
To create an Elastic IP, open the duplicate window and click on "Elastic IPs new" in the left panel, this will help us create an Elastic IP that can be associated with NAt Gateway.
Click on "Allocate Elastic IP address".
To understand more about Elastic IP click here to see the official documentation for AWS.
Click on "Allocate". This IP can now be assigned to NAT gateway.
Now select the elastic (public) IP that we just created and click on "Create VPC". This will take some time. Wait until the time VPC is created.
You can now verify that the VPC has been created with the necessary configuration This has created a VPC with 1 public and a private subnet.
An instance that if started in a private subnet will not be accessed from the Internet but the instances, if created in the public subnet, will have access from the Internet.
To check the subnet, click on "Subnets" in the left panel. Now we have two subnets, "Public subnet" and "Private subnet".
To check the Route tables, click on "Route tables" in the left panel. You see, we have 2 routing tables, 1 for the public subnet and the other for the private subnet.
To check the Internet Gateway, click on "Internet Gateway" in the left panel.
The Internet gateway is responsible for allowing the connection to the Internet. Each VPC can have only one Internet Gateway connected to it.
To check NA Gateway, click on "NAT Gateway" in the left panel. This NAT gateway is connected to Public Subnet.
This ends with the creation of VPC with a private and public subnet.
Deleting a VPC is a lot.
To delete the VPC that we created in the previous steps, select VPC and click "Actions" and click "Delete VPC".
Before removing VPC, we must remove NAT Gateway. Click on "View these NAT gateways" to open it in a new window.
Select NAT gateway, click on "Actions" and click on "Delete NAT gateway"
We must also distribute Elastic IP. Click on “Elastic IPs” in the left pane, select Elastic IP, click on Actions and click on “Dissociate address”. This will release Elastic IP.
Now to remove VPC, return to previous screen and click on "Delete VPC". This will now remove the VPC along with the subnet, route table and other created components.
In this article we have created a VPC using the guide with a public and private subnet. We have also seen the steps to remove VPC.