Dev.to

AWS VPC Setup: Public & Private Subnets with IGW, NAT, and EC2

Setting up a Virtual Private Cloud (VPC) is foundational when deploying resources in AWS securely. This guide walks you through creating: A VPC Public & Private Subnets Internet Gateway NAT Gateway Route Tables Optional EC2 Instances ✅ 1. Create a VPC Go to VPC Dashboard > Your VPCs > Create VPC Choose VPC only Name: MyVPC IPv4 CIDR block: 10.0.0.0/16 Leave other fields as default Click Create VPC ✅ 2. Create Subnets Navigate to Subnets > Create Subnet ➤ Public Subnet: Name: PublicSubnet VPC: MyVPC AZ: ap-south-1a CIDR block: 10.0.1.0/24 ➤ Private Subnet: Name: PrivateSubnet VPC: MyVPC AZ: ap-south-1b CIDR block: 10.0.2.0/24 ✅ 3. Create and Attach Internet Gateway Go to Internet Gateways > Create Internet Gateway Name: MyIGW Click Attach to VPC and select MyVPC ✅ 4. Create a Public Route Table Go to Route Tables > Create Route Table Name: PublicRT VPC: MyVPC Select PublicRT > Routes > Edit Routes Add route: Destination: 0.0.0.0/0 Target: Internet Gateway → MyIGW Go to Subnet Associations > Edit Subnet Associations Select: PublicSubnet ✅ 5. Allocate Elastic IP (EIP) Go to Elastic IPs > Allocate Elastic IP Note the allocation ID ✅ 6. Create NAT Gateway Go to NAT Gateways > Create NAT Gateway Name: MyNATGW Subnet: PublicSubnet Elastic IP: select the one you just allocated ⏳ Wait a few minutes for the NAT Gateway to become active. ✅ 7. Create a Private Route Table Go to Route Tables > Create Route Table Name: PrivateRT VPC: MyVPC Select PrivateRT > Routes > Edit Routes Add route: Destination: 0.0.0.0/0 Target: NAT Gateway → MyNATGW Go to Subnet Associations Attach PrivateSubnet ✅ 8. Launch EC2 Instances (Optional) ➤ Public EC2: AMI: Amazon Linux 2 Network: MyVPC, Subnet: PublicSubnet Auto-assign Public IP: Enabled Security Group: Allow SSH (port 22) from your IP ➤ Private EC2: Same AMI Subnet: PrivateSubnet Auto-assign Public IP: Disabled ✅ SSH Connection Established Use your terminal to SSH into the public instance, and from there connect to the private one using its private IP. ⚠️ Troubleshooting Tip If you're unable to connect: Check your Security Group's inbound rules: Type: SSH Protocol: TCP Port: 22 Source: My IP or 0.0.0.0/0 (for open access - use carefully!)

Apr 21, 2025 - 10:36
 0
AWS VPC Setup: Public & Private Subnets with IGW, NAT, and EC2

Setting up a Virtual Private Cloud (VPC) is foundational when deploying resources in AWS securely. This guide walks you through creating:

  1. A VPC
  2. Public & Private Subnets
  3. Internet Gateway
  4. NAT Gateway
  5. Route Tables
  6. Optional EC2 Instances

✅ 1. Create a VPC

  1. Go to VPC Dashboard > Your VPCs > Create VPC
  2. Choose VPC only
  3. Name: MyVPC
  4. IPv4 CIDR block: 10.0.0.0/16
  5. Leave other fields as default
  6. Click Create VPC

Create VPC
VPC Created

✅ 2. Create Subnets

Navigate to Subnets > Create Subnet

➤ Public Subnet:

  • Name: PublicSubnet
  • VPC: MyVPC
  • AZ: ap-south-1a
  • CIDR block: 10.0.1.0/24 Create Public Subnet

➤ Private Subnet:

  • Name: PrivateSubnet
  • VPC: MyVPC
  • AZ: ap-south-1b
  • CIDR block: 10.0.2.0/24 Create Private Subnet Subnets Created

✅ 3. Create and Attach Internet Gateway

  1. Go to Internet Gateways > Create Internet Gateway
    • Name: MyIGW
  2. Click Attach to VPC and select MyVPC

Create IGW

✅ 4. Create a Public Route Table

  1. Go to Route Tables > Create Route Table

    • Name: PublicRT
    • VPC: MyVPC

  2. Select PublicRT > Routes > Edit Routes

    • Add route:
      • Destination: 0.0.0.0/0
      • Target: Internet GatewayMyIGW

Create Public RT
Edit Routes

  1. Go to Subnet Associations > Edit Subnet Associations
    • Select: PublicSubnet

Edit Subnet Association

✅ 5. Allocate Elastic IP (EIP)

  1. Go to Elastic IPs > Allocate Elastic IP
  2. Note the allocation ID

Allocate EIP
EIP Allocated

✅ 6. Create NAT Gateway

  1. Go to NAT Gateways > Create NAT Gateway
    • Name: MyNATGW
    • Subnet: PublicSubnet
    • Elastic IP: select the one you just allocated

Create NAT Gateway
NAT Gateway in Progress

⏳ Wait a few minutes for the NAT Gateway to become active.

✅ 7. Create a Private Route Table

  1. Go to Route Tables > Create Route Table

    • Name: PrivateRT
    • VPC: MyVPC

  2. Select PrivateRT > Routes > Edit Routes

    • Add route:
      • Destination: 0.0.0.0/0
      • Target: NAT GatewayMyNATGW

Private RT - Edit Route

  1. Go to Subnet Associations
    • Attach PrivateSubnet

Attach Private Subnet

✅ 8. Launch EC2 Instances (Optional)

➤ Public EC2:

  • AMI: Amazon Linux 2
  • Network: MyVPC, Subnet: PublicSubnet
  • Auto-assign Public IP: Enabled
  • Security Group: Allow SSH (port 22) from your IP

➤ Private EC2:

  • Same AMI
  • Subnet: PrivateSubnet
  • Auto-assign Public IP: Disabled

Launch EC2
EC2 Setup

✅ SSH Connection Established

Use your terminal to SSH into the public instance, and from there connect to the private one using its private IP.

SSH Connection

⚠️ Troubleshooting Tip

If you're unable to connect:

  • Check your Security Group's inbound rules:
    • Type: SSH
    • Protocol: TCP
    • Port: 22
    • Source: My IP or 0.0.0.0/0 (for open access - use carefully!)

Read More

Tags:

Previous Article

Case Study: Deploying a Python AI Application with Ollama and FastAPI

Next Article

Related Posts

[Boost]

[Boost]

Feb 12, 2025  0

AI in Education: Transforming Learning for a Smarter Future

AI in Education: Transforming Learning for a Smarter Fu...

Mar 21, 2025  0

Challenge Lab: Creating a Static Website for the Café

Challenge Lab: Creating a Static Website for the Café

Mar 11, 2025  0