Open in app

Sign in

Write

Sign in

Secure Your AWS Environment Using Amazon VPC

Vishal Padghan
Edureka
Published in
9 min readMar 11, 2019

Security is the forefront of innovation

AWS have concentrated much of their efforts in ensuring their clients are not victims of data breach. Security becomes even more important when some resources need to be shared with contract-employees or 3rd party companies because you run the risk of exposing sensitive data to them. In this Amazon VPC tutorial, I’ll be explaining how to create an isolated space on AWS and provide access to those users.

Amazon VPC can also be treated as your private network in AWS Cloud infrastructure. The security is top-notch because it is taken care by Amazon. In this article, I will be talking about the following services provided by AWS as a part of Amazon VPC.

  • Amazon VPC And Its Types
  • Subnet And Its Utility
  • What Is Route Table?
  • What Is Internet Gateway?
  • Demo: Creating A VPC Using AWS Console.
  • Demo: Creating A Non-Default VPC And Creating A Private And Public Subnet Inside The VPC.

Let’s discuss each of the components in this Amazon VPC tutorial in detail.

Amazon VPC And Its Types

AWS provides a lot of services, these services are sufficient to run your architecture. The backbone for the security of this architecture is VPC (Virtual Private Cloud). VPC is basically a private cloud in the AWS environment that helps you to use all the services by AWS in your defined private space. You have control over the virtual network and you can also restrict the incoming traffic using security groups.

Overall, VPC helps you to secure your environment and give you a complete authority of incoming traffic. There are two types of VPCs, Default VPC that is by default created by Amazon and Non-Default VPC that is created by you to suffice your security needs.

Now that you have an idea of how VPC works, I will take you through the different services offered by Amazon VPC.

Subnet And Its Utility

Subnets are like breaking a large network into sub-networks. Maintaining a smaller network is easy as compared to maintaining a large network.

Take the example of an organization. There are different teams such as Finance, Support, Operations, Technology, HR, Sales & Marketing. The data accessible to the Technology team cannot be given to the Sales & Marketing team, the data for the HR team cannot be given to the Operations team and vice-versa. Here, you create sub-networks such that, accessing and maintaining the network becomes easier.

Now, I will show you how this segregation is done. There are different components used for granting and restricting access. Let me walk you through each of them.

What Is Route Table?

Route table can be understood as a table that contains rules for routing traffic within and outside a subnet. The route table is also used to add Internet Gateway to the subnet. There can be multiple route tables in a VPC.

Now that you have an idea as to how the route table works. Let’s continue with the Amazon VPC tutorial and learn about Internet Gateway and see how it helps in managing traffic.

What Is Internet Gateway?

Internet Gateway is a very important component that allows your instance to connect to the internet. It allows the user to make the subnet pubic by providing a route to the internet. With the help of Internet Gateway, an instance can access the internet and the resources outside instance can access the instance.

Overall, the Internet gateway is a very important component of VPC. Now, that you know about all the different components of a VPC, let’s find out how to create one for yourself.

Now that you know about the components of Amazon VPC, let us move further with this Amazon VPC tutorial and find out how to create a VPC with default settings and a public subnet.

Demo: Creating A VPC Using AWS Console

Creating a VPC using AWS Console is very easy. It is just a matter of a few clicks. Let me walk you through the process:

Step 1: Navigate to the VPC Dashboard. Here you will see a “Launch VPC Wizard” click on it.

Step 2: This is the “VPC creation” wizard. Here you can find 4 different options:

  1. VPC with Single Public Subnet, the one we are going to choose.
  2. VPC with Public and Private Subnets.
  3. VPC with Public and Private Subnets and Hardware VPN Access.
  4. VPC with a Private Subnet only and Hardware VPN Access.

So let’s start by creating a VPC with a single public subnet. Click on “Select“.

Step 3: Here you will have to mention a few details for creating your VPC.

  • The IPv4 CIDR block
  • VPC Name
  • Public Subnet’s IPv4 CIDR
  • Availability Zone where you want your VPC to be created
  • Subnet name
  • Hardware tenancy

After mentioning all the details, click on “Create VPC“.

Step 4: You will get a message saying “Your VPC has been successfully created“. Click on “OK“.

Step 5: In the “Your VPC” section, you can see that there is a new VPC named “EdurekaDemo” created.

Step 6: Now let’s verify the public subnet. You can see that a subnet named “Public Subnet” is created. This subnet has a routeing table attached which consists of local and public access with an Internet Gateway.

This way a VPC is created with a Public Subnet. Easy isn’t it?

Now, let’s move to another Demo for the Amazon VPC tutorial and find out another way of creating a VPC from scratch. Here, I will show you how to create everything manually.

Demo: Creating A Non-Default VPC And Creating A Private And Public Subnet Inside The VPC

Let’s take a long route for creating a non-default VPC with two subnets, one public and one private.

Step 1: Navigate to “Your VPC” and click on “Create VPC“.

Step 2: Give a name for your VPC, mention the IPv4 CIDR block. Click on “Create”.

Step 3: You get a message “The following VPC was created” with your “VPC ID“. Click on “Close“.

Step 4: Now, create subnets. To do this navigate to “Subnets“, in the “Filter by VPC“, select your VPC and then you will see there are no subnets.

Step 5: Create a subnet named Private. Select your VPC, the Availability Zone, and the IPv4 CIDR block. Click on “Create“.

You will get a message saying “The following Subnet was created” along with the “Subnet ID“. Click on “Close“.

Step 6: Create a Public Subnet, fill it in with all the relevant details as I did for the creating a Private Subnet. Click on “Create“.

You will get a message saying “The following Subnet was created” with the “Subnet ID“. Click on “Close“.

Step 7: Now we have to create an Internet Gateway to make the subnet public.

Navigate to Internet Gateways, click on Create “Internet gateway“.

Give a name to your Internet Gateway. Click on “Create“.

You will get a message saying “The following internet gateway was created” and the “Internet Gateway ID“. Click on “Close“.

Step 8: Just by creating an Internet Gateway won’t suffice the purpose. You have to attach the Internet Gateway to the VPC.

Select the VPC for which you want to attach your Internet Gateway. Click on “Attach“.

Step 9: Now as you have attached the Internet Gateway to your VPC, it’s time to make rules for managing traffic using Route Table. Navigate to Route Tables, and click on “Create route table“.

Give a name to your Route table and select the VPC for which the Route table will work. Click on “Create“.

You will get a message “The following Route Table was created” and the “Route Table ID“. Click on “Close“.

Step 10: Now you have a Route table created. Add the routes for managing the traffic. Navigate to “Routes” and click on “Edit routes“.

Click on “Add Routes” and mention the destination 0.0.0.0/0 as you want it to be accessible to Public and then select the target as the Internet Gateway that you created earlier. Click on “Save routes“.

Step 11: Now that the rules are added to the Route table, its time to attach it to the Public Subnet. Select the Public Subnet and navigate to Route Table and click on “Edit route table association“.

Select the Route table and click on “Save“.

You have successfully made the subnet public.

This way you can take a long route to create an Amazon VPC with two subnets, a Public and a Private subnet.

I hope you got a brief idea on Amazon VPC and its components. If you wish to check out more articles on the market’s most trending technologies like Artificial Intelligence, DevOps, Ethical Hacking, then you can refer to Edureka’s official site.

Do look out for other articles in this series which will explain the various other aspects of AWS.

1. AWS Tutorial

2. AWS EC2

3. AWS Lambda

4. AWS Elastic Beanstalk

5. AWS S3

6. AWS Console

7. AWS RDS

8. AWS Migration

9. AWS Fargate

10. Amazon Lex

11. Amazon Lightsail

12. AWS Pricing

13. Amazon Athena

14. AWS CLI

15. AWS Resume

15. AWS vs Azure

17. On-premise vs Cloud computing

18. Amazon Dynamo DB Tutorial

19. How To Restore EC2 From Snapshot?

20. AWS CodeCommit

21.Top AWS Architect Interview Questions

22. How To Restore EC2 From Snapshot?

23.Create Websites using AWS

24.Amazon Route 53

25. Securing Web Applications With AWS WAF

Originally published at www.edureka.co on March 11, 2019.

AWS
Amazon Vpc
Amazon
Amazon Web Services
Vpc

--

--

Vishal Padghan
Edureka

Written by Vishal Padghan

326 Followers
Writer for

A keen writer and a Cloud Computing Enthusiast

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams