Prerequisites
An AWS Account
Virtual Private Cloud
- 1 VPC.
- 2 Public Subnets (in different AZs).
- 2 Private Subnets (in different AZs).
- 1 IGW for internet access to Public Subnets.
- 1 Route Table connecting Subnets with IGW.
- 1 Public Security Groups enabling internet and SSH traffic.
Create VPC
Navigate to VPC > Your VPCs > Create VPC
| Name tag |
Name of your VPC. G53_VPC_Main |
| IPv4 CIDR block | 10.0.0.0/16 |
| IPv6 CIDR block | Amazon provided IPv6 CIDR block |
| Tenancy | Default |
Click on 'Create'.
Create Subnets
Navigate to VPC > Subnets > Create subnet
| Name tag | G53_SBN_PublicA_eu-west-1a_10.0.1.0/24 |
| VPC | Your applicable VPC |
| Availability Zone | eu-west-1a |
| IPv6 CIDR block | Amazon provided IPv6 CIDR block |
| Availability Zone | eu-west-1a |
| IPv4 CIDR block | 10.0.1.0/24 |
| IPv6 CIDR block | Dont Assign IPv6 |
Click on 'Create'.
Click on 'Create subnet'
| Name tag | G53_SBN_PublicB_eu-west-1b_10.0.2.0/24 |
| VPC | Your applicable VPC |
| Availability Zone | eu-west-1b |
| IPv4 CIDR block | 10.0.2.0/24 |
| IPv6 CIDR block | Dont Assign IPv6 |
Click on 'Create'.
Click on 'Create subnet'
| Name tag | G53_SBN_PrivateA_eu-west-1a_10.0.3.0/24 |
| VPC | Your applicable VPC |
| Availability Zone | eu-west-1a |
| IPv4 CIDR block | 10.0.3.0/24 |
| IPv6 CIDR block | Dont Assign IPv6 |
Click on 'Create'.
Click on 'Create subnet'
| Name tag | G53_SBN_PrivateB_eu-west-1b_10.0.4.0/24 |
| VPC | Your applicable VPC |
| Availability Zone | eu-west-1b |
| IPv4 CIDR block | 10.0.4.0/24 |
| IPv6 CIDR block | Dont Assign IPv6 |
Select subnet G53_SBN_PublicA_eu-west-1a_10.0.1.0/24 and click on 'Actions' and 'Modify auto-assign IP settings'.
Check 'Enable auto-assign public IPv4 address' and click on 'Save'.
Select subnet G53_SBN_PublicB_eu-west-1b_10.0.2.0/24 and click on 'Actions' and 'Modify auto-assign IP settings'.
Check 'Enable auto-assign public IPv4 address' and click on 'Save'.
Create Internet Gateway (IGW)
Navigate to VPC > Internet Gateways > Create internet gateway
| Name tag | G53_IGW_VPC_Main |
Click on 'Create'.
Click on 'Attach to a VPC'.
Select your applicable VPC and click on 'Attach internet gateway'.
Create Route Table
Navigate to VPC > Route Tables > Create route table.
| Name tag | G53_RTT_VPC_Main_Public |
| VPC | Select applicable VPC |
Click 'Create'.
Select your route table and click on the Routes tab > Edit routes.
Add the following routes:
| Destination | Target |
| 0.0.0.0/0 | Internet gateway > G53_IGW_VPC_Main |
| ::/0 | Internet gateway > G53_IGW_VPC_Main |
Click 'Save routes'.
Select your route table and click on the 'Subnet Associations' tab > Edit subnet associations.
Select your 2 public subnets and click 'Save'
Create Security Groups
Navigate to VPC > Security Groups > Create security group.
| Basic details | |
| Security group name | G53_SCG_Public_Web |
| VPC | Select applicable VPC |
| Inbound rules | |
| SSH | 0.0.0.0/0 |
| HTTP | 0.0.0.0/0 |
| HTTPS | 0.0.0.0/0 |
Click 'Create security group'.