• About Us
  • Blogs
  • Contact Us
VPC Best practices

Nowadays, we are in a rapidly changing and evolving world wherein each moment a significant development is happening in a diverse direction of technology. These multi-directional changes create various opportunities to solve the challenges on the pathway toward excellence.

Virtual Private Cloud(VPC) is an example of a modern-day solution to avoid many other overhead problems. In the early days of the internet, if you to be a part of the global internet community, you have to make lots of arrangements for it. You have made the data reachable to the internet through many hard ways to manage it and to expose it securely to authenticated users via the internet.

You have to manage the overall infrastructure including the routers, switches, and the different sorts of gateways as well. It requires a ton of effort to particularly deploy the infrastructure first. Then the actual data or application configurations come up to be provisioned on it. It requires a pertinent space and technical teams to operate with the internet. Such as you have enabled the server’s configuration with private networks and must purchase the hardware essential for the back-and-forth communications over the internet. It consumes a massive amount of time and finances to even make it a part of the internet. After all the infrastructure dependence is managed once, it also requires the technical resources for the maintenance of underlying infrastructure.

You must have got the idea that managing the Private Network was not an easy ball game for anyone to wants to contribute to the community. This issue is tremendously optimized by the cloud service providers such as AWS, Azure, and GCP majorly. 

Amazon Web Service(AWS) is one of the biggest cloud service providers in the market captures, and customers’ trust because of its years of flabbergasting service experience in the industry. So we’ll take forward the example of Amazon VPC for use-case and demonstrate how they have revolutionized the world with internet facilities.

Amazon Virtual Private Cloud(VPC) is one of the major services used by their customers. AWS has enabled us to configure our private network on which we can store confidential data with privacy laws depending upon the scenario. VPC allows us to configure the Virtual Private Network without worrying about the actual infrastructure resources. The AWS itself is managing all the physical resources and they have enabled us to use it as a service according to our needs. 

Let’s just get started and dive into the VPC best practices demonstration more commonly used as a standard in the IT industry:

Prerequisites: 

  • AWS Account

Let’s get started:

A virtual network architecture into which AWS resources can be launched quickly is created using VPC. Each VPC specifies the requirements for your AWS resources, such as:

  • IP addresses 
  • Subnets 
  • Routing 
  • Security 
  • Network configurations

Now, login to the AWS Console:

  • Goto Amazon VPC:
  • Click on ‘Create VPC’.
  • Name the VPC as ‘test-vpc’ & provide the IPv4 CIDR:
  • Give tags and use the default settings for the demo.
  • Click on ‘Create VPC’.
  • Goto subnets & hit the ‘Create Subnet’ button.
  • Select the VPC:
  • Now, create private, public & database subnets accordingly:

First, create a ‘test-public-subnet’:

  • Provide the Subnet CIDR for the public subnet accordingly.

Click on ‘Add new subnet’ to new subnets:

  • Name the private subnet as ‘test-private-subnet’ & Provide the Subnet CIDR for the private subnet accordingly.

Similarly, add another subnet as above with the name ‘test-database-subnet’ and Provide the Subnet IPv4 CIDR block ‘10.11.7.0/24’ for the database subnet accordingly.

Output:

  • Go to the Route tables:
  • We’ll rename &l use the default route table as a private route table:

Output: 

  • Click on ‘Create route table’.
  • Provide a name as ‘test-public-RT’ & associate it with ‘test-vpc’.
  • Click on ‘Create Route table’

Output:

Now, go to ‘Internet gateways’ and name it ‘test-IGW’:

  • Click on ‘Create internet gateway’.

Note: the newly created ‘test-IGW’ will be detached for now as:

  • Associate the ‘test-IGW’ to the ‘test-vpc’ as below:
  • Click on ‘Attach internet gateway’.
  • Go to the NAT gateway & Click on ‘Create NAT gateway’:
  • Name it as ‘test-nat-GW’ and select the public subnet in which the NAT Gateway will be created.
  • Click on ‘Allocate Elastic IP’.
  • Click on ‘Create NAT gateway’.

Output:

  • Next, go to the route table:
  • Select the ‘test-public-RT’ & click on the ‘Edit Routes’:

Output:

  • Click on the ‘Add route’:
  • Add ‘0.0.0.0/0’ to the destination & associate the ‘test-IGW’ to the target.

Output:

  • Click on ‘Save changes’.
  • Select the ‘test-private-RT’ & click on the ‘Edit Routes’:
  • Add a route with a target as ‘NAT Gateway’.

Output:

  • Add ‘0.0.0.0/0’ to the destination & associate the ‘test-nat-GW’ to the target and click ‘save changes’.

Output:

  • Select the ‘test-private-RT’ & click on the ‘Edit subnet associations’:
  • Select the ‘test-private-subnet’ & ‘test-database-subnet’ and hit ‘save changes’.

Output:

  • Go to the VPC:
  • The ‘test-vpc’ is available to use for private & public resource provisioning.