← Back to Labs
Intermediate00:30:00

Build Amazon VPC with Public and Private Subnets (from Scratch)

Task 1Task 2Task 3Task 4Task 5Task 6
Task 1

Task 1: Sign in to AWS Management Console

↑ Top
  1. Click on the Open Console button, and you will get redirected to AWS Console in a new browser tab.
  2. On the AWS sign-in page,
  3. Leave the Account ID as default. Never edit/remove the 12 digit Account ID present in the AWS Console. otherwise, you cannot proceed with the lab.
  4. Now copy your User Name and Password in the Lab Console to the IAM Username and Password in AWS Console and click on the Sign in button.
  5. Once Signed In to the AWS Management Console, Make the default AWS Region as US East (N. Virginia) us-east-1.
Task 2

Task 2 : Creating New VPC

↑ Top
  1. Make sure you are in the US East (N. Virginia) us-east-1 Region.
  2. Navigate to VPC by clicking on Services on the top of AWS Console.
  3. Click on VPC (under Networking & Content Delivery section) or you can also search for VPC.
  4. Click on Your VPCs from the left menu.
  5. Here you can see the list of all VPC, No need to do anything with the existing and default VPCs, we will create a new VPC for this lab.
  6. Click on Create VPC button. Select VPC Only Name tag: Enter a VPC name for identification to your VPC. Ex: MyVPC IPv4 CIDR block: Enter 10.0.0.0/16 IPv6 CIDR block: No need to change this, make sure No IPv6 CIDR Block is checked. Tenancy: No need to change this, make sure Default is selected. Now click on Create VPC button.
  7. Click on Create VPC button.
  8. Select VPC Only
  9. Name tag: Enter a VPC name for identification to your VPC. Ex: MyVPC
  10. IPv4 CIDR block: Enter 10.0.0.0/16
  11. IPv6 CIDR block: No need to change this, make sure No IPv6 CIDR Block is checked.
  12. Tenancy: No need to change this, make sure Default is selected.
  13. Now click on Create VPC button.
  14. Task 2 : Creating New VPC
  15. Once VPC is created, it will appear with details as shown below:
  16. Task 2 : Creating New VPC
Task 3

Task 3 : Creating Subnets

↑ Top
  1. In this lab, we will create one public subnet and a private subnet in us-east-1a and us-east-1b Availability Zones respectively as follows:
  2. For the Public Subnet, click on Subnets from the left menu and click on Create subnet button. VPC ID: Select MyVPC from the list you created earlier. Subnet Name: Enter Name MyPublicSubnet Availability Zone: Select us-east-1a IPv4 CIDR block: Enter the range 10.0.1.0/24 Click on Create subnet button.
  3. For the Public Subnet, click on Subnets from the left menu and click on Create subnet button.
  4. VPC ID: Select MyVPC from the list you created earlier.
  5. Task 3 : Creating Subnets
  6. Subnet Name: Enter Name MyPublicSubnet
  7. Availability Zone: Select us-east-1a
  8. IPv4 CIDR block: Enter the range 10.0.1.0/24
  9. Click on Create subnet button.
  10. Task 3 : Creating Subnets
  11. For the Private Subnet, click on Create subnet again. VPC ID : Select MyVPC from the list you created earlier. Subnet Name : Enter Name MyPrivateSubnet Availability Zone : Select us-east-1b IPv4 CIDR block : Enter the range 10.0.2.0/24 Click on Create subnet button.
  12. For the Private Subnet, click on Create subnet again.
  13. VPC ID : Select MyVPC from the list you created earlier.
  14. Task 3 : Creating Subnets
  15. Subnet Name : Enter Name MyPrivateSubnet
  16. Availability Zone : Select us-east-1b
  17. IPv4 CIDR block : Enter the range 10.0.2.0/24
  18. Click on Create subnet button.
  19. Task 3 : Creating Subnets
Task 4

Task 4: Create and configure Internet Gateway

↑ Top
  1. In this task, we are going to create an internet gateway and configure it with the VPC.
  2. Click on Internet Gateways from the left menu and click on Create internet gateway button. Name Tag: Enter MyInternetGateway Click on Create internet gateway button.
  3. Click on Internet Gateways from the left menu and click on Create internet gateway button.
  4. Name Tag: Enter MyInternetGateway
  5. Click on Create internet gateway button.
  6. Task 4: Create and configure Internet Gateway
  7. Select the Internet gateway you created from the list Click on Actions. Click on Attach to VPC. Select MyVPC which you created from the list and click on Attach internet gateway button.
  8. Select the Internet gateway you created from the list
  9. Click on Actions.
  10. Click on Attach to VPC.
  11. Task 4: Create and configure Internet Gateway
  12. Select MyVPC which you created from the list and click on Attach internet gateway button.
  13. Task 4: Create and configure Internet Gateway
Task 5

Task 5: Create Route Tables

↑ Top
  1. In this task, we are going to create two route tables and associate them with their respective subnets.
  2. Go to Route Tables from the left menu and click on Create route table button. Name: Enter PublicRouteTable VPC: Select MyVPC from the list. Click on Create route table button.
  3. Go to Route Tables from the left menu and click on Create route table button.
  4. Name: Enter PublicRouteTable
  5. VPC: Select MyVPC from the list.
  6. Click on Create route table button.
  7. Task 5: Create Route Tables
  8. Repeat the same steps to create a route table for the Private subnet. Name: Enter PrivateRouteTable VPC: Select MyVPC from the list. Click on Create route table button.
  9. Repeat the same steps to create a route table for the Private subnet.
  10. Name: Enter PrivateRouteTable
  11. VPC: Select MyVPC from the list.
  12. Click on Create route table button.
  13. Task 5: Create Route Tables
  14. Now we will associate the subnets to the route tables.
  15. Select the PublicRouteTable and go to the Subnet Associations tab. Click on Edit subnet associations. Select MyPublicSubnet from the list. Click on Save associations button.
  16. Select the PublicRouteTable and go to the Subnet Associations tab.
  17. Click on Edit subnet associations.
  18. Task 5: Create Route Tables
  19. Select MyPublicSubnet from the list.
  20. Click on Save associations button.
  21. Task 5: Create Route Tables
  22. Select the PrivateRouteTable and go to the Subnet Associations tab. Click on Edit subnet associations. Select MyPrivateSubnet from the list. Click on Save associations button.
  23. Select the PrivateRouteTable and go to the Subnet Associations tab.
  24. Click on Edit subnet associations.
  25. Task 5: Create Route Tables
  26. Select MyPrivateSubnet from the list.
  27. Click on Save associations button.
  28. Task 5: Create Route Tables
  29. Make sure not to associate any subnets with the Main Route Table.
  30. PublicRouteTable: Add a route to allow Internet traffic to the VPC. Select PublicRouteTable. Go to Routes tab, click on Edit routes. Click on Add route button, Specify the following values: Destination: Enter 0.0.0.0/0 Target: Select Internet Gateway from the dropdown menu to select MyInternetGateway. Click on Save changes button.
  31. PublicRouteTable: Add a route to allow Internet traffic to the VPC.
  32. Select PublicRouteTable.
  33. Go to Routes tab, click on Edit routes.
  34. Task 5: Create Route Tables
  35. Click on Add route button, Specify the following values: Destination: Enter 0.0.0.0/0 Target: Select Internet Gateway from the dropdown menu to select MyInternetGateway. Click on Save changes button.
  36. Click on Add route button, Specify the following values:
  37. Destination: Enter 0.0.0.0/0
  38. Target: Select Internet Gateway from the dropdown menu to select MyInternetGateway.
  39. Click on Save changes button.
  40. Task 5: Create Route Tables
  41. VPC Flow Logs capture information about the IP traffic flowing in and out of your VPC. It provides detailed insights into network traffic patterns, helping you analyze and troubleshoot connectivity issues, monitor security, and meet compliance requirements.
Task 6

Task 6 : Validation Test

↑ Top
  1. Once the lab steps are completed, please click on the Validation button on the left side panel.
  2. This will validate the resources in the AWS account and shows you whether you have completed this lab successfully or not.
  3. Sample output :
  4. Task 6 : Validation Test
  5. You have successfully completed and learned how to create public and private subnets.
  6. You have learned how to create an Internet Gateway and associate it to VPC.
  7. You now understand how public and private subnets are different (through associating Internet Gateway or not).
  8. The instances launched inside the public subnet will be able to access the internet and instances launched inside the private subnet will not have access to the internet.
  9. Sign out from the AWS Management Console.
  10. Click on End Lab button from the lab console and wait till the process gets completed
← Back to Labs