A VPC is a virtual network inside AWS where you can isolate your setup using private IP addresses. A VPC consists of several subnets. Each subnet is bound to an Availability Zone. A public subnet has a direct route to the Internet. As long as your EC2 instances have an public IP they can communicate (in and out) with the Internet. A private subnet does not have a route to the Internet. Instances in private subnets can not be accessed from the public Internet. If you want to access the Internet from a private subnet you need to create a NAT instance.
Use the vpc-2azs.json template to create a VPC with two private and two public subnets.
- VPC: virtual network that you define
- Download the template vpc-2azs.json
- Open AWS CloudFormation within the Management Console: https://console.aws.amazon.com/cloudformation.
- Create a new stack by clicking on the Create Stack button.
- Select Upload a template to Amazon S3 and upload the template
vpc-2azs.json. - Click Next to proceed with the next step of the wizard.
- Specify a name and all parameters for the stack.
- Click Next to proceed with the next step of the wizard.
- Click Next to skip the Options step of the wizard.
- Click Create to start the creation of the stack.
- Wait until the stack reaches the state CREATE_COMPLETE
Use the vpc-3azs.json template to create a VPC with three private and two public subnets.
- VPC: virtual network that you define
- Download the template vpc-3azs.json
- Open AWS CloudFormation within the Management Console: https://console.aws.amazon.com/cloudformation.
- Create a new stack by clicking on the Create Stack button.
- Select Upload a template to Amazon S3 and upload the template
vpc-3azs.json. - Click Next to proceed with the next step of the wizard.
- Specify a name and all parameters for the stack.
- Click Next to proceed with the next step of the wizard.
- Click Next to skip the Options step of the wizard.
- Click Create to start the creation of the stack.
- Wait until the stack reaches the state CREATE_COMPLETE
Use the vpc-nat-gateway.json template to create a NAT Gateway that forwards HTTP, HTTPS and NTP traffic from private subnets to the Internet.
- EC2: NAT Gateway
- Auto Scaling: manages the fleet of virtual machines
- Download the template vpc-nat-gateway.json
- Open AWS CloudFormation within the Management Console: https://console.aws.amazon.com/cloudformation.
- Create a new stack by clicking on the Create Stack button.
- Select Upload a template to Amazon S3 and upload the template
vpc-nat-gateway.json. - Click Next to proceed with the next step of the wizard.
- Specify a name and all parameters for the stack.
- Click Next to proceed with the next step of the wizard.
- Click Next to skip the Options step of the wizard.
- Check the I acknowledge that this template might cause AWS CloudFormation to create IAM resources. checkbox.
- Click Create to start the creation of the stack.
- Wait until the stack reaches the state CREATE_COMPLETE
Use the vpc-nat-instance.json template to create a highly available NAT instance that forwards HTTP, HTTPS and NTP traffic from private subnets to the Internet.
- EC2: virtual machine used as the NAT instance
- Auto Scaling: manages the fleet of virtual machines
- Download the template vpc-nat-instance.json
- Open AWS CloudFormation within the Management Console: https://console.aws.amazon.com/cloudformation.
- Create a new stack by clicking on the Create Stack button.
- Select Upload a template to Amazon S3 and upload the template
vpc-nat-instance.json. - Click Next to proceed with the next step of the wizard.
- Specify a name and all parameters for the stack.
- Click Next to proceed with the next step of the wizard.
- Click Next to skip the Options step of the wizard.
- Check the I acknowledge that this template might cause AWS CloudFormation to create IAM resources. checkbox.
- Click Create to start the creation of the stack.
- Wait until the stack reaches the state CREATE_COMPLETE
Do you need help? Mail to team@widdix.de.