Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

How AWS VPC Works Intro


Published on

How AWS VPC Works Introduction. I'll provide a basic introduction to the mysterious VPC world. I'll explain terms using various diagrams. We'll also build a simple VPC network out manually to help understand VPCs.

Answers to questions (close your eyes and watch the video first if you don't want to know the answers yet):

Why should we create route tables vs using the main route table?
A: Every time you create new subnet it uses your "main" route table. So if added a IGW route to the main route table in an effort to allow traffic out. This violates a security best practice which is that newly created subnets by default should be private.

Is the NAT gateway is associated with the public subnet or private subnet?
A: The NAT gateway should be on the public subnet so it has access to the internet to do its thing. If it's on the private subnet it won't work.

What makes a subnet public?
A: You simply associate the subnet with a (public) route table that has an IGW route.

What network component is a security group associated with?
A: The only network component that a security group is associated with is the entire VPC. Security groups are not associated with any other network components. They are associated with other types of AWS resources like EC2 instances, ELBs, RDS DBs, etc.

Google Slides:


Need DevOps help or support?

Published in: Software
  • Be the first to comment

How AWS VPC Works Intro

  1. 1. How AWS VPC Works Intro by Tung Nguyen from
  2. 2. ●Founder at BoltOps. ●Build scalable and customizable infrastructure. About - Tung Nguyen
  3. 3. Terms ● VPC ● Route Table ● Network ACL ● Security Group ● Subnet ● IGW ● NAT
  4. 4. Relationships are Important
  5. 5. Thinking More About Relationships
  6. 6. Notes ●IGW gets added as route on a route table. Since route tables can have many subnets - thats how subnets becomes public and gets access to the internet. ●Security Group (belong to) an entire VPC ○They are assigned to multiple resources like EC2 instances, ELBs, RDS DBs, etc.
  7. 7. Summary 1. Create VPC 2. Create Private Subnet 3. Create Public Subnet - enable auto assign IP 4. Create IGW - attached it to our VPC 5. Create Public Route Table - 1. Route for IGW 2. Public Subnet Association 6. Create NAT 7. Create Private Route Table - 1. Route for NAT 2. Private Subnet Assocation
  8. 8. Questions ●Why should we create our own route tables instead of using the main route table? ●Should the NAT Gateway be in the private or public subnet? ●What makes a subnet public? ●What network component is a security group associated with? ●Answers are provided in the video description
  9. 9. Resources ●What is the recommended CIDR when creating VPC on AWS? - ServerFault Question ●Practical VPC Design - Medium Blog Post ●Try Building It Out Yourself to Really Learn
  10. 10. Tung Nguyen Founder @ BoltOps Email: LinkedIn: Twitter: @tongueroo YouTube: Need DevOps help?