VPC Security Lab: How to Use Public and Private Subnets

Securing your VPC using Public and Private Subnets

Paolo Latella brings us a new lab for true VPC security. Paolo is an AWS Community Hero, Cloud Solutions Architect and AWS Technical Trainer at XPeppers, an enterprise focused on Cloud technologies and DevOps methodologies. Paolo has more than 15 years of experience in IT and has worked on AWS technologies since 2008.

Securing your VPC using Public and Private Subnets hands-on lab was designed and produced for beginners and leads students through engaging real-world scenarios. All of Cloud Academy’s labs promise industry best practices that put your recent knowledge into practice. Build skills, knowledge, and confidence with this lab, available now.

Securing your VPC using Public and Private subnets AWS

In this lab we design a VPC with a public subnet and a private subnet with a network address translation (NAT) instance in the public subnet.

To learn more about AWS VPC best practices, review our intermediate course on the subject Amazon VPC: working with AWS networking by systems architect David Robinson.

A NAT instance enables instances in the private subnet to initiate outbound traffic to the Internet. This scenario is usually used if you want to run a public-facing web application, while maintaining back-end servers that aren’t publicly accessible.

A common example is a multi-tier website, with the web servers in a public subnet and the database servers in a private subnet. You can set up security and routing so that the web servers can communicate with the database servers. The instances in the private subnet can access the Internet via the NAT instance in the public subnet. You can increment the network security using a network access control list (ACL) — an optional layer of security that acts as a firewall for controlling traffic in and out of a subnet.

Start our new hands-on lab  now and send us questions and comments. We never stop learning and hope that you won’t either.


Cloud Academy