Creating a Public Subnet
As implied by the name, a public subnet will hold resources that require ingress and/or egress to the public internet. A common use case for this is a DNS server, or a load balancer sitting in front of front-end web servers or web applications.
In this lab step, you will create a public subnet in your VPC.
1. In the VPC Dashboard, click Subnets in the left navigation pane:
The Subnets page lists all previously created subnets.
2. Click Create subnet:
3. Configure the following subnet details:
- VPC ID: Select cloudacademy-labs
- Subnet name: Enter Public-A (This is the name for your subnet. A tag with a key of Name and the value "Public-A" is created)
- Availability Zone: Select us-west-2a from the drop-down menu
- CIDR block: Enter 10.0.20.0/24
4. Click Create subnet:
The new subnet will be deployed into the selected VPC, and into the selected Availability Zone.
Next, you will need to set up the route table.
A route table contains a set of rules, called routes, that are used to determine where network traffic is directed. Each route in a table specifies a destination CIDR and a target (for example, traffic destined for 172.16.0.0/12 is targeted for the virtual private gateway). If a subnet has a route with the destination (0.0.0.0/0) and Internet Gateway as the target, the subnet is known as a public subnet. You can create a custom route table for your VPC using the Amazon VPC console.
5. In the left-hand navigation pane, click the Filter by VPC field and select the cloudacademy-labs VPC from the drop-down:
Note: You may need to refresh your browser tab to be able to select the cloudacademy-labs VPCfrom the Filter by VPC field.
6. In the left navigation pane, click Route Tables:
7. Click Create route table:
8. Configure the following route table settings:
- Name: Enter PublicRouteTable
- VPC: Select the cloudacademy-labs VPC from the drop-down menu
9. Scroll to the bottom of the page and click Create route table:
10. On the route details page, switch to the Routes tab and click Edit routes:
11. Click Add route:
12. Configure the following route settings:
- Destination: Enter 0.0.0.0/0
- Target: Select Internet Gateway, then labs-gw
13. Click Save changes:
Up next, you will change the default route table of the public subnet to include the new route table.
14. In the left-hand navigation pane, click Subnets.
15. Select the Public-A subnet and click the Route table tab
16. Click the Edit route table association button:
17. Select PublicRouteTable from the Route table ID drop-down menu and confirm the following routes:
Note: The internet gateway under your target will differ from the ID above.
18. Click Save:
This subnet will require a route to the internet, so the associated route table has now been configured to use PublicRouteTable to determine traffic rules.
In this lab, you created a public subnet in your VPC and associated it with a route table with access to the public internet.
Connected an internet gateway to a non-default VPC route table