Lab Steps

lock
Logging in to the Amazon Web Services Console
lock
Creating a VPC
lock
Creating a VPC Internet Gateway
lock
Creating a Public Subnet
lock
Creating a Bastion Host
lock
Creating a Private Subnet
lock
Creating a Network ACL for a Private Subnet
lock
Adding Rules to a Private Network ACL
lock
Launching an EC2 Instance on a Private Subnet
lock
Launching a Network Address Translation (NAT) instance
lock
Testing access of Private Subnet Instances
lock
Highlights of Securing your VPC
live-help Need help? Contact our support team

Here you can find the instructions for this specific Lab Step.

If you are ready for a real environment experience please start the Lab. Keep in mind that you'll need to start from the first step.

Introduction

Amazon Virtual Private Cloud (Amazon VPC) enables you to launch AWS resources into a virtual network you have defined. This virtual network closely resembles a traditional network that you would operate in your own data center with the benefits of using the scalable infrastructure of AWS. It is logically isolated from other virtual networks in the AWS cloud. In this Lab you will create a new VPC using the AWS Management Console. Once created, you will create other EC2 and VPC resources mimicking a common two-tiered (front-end and back-end) architecture in the cloud.

Instructions

1. Click VPC under the Network and Content Delivery section of the AWS Management Console:

VPC service

 

2. Click Your VPCs in the left navigation pane: 

AWS VPC dashboard

The Your VPCs page lists all previously created VPCs. All new AWS accounts come with a default, fully-working VPC.

Note: Although all Cloud Academy student accounts originally have a default VPC, some accounts had the default VPC inadvertently removed. A default VPC has the Default VPC column set to Yes. If you don't see a default VPC in your lab environment, do not worry. You will create a new VPC and use it regardless. The Lab will work with or without a default VPC in the student account.

 

3. Click Create VPC to begin creating a new VPC. A Create VPC dialog box is opened for you. Specify the following VPC details:

  • Name tag: Enter cloudacademy-labs (This is the name for your VPC. A tag will be created with a key of Name and the value "cloudacademy-labs".)
  • CIDR block: Enter 10.0.0.0/16  (This is a CIDR block from the private (non-publicly routable) IP address ranges as specified in RFC 1918.)
  • Tenancy: Select Default  (Dedicated tenancy ensures your instances run on single-tenant hardware. For the purposes of this Lab, the default is fine though.) 

alt

Click Create VPC when ready to proceed. Amazon creates the requested VPC and the following linked services:

  • A DHCP options set  (This set enables DNS for instances that need to communicate over the VPC's Internet gateway.) 
  • A Route Table  (The table contains a set of rules, called routes, that are used to determine where network traffic is directed.) 
  • A Network ACL  (A list of rules to determine whether traffic is allowed in or out of any subnet associated with the network ACL.)

 

4. View the description for your new VPC and confirm the DHCP options set, Route Table and Network ACL were indeed created with the VPC in the previous instruction:

alt

Note that no Subnets or Internet Gateways were automatically created with the VPC. You need to add them autonomously. Now you are ready to create your VPC subnets and customize the routing table. 

 

Validation checks
1Checks
Created VPC

Created a non-default VPC

Amazon VPC