AWS : VPC (Virtual Private Cloud) 2 - VPC Wizard

Let's create a VPC using the VPC Wizard in the VPC Console.

Select VPC with a Single Public Subnet:

Click Select.

The configuration page below displays the CIDR ranges that we'll use for our VPC and subnet (10.0.0.0/16 and 10.0.0.0/24, respectively), and the hardware tenancy setting. Enter a name for VPC - this helps us identify it in the VPC console after we've created it.

We can leave the rest of the default settings and then click Create VPC to create our VPC, Internet gateway, subnet, and route table.

When the work completes, a status window confirms that our VPC has been successfully created. Click OK to close the status window and return to the VPC dashboard.

We can use the default settings for the components that the VPC Wizard creates for us.

This section describes how we can view these components and their settings using a VPC console.

In the VPC navigation pane, click Your VPCs.

The console displays our default VPC (I deleted it) and the VPC that we just created.

Select the VPC that we just created (Default VPC is No since the VPC that we created is a nondefault VPC, therefore the Default VPC column displays No).

To see Internet Gateways, in the navigation pane, choose "Internet Gateways". We can find the Internet gateway that's attached to our VPC by looking at the VPC column, which displays the ID and the name (if applicable) of the VPC.

Each VPC has a set of DHCP options, a main route table, and default network ACL.

The VPC that we just created has two route tables:

1. The VPC came with a main route table by default
2. and the VPC Wizard created a custom route table in addition.

Our subnet is associated with the custom route table, which means that we use the routes in that table to determine how the traffic for the subnet flows. If we add a new subnet to our VPC, it uses the main route table by default.

custom route table:

The first row in the table is the local route, which enables instances within the VPC to communicate. This route is present in every route table by default, and we can't remove it.

The second row shows the route that the VPC wizard added to enable traffic destined for an IP address outside the VPC (0.0.0.0/0) to flow from the subnet to the Internet gateway. We refer to this subnet as a public subnet because all traffic from the subnet goes to the Internet gateway.

main route table:

The main route table has a local route, but no other routes. Therefore, any subnet we create is not exposed to the Internet initially, it's a private subnet. To expose a new subnet as a public subnet, we can either change the routing in the main route table, or associate the subnet with a custom route table.

Here is the VPC we created:

1. Created a VPC with a /16 CIDR block (a network with 65,536 private IP addresses).
2. Attached an Internet gateway to the VPC.
3. Created a size /24 subnet (a range of 256 private IP addresses) in the VPC.
4. Created a custom route table, and associates it with our subnet so that traffic can flow between the subnet and the Internet gateway.

Our VPC comes with a default security group.

Any instance not associated with another security group during launch is associated with the default security group. In this guide, we'll create a new security group, "WebServerSG", and specify this security group when we launch an instance into our VPC.

A security group acts as a virtual firewall to control the traffic for its associated instances. To use a security group, we add the inbound rules to control incoming traffic to the instance, and outbound rules to control the outgoing traffic from your instance. To associate a security group with an instance, we specify the security group when we launch the instance. If we add and remove rules from the security group, those changes will be applied to the instances associated with the security group automatically.

In the navigation pane, choose Security Groups, and then choose Create Security Group. In the Group name field, enter "WebServerSG" as the name of the security group, and provide a description.

On the Inbound Rules tab, we may choose Edit and add rules for inbound traffic, and then Save when we're done.

When we launch an EC2 instance into a VPC, we must specify the subnet in which to launch the instance. In this case, we'll launch an instance into the public subnet of the VPC we created. We'll use the Amazon EC2 launch wizard in the Amazon EC2 console to launch our instance.

Now, we have this:

In the previous step, we launched our instance into a public subnet - a subnet that has a route to an Internet gateway. However, the instance in our subnet also needs a public IP address to be able to communicate with the Internet. By default, an instance in a nondefault VPC is not assigned a public IP address.

For this, please check Step 4: Assign an Elastic IP Address to Your Instance.

AWS (Amazon Web Services)

1. AWS : EKS (Elastic Container Service for Kubernetes)
2. AWS : Creating a snapshot (cloning an image)
3. AWS : Attaching Amazon EBS volume to an instance
4. AWS : Adding swap space to an attached volume via mkswap and swapon
5. AWS : Creating an EC2 instance and attaching Amazon EBS volume to the instance using Python boto module with User data
6. AWS : Creating an instance to a new region by copying an AMI
7. AWS : S3 (Simple Storage Service) 1
8. AWS : S3 (Simple Storage Service) 2 - Creating and Deleting a Bucket
9. AWS : S3 (Simple Storage Service) 3 - Bucket Versioning
10. AWS : S3 (Simple Storage Service) 4 - Uploading a large file
11. AWS : S3 (Simple Storage Service) 5 - Uploading folders/files recursively
12. AWS : S3 (Simple Storage Service) 6 - Bucket Policy for File/Folder View/Download
13. AWS : S3 (Simple Storage Service) 7 - How to Copy or Move Objects from one region to another
14. AWS : S3 (Simple Storage Service) 8 - Archiving S3 Data to Glacier
15. AWS : Creating a CloudFront distribution with an Amazon S3 origin
16. AWS : Creating VPC with CloudFormation
17. AWS : WAF (Web Application Firewall) with preconfigured CloudFormation template and Web ACL for CloudFront distribution
18. AWS : CloudWatch & Logs with Lambda Function / S3
19. AWS : Lambda Serverless Computing with EC2, CloudWatch Alarm, SNS
20. AWS : Lambda and SNS - cross account
21. AWS : CLI (Command Line Interface)
22. AWS : CLI (ECS with ALB & autoscaling)
23. AWS : ECS with cloudformation and json task definition
24. AWS Application Load Balancer (ALB) and ECS with Flask app
25. AWS : Load Balancing with HAProxy (High Availability Proxy)
26. AWS : VirtualBox on EC2
27. AWS : NTP setup on EC2
28. AWS: jq with AWS
29. AWS & OpenSSL : Creating / Installing a Server SSL Certificate
30. AWS : OpenVPN Access Server 2 Install
31. AWS : VPC (Virtual Private Cloud) 1 - netmask, subnets, default gateway, and CIDR
32. AWS : VPC (Virtual Private Cloud) 2 - VPC Wizard
33. AWS : VPC (Virtual Private Cloud) 3 - VPC Wizard with NAT
34. DevOps / Sys Admin Q & A (VI) - AWS VPC setup (public/private subnets with NAT)
35. AWS - OpenVPN Protocols : PPTP, L2TP/IPsec, and OpenVPN
36. AWS : Autoscaling group (ASG)
37. AWS : Setting up Autoscaling Alarms and Notifications via CLI and Cloudformation
38. AWS : Adding a SSH User Account on Linux Instance
39. AWS : Windows Servers - Remote Desktop Connections using RDP
40. AWS : Scheduled stopping and starting an instance - python & cron
41. AWS : Detecting stopped instance and sending an alert email using Mandrill smtp
42. AWS : Elastic Beanstalk with NodeJS
43. AWS : Elastic Beanstalk Inplace/Rolling Blue/Green Deploy
44. AWS : Identity and Access Management (IAM) Roles for Amazon EC2
45. AWS : Identity and Access Management (IAM) Policies, sts AssumeRole, and delegate access across AWS accounts
46. AWS : Identity and Access Management (IAM) sts assume role via aws cli2
47. AWS : Creating IAM Roles and associating them with EC2 Instances in CloudFormation
48. AWS Identity and Access Management (IAM) Roles, SSO(Single Sign On), SAML(Security Assertion Markup Language), IdP(identity provider), STS(Security Token Service), and ADFS(Active Directory Federation Services)
49. AWS : Amazon Route 53
50. AWS : Amazon Route 53 - DNS (Domain Name Server) setup
51. AWS : Amazon Route 53 - subdomain setup and virtual host on Nginx
52. AWS Amazon Route 53 : Private Hosted Zone
53. AWS : SNS (Simple Notification Service) example with ELB and CloudWatch
54. AWS : Lambda with AWS CloudTrail
55. AWS : SQS (Simple Queue Service) with NodeJS and AWS SDK
56. AWS : Redshift data warehouse
57. AWS : CloudFormation
58. AWS : CloudFormation Bootstrap UserData/Metadata
59. AWS : CloudFormation - Creating an ASG with rolling update
60. AWS : Cloudformation Cross-stack reference
61. AWS : OpsWorks
62. AWS : Network Load Balancer (NLB) with Autoscaling group (ASG)
63. AWS CodeDeploy : Deploy an Application from GitHub
64. AWS EC2 Container Service (ECS)
65. AWS EC2 Container Service (ECS) II
66. AWS Hello World Lambda Function
67. AWS Lambda Function Q & A
68. AWS Node.js Lambda Function & API Gateway
69. AWS API Gateway endpoint invoking Lambda function
70. AWS API Gateway invoking Lambda function with Terraform
71. AWS API Gateway invoking Lambda function with Terraform - Lambda Container
72. Amazon Kinesis Streams
73. AWS: Kinesis Data Firehose with Lambda and ElasticSearch
74. Amazon DynamoDB
75. Amazon DynamoDB with Lambda and CloudWatch
76. Loading DynamoDB stream to AWS Elasticsearch service with Lambda
77. Amazon ML (Machine Learning)
78. Simple Systems Manager (SSM)
79. AWS : RDS Connecting to a DB Instance Running the SQL Server Database Engine
80. AWS : RDS Importing and Exporting SQL Server Data
81. AWS : RDS PostgreSQL & pgAdmin III
82. AWS : RDS PostgreSQL 2 - Creating/Deleting a Table
83. AWS : MySQL Replication : Master-slave
84. AWS : MySQL backup & restore
85. AWS RDS : Cross-Region Read Replicas for MySQL and Snapshots for PostgreSQL
86. AWS : Restoring Postgres on EC2 instance from S3 backup
87. AWS : Q & A
88. AWS : Security
89. AWS : Security groups vs. network ACLs
90. AWS : Scaling-Up
91. AWS : Networking
92. AWS : Single Sign-on (SSO) with Okta
93. AWS : JIT (Just-in-Time) with Okta