VIRTUAL PRIVATE CLOUD

For DevOps Engineers and Cloud Engineers

VPC architecture diagram
Creating a VPC in AWS
This guide helps you manually create a custom VPC in AWS with public and private subnets
using the AWS Console.

Step 1: Navigate to VPC Dashboard

- Sign in to AWS Console.
- Go to VPC service → click "Create VPC".

Step 2: Create the VPC

- Name: my-custom-vpc
- IPv4 CIDR block: 10.0.0.0/16
- IPv6 block: None or auto-assigned
- Tenancy: Default
- Click Create VPC.

Step 3: Create Subnets

Create 2 public and 2 private subnets in different AZs.

Public Subnets:
1. Name: public-subnet-1 | AZ: us-east-1a | CIDR: 10.0.1.0/24
2. Name: public-subnet-2 | AZ: us-east-1b | CIDR: 10.0.2.0/24

Private Subnets:
1. Name: private-subnet-1 | AZ: us-east-1a | CIDR: 10.0.3.0/24
2. Name: private-subnet-2 | AZ: us-east-1b | CIDR: 10.0.4.0/24

Go to Subnets → Create subnet, choose your VPC and add them one by one.

Step 4: Create and Attach Internet Gateway

- Go to Internet Gateways → Create internet gateway
- Name: my-IGW
- Click Attach to VPC and choose my-custom-VPC

Step 5: Route Table for Public Subnets

- Go to Route Tables → Create route table
- Name: public-rt, select your VPC
- Edit routes: Add 0.0.0.0/0 → Target: Internet Gateway (my-IGW)
- Edit subnet associations: Attach public-subnet-1 and public-subnet-2

Step 6: NAT Gateway (for Private Subnets)

- Allocate a new Elastic IP
- Go to NAT Gateways → Create NAT Gateway
- Subnet: public-subnet-1
- Elastic IP: select the one you created
- Name: NAT-gateway

Step 7: Route Table for Private Subnets

- Create new Route Table
- Name: private-rt, select your VPC
- Add route: 0.0.0.0/0 → Target: NAT Gateway
- Subnet association: Attach private-subnet-1 and private-subnet-2

Summary
VPC setup includes:
- Custom VPC: 10.0.0.0/16
- 2 Public Subnets + IGW + Route Table
- 2 Private Subnets + NAT Gateway + Route Table
Default VPC

Creating Private New VPC

And we will create SUBNETS

• Private subnets
• Public subnets

-go to subnets

We can create public subnet and private subnet individually

We will create INTERNET GATEWAY

And -go to action, select our VPC after to get attached our VPC
We create ROUNDTABLES

We will create round table for public and private and select our VPC while we creating

PUBLIC

PRIVATE
Click the public route tables – go to routes – edit routes – add routes – and select the
Internet gateway – select the Internet gateway ID – and set the public IP 0.0.0.0/0

And – go to subnet association – edit subnet association – select public subnets

We go to Private round tables - go to subnet association – add private subnets
We will create SECURITY GROUPS

We create security groups for Public and private

Customize your inbound rules for public SG ex; HTTP, HTTPS, RDP, SSH

And we create private SG

Go to – inbound rules – click the source – select the PUBLIC SG – select the ALL TCP and
click create SG
We will create EC2 INSTANES

Create ec2 for public and private

Inside of public instance

Select your key pair – edit networking – select your VPC – select your public subnet – enable
auto assign IP – edit your fire wall – select your public SG – Launch instance

PUBLIC INSTANCE
Create private instance – as same as creating public instance

But select your private subnets – disable auto assign IP – select your private SG – Launch
instance

PRIVATE INSTANCE
Creating NAT GATEWAY

Go to create – name your NAT gateway – select your public subnets – click you Elastic
allocate IP – create Nat gateway

Connect you PUBLIC INSTACE

Through SSH

Successfully launched PUBLIC EC2

After that connect your PRIVATE INSTANCE

Generated password – copy your Private IP address – Go to your PUBLIC EC2 machine –

Select Remote desktop – paste your IP address inside of your public machine and user name
and password

Successfully launched private ec2 inside of public ec2 with internet connecting for using
NAT gateway
THANK YOU