When we first start learning the AWS. Everyone will come through the terminology like VPC and the Subnet. Which are quite easier to create but understanding how to crate a private and public subnet might be a bit confusing. So, here I have whatever I learned and understood while researching and working on it.
I have also posted a simple flow diagram which is how learn and relate the things with each other. I do so because there are so many services related to each other so doing so will understand how are they exactly related each other.
How to create public subnet:
- Create a new AWS VPC.
- Create a subnet in different availability zone
- create a internet gateway and attach it to the VPC.
- Create a new route table instead of editing the default route tables created when creating the VPC. The route table should have the rule to add the internet gateway created as the target for the internet traffic(0.0.0.0/0
Visit the Route Tables created again because now we need to select the subnet we want to make as public. Refer the image bellow.
How to create a private subnet:
While creating a public subnet we created a custom Route Tables and there added the internet gateway as target to all the internet traffic.
Here, we simply need to make sure no such rule exist. Simply sticking to the default route tables will make it public.
Generally, we add NAT as the target address instead of internet gateway in private subnet. If the services are added to private subnet those services can’t be accessed from outside world via internet. It is mean to be done for security purpose. We generally keep service like mysql or any other service that doesnot require internet access.