My Devops Journey

Menu
  • AWS
  • Terraform
  • kubernetes
Menu

Creating a Private and Public subnet network in AWS

Posted on September 29, 2019September 29, 2019 by taragurung

When we first start learning the AWS. Everyone will come through the terminology like VPC and the Subnet. Which are quite easier to create but understanding how to crate a private and public subnet might be a bit confusing. So, here I have whatever I learned and understood while researching and working on it.

I have also posted a simple flow diagram which is how learn and relate the things with each other. I do so because there are so many services related to each other so doing so will understand how are they exactly related each other.

AWS private and public subnet flow PDFDownload

How to create public subnet:

  • Create a new AWS VPC.
  • Create a subnet in different availability zone
  • create a internet gateway and attach it to the VPC.
  • Create a new route table instead of editing the default route tables created when creating the VPC. The route table should have the rule to add the internet gateway created as the target for the internet traffic(0.0.0.0/0
adding the internet gateway as the route to make. steps to make subnet public
internet gateway added to the Route Rules:

Visit the Route Tables created again because now we need to select the subnet we want to make as public. Refer the image bellow.

The subnet is selected in the subnet association to make it as public. Check the Routes section to see what is the route rule which much be internet gateway as target as shown in image1.

How to create a private subnet:

While creating a public subnet we created a custom Route Tables and there added the internet gateway as target to all the internet traffic.

Here, we simply need to make sure no such rule exist. Simply sticking to the default route tables will make it public.

Generally, we add NAT as the target address instead of internet gateway in private subnet. If the services are added to private subnet those services can’t be accessed from outside world via internet. It is mean to be done for security purpose. We generally keep service like mysql or any other service that doesnot require internet access.

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Recent Posts

  • Creating a AWS VPC and subnet using terraform with simple example
  • Kubernetes deployment, service and ingress how they are inter linked with simple example
  • Creating a Private and Public subnet network in AWS
©2021 My Devops Journey | Built using WordPress and Responsive Blogily theme by Superb