If you haven’t seen our part 2 article catch up first here: The World of AWS! | Networking
As a quick recap we’ve been through what we trying to create here in part 1. Going into part 2 we’ve covered our basic networking which will form our foundation to start piecing things together.
For this article we’re going to cover getting our Internet Gateway created with a custom route table. We’ll be creating those new route tables and then we can associate them to our Public and Private subnets.
For reference an Internet Gateway is exactly how it sounds. Its a way for traffic to get to the outside internet from our local network. You can have a look at some more information here: AWS Documentation
One thing to bear in mind at this point. We haven’t added in our security groups or Network ACL (Access Control List) which isn’t perfect but it’ll be coming up next!
Hows it going to look…
So what’s the difference between our subnets
As you can see in our last article around creating our subnets. Even though we’ve named subnets both public and private at the moment there identical. At a basic level the only difference between private and public subnets are that, public subnets will have a different entry within their route table. This entry will be to a Internet Gateway allowing traffic out to the internet.
These are the routes for our public subnets:
How i did it…
- Back in our logged on dashboard, lets go back to the VPC service and select Internet Gateway on the left hand menu
- Select Create Internet Gateway
- We only need to supply a name for our gateway and select Create Internet Gateway
- Before we can make our route tables we first need to attach our new internet gateway to our VPC. This is done by ensuring we’re in our Internet Gateway section, checking our new Internet Gateway, selecting Actions and Attach to VPC
- Clicking into the VPC name field will produce a dropdown where we can select our VPC name and Attach internet gateway
- Next we’ll create our route tables. We’re going to be creating 2 (one for internet and one for local). Head over to Route Tables on the left hand menu
- Select Create Route Table
- Give the route table a name and from the drop down select your VPC. Click Create Route Table to finish
- We’ll do the same couple of steps again to create the local route table
- Now lets add the new entry in our newly created Internet Route Table. Select the Internet route table, the Routes and Edit routes
- We’ll add a new entry, enter in 0.0.0.0/0 from the drop down, select Internet Gateway from the middle drop down and select the one we’ve created. 0.0.0.0/0 represents any IP address.
- Clicking back on Route Tables on the left hand menu, select our Internet route table, select the Subnet Association tab and select Edit subnet association
- Check the public subnets we created earlier and save associations
- We now need to do the same thing for the private subnets and private route table. Edit the association and save
Thats it for this article, we’re now at a stage we have our VPC and underlying subnets with IP ranges populated. The subnets are spread across two availability zones to provide some fault tolerance when we start deploying instances. We now also have our route tables created and associated with the corresponding subnets. Finally we now have a route to the internet with an Internet Gateway.
We’re next start getting some Security groups created to help layer our security.