Private subnet

Any EC2 running on a private subnet can be accessed from another EC2 instance from within VPC network or over a VPN network. The instances running are not accessible via the public internet. Each VPC has a default internet gateway associated with it. A new subnet is always created as a public subnet. The public subnet can be changed to a private subnet by assigning its route table to a private route table:

  1. The first step is to create a private route table:
    1. From the VPC dashboard, navigate to Route Tables and click on the Create Route Table button:
    1. In the Create Route Table popup, assign the name of the route table in the Name tag.  Click on the Yes, Create button:
 
    1. You should see the following screen:
  1. The next step is to create a subnet:
    1. From the VPC dashboard, navigate to Subnets and then click on Create Subnets:
    1. Name tag: Specify a name for the subnet. This name will be reflected in the VPC dashboard.
    2. VPC: Choose the VPC in which this subnet will be created. Select the option containing 172.31.0.0/16 from the dropdown if you have more than one VPC.
    3. Availability Zone: The availability zone in which this subnet will be created. From the dropdown, select us-west-2a; this is one of the two private subnets. The other one will created in the us-west-2c Availability Zone as per the deployment architecture.
    4. CIDR block: Classless Inter-Domain Routing (CIDR) defines a range of IP addresses to be allocated to the hosts in the subnet. In this case, 172.31.80.0/20 defines the IP address range from 172.31.80.0 to 172.31.95.255 (a total of 4,096 hosts):
  1. You should see the following screen:
  1. The last step is to associate the private route table created in step 1 with the subnet created in step 2:
    1. From the VPC dashboard, navigate to Subnets and click on the subnet created in step 2.
    2. Navigate to Route Table tab in the bottom pane and click on Edit:
    1. From the Change To dropdown, select the route created in step 1:

Similarly create another subnet, Private Subnet, with CIDR block 172.31.96.0/20 in the Availability Zone us-west-2c; assign the private route table to it (created in step 1):

..................Content has been hidden....................

You can't read the all page of ebook, please click here login for view all page.
Reset
18.188.96.5