Learn how to create a simple AWS VPC

In my previous post, I provided a high-level component overview of the AWS VPC construct. I also hinted on a multi-part guide on how to create a VPC and ultimately connect it to your on-prem environment. This post is the first part of this guide. At the end, you should understand how to create a VPC, assign subnets, and associate subnets to a route table.

AWS VPC High Level

Step 1: Create an AWS VPC

Before I get to the specifics, it’s important to note that you should create your VPC with a named user (i.e., not the root account). This user should¬† have appropriate policies to fully access the VPC console. For example, you could create a user named vpcadmin and assign it the “AmazonVPCFullAdmin” policy. This policy provides full access to Amazon VPCs via the AWS Management Console. For more information on how to create users, assign groups/roles, and associate policies, please review the AWS Identity and Access Management documentation.

After logging into the console, select the region you wish to create your VPC. Remember, VPCs are local to a region and do not span other regions. Once you’ve selected the region (I picked London), click on the “Services” drop-down menu and follow the links until you reach “Networking & Content Delivery”->”VPC” menu item. Then, Click on the “Your VPCs” link in the left-hand pane and click on the “Create VPC” button near the top of the right pane.

Console: Create AWS VPC

Next, enter the name of the VPC and the IPv4 CIDR block to use within the VPC. For this example, I’m going to specify a address with /23 netmask. This will give me 512 address for the region that I will subsequently allocate across two specific availability zones.

Console: Create AWS VPC Detail

Click “Yes, Create”. Congratulations, you now have a VPC in your region.

Step 2: Assign Subnets to the AWS VPC

Now that you’ve created your VPC, let’s carve off addresses that we can use within a specific availability zone. Remember, subnets are local to an availability zone and cannot span across availability zones within a region.

To assign your first subnet, select the “Subnets” link and click “Create Subnet” near the top of the right pane.

Console: Create AWS Subnet

Within the “Create Subnet” popup, enter the name of the subnet and make sure to select the VPC you created in Step 1 for the “VPC” field. Next, select the specific availability zone for the region and assign a subnet within the IPv4 CIDR block you created in Step 1. In this example, I’m splitting the /23 (512 addresses) into two, /24 blocks (256 addresses) and assigning each block to a specific availability zone.

Here’s the first subnet; notice the availability zone I assigned is eu-west-2a.

Console: Create AWS Subnet Detail

Here’s the second subnet; notice the availability zone I assigned is eu-west-2b.

Console: Create AWS Subnet Detail 2

At this point, you should have two subnets assigned to a unique availability zone within your VPC and region.

Console: AWS Subnet

Step 3: Associate Subnets to the AWS VPC Route Table

When you created the VPC in Step 1, you also–in parallel–created a route table (but didn’t know it). This means AWS automatically created a route table for your VPC. However, AWS did not automatically associate any subnets with this new route table. As a result, the subnets you created in Step 2 were associated with the main route table. In this step, we’re going to explicitly associate our two subnets to our VPC route table.

To start the process, select the “Route Tables” link under the “Virtual Private Cloud” heading in the left-hand pane. In the right-hand pane, you should see two route table entries. One entry is the default route table and the other is the route table for the VPC you created in Step 1. To verify, look at the VPC column; you’ll see a vpc-id | .

Console: AWS Route Table

Select the route table associated with the VPC created in Step 1 and then select the “Subnet Associations” tab. Within the tab, select the “Edit” button and click on the “Associate” check box for each of the subnets created in Step 2. Remember, these are the two /24 subnet blocks that we assigned to unique availability zones within the region.

Console: Edit AWS Route Table

When done, hit “Save”. You’ve now associated your subnets with your VPC route table.

Console: Edit AWS VPC Route Table

That’s it for this post. Stay tuned for an upcoming post on adding an Internet Gateway¬† and NAT Gateway to this VPC.

Thanks for reading.

Leave a Reply

Your email address will not be published. Required fields are marked *