[AWS Lab] VPC – Public Subnet

In this lab, we will learn how to create a public subnet and test it with an EC2 instance.


  • VPC
    • Create a VPC and public subnet
  • EC2
    • Create an EC2 instance inside the public subnet
    • Setup the website in the EC2 instance
    • Access the website via the public IP address of the EC2 instance
Continue reading “[AWS Lab] VPC – Public Subnet”

[AWS] VPC – NAT Gateway

NAT (Network Address Translation)

NAT remaps source IPs or destination IPs. (It translates private IPs to public IPs and vice versa.)

  • Static NAT
    • A private IP is mapped to a public IP at a 1:1 ratio. (such as Internet Gateway).
  • Dynamic NAT
    • A range of private IPs are dynamically mapped to one or more public IPs (Home router or NAT Gateways).
    • To achieve high availably, create one dynamic NAT per AZ.
Continue reading “[AWS] VPC – NAT Gateway”

[AWS] VPC Endpoints

A VPC Endpoint is a gateway object within a VPC and can be used to connect privately to AWS public services or other VPC endpoints without the need for Internet Gateway or a public subnet.

  • You do not need to use Internet Gateway, NAT Gateway (public subnet), or AWS Direct Connect.
  • The traffic never leaves the AWS network.
    • Instances in your VPC do not require public IP address.
  • VPC Endpoints are highly available and horizontally scalable virtual devices.
Continue reading “[AWS] VPC Endpoints”

[AWS] VPC Peering

VPC Peering allows direct communication between VPCs using OSI Layer 3 (Network). Once the VPCs are connected, 2 VPCs can communicate using private IP addresses.

  • Instances can connect each other as if they are in the same private network.
  • VPC Peers can span AWS accounts and even regions with some limitations.
  • Data is encrypted and transits via the AWS global backbone.
Continue reading “[AWS] VPC Peering”