When we start using AWS, we have to set up some network components like “VPC”, “Subnet”, “Route Table”, “Security Grroup” and so on. We can actually use “Default” of those components that makes it easy because all the connections are open. However, we shouldn’t take the easy approach from the security point of view. We should be aware that “Security” is the higest priority in any business. As the first step, let’s build up a small system environment with applying proper security mechanism.
Image of the VPC we are setting up in this page
1. VPC Design
Before we create anything, we simply design our VPC.
2. Create VPC
We quickly set up the follwoing items.
- Subnet x 4
- Route Table x 3
- Security Group x 2
3. Key Pair
We create a Key Pair and show you how we can securely save them in our local machine.
4. Security Group
As the first step, we create only 2 security groups. One is for internal remote access, the other one is for external remote access.
5. Public EC2
We create a EC2 instance in Public Subnet with the internet connection.
6. Private EC2
Then, we create a EC2 instance in Private Subnet where the internet connection is not available. So, we need to remote access to the machine from Public EC2 instance.
7. NAT Gateway
I will show you how NAT Gateway gives internet access to EC2 instances in Private Subnet.