Basic components of AWS VPC and Cloudformation Template.

Image for post
Image for post

Virtual Private Cloud is a virtual network that is dedicated to one’s AWS account. It is logically isolated from other virtual networks in the AWS Cloud, you launch AWS resources such as Amazon EC2 instances, into your VPC. When you create VPC, one must specify range of IPv4 addresses for VPC in form of Classless Inter Domain Routing block.

Checkout https://tools.ietf.org/html/rfc4632 for more information about CIDR address and networking.

A VPC is a regional resource that can access and create resources in all availability zones.

Usually when resources are created inside of the VPC, it is created under a subgroup of the VPC known as a subnet. A subnet is an availability zone level resource. There are two types of subnets:

  1. The first type private subnet, which is not resolvable from public internet, nor can it access the internet. There is one way to have internet accessibility from an instance called Network Address Translation(NAT) instance, which needs to be sitting inside a public subnet.
  2. The second type is public subnet, the kind that has a internet gateway attach to it, instances created inside the public subnet will have an associated public IP address, which allows it to be resolvable from instances outside of the VPC.

To enable communication among different subnets, a router is also required to enable communication between subnets and gateways.

In this tutorial, we create the customized CloudFormation template that contains two subnets located each in different availability zone. Each having a valid CIDR address, both subnets have internet access via internet gateway, connected by router. The architectural diagram is as following:

Image for post
Image for post

If you want to look at CloudFormation template directly, you can checkout it out via this link: https://github.com/fintelics/fintelics-aws-lab/blob/master/cloudformation/vpc.yml

From parameters’ perspective, the required parameters include CidrBlock required for VPC, the availability zones that subnets fall under, the CIDR block that each individual subnet requires.

From resources’ perspective, aside from creating VPC, Internet gateway, route table, and subnets. The resource attachment such as subnet association, route attachment, and gateway attachment.

Written by

Software consulting company that focuses on emerging technology such as AI, Blockchain, Cloud Computing, and Data Engineering, MERN Stack, and Fintech

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store