This article describes each stage of creating a VPN within AWS. Amazon changes things from time to time so i won’t discuss where to click and on which links. But i will explain each stage.
We’re going to create the VPC according to the diagram below. This is the simplest VPC that can contain an RDS database. If you don’t want an RDS database ‘ever’ within this VPC then you can skip the second subnet, but if you do ‘at any point in the future’ want an RDS, you must have two subnets. Why? Who knows?!
Getting started
Login to your AWS account and start the VPC wizard. Set your IP CIDR block to be “10.0.0.0/16” and your Public subnet should be “10.0.0.0/24”. You will create another subnet of the same size later. FYI it will be “10.0.1.0/16”. Give it a VPC name.
VPC Subnets
Moving on. When created, you will be sent to a list of your VPC’s. You should have your new one listed there. Click on the Subnets link in the left menu list. Create a new subnet in a second Availability Zone. Call it “Subnet 2”. Associate it with your new VPC. Your new CIDR block should be (as said earlier) “10.0.1.0/24”.
Route table
Click on Route Tables in the left menu list. Edit the existing route which was created for you. If not, create a new one. Give it a name and associate it with your VPC.
The associations:
The routes:
TIP: Create the Internet Gateway (next) before editing the routes.
Internet gateway
Click on Internet Gateways link in the left menu. Edit the existing Internet Gateway or create a new Internet Gateway and name it appropriately. Associate it with your VPC.
Network ACLs
Skip forward to Network ACLs in the left menu list. Select the existing Network ACL or create a new one. Configure the Inbound, Outbound and Subnet Associations if needed.
Inbound:
Outbound:
Associations:
Security groups
Click on Security Groups in the left menu. Select the Security Group linked to your VPC. Modify the Inbound and Outbound settings if needed.
EC@ instances
At this stage we can create a new EC2 instance within your new VPC. When you create your new EC2 instance, you must choose to associate it with the new VPC. According to the diagram above, we need two EC2’s but it’s up to you.
RDS database
Next we create the RDS subnet. Go to the RDS section of AWS. Before creating a new RDS instance, you need to create a Subnet Group. Click on Subnet Groups in the left menu list. Create the Subnet Group and make sure to associate it with two or more Availability Zones.
Return to the main RDS page. Create a new RDS instance.