Setting up a Virtual Private Cloud (VPC) is foundational when deploying resources in AWS securely. This guide walks you through creating:

  1. A VPC
  2. Public & Private Subnets
  3. Internet Gateway
  4. NAT Gateway
  5. Route Tables
  6. Optional EC2 Instances

✅ 1. Create a VPC

  1. Go to VPC Dashboard > Your VPCs > Create VPC
  2. Choose VPC only
  3. Name: MyVPC
  4. IPv4 CIDR block: 10.0.0.0/16
  5. Leave other fields as default
  6. Click Create VPC

Create VPC
VPC Created

✅ 2. Create Subnets

Navigate to Subnets > Create Subnet

➤ Public Subnet:

  • Name: PublicSubnet
  • VPC: MyVPC
  • AZ: ap-south-1a
  • CIDR block: 10.0.1.0/24 Create Public Subnet

➤ Private Subnet:

  • Name: PrivateSubnet
  • VPC: MyVPC
  • AZ: ap-south-1b
  • CIDR block: 10.0.2.0/24 Create Private Subnet Subnets Created

✅ 3. Create and Attach Internet Gateway

  1. Go to Internet Gateways > Create Internet Gateway
    • Name: MyIGW
  2. Click Attach to VPC and select MyVPC

Create IGW

✅ 4. Create a Public Route Table

  1. Go to Route Tables > Create Route Table

    • Name: PublicRT
    • VPC: MyVPC

  2. Select PublicRT > Routes > Edit Routes

    • Add route:
      • Destination: 0.0.0.0/0
      • Target: Internet GatewayMyIGW

Create Public RT
Edit Routes

  1. Go to Subnet Associations > Edit Subnet Associations
    • Select: PublicSubnet

Edit Subnet Association

✅ 5. Allocate Elastic IP (EIP)

  1. Go to Elastic IPs > Allocate Elastic IP
  2. Note the allocation ID

Allocate EIP
EIP Allocated

✅ 6. Create NAT Gateway

  1. Go to NAT Gateways > Create NAT Gateway
    • Name: MyNATGW
    • Subnet: PublicSubnet
    • Elastic IP: select the one you just allocated

Create NAT Gateway
NAT Gateway in Progress

⏳ Wait a few minutes for the NAT Gateway to become active.

✅ 7. Create a Private Route Table

  1. Go to Route Tables > Create Route Table

    • Name: PrivateRT
    • VPC: MyVPC

  2. Select PrivateRT > Routes > Edit Routes

    • Add route:
      • Destination: 0.0.0.0/0
      • Target: NAT GatewayMyNATGW

Private RT - Edit Route

  1. Go to Subnet Associations
    • Attach PrivateSubnet

Attach Private Subnet

✅ 8. Launch EC2 Instances (Optional)

➤ Public EC2:

  • AMI: Amazon Linux 2
  • Network: MyVPC, Subnet: PublicSubnet
  • Auto-assign Public IP: Enabled
  • Security Group: Allow SSH (port 22) from your IP

➤ Private EC2:

  • Same AMI
  • Subnet: PrivateSubnet
  • Auto-assign Public IP: Disabled

Launch EC2
EC2 Setup

✅ SSH Connection Established

Use your terminal to SSH into the public instance, and from there connect to the private one using its private IP.

SSH Connection

⚠️ Troubleshooting Tip

If you're unable to connect:

  • Check your Security Group's inbound rules:
    • Type: SSH
    • Protocol: TCP
    • Port: 22
    • Source: My IP or 0.0.0.0/0 (for open access - use carefully!)

🧹 Clean Up Resources

To avoid unnecessary charges, clean up:

Clean Up Resources
Delete Resources

📌 Summary Diagram 

VPC: 10.0.0.0/16
├── PublicSubnet (10.0.1.0/24)
│   ├── Internet Gateway → Public RT → 0.0.0.0/0
│   └── NAT Gateway (for private subnet)
├── PrivateSubnet (10.0.2.0/24)
    └── NAT Gateway → Private RT → 0.0.0.0/0

✨ Happy Cloud Building!