Amazon Virtual Private Cloud (VPC) Part 1 - Networking and Storage on AWS | Coursera

For EnterpriseFor Students

Browse
Top Courses
Log In
Join for Free

Amazon Virtual Private Cloud (VPC) Part 1

Loading...

AWS Fundamentals: Going Cloud-Native

Amazon Web Services

4.7 (11,666 ratings) | 230K Students Enrolled

Course 1 of 4 in the AWS Fundamentals Specialization

Enroll for Free

This course will introduce you to Amazon Web Services (AWS) core services and infrastructure. Through demonstrations you'll learn how to use and configure AWS services to deploy and host a cloud-native application. Early in the course, your AWS instructors will discuss how the AWS cloud infrastructure is built, walk you through Amazon Elastic Compute Cloud (Amazon EC2) and Amazon Lightsail compute services. They'll also introduce you to networking on AWS, including how to set up Amazon Virtual Public Cloud (VPC) and different cloud storage options, including Amazon Elastic Block Storage (EBS), Amazon Simple Storage Service (S3) and Amazon Elastic File Service (EFS). Later in the course you'll learn about AWS Database services, such as Amazon Relational Database Service (RDS) and Amazon DynomoDB. Your instructors will also walk you through how to monitor and scale you application on AWS using Amazon CloudWatch and Amazon EC2 Elastic Load Balancing (ELB) and Auto Scaling. Lastly, you'll learn about security on AWS, as well as how to manage costs when using the AWS cloud platform. In this course, you won't be required to complete hands-on exercises, but we strongly suggest you take advantage of the AWS Free Tier to follow along as the instructors demonstrate the AWS services. Class forums will also allow you to ask questions and interact with AWS training instructors. After completing this course, you'll have the basic fundamentals to get started on AWS. This course has been developed by AWS, and is delivered by AWS technical instructors who teach cloud computing courses around the globe.

Skills You'll Learn

Cloud Computing Security, AWS cloud, Cloud Storage, cloud networking, Cloud Computing

Reviews

4.7 (11,666 ratings)

5 stars
74.61%
4 stars
22.07%
3 stars
2.50%
2 stars
0.36%
1 star
0.44%

N

Dec 21, 2020

This course is a extremely helpful for the people who is planning for AWS Certified Developer Associate Exam. The way they teaching is absolutely understandable and much more details about the topics

BD

Nov 25, 2019

Very good information about AWS services. however, it looks like a promotional program somehow. I think aws should add some lessons about comparing with other competitive services for a broader view.

From the lesson

Networking and Storage on AWS

In this Module you will learn about Networking and Storage on AWS.

Amazon Virtual Private Cloud (VPC) Part 110:54

Amazon Virtual Private Cloud (VPC) Part 212:26

Taught By

Allen Goldberg
Senior Technical Program Manager
Morgan Willis
Senior Cloud Technologist
Blaine Sundrud
Senior Technical Trainer

Try the Course for Free

Transcript

Welcome back, Blaine here. Today, we're going to start talking about networking on AWS and how the virtual private cloud, or VPC, is used to isolate your application from the millions, hundreds of millions of other applications all running on AWS as well. We're going to do it by showing you here on the board, as well as do some live demonstrations in a little bit, but I want us to understand what it is we're about to see before we get into technology itself. To understand VPC, we need to accept the fact that the point of VPC is to provide a frame, to provide a box that all of your application lives inside, and the idea is nothing comes in the box, nothing gets out of the box, without your specific permission, and whether you're filtering by network protocol, or port, or IP address, or by user or other information, you maintain complete control of all the assets inside your VPC. When you create a VPC, you also then divide the space inside the VPC into subnets. Now, in an on-premises world, subnets might be used to gather up servers or instances that need to talk quickly to each other. In the case of AWS, while you certainly could think of subnets the same way, from a functionality point of view, subnets are primarily used to determine access to gateways, to ingress/egress, as well as to isolate specific traffic that you don't want to talk to each other or do want to talk to each other. So, in this case, we've gone ahead, we can create a VPC, we create a subnet, and then when the time comes, we'll go ahead and launch an EC2 instance inside this subnet. I think we're just about ready to build it up to this point. To do that, I need help from my friend, Morgan. Are you ready, Morgan? Yes, I'm ready. You know, Morgan, this is an important lab. More than our other ones, I think we do this as a real lab. Are you ready for that? Does it look like I'm ready for a lab? Alright, now we're ready to do the lab. What we're going to build out in this lab, we're going to start by building out the VPC, and then we're going to build out the subnet, and we're going to keep adding more things as we go. To build the VPC, you only have to declare two specific things: what Region you're selecting, and remember we've already talked about the reasons why you might choose one Region over another, and then the IP range for the private IPs of everything that's going to run inside this VPC. Now, we're not going to go deep into what CIDR blocks are or why you might choose one IP range over another, those will be covered in different classes. But just in case you're interested, for this VPC, every private IP address in here we're going to set to start with 10.10, and then we're going to wildcard the last two octets or, in CIDR notation, we would call this 10.10.0.0/16. Once she makes the VPC, then Morgan's going to make the subnet. The subnet is a subset of the IP ranges for the VPC itself, and we're going to want more than just one subnet, so we're not going to use the full 10.10 and wildcard all of them, we're just going to wildcard the last octet. So, she's going to identify this as 10.10.1 and then wildcard only the last octet which, in IP CIDR notation, is a /24, meaning the first 24 bits are frozen. All right, Morgan, go ahead and build that out. Got it. All right. So we're going to hop into the console here and we're going to create one VPC with one subnet. So, if we're looking at the console, what we're going to do is go to VPC, click on this, and this brings us to our VPC dashboard. At this point, we can launch the VPC wizard, and we want to create a VPC with a single public subnet. We'll go ahead and click Select, and now we have to define our CIDR block or what Blaine defined as 10.10.0.0/16. So we're just going to go ahead and change this to be 10.10.0.0/16. We also have to give our VPC a name. This VPC is going to be used for our directory application. So, we're going to call this Directory VPC. Next, we have to give our public subnet a CIDR range. We define that as 10.10.1.0/24. The next thing we have to do is select an Availability Zone. You'll notice that we already are in the Oregon Region if you look up in the upper right-hand corner. So, I'm going go ahead and select us-west-2a, as my first Availability Zone. We'll leave the subnet name as Public subnet, and go ahead and just click Create VPC. We can now see that our VPC has been successfully created. Blaine, back to you. Great. Now, we're just about ready to go ahead and launch the EC2 instance in there, we've got one more thing we have to add to make all of this work, and that is you've got a VPC, but remember the VPC stops all traffic in and all traffic out, and if we're going to put a web server in there, well, that means nobody can talk to it. So, we have to add a gateway, and the gateway is called the internet gateway, or the IGW, the internet gateway. She's going to create the internet gateway, and attach it to the VPC and then she'll create a route table and associate that with the subnet, so that any communication that wants to talk to assets in this subnet, can come in and out of that IGW. Go ahead. All right, got it. So, what we're going to do now is we're going to create an internet gateway. We're going to create a route table, and then we're going to associate that route table with our public subnet. Again, this is going to allow our public subnet to accept traffic from the internet. So, if we look at the VPC dashboard again, the first thing we're going to do is create an internet gateway. Go to the left and select Internet Gateways. We already have some other things in here from previous projects, that's fine, we're going to go ahead and create a new one. So, we're going to say create internet gateway, and we're just going to give this a name. This is going to be our Directory Gateway, and then all we have to do is click Create. Now our internet gateway has been created, if we click Close, we'll come back to our main screen, and you can see we have a new Directory Gateway, and a state of it is detached. What we need to do is we need to attach this gateway to our directory VPC. So, select this, click Actions, and then click Attach to VPC. From here, we will select our directory VPC. We'll click Attach, and now, our directory gateway is attached to our VPC. What we need to do next is create a route table that allows that internet traffic to be routed to our public subnet. So, I'll go to the left and click Route Tables. From here, I will create a new route table. We'll give our route table a name, Public Route Table, and then we'll select our directory VPC, and then we'll click Create. All right. At this point, we can see our public route table has been created. We've selected it and down below, we can see we have one route in here that allows the local traffic. We need to edit this route table so we can allow public traffic from the internet. So, I'm going to select Edit. I'm going to edit this route table, add another route. This time I'm going to add a route for 0.0.0.0/0. This represents the traffic from the internet, and we will route that internet traffic to the directory gateway, which we created in our last step. From here, I'll click Save, and we're not done yet, we also have to associate this route table with our public subnet. So, I'll click on Subnet Associations and I will edit this, select our public subnet, and click Save. All right, simple enough. Now I've done everything manually here, but in a production environment, we would recommend that you do this programmatically. Blaine, what else do we got? All right, we're good. So, VPC we've got, subnet we've got, IGW we've got, and the IGW is now associated with this subnet. Now, all we have to do is launch the EC2 instance and we've seen that already. That's pretty simple. So, Morgan, when you're ready, go ahead and create an EC2 instance in the subnet. Right, Blaine, in the amount of time that you were talking, I already built out an EC2 instance, and I've already showed you guys how to do this. So, I'm just going to show you, I built out an EC2 instance. I'm going to click on Running Instances, we can see I already have it running, the status checks have passed. I'm just going to copy our public IP address and show you that we can get to our application. I've already populated our application with some data as well. All right, we're operational, our EC2 instances running. What else you got for me? There, we've seen it. She can now connect to it by going through the IGW. It's launched, we know what's happening, we have now completed the foundations of networking on AWS.

Explore our Catalog

Join for free and get personalized recommendations, updates and offers.

Coursera Footer

Top Online Courses

Finding Purpose & Meaning in Life
Understanding Medical Research
Japanese for Beginners
Introduction to Cloud Computing
Foundations of Mindfulness
Fundamentals of Finance
Machine Learning
Machine Learning Using Sas Viya
The Science of Well Being
Covid-19 Contact Tracing
AI for Everyone
Financial Markets
Introduction to Psychology
Getting Started with AWS
International Marketing
C++
Predictive Analytics & Data Mining
UCSD Learning How to Learn
Michigan Programming for Everybody
JHU R Programming
Google CBRS CPI Training

Top Online Specializations

Natural Language Processing (NLP)
AI for Medicine
Good with Words: Writing & Editing
Infections Disease Modeling
The Pronounciation of American English
Software Testing Automation
Deep Learning
Python for Everybody
Data Science
Business Foundations
Excel Skills for Business
Data Science with Python
Finance for Everyone
Communication Skills for Engineers
Sales Training
Career Brand Management
Wharton Business Analytics
Penn Positive Psychology
Washington Machine Learning
CalArts Graphic Design

Online Certificates

Professional Certificates
MasterTrack Certificates
Google IT Support
IBM Data Science
Google Cloud Data Engineering
IBM Applied AI
Google Cloud Architecture
IBM Cybersecurity Analyst
Google IT Automation with Python
IBM z/OS Mainframe Practitioner
UCI Applied Project Management
Instructional Design Certificate
Construction Engineering and Management Certificate
Big Data Certificate
Machine Learning for Analytics Certificate
Innovation Management & Entrepreneurship Certificate
Sustainabaility and Development Certificate
Social Work Certificate
AI and Machine Learning Certificate
Spatial Data Analysis and Visualization Certificate

Online Degree Programs

Computer Science Degrees
Business Degrees
Public Health Degrees
Data Science Degrees
Bachelor's Degrees
Bachelor of Computer Science
MS Electrical Engineering
Bachelor Completion Degree
MS Management
MS Computer Science
MPH
Accounting Master's Degree
MCIT
MBA Online
Master of Applied Data Science
Global MBA
Master's of Innovation & Entrepreneurship
MCS Data Science
Master's in Computer Science
Master's in Public Health

Coursera

About
What We Offer
Leadership
Careers
Catalog
Certificates
MasterTrack™ Certificates
Degrees
For Enterprise
For Government
For Campus

Community

Learners
Partners
Developers
Beta Testers
Translators
Blog
Tech Blog
Teaching Center

More

Terms
Privacy
Help
Accessibility
Press
Contact
Directory
Affiliates

Learn Anywhere

Get it on Google Play

© 2021 Coursera Inc. All rights reserved.