[MUSIC] Hello again, this is Sergio Castro, we are doing a VCN lap. Previously, we created a Virtual Cloud Network using the Wizard. We will create a second one, but this time we'll do that manually. So let's go ahead and do that. If you recall, we were in the security list, the default one before. So in the breadcrumbs, if you click on the Virtual Cloud Network link. It will take you to the area where you can view all the virtual networks that you'd have. This is the one that we created. So let's go ahead and create a second one. This time, I'm going to call this manual And the sign up block that I'll select is, I have one here 172, that's 17.0.0/16. And this is all that we need to create a virtual cloud network. At this time, I will not be dealing with IPV6, that's a second lap, but we will to do that later. So let's go ahead and create it. The CNS label is by default selected and I'll keep it that way. So the minute that you create the virtual network, you will see that it doesn't have any subnet. It doesn't have the NAT Gateway. It doesn't have the Service Gateway, but it does come with a security list. And you will see that it comes with a route table as well. It doesn't come with the Internet Gateway, so you need to add that manually. Let's go ahead and take a look at the route table, you'll see that it does create one, but it's empty. It doesn't have a rule in it. And the same thing with security lists. Well, this one is not empty. This one comes with three default. Permissions port 22 and ICMP. So this will allow any device in the internet to have port 22 access to it. That means that they will be able to do SSH. You can remove it, if you want. So let's go ahead and do that. So the fact that it comes by default, it doesn't mean that you have to keep it. As a matter of fact, you can delete everything from it. I'll leave the ICMP in it. And the first thing that we'll check is that we don't have a subnet and we don't have an Internet Gateway. So let's go ahead and add an Internet Gateway. And I'm going to call it IG, for simplicity, underscore manual. So now we do have an Internet Gateway. It was really, really easy. Now, let's go ahead and add a public subnet. So we can have access from the Internet. So create the subnet. And I'm just going to call it public. Here it is. I'm in the correct department, still in the Castro. Now regional or availability domain specific, let's go ahead and use regional, is the recommended one. In the San Jose region we only have one availability domain. But when we add a second or a third one, this subnet is already in the regional format. So it will span those availability domains in the future. Now, we do need a CIDR Block that is consistent to what we selected, we selected /16 for the VCN. So it is best practices to select something smaller. I'll select this at .4 in this case. And now, what route table that I want to use? We only have the default one, you can go ahead and create a second one for the subnet. I'll keep the depart one route table, has access to the open Internet already. And now, I mentioned that I wanted to keep this subnet public. That means that it will allow public IP addresses to connect to the instances that I have on this subnet. If I select private, then that's not going to be possible. And that's all you need to do. This is by default security list. I'm going to select the default one. And now, we have a subnet. We have a route table. So if we add any compute instance to the subnet, we should be able to ping it. Because I removed the SSH to it. So that's pretty much it. In the next video we are going to be adding a network security group. And we will be explaining the differences between that and the security lists. So thank you very much.
