I always had a lingering doubt about what exactly a VPC is, why we need it, and what problem it actually solves. This small hands-on project answered all those questions clearly and practically.
In this post, Iโll walk you through:
- What I built
- How the components connect
- The core networking concepts I understood along the way
What I Built in This Project
During this setup, I worked with the following AWS networking components:
- VPC (Virtual Private Cloud)
- Subnets
- Internet Gateway
More importantly, I learned how these pieces fit together to create a functional and secure network inside AWS.
Step-by-Step: Building the VPC
1. Creating a VPC
The first step was creating a VPC.
- I assigned a name to the VPC.
- Defined an IPv4 CIDR block, commonly in multiples of 8 (for example,
10.0.0.0/16).
The CIDR block defines the IP address range that will be available inside the VPC.
Think of the VPC as a boundary inside AWS where all your networking rules apply.
2. Creating a Public Subnet
Next, I created a public subnet within the VPC.
- Assigned a CIDR block that falls within the VPCโs CIDR range.
- Enabled Auto-assign Public IPv4 Address in the subnet settings.
Why public subnet?
Because resources inside this subnet (like EC2 instances) need to be accessible from the internet.
๐ Subnets are always created inside a specific Availability Zone (AZ), which improves fault tolerance and availability.
3. Creating and Attaching an Internet Gateway
To make the subnet truly public, I created an Internet Gateway (IGW).
- The Internet Gateway acts as a bridge between the VPC and the internet.
- After creating it, I attached it to the VPC.
Without an Internet Gateway:
- Even a โpublicโ subnet cannot access or be accessed by the internet.
Once this was done, the VPC setup was complete and functional.
Concepts I Learned (The Real Value)
๐ What is a VPC?
A Virtual Private Cloud is an isolated virtual network created within AWS.
It allows us to:
- Secure our resources
- Control inbound and outbound traffic
- Design custom network architectures
A great analogy I heard:
A VPC is like Google Drive.
Without it, your files would be scattered everywhere with no privacy or control.
A VPC keeps everything organized, secure, and contained.
๐ What is a Subnet?
A subnet is a logical subdivision of a VPC.
- Used to group similar resources
- A single VPC can have multiple subnets
- Each subnet belongs to one Availability Zone
There are two main types:
- Public Subnet โ Can communicate with the internet
- Private Subnet โ No direct internet access (used for databases, backend services, etc.)
This separation improves security and architecture clarity.
What is an Internet Gateway?
An Internet Gateway enables communication between:
- Resources in a VPC
- The external internet
Without an IGW:
- Your public subnet remains isolated
- Internet access is impossible
Itโs a mandatory component for any internet-facing architecture.
Understanding CIDR Blocks (My Favorite Part)
CIDR (Classless Inter-Domain Routing) defines the IP address range.
Example:
10.0.0.0/8
-
10.0.0.0โ Network address -
/8โ Number of bits used for the network portion
๐ Key takeaway:
- Smaller slash number = larger IP range
- Larger slash number = smaller IP range
CIDR planning is crucial because:
- You cannot change a VPC CIDR block later
- Poor planning leads to scaling issues
Final Thoughts
This small project helped me understand AWS networking fundamentals in a very practical way.
Instead of memorizing definitions, I now know:
- Why VPCs exist
- How subnets organize resources
- What makes a subnet public or private
- How internet connectivity actually works in AWS
This is just Part 1 of my AWS Networking series.
More deep dives coming soon
Top comments (0)