Networking and Security
STEP1:First we create the VPC because it forms the foundational network layer for resources in the cloud. Make sure VPC only is selected, and fill out the VPC Settings with a Name tag and a CIDR range of your choice.
STEP2:Create six subnet according to the 3 tier architecture across two availability zones . That means that three subnets will be in one availability zone, and three subnets will be in another zone. It has two public subnet and four private subnet.
STEP3:Create an internet gateway for the public subnet in both availability zones(AZ1 and AZ2).
STEP4:After creating the internet gateway, attach it to your VPC.
STEP5: Create two NAT gateways to provide internet access for the private subnet.
STEP6: First, create a route table. After creating the route table, edit the routes, select IG (0.0.0.0/0), and save. Then, go to Subnet Associations, click Edit Subnet Associations, and add only the public subnet.
STEP7:Now, create another route tables for the private subnets. After creating each route table, edit the routes and select the NAT gateway for AZ1 only (0.0.0.0/0). Then, edit the subnet associations and add only the private-AZ1 subnet, excluding the database subnet.
STEP8: We need to create five security group.
The first security group you’ll create is for the public, internet facing load balancer.
The second security group you’ll create is for the public instances in the web tier.
The third security group will be for our internal load balancer.
The fourth security group we’ll configure is for our private instances.
The fifth security group we’ll configure protects our private database instances.
Top comments (0)