Introducing Today's Project!
What is Amazon VPC?
Amazon VPC is a secure, customizable cloud network where you host resources like EC2. Itʼs useful for managing access, connectivity, and scalability.
How I used Amazon VPC in this project
I used Amazon VPC to build an isolated cloud network with public and private subnets. It hosted EC2 instances securely and enabled internal and internet connectivity.
One thing I didn't expect in this project
I was surprised how layered NACLs and SGs interplay silently blocked connectivity; fixing one without the other still blocks traffic. That detective mode troubleshooting deepened my AWS networking insight.
This project took 35 minutes to complete. This reflects the estimated duration for running through all the configuration and VPC connectivity tests.
Connecting to an EC2 Instance
Connectivity means verifying that resources inside your VPC like EC2 instances can reach each other and the internet via properly configured subnets, route tables, and gateways.
My first connectivity test was whether I could connect to the EC2 instance in the public subnet (Maven Public Server) via the AWS Console, to ensure it was accessible from the internet through its configured gateway and route table.
EC2 Instance Connect
I connected to my EC2 instance using EC2 Instance Connect, which is AWS's browser-based SSH tool for secure, keyless access via the AWS Console during VPC tests.
My first attempt at getting direct access to my public server resulted in an error, because its security group didn't allow SSH traffic, no inbound rule allowed my IP to connect.
I fixed this error by updating the EC2 instance's security group (adding a new inbound rule) to allow inbound SSH traffic from my IP, enabling successful access via EC2 Instance Connect.
Connectivity Between Servers
Ping is a tool that tests network reachability. I used ping to check connectivity between EC2s in public and private subnets in my VPC setup.
The ping command I ran was 'ping 10.0.1.216' to test connectivity between EC2s in public and private subnets inside my Amazon VPC setup.
The first ping returned no reply. This meant the public EC2 couldn't reach the private one, likely due to blocked ICMP by security groups, route tables, or network ACLs
Troubleshooting Connectivity
I troubleshooted this by allowing ICMP inbound in the private EC2's security group and Network ACLs. Ping then worked, confirming VPC connectivity between subnets
Connectivity to the Internet
Curl is a command-line tool for transferring data across networks using protocols like HTTP. In your VPC project, it tests connectivity between EC2 instances, helping confirm internal network access and verify application reachability.
I used curl to test the connectivity between my public and private EC2 instances in the VPC setup. It sent requests from the public server to the private one, confirming the internal network was functioning and security configurations were correctly.
Ping vs Curl
Ping and curl are different because ping uses ICMP to check if a host is reachable at the network level, while curl sends HTTP requests to test if a web service or API is accessible. In your VPC setup, curl verifies web app connectivity; ping checks.
I ran the curl command 'curl https://learn.nextwork.org/projects/aws-host-a-website on-s3', which returned the websiteʼs hosted content. This confirmed that my EC2 instance had internet access and was correctly configured and publicly reachable.
🤝Next in the series builds on this, which is "VPC Peering"
Top comments (0)