1. Basic VPC with Public Subnet and EC2 Instance

• What You’ll Learn: Basic VPC, subnets, Internet Gateway, Route Tables, Security Groups, EC2 instance creation.
• Components:
  1. VPC with CIDR block (e.g., 10.0.0.0/16).
  2. Public Subnet with CIDR block (e.g., 10.0.1.0/24).
  3. Internet Gateway attached to the VPC for internet access.
  4. Route Table with a route to the Internet Gateway.
  5. EC2 instance launched in the public subnet with a public IP.
  6. Security Group allowing inbound traffic on HTTP (80) and SSH (22).
• Practice:
  • Create a VPC and attach an Internet Gateway.
  • Set up a Route Table to route traffic from the public subnet to the Internet Gateway.
  • Launch an EC2 instance with a public IP in the public subnet and connect to it via SSH.
• Demo source: https://github.com/quanqvinh/aws-practices/tree/demo/vpc_and_ec2_v1

2. VPC with Public and Private Subnets

• What You’ll Learn: Setting up both public and private subnets, configuring NAT Gateway for private subnet internet access, using EC2 instances in both subnets.
• Components:
  1. VPC with CIDR block (e.g., 10.0.0.0/16).
  2. Public Subnet with CIDR block (e.g., 10.0.1.0/24).
  3. Private Subnet with CIDR block (e.g., 10.0.2.0/24).
  4. Internet Gateway for public subnet internet access.
  5. NAT Gateway in the public subnet to allow outbound internet access for the private subnet.
  6. Route Tables: Public subnet routes traffic via the Internet Gateway, and private subnet routes via the NAT Gateway.
  7. EC2 instances: One in the public subnet (public-facing) and one in the private subnet (internal).
  8. Security Groups: Customize security rules to allow communication between public and private instances.
• Practice:
  • Set up the VPC with both public and private subnets.
  • Configure a NAT Gateway and ensure EC2 in private subnet can access the internet.
  • Test SSH access from the public EC2 instance to the private EC2 instance.
• Demo source: https://github.com/quanqvinh/aws-practices/tree/demo/vpc_and_ec2_v2

3. Multi-AZ VPC with High Availability

• What You’ll Learn: Multi-AZ VPC architecture, EC2 instance distribution across Availability Zones, redundancy with NAT Gateways and Internet Gateways.
• Components:
  1. VPC with CIDR block (e.g., 10.0.0.0/16).
  2. Multiple Public Subnets (e.g., 10.0.1.0/24, 10.0.2.0/24) in different Availability Zones (AZs).
  3. Multiple Private Subnets (e.g., 10.0.3.0/24, 10.0.4.0/24) in different AZs.
  4. NAT Gateways in multiple public subnets for high availability.
  5. Internet Gateway attached to the VPC.
  6. Route Tables for both public and private subnets.
  7. EC2 instances distributed across the public and private subnets.
  8. Security Groups and Network ACLs for additional security layers.
• Practice:
  • Set up multi-AZ subnets and distribute your instances across Availability Zones.
  • Attach NAT Gateways to both public subnets for high availability.
  • Ensure that if one NAT Gateway fails, traffic is routed through the other.
• Demo source: not yet

4. VPC Peering between Two VPCs

• What You’ll Learn: VPC peering, setting up communication between instances in different VPCs.