- Create a VPC
- It will by default create router,securty groups ,NACLS, route tables
- Create internet gateway
- Create 2 subnet in the VPC
- One public subnet, one private subnet
- Create one route table in which allow traffic from internet(0.0.0.0/0) to come to RT and associate the Internet gateway u created
- Now associate the public subnet u have created with the above route table
- Create one security group for public subnet and allow icmp,http,ssh,https traffic stateful traffic
—-At this point if u launch a instance in public subnet of the custom VPC you will be able to ssh and run a yum update using IG
If u are not creating another route table your private or any other subnet will by default associate with the main RT(always keep main RT as pvt)create a security group for private subnet as well and allow traffic only from the pubic subnet CIDR , if u want to ssh into private instance using ssh pem
- Once u ssh into private instance , try running yum update it will fail for sure.
- for pvt instance to access internet , create a NAT gateway in public subnet and associate the NAT gateway with main route table .
643 total views, 1 views today