DEV Community

Lasantha Sanjeewa Silva for AWS Community Builders

Posted on • Updated on

AWS VPC Creation - Step by Step

Architecture Diagram
Firstly, go through Architecture Diagram. AWS provides many services for manage the Virtual network. In this guide, you can create AWS VPC step by step.

In AWS Management Console search and go VPC services after that click creates vpc button.
Create Vpc

Give the name for VPC and add IPv4 CIDR. You can use the CIDR range.

Create Two Subnets. Firstly create a public subnet. You can use the CIDR range for the public subnet. Select the availability zone and give the name for the subnet.
Create Public Subnet

Now the same interface, click add new subnet button for private subnet creation.
Click add new subnet button

Add IPv4 CIDR as After that give the subnet name and select the availability zone. finally, click create subnet button.
Subnet Creation

Now create an internet gateway for public subnet internet access. In VPC Console select Internet Gateway and create internet gateway. Give the name of Internet Gateway and hit create button.
Create IGW

Next, we want to attach this internet gateway for VPC. You can select the internet gateway and click Attach to VPC.
IGW attach VPC

Next, select the previously created VPC and click attach internet gateway button.
IGW attach VPC

Next, Go to the route table and create a route table for the public subnet. give the name for the route table and select the previously created VPC. The next click creates the route table button.
Create Public Route Table

Click the public subnet route table click the Route tab and add route and select the previously created Internet Gateway. next hit the save changes button.
Add route for public route table

In the public subnet route table click the subnet association section and click edit "Explicit subnet associations" section.
Subnet associations for public route table

Next, select public subnet and click the save association button.
Subnet Associated

Now we go to public subnet and click subnet settings and enable "Enable auto-assign public IPv4 address" and click save.
Enable auto-assign public IPv4 address

Next, we want to create 2 ec2 instances inside public and private subnets. Use ubuntu server 20.04 LTS AMI.
EC2 Creation

You can see the ec2 instance is up and running.
EC2 Up & Running

In the EC2 console click Elastic ip and create ELastic ip like follwing.
Eip create

Next, select the newly created Elastic ip and click allocate elastic ip button.
Allocate Eip

Select previosly created public ec2 and click the associate button.
Select EC2 in Eip

Next, Connect public EC2 via SSH client or EC2 Instance Connect. Try to update ubuntu. Working it means public ec2 can connect internet.
Public EC2 install update

Now, we try to SSH into EC2 in Private Subnet. (It means bastion host). In Linux Terminal You can using the following steps.

  • Configuring the SSH agent using the following command.
    ssh-add -L {{ssh-keyfile-name.pem}}

  • Next, connect the bastion host(Public EC2) using this command.
    ssh –A ubuntu@{{Bastion-IP-address or DNS}}

  • Connect to the private instances from the bastion host (Agent Forwarding).
    ssh ec2-user@{{InstanceIP or DNS}}

Inside the private ec2 terminal "ping" it's not given any response because it doesn't connect internet.
Private EC2 ping response

Next, go to the VPC console and create NAT Gateway. In NAT gateway creation select subnet as public subnet and give the name for NAT Gateway. After that click Allocate Elastic IP button and finally click create nat gateway button.
Create NAT Gateway

Wait a few minutes for Nat Gateway up and running.
NAT Up & Running

Next, Create a private route table for the private subnet. Use previous Public Route table creation same scenario. After creating the Private Route table and adding the follwing route for accessing private EC2 Internet. (select previously created nat gateway)
Create Private Route Table

Next, add subnet association. Select private subnet and click save association button.
Subnet association for private route table

Finally, try to "ping" inside a private subnet terminal. You can see the following output.
ping in private EC2

Congratulations, Now you can create AWS VPC.

For clean up

  • Terminate instances
  • Release Elastic IP
  • Delete NAT Gateway
  • Delete Internet Gateway
  • Delete VPC

Thanks for reading the Article.


Top comments (2)

kallu profile image
Petri Kallberg

This is how you do it, if you want to learn/understand what you're doing.
If you just want to have your VPC and subnets, there is also VPC "creation wizard" option in new console that will take care of details for you. Unfortunately there isn't "cleanup wizard" so you should pay little bit attention to get everything deleted when you are done. Wrote a short post about new vpc create UX and deleting what wizard created at

lasanthasilva profile image
Lasantha Sanjeewa Silva

Ok Sure, Thanks for your information.