Example

🔹 Complex VPC Setup in AWS – Step-by-Step Guide via AWS Console

This guide covers: ✅ Detailed explanation of VPC concepts ✅ Step-by-step AWS Console setup ✅ Real-world enterprise scenario ✅ Troubleshooting common issues

🔹 Key AWS Networking Components

Before creating a complex VPC setup, let's understand the key AWS networking components:

🔹 Real-World Enterprise VPC Setup

Scenario: A company is deploying a highly available web application. The infrastructure must: ✔ Host a public-facing web application ✔ Securely store databases in private subnets ✔ Allow application servers to communicate with databases ✔ Support multiple availability zones for high availability ✔ Enable secure communication between on-prem and AWS via VPN

VPC Design

• VPC CIDR: 10.0.0.0/16

• Subnets:

  • Public Subnets (Load Balancer, NAT Gateway)

  • Private Subnets (Application Servers)

  • Isolated Subnets (Databases & Secure Services)

🔹 Step-by-Step AWS Console Setup

1️⃣ Create a VPC

1. Go to AWS Console → VPC Dashboard → Create VPC

2. VPC Name: Enterprise-VPC

3. IPv4 CIDR Block: 10.0.0.0/16

4. Click Create VPC

✅ Common Issue: "CIDR block overlaps with another VPC." 🔹 Fix: Use a unique CIDR block that doesn’t overlap with other VPCs.

2️⃣ Create Subnets

1. Go to VPC Dashboard → Subnets → Create subnet

2. Select VPC: Enterprise-VPC

3. Subnet Details:

   • Public Subnet (AZ1): 10.0.1.0/24

   • Public Subnet (AZ2): 10.0.2.0/24

   • Private Subnet (AZ1): 10.0.3.0/24

   • Private Subnet (AZ2): 10.0.4.0/24

   • Isolated Subnet (AZ1): 10.0.5.0/24

   • Isolated Subnet (AZ2): 10.0.6.0/24

4. Click Create Subnet

✅ Common Issue: "Subnet creation failed." 🔹 Fix: Ensure the subnet CIDR is within the VPC range.

3️⃣ Create an Internet Gateway (IGW)

1. Go to VPC Dashboard → Internet Gateways → Create Internet Gateway

2. Name: Enterprise-IGW

3. Click Create and Attach to VPC → Enterprise-VPC

✅ Common Issue: "Instances in public subnet can't access the internet." 🔹 Fix: Ensure route tables direct internet traffic to the IGW.

4️⃣ Configure Route Tables

1. Go to Route Tables → Create Route Table

2. Name: Public-RT

3. Select VPC: Enterprise-VPC

4. Add Route:

   • Destination: 0.0.0.0/0

   • Target: Internet Gateway (Enterprise-IGW)

5. Associate Public Subnets with Public-RT

✅ Common Issue: "Traffic isn't routing as expected." 🔹 Fix: Ensure subnets are associated with the correct route table.

5️⃣ Create a NAT Gateway for Private Subnets

1. Go to VPC Dashboard → NAT Gateways → Create NAT Gateway

2. Select a Public Subnet

3. Allocate an Elastic IP

4. Click Create NAT Gateway

✅ Common Issue: "Instances in private subnets can’t access the internet." 🔹 Fix: Ensure the private subnet route table directs traffic to the NAT Gateway.

6️⃣ Configure Security Groups

1. Go to EC2 Dashboard → Security Groups → Create Security Group

2. Name: Web-SG

3. Inbound Rules:

   • HTTP (80) → Anywhere (0.0.0.0/0)

   • HTTPS (443) → Anywhere (0.0.0.0/0)

4. Click Create

✅ Common Issue: "Application is inaccessible." 🔹 Fix: Ensure security groups allow inbound HTTP/HTTPS traffic.

7️⃣ Enable VPC Peering (if needed)

1. Go to VPC Dashboard → VPC Peering → Create Peering Connection

2. Select VPCs to connect

3. Accept the request in the target VPC

✅ Common Issue: "VPCs cannot communicate." 🔹 Fix: Update route tables to include routes for the peered VPC.

8️⃣ Set Up AWS VPN (for On-Prem Connectivity)

1. Go to VPC Dashboard → VPN Connections → Create VPN Connection

2. Select Customer Gateway (On-Prem Device)

3. Attach to Transit Gateway or VPC

✅ Common Issue: "VPN connection keeps dropping." 🔹 Fix: Ensure correct BGP configuration on both AWS and on-prem routers.

🚀 Summary of Setup

✔ Multi-tier architecture with public, private, and isolated subnets ✔ Internet access via IGW & NAT Gateway ✔ Security best practices with Security Groups & NACLs ✔ VPC Peering & VPN for hybrid cloud connectivity

🔥 Next Steps

Want to deploy an EKS cluster in this VPC? Let me know! 🚀