AWS VPC Cheat Sheet

Here’s a cheat sheet for AWS Virtual Private Cloud (VPC):

AWS VPC Basics

  • VPC is a logically isolated section of the AWS Cloud where you can launch AWS resources.
  • It enables you to create a virtual network in the AWS Cloud.

VPC Components

  • Subnets:
    • Subdivide the IP address range of your VPC.
    • Associated with an Availability Zone (AZ).
    • Determine where instances are launched.
  • Route Tables:
    • Define rules for traffic leaving the subnets.
    • Associate with subnets to control routing.
  • Internet Gateway (IGW):
    • Allows communication between instances in the VPC and the internet.
    • Attached to a VPC.
  • NAT Gateway:
    • Allows instances in a private subnet to connect to the internet.
    • Outbound traffic flows through the NAT gateway.
  • VPC Peering:
    • Connects two VPCs to enable communication between them.
    • No transitive peering (direct connection required).
  • Security Groups:
    • Act as a virtual firewall for instances.
    • Control inbound and outbound traffic.
  • Network Access Control Lists (NACLs):
    • Stateful, rule-based network traffic filtering.
    • Applied at the subnet level.
  • Elastic Load Balancer (ELB):
    • Distributes incoming traffic across multiple instances.
    • Enhances availability and fault tolerance.
  • VPC Endpoints:
    • Enables private connections between VPCs and supported AWS services.

VPC CLI Commands

Create a VPC:

aws ec2 create-vpc --cidr-block 10.0.0.0/16

Create a Subnet:

aws ec2 create-subnet --vpc-id vpc-id --cidr-block 10.0.1.0/24

Create an Internet Gateway:

aws ec2 create-internet-gateway

Attach Internet Gateway to VPC:

aws ec2 attach-internet-gateway --vpc-id vpc-id --internet-gateway-id igw-id

Create a Route Table:

aws ec2 create-route-table --vpc-id vpc-id

Associate Subnet with Route Table:

aws ec2 associate-route-table --subnet-id subnet-id --route-table-id rtb-id

Create Security Group:

aws ec2 create-security-group --group-name MySecurityGroup --vpc-id vpc-id

Authorize Ingress Rule in Security Group:

aws ec2 authorize-security-group-ingress --group-id sg-id --protocol tcp --port 80 --cidr 0.0.0.0/0

Remember to replace placeholders like vpc-id, subnet-id, igw-id, rtb-id, and sg-id with your specific values.

This cheat sheet covers VPC concepts and commands. For more detailed information, refer to the AWS VPC Documentation.