Cloud Networking

AWS Services

• Amazon VPC

Summary

You are required to set up a new VPC with three subnets of different sizes. You have not been provided with the desired CIDR, but you know how many hosts are required to fit in each subnet, along with the desired availability zones. You should also ensure that the VPC has a correctly configured Internet gateway and that the subnets are correctly associated with the route table. Lastly, set up a Network ACL that allows only HTTP and HTTPS traffic to the subnets.

Task

You’ve been tasked with designing a VPC that meets specific requirements for a new project.

1. Create a VPC named skills53-vpc with:
   • A CIDR block that accommodates the required subnets.
   • An attached Internet gateway.
2. Set up three subnets in different Availability Zones:
   • Subnet 1: Must support at least 37 usable hosts.
   • Subnet 2: Must support at least 86 usable hosts.
   • Subnet 3: Must support at least 145 usable hosts.
3. Associate all subnets with the main route table of the VPC.
4. Configure a Network ACL to allow only the following inbound traffic:
   • HTTP (port 80).
   • HTTPS (port 443).
5. Deny all other inbound traffic explicitly.

Verification:

• Confirm that all subnets are associated with the correct route table and can access the Internet via the Internet gateway.
• Verify that the Network ACL allows only HTTP and HTTPS traffic to the subnets by testing connectivity using an EC2 instance in each subnet.

Hints:

• Use the VPC wizard in the AWS Management Console or the CLI to simplify subnet and Internet gateway creation.
• Calculate the required CIDR blocks carefully to ensure they accommodate the required number of usable hosts while minimizing wasted addresses.
• Test Network ACL rules by deploying a basic EC2 instance in each subnet and verifying that HTTP/HTTPS traffic is allowed while other traffic is blocked.