Creating a Complete AWS Environment: VPC, EC2, Load Balancer & WAF

Justin Joseph PJustin Joseph P
2 min read

1. Create a VPC (Virtual Private Cloud)

  • Go to AWS Management Console > VPC > Create VPC.

  • Choose VPC Only.

  • Provide a Name Tag (e.g., MyVPC).

  • IPv4 CIDR Block: 10.0.0.0/16.

  • Keep IPv6 None or as required.

  • Tenancy: Default.

  • Click Create VPC.

2. Create an Internet Gateway (IGW)

  • Navigate to Internet Gateways.

  • Click Create Internet Gateway.

  • Provide a Name Tag (e.g., MyIGW).

  • Create and Attach to VPC (MyVPC).

3. Create Two Subnets (1A and 1B) in Different Availability Zones

  • Go to Subnets > Create Subnet.

  • Select VPC (MyVPC).

For Subnet 1A:

  • Name Tag: Subnet-1A

  • Availability Zone: us-east-1a

  • CIDR Block: 10.0.1.0/24

For Subnet 1B:

  • Name Tag: Subnet-1B

  • Availability Zone: us-east-1b

  • CIDR Block: 10.0.2.0/24

  • Create both subnets.

4. Create a Route Table

  • Go to Route Tables.

  • Create New Route Table.

  • Associate with MyVPC.

  • Edit routes:

    • Destination: 0.0.0.0/0

    • Target: Internet Gateway (MyIGW)

  • Associate Subnet-1A and Subnet-1B.

5. Launch an EC2 Instance and Install Apache Web Server

  • Go to EC2 > Launch Instances.

  • Select Amazon Linux 2 AMI.

  • Choose t2.micro (Free tier eligible).

  • Network Settings:

    • VPC: MyVPC

    • Subnet: Subnet-1A (or 1B for additional instances)

  • Enable Auto-assign Public IP.

  • Configure Security Group to allow HTTP (port 80).

  • Launch Instance.

Install Apache Web Server:

  • Connect to EC2 via SSH.

  • Run commands:

      sudo yum update -y
  sudo yum install httpd -y
  sudo systemctl start httpd
  sudo systemctl enable httpd
  echo "<h1>Hello from EC2</h1>" | sudo tee /var/www/html/index.html

6. Create a Target Group

  • Go to EC2 > Target Groups.

  • Create Target Group.

  • Target type: Instances.

  • Protocol: HTTP, Port: 80.

  • VPC: MyVPC.

  • Register the EC2 instance.

7. Create an Application Load Balancer (ALB)

  • Go to Load Balancers.

  • Create Application Load Balancer.

  • Provide Name (e.g., MyALB).

  • Scheme: Internet-facing.

  • IP Address Type: IPv4.

  • Network Mapping: Subnet-1A and Subnet-1B.

  • Security Group: Allow HTTP (80).

  • Add Listener: Protocol HTTP, Port 80.

  • Register the Target Group.

8. Set Up AWS WAF to Block Specific IP or Unwanted Sources

  • Go to AWS WAF & Shield > Create Web ACL.

  • Name: MyWebACL.

  • Add Rule to block IPs.

    • Rule Type: IP Set.

    • Add blocked IPs (e.g., 192.168.1.1).

    • Action: Block.

  • Associate with MyALB.

0
Subscribe to my newsletter

Read articles from Justin Joseph P directly inside your inbox. Subscribe to the newsletter, and don't miss out.

AWSaws-wafSecurity

Written by

Justin Joseph P
Justin Joseph P