Day 5 - AWS VPC, VPC Peering,billing alerts with Cloudwatch and SNS

Lets deep dive in VPC now, search in AWS console VPC ( Isolated Cloud Resources)

This is our VPC dashboard and you can see there is one VPC created that one is by defoulted. Now click on Create VPC.

There is two type of VPC - VPC and more(already created all automatically by AWS ) , VPC only. But in our production we dont have any by default setting we have to create for production so we have to secure our connection , for that we have to choose the VPC only.

Select here VPC only, give the name test-vpc. Now you can see here something option IPv4 CIDR block( CIDR its called classless inter domain routing) this one is used for more secure the connection.and in Tenancy we have to select default becase for dedicated we need more money and our bill will be increase.

Then click to Crete VPC and its done. Our Test-vpc is created.

Now next step is creating subnet -What is the subnet -subnet is part of big network connection , which can be public or private both. Go to the subnet then create subnet.

Select here test VPC because under the test vpc we have to create public and private subnet.

let’s create Public and private subnet. Here I am giving the name for publich subnet-test (test env)-public-subnet-1

for private here I am giving the name -test-private-subnet-1

Here our both subnet is created for Public and Private both.

Now we created our subnet but they dont have any access so for that we have to give Internet gateway

This is for testing so I have given the name test-igw - create internet gateway

Here the Internet Gateway created for test environment

Now our Internet is coming but where is routing means where he will go on which point so for that we need route table.

Here our route table under the test VPC we are creating.

Route Table successfully created.

Now we are creating the route table but which subnet need to associated with it . Its dont know so lets go to subnet association in route table.Go to edit subnet association.

Select here test-public-subnet-1 and save it.

You can see here our Subnet which is public is associated here.

Now I will go that subnet association which is test-public-subnet-1, in action go to the edit subnet setting .

Then I enable this option for when instance launch IP address already enable and save it. No need to further setting.

So now we have to make EC2 instance with the name test-instance , as we know how to make EC2 instance all part are same only network setting part we will change.

Here we are selecting test VPC which we are creating and public subnet

Launch the instance

Now we are trying to connect the instance but its failed

Now we have to attached VPC here so lets try

VPC attached to internet gateway.

Now we have internet gateway which associated with VPC and Route table associated with Public subnet but we are not establised the connection between internet gateway and route table. Lets do it now. Go to the Route table - test-rt - in that Route - edit routes -

Now Add route- select 0.0.0.0/0 means anywhere-internet gateway-select-test-igw and save changes

Now wherething is connected lets try to connect now.

If on subnet Internet gateway attached public subnet not connected private subnet.

Lets work on VPC Peering : A VPC peering connection is a networking feature that enables secure and direct communication between two virtual private clouds (VPCs) within the AWS infrastructure.

Now for connection we have to create production VPC as we make for test enviornment now for production enviornment.

In production we are creating public and private subnet. This is public subnet in production

This one is private subnet in production.

Internet Gateway for production

Attached VPC in IGW

Now creating production Route table for production.

Now subnet association same as test ( repeating step here just name change test to prod)

Now we have to go(access) from public to private for that NAT gateway required so lets create it. And required elastic IP also and one production instance also so lets create.

Ec2 instance for production

now we are trying to ping from one instance to another prod to test but unable

now we have to do peering connection between to vpc

Now we have make some changes in security grp of test and prod both the instances

This one are changes in test

This one changes in prod

Now you can see here we can ping the prod in test env.

Here wiseversa from test to prod env. Hence our VPC peering connectin is successfully running.

AWS Billing , SNS and CloudWatch

AWS Billing helps track, analyze, and control costs using Budgets, Cost Explorer, and alerts. SNS is a pub/sub service that sends notifications (Email, SMS, Lambda, etc.) instantly.
CloudWatch monitors AWS resources, collects logs/metrics, and triggers alarms via SNS.

AWS Billing Dashboard :you can see here montyly charges and everymonth charges also.

In Bill section you can see charges which is pending now because month is not completed yet.

For each services here mention the charges but my account is free tier so no charges.

SNS service in AWS

Create topic and name name

Pending request confirm and then mail comes to you email id.

In Cloudwatch you can see in alarm there is billing section , some services are available in specific region so this billing is only in N.Virginia you cant see this option in another region remember that.

So today mostly focused on VPC and VPC peering because whenever we will do project securuty is high priority so my main focused on it and other services also. Thank you so much for being with me till the end.