.png){kind=link}
This repository documents the step-by-step implementation of a custom AWS VPC setup for a fictional company, XYZ Corporation, which requires isolated environments for Production and Development teams.
Create and set up distinct VPCs for Production and Development networks with specified subnet layouts, EC2 instances, NAT gateway, internet access rules, and peering between VPCs.
- Region Used:
us-east-1 - Availability Zones Used:
us-east-1a,us-east-1b,us-east-1c
- 4-Tier Architecture
- Subnets:
web(public) - 10.0.1.0/24 -us-east-1aapp1(private) - 10.0.2.0/24 -us-east-1aapp2(private) - 10.0.3.0/24 -us-east-1bdbcache(private) - 10.0.4.0/24 -us-east-1bdb(private) - 10.0.5.0/24 -us-east-1c
- 2-Tier Architecture
- Subnets:
web(public) - 10.1.1.0/24 -us-east-1adb(private) - 10.1.2.0/24 -us-east-1b
- Created VPCs and Subnets in multiple AZs.
- Attached Internet Gateway for public subnet access.
- Created NAT Gateway for selective internet access (e.g.,
app1,dbcache). - Launched EC2 Instances in each subnet, named per subnet.
- Configured Security Groups and NACLs to secure traffic between tiers.
- Established VPC Peering between Production and Development VPCs.
- Set up DB-to-DB Communication across VPCs using peering + SG rules.
| Source | Destination | Connectivity Allowed |
|---|---|---|
| Web (Prod) | Internet | β via IGW |
| App1 (Prod) | Internet | β via NAT GW |
| DBCache (Prod) | Internet | β via NAT GW |
| App2 (Prod) | Internet | β |
| DB (Prod) | Internet | β |
| Dev Web | Internet | β via IGW |
| Dev DB | Internet | β |
| Prod DB | Dev DB | β via Peering |
- Added screenshots of:
- VPC
- Subnet configurations
- Route tables
- NAT Gateway
- Peering connections
- EC2 instances