What Is Subnet In AWS

In this AWS article, we will discuss What Is Subnet In AWS, and along with that, we will also discuss a few other topics like What is the difference between VPC and subnet?, AWS VPC Subnet Best Practices, AWS Create VPC With Public And Private SubnetsHow To Create A Private Subnet In AWS, How To Create A Public Subnet In AWS, What is the difference between private and public subnet in AWS?, AWS P, private Subnet Internet Access, AWS NAT Gateway, How To Create An AWS NAT Gateway, How To Create An AWS NAT Gateway using AWS CLI, AWS Internet Gateway.

What Is Subnet In AWS? Logically partition of a larger network in to smaller network segments or A Subnet is a part of a large network.

Table of Contents

When you are dividing an IP network into two or more parts logically that is known as a subnet. Basically, this is all about a logical subdivision of an IP network.

AWS Subnet

When you are trying to make a partition of a larger network into smaller network segments logically that is known as a Subnet.

A subnet is a part of a large network.

You will get two types of Subnet in AWS and those are as below.

Private
Public

Private (AWS Private Subnet)

A private subnet is one that you can hide from the internet.

A Private subnet is a subnet that doesn’t have a direct route to the Internet.

Public (AWS Public Subnet)

The public subnet is the one that can’t be hidden from the internet. You can use the internet to access the public network.

In another way, A public subnet is another category of a subnet that is connected with a routing table and that is connected to the internet gateway.

AWS VPC Subnet Best Practices

It is suggested to use more than one Availability Zone deployments.
For access controls, it’s better to use IAM policies.
The best practice is to create distinct VPC for staging, Deve, prod.
As monitoring is quite important, you can use Amazon CloudWatch for this purpose.
When you have multiple subnets, it’s better to use NAT instances for each of the subnets.

AWS Create VPC With Public And Private Subnets

As part of this topic, we will discuss the below points

Creating An Elastic IP Address
Running the VPC wizard to create and configure the VPC resources
Creating a private subnet
Creating a private subnet

Creating An Elastic IP Address

Let’s discuss the steps to create an elastic IP address using Amazon VPC console.

Navigate to the Amazon VPC Console.
Now, choose the Elastic IPs option from the left navigation pane.
Select Allocate new address –> Choose Allocate –> then choose Close
Copy and paste the Allocation ID in a notepad as we are going to use this on the next step.

Running the VPC wizard to create and configure the VPC resources

Follow the below information to run the VPC wizard to create and configure the VPC resources

Navigate to the Amazon VPC Console.
Now, choose the VPC Dashboard from the left navigation pane.
Choose the VPC with Public and Private Subnets.
VPC name: Provide a unique name for the VPC.
Elastic IP Allocation ID: Enter the ID that you have copied to the notepad earlier.
Finally Click Create VPC –> Choose Ok once finished.

How To Create A Private Subnet In AWS

Well, you can easily create a private Subnet in AWS using the Amazon VPC console. Follow the below steps for creating a private subnet in AWS.

Navigate to the Amazon VPC Console.
Now, choose the Subnets –> Create Subnet option from the navigation pane.
On the Create Subnet window, provide the below details

Name tag: Provide a meaningful name.
VPC: Select the VPC that you want to use here to create the Private Subnet.
Availability Zone: Select the first one from the lists o Availability Zone.
CIDR Block: Just type the CIDR Block that you want to use here to create the Subnet.

Finally, choose the Yes option to create the Private Subnet.

Same way, for the remaining Availability Zone, repeat step – 2 to Step -3.

How To Create A Public Subnet In AWS

Well, you can easily create a Public Subnet in AWS using the Amazon VPC console by following the below steps.

Navigate to the Amazon VPC console.
Now, choose the Subnets –> Create Subnet option from the left navigation.
On the Create Subnet window, provide the below details

Name tag: Provide a meaningful name.
VPC: Choose the VPC that you want to use here to create the Public Subnet.
Availability Zone: Select the Availability Zone from the list.
IPv4 CIDR block: Just type a valid CIDR block that you want to use here to create the Subnet.

4. Finally, select the Yes option to create the Public Subnet.

What is the difference between private and public subnet in AWS?

We will discuss here a few key differences between private and public subnet in AWS.

Private subnet	Public subnet
No Direct route to connect to the Internet gateway.	Connected to the routing table and that is connected to the Internet.
You can’t do that directly.	You Can directly send the outbound traffic to the internet.
You can use NAT Gateway to talk to the internet. Sends the outbound traffic via NAT Gateway.	Sends the Outbound traffic via Internet Gateway (IGW).

AWS Private Subnet Internet Access

AWS Public Subnet can able to send the outbound traffic directly to the Internet But in case of AWS Private Subnet, it’s not possible to send the outbound traffic directly to the Internet.

But, it is possible to send the outbound traffic from AWS Private Subnet to the Internet using the network address translation (NAT) Gateway.

What is difference between VPC and subnet?

Well, let’s discuss here a few key differences between VPC and subnet.

VPC	Subnet
This is a virtual private network that is isolated logically from other networks and committed to your AWS account.	A subnet is a logical partition of a large network into small network segments.
Can contain pulic subnets or both private and public subnets combinations.	You can consider the subnet as the main component of VPC.

AWS NAT Gateway

AWS NAT Gateway is an excellent service that helps you connect a private subnet with the services outside your VPC.

Key Features and Rules Of AWS NAT Gateway

There are different protocols supported by the NAT gateway and those are UDP, TCP, ICMP.
5 Gbps of bandwidth is supported by NAT gateway and if required, it can scale up to 45 Gbps.
Can support up to 55,000 simultaneous connections to each destination.
Only one Elastic IP address can be attached with the NAT gateway.
A security group can not be associated with the NAT gateway.

Amazon VPC console is one of the best option to create and manage your AWS NAT gateway.

How To Create An AWS NAT Gateway

We will discuss here, how to create a NAT gateway using the Amazon VPC console. You can follow the below steps to create a NAT Gateway.

Navigate to the Amazon VPC console .
Now, choose the NAT Gateways option from the navigation pane.
As the next step, select Create NAT Gateway and provide the below details

Name: Provide a name for your NAT gateway.
Subnet: Select the subnet that you want to use here.
Connectivity type: Select the connectivity type as Private or Public based on your requirement.
Elastic IP allocation ID: If you have selected the connectivity type as Public, then choose the Elastic IP address to connect to the NAT gateway.
Add new tag: Select the Add new tag and provide the name and value.

Finally, click on the Create a NAT Gateway option to create the NAT gateway.

How To Create An AWS NAT Gateway using AWS CLI

You can also use AWS CLI to create an AWS NAT gateway quickly using the below information.

The command to create the AWS NAT Gateway using AWS CLI is “create-nat-gateway”.

Syntax:

The syntax for the AWS CLI command “create-nat-gateway” is as below.

create-nat-gateway [--allocation-id <value>][--client-token <value>]
[--dry-run | --no-dry-run] --subnet-id <value> [--tag-specifications <value>]
[--connectivity-type <value>] [--cli-input-json <value>][--generate-cli-skeleton <value>]

Example:

Consider the below example that will create an AWS NAT Gateway in the subnet subnet-5c6h2g8e and then it links an Elastic IP address with tsinfo-14rg2b33 (allocation ID) with the NAT gateway.

Execute the below AWS command

aws ec2 create-nat-gateway --subnet-id subnet-5c6h2g8e --allocation-id tsinfo-14rg2b33

Once, you will execute the above AWS CLI command, you will get the output like below.

{
  "NatGateway": {
    "NatGatewayAddresses": [
      {
        "AllocationId": "tsinfo-14rg2b33"
      }
    ],
    "VpcId": "vpc-4478ghkk",
    "State": "pending",
    "NatGatewayId": "nat-03e78fh1b9j72lykm",
    "SubnetId": "subnet-5c6h2g8e",
    "CreateTime": "2021-06-17T12:34:21.732Z"
  }
}

How To Delete An AWS NAT Gateway

Now, if you don’t want the AWS NAT Gateway that you have created earlier, you can easily delete it using the below steps.

Navigate to the Amazon VPC console.
Now, choose the NAT Gateways option from the navigation pane.
Choose the NAT gateway radio button –> Select Actions –> Delete NAT gateway.
Enter Delete for the confirmation and then select Delete.

AWS Internet Gateway

AWS Internet Gateway is one of the major components of VPC that helps you to communicate between your VPC and the internet.

AWS Internet Gateway is redundant and highly available.

Both IPv4 and IPv6 traffic is supported by AWS Internet Gateway.

The most interesting point is you not need to pay any extra amount for the Internet gateway in your account.

How To Create An Internet Gateway

Well, let’s create an Internet gateway using the below steps.

Navigate to the Amazon VPC console.
Now, choose the Internet Gateways option from the left navigation pane.
Then select the Create internet gateway option.
Provide a name for your Internet Gateway, Enter a key name and key value.
Finally, click on the Create internet gateway option to create the Internet gateway.

How to attach the Internet gateway to your VPC

Now, select the internet gateway –> Click on Actions –> Select Attach to VPC.
Choose the correct VPC –> Select Attach internet gateway.

What is VPC in AWS

Amazon VPC or Amazon Virtual Private Cloud or VPC in AWS provides you with the opportunity to launch your AWS resources like Amazon EC2 instances into your own predefined virtual network.
In another way, Amazon VPC is the virtual network that is dedicated to your own AWS account.
It is altogether a separate virtual network in the AWS cloud that is actually isolated from all other virtual networks logically.

Main Concepts related to Amazon VPC

AWS Subnet: check out What Is Subnet In AWS for more details.

Security groups: You can check out What is a Security Group in AWS to get a clear idea of AWS Security Groups.

VPC endpoint: It helps you to establish a connection between different supported AWS services and your Amazon VPC without any internet gateway. It just connects with the help of a Private Link.

Internet gateway: Helps you communicate between the internet and your resources inside the Amazon VPC. Check out AWS Internet Gateway for more information.

A Route table: routes are also known as a set of rules to control the network traffic.

AWS VPC Architecture

The main components of the AWS VPC architecture are the Public Subnets and the Private Subnets. If you will closely look at the AWS VPC Architecture diagram, you will see multiple layers of Subnets (Both Private and Public Subnets).

The first layer consists of a set of Private subnets that shares the ACL (the network access control list) from the VPC. Check out AWS VPC Architecture for more information.

You may also like following the below articles

Wrapping Up

In this article, we have discussed, What Is Subnet In AWS, and along with that, we have also discussed the below topics

What is difference between VPC and subnet?
AWS VPC Subnet Best Practices
AWS Create VPC With Public And Private Subnets
How To Create A Private Subnet In AWS
How To Create A Public Subnet In AWS
What is the difference between private and public subnet in AWS?
AWS Private Subnet Internet Access.
AWS NAT Gateway
How To Create An AWS NAT Gateway
How To Create An AWS NAT Gateway using AWS CLI
How To Delete An AWS NAT Gateway
AWS Internet Gateway

Hope you have enjoyed this article !!!