LAB 2
Lab overview
As an AWS solutions architect, it is important that you understand the overall functionality and
capabilities of Amazon Web Service (AWS) and the relationship between the AWS networking
components. In this lab, you create an Amazon Virtual Private Cloud (Amazon VPC), a public and
a private subnet in a single Availability Zone, public and private routes, a NAT gateway, and an
internet gateway. These services are the foundation of networking architecture inside of AWS.
This architecture design covers concepts of infrastructure, design, routing, and security.
The following image shows the final architecture for this lab environment:
OBJECTIVES
After completing this lab, you should know how to do the following:
● Create an Amazon VPC.
● Create public and private subnets.
● Create an internet gateway.
● Configure a route table and associate it to a subnet.
● Create an Amazon Elastic Compute Cloud (Amazon EC2) instance and make the instance
publicly accessible.
● Isolate an Amazon EC2 instance in a private subnet.
● Create and assign security groups to Amazon EC2 instances.
● Connect to Amazon EC2 instances using Session Manager, a capability of AWS Systems
Manager.
ICON KEY
�Various icons are used throughout this lab to call attention to different types of instructions and
notes. The following list explains the purpose for each icon:
● Command: A command that you must run.
● Expected output: A sample output that you can use to verify the output of a command or
edited file.
● Note: A hint, tip, or important guidance.
● Learn more: Where to find more information.
● Security: An opportunity to incorporate security best practices.
● Caution: Information of special interest or importance (not so important to cause
problems with the equipment or data if you miss it, but it could result in the need to
repeat certain steps).
● WARNING: An action that is irreversible and could potentially impact the failure of a
command or process (including warnings about configurations that cannot be changed
after they are made).
Start lab
● To launch the lab, at the top of the page, choose Start lab.
Caution: You must wait for the provisioned AWS services to be ready before you can continue.
● To open the lab, choose Open Console.
You are automatically signed in to the AWS Management Console in a new web browser tab.
WARNING: Do not change the Region unless instructed.
COMMON SIGN-IN ERRORS
Error: You must first sign out
Task 1: Create an Amazon VPC in a Region
In this task, you create a new Amazon VPC in the AWS Cloud.
Learn more: With Amazon VPC, you can provision a logically isolated section of the AWS Cloud
where you can launch AWS resources in a virtual network that you define. You have complete
control over your virtual networking environment, including selection of your own IP address
ranges, creation of subnets, and configuration of route tables and network gateways. You can
also use the enhanced security options in Amazon VPC to provide more granular access to and
from the Amazon EC2 instances in your virtual network.
