Amazon Virtual Private Cloud in AWS (PART -6)

Share via:

Dear Readers,

In this article,we will see Create Custom/Public Network ACL in VPC and Connect to Database Server through Bastion Server.

Implementation Steps

  1. Create Public Network ACL.
  2. Connect Public Network ACL “Network ACL – Public”  to subnet 1 “192.168.2.0/24  – ap-south-1a (subnet-1) – (Public Subnet).
  3. Configure Inbound Rules for Public Network ACL  “Network ACL – Public”.
  4. Verify WebServer.
  5. Configure Outbound Rules for Public Network ACL  “Network ACL – Public”.
  6. Verify Web Server.
  7. Go to Bastion Server linux terminal and connect to DBServer then Install MySQL package.

Create Public Network ACL

Go to Network ACLs,Click on Create network ACL.

Specify Name tag “Network ACL – Public” for network ACL.

Choose your vpc from list and click on create.

The Public Network ACL has been created successfully.

Connect Public Network ACL “Network ACL – Public”  to subnet 1 “192.168.2.0/24  – ap-south-1a (subnet-1) – (Public Subnet)

Select Public Network ACL  “Network ACL – Public” and go to subnet Associations then click on Edit subnet associations.

Checked subnet 1  ID “192.168.2.0/24  – ap-south-1a (subnet-1)” and click on Edit.

We can see the  Public Network ACL “Network ACL – Public” has been connected to subnet 1 “192.168.1.0/24  – ap-south-1a (subnet-1) – (Public Subnet).

Configure Inbound Rules for Public Network ACL  “Network ACL – Public”

Select Public Network ACL  “Network ACL – Public” and go to inbound Rules then click on Edit inbound rules.

 

Copy My IP

Go to Security Groups , Select WebServer Security Group “WebServer-SG”

Copy SSH source IP I the inbound Rules

Note

We configured SSH port – open to My IP (27.6.180.93/32).

Select Public Network ACL  “Network ACL – Public” and go to inbound Rules then click on Edit inbound rules.

Click on Add Rule.

Add SSH Port

We need to specify Rule,Type,Source.

Rule – 100

Type – SSH

Source – 27.6.180.93/32 (My IP) (which was copied earlier)

Click on Add Rule.

Add HTTP Port

Rule – 200

Type – HTTP

Source – 0.0.0.0/0 (Anywhere) and allow the port.

Click on Add Rule.

Add Custom TCP Rule

Rule – 300

Type – Custom TCP Rule

Source – 0.0.0.0/0 (Anywhere) and allow the port.

Click on Save.

The Inbound Rules  has been configured successfully.

Note

Whatever the ports configured in WebServer SG we need to configure in Public Network ACL inbound rules.

We need to configure one additional rule i.e., Custom TCP Rule.

Verify WebServer

Select WebServer and copy Public IP of the WebServer.

Search Web Server Public IP in browser

We are unable to see the content of the WebServer

Note

We didn’t configure the outbound Rules

In the Network ACL we need to configure both inbound and outbound Rules then only we can able to see the content of the WebServer

Configure Outbound Rules for Public Network ACL  “Network ACL – Public”

Select Public Network ACL  “Network ACL – Public” and go to outbound Rules then click on Edit outbound rules.

Click on Add Rule.

Add SSH Port

We need to specify Rule,Type,Source.

Rule – 100

Type – SSH

Source – 27.6.180.93/32 (My IP) (which was copied earlier)

Click on Add Rule.

Add HTTP Port

Rule – 200

Type – HTTP

Source – 0.0.0.0/0 (Anywhere) and allow the port.

Click on Add Rule.

Add Custom TCP Rule

Rule – 300

Type – Custom TCP Rule

Source – 0.0.0.0/0 (Anywhere) and allow the port.

Click on Save.

The outbound rules has been configured successfully.

Verify Web Server

Search Web Server Public IP in browser

Refresh public IP of web server.

We are able to see the content because we Configured both inbound and outbound rules.

Go to Bastion Server linux terminal and connect to DBServer then Install MySQL package

Switch to root user

Verify Database pem file

Connect to Database Server

Switch to root user

Install mysql package

 

 

Thank you for giving your valuable time to read the above information. Please click here to subscribe for further updates

KTEXPERTS is always active on below social media platforms.

Facebook : https://www.facebook.com/ktexperts/
LinkedIn : https://www.linkedin.com/company/ktexperts/
Twitter : https://twitter.com/ktexpertsadmin
YouTube : https://www.youtube.com/c/ktexperts
Instagram : https://www.instagram.com/knowledgesharingplatform

Share via:
Note: Please test scripts in Non Prod before trying in Production.
1 Star2 Stars3 Stars4 Stars5 Stars (1 votes, average: 5.00 out of 5)
Loading...

One thought on “Amazon Virtual Private Cloud in AWS (PART -6)

Add Comment