Erik's Thoughts and Musings

Apple, DevOps, Technology, and Reviews

Create an AWS VPC From Scratch

Today I went through the process of doing something I have never done before. Using some videos I found on Udemy, I created an AWS VPC from scratch. It is not that I am new to AWS networking, it is just I have always based my instances off existing VPCs, subnets, and network security. To be able to do it from scratch feels like a minor accomplishment. Here is the rough workflow:

  1. Created a VPC

  2. Create the subnets:

    • 3 public subnets in Availability Zone 1a, 1b, and 1c.
    • 3 private subnets in Availability Zone 1d, 1e, 1f
  3. Don't forget that the public subnets have to autoassign IPs (Actions > Modify Auto-assign IPs > Enable auto-assign public IPv4 address)

  4. Create Internet Gateway and attach to VPC (Actions > Attach to VPC)

  5. Edit the default routing table for the public subnets and make sure it can route out the Internet Gateway

  6. Create a routing table for the private subnets that can't go out the Internet Gateway. Associate the private subnets

  7. Create a public security group that allows inbound rules for SSH from my personal IP.

  8. Create a private security group that allows inbound rules for SSH from my personal IP.

After all of that I was able to spin up a quick and dirty terraform file that build a t2.micro instance in the VPC and suprisingly it worked on the first time.

terraform {
  required_providers {
    aws = {
      source  = "hashicorp/aws"
      version = "~> 3.27"

  required_version = ">= 0.14.9"

provider "aws" {
  profile = "default"
  region  = "us-east-1"

data "aws_subnet" "public_subnet_1" {
  id = "subnet-XYZ-public"

resource "aws_instance" "webserver" {
  ami             = var.ami_id
  instance_type   = var.instance_type
  subnet_id       =
  security_groups = ["sg-public"]
  key_name        = var.key_name

  tags = {
    Name        = "webserver"
    Environment = "prod"