Aws Real Time Training Aws Architect RoadMap 2023 Aws Full Live Course Online Jobs JOYATES

Show video

so in today's topic I am going to explain you what is VPC I am going to explain you what is VPC first I want to know how many of you don't know nothing about cloud computing please let me know but I also don't know but deep you don't know what about others diploma what you are seeing I am saying that uh I am I am also there's a lot of background noise is coming from you right this is okay what about others anjit Anjali Bharat kailash foreign I couldn't hear the question how about you know about the cloud computing okay uh so I just cleared uh a certification that's Cloud practitioner level okay yeah so that much I know like the basic services so you most are looking to me basic things right basic in Cloud yes real time some experiences uh like real time how we deploy if you have the applications to Cloud uh migrations uh and um most related to near to the role solution architect okay so let me change the topic because seems like audience is more inclined to know Basics so what I'm going to cover is basic things what is cloud computing and then I will be explaining what is elastic is going to be very basic everybody must be knowing all this I think so no we are not so you know about elastic compute Cloud how to create VMS in Windows how to create VM for Linux yes and also we don't know I don't know [Music] there's a lot of background noise from your site the application rules you know about replications in S3 so what you know want to know let me let this open platform for everyone so VPC would be a good thing item for everyone all agree to do VPC yes so it would be very good if you could go through this bpc peering VPC endpoint and all those topics not all topics will not be possible but I will try to explain you okay cool let's go with the PC then so let me first introduce uh my name is ritesh and uh I do have total of 12 years experience I have worked with multiple organization during 12 years I am currently working with one of the organization as a cloud architect I'm handling two teams one team is on AWS with DOT net core graphql Entity Framework and other team is on react with gcp and some of the workloads are already there for azure so in total I have more than six years experience with AWS only AWS only all right so today I am going to explain you what is VPC when I'd say VPC I'm talking about virtual private cloud with fill private cloud so under this which in private cloud what is VPC let's understand about what is VPC first so VPC means that you are going to create your own network in simple and short words creating your OWN Network in AWS is being called VPC by default by default in every AWS account in by default every AWS account has one default VPC default VPC and under that VPC we are not going to walk this is the recommendation from AWS Azure whether you are going for any Cloud vendor this is not a recommendation that you will going to work with default VPC so that that VPC you have to create by your own own according to your requirement like in my case I will be taking one VPC range and I will explain you on that range for example when I say VPC like I have already said to you that the VPC means that I am going to create my own network I am going to create my own network and during the on network one range I am going to choose and that range we call it cidr block cidr block in case you don't know about this this is into domain routing tables basically so let me show you and draw about go to draw dot IO here I am going to explain you what is VPC first vp3 first I am drawing that VPC VPC means that your network it is your network that you have created right under this Web PC I am going to work with one of the range and that range I am choosing is 10 Dot 0.0.0 26 you might be wondering because you don't know if you don't know about anything that uh about the cidr block then you might be wondering from where I'm taking this ring 10.0.0.0 16 what does it mean that means it is a cidr block cidr block can be starting from 0.0.0 to

255.255 Dot 255 dot 255 so in every block in every digit we do have four let me show you something uh so this is what I'm talking about if you go with this documentation IP and cidr block if I am taking 10.0.0 16 here you need to remember before this slide you need to understand this part when I'm saying 10.0.0.0 there are four digit in an IP address represent a set of 8 binary digit when I am writing 10 10 means zero one zero one double zero double zero so this will become 10 in total it would become 10 if you go with this number copy this number and they go in reverse order like like let me just copy it starting from 0 it will be zero right it will be one it will be 2 it will be 4 like this so 1 2 4 8 right here it is eight here it is 2 it becomes ten for you right similarly if I go with this calculation you will understand 10.0.0.0 meaning right guys then I am taking another ring 10.0 to 55 to 55 just to explain you

here I am taking all one why because I want to take 255 and that number you need to keep increasing that number you will keep increasing and if I am saying this 10.0.0.0 16 that means I want to block two side lowest possible IP this is highest possible IP and if I go I am going with 10.0.0 16 that means to 16 bits are logged here and this is free to choose these are logged here so let me show you one example then you will understand much better let me go to 10.0.0 16. first let me go to Excel and explain

you what range I am going to take it I am taking cidr block AS 10.0.0.0 Slash 26 I am seeking 26 what does it mean it means that you are you can have this range from 16 to 32 as in maximum range this is a networking fundamentals that you need to read about before coming to AWS so here what I am doing is I'm just telling you one plain formula that you have to use it you have to use equal and 32 this would be fixed minus whatever number you have adding here like in my case adding 26 right 26 it would become 6 then you need to add 2 power that number that number is how much that number is 6. so how much it would become 64 machines 64 IPS if I am going to create a network of this range I will get 64 machines I will get the 64 machine in total right guys then I create subnetting subnetting means I am going to create my shorter Network now now right now I have created a bigger Network 10.0.0.0. one questions I have here so when you said like taking in the last okay okay let me explain you first 10.0.0 26

4 IPS I will get then I will be working with subnet subnetting means I want to distribute this network into multiple parts now for example range I am taking for subnet is 10.0.0 Slash 28 what does it mean 28 so you have to again apply the same formula that out of 32 for example here I am calculating 32 minus 28 is equal to 4 right so 4 power 2 or you can say 2 power to 16 IP you will get and starting rate is 10.0.0 10.0.0 so this range it will go up to 16 machine like this total 15 machines IP you will get this is subnet one just imagine this is subnet one similarly I am creating another subnet here I am writing subnet 2 and the range 4 that I'm giving 10.0.0 slash this time

I am instead of 0 I am giving 16. slash 28 so this means same in subnet also I will get 16 IP but this time it would be starting from 10.0 16 to 31 total 16 IP you will get similarly I am creating subnet 3 subnet 3 subnet 3 means 10.0.0 slash here I am taking range is 32 10.0.0 32 object 28 starting from 32 to 47 similarly subnet 4. subnet 4 starting line would be 10.0

40 8 2 28 I would get 16 IP here also n dot 0.0 48 to 63 [Music] sorry so in total you will get 64 machines if you see the count it is showing you 64 right there is 64 IPS you will get but one thing I am telling you because this is very important from the interview perspective of the certification perspective every subnet you are going to create AWS will block four to five IPS that is fixed five IPS AWS will keep five five why you file IPS they are not going to give you first I think 4 and then this one we are going to reserve it for some internal purpose one is for research purpose one is for networking purpose they are going to block these IPS they will never give you this IPS so in short if you are going to create the phone number of subnet you will get minus 20 every subnet AWS will extract five IPS because you are going to create four subnet here 20 IPS AWS will not give to you in short you will get 44 IB now please ask your question who was asking the question who was that any questions guys so far so these these IP ranges will be inside this particular VPC or or maybe if I create another VPC that also will take the same IP address ranges so it will be different no this is this is my ip1 all right similarly I will be creating another IP block for you because somebody has requested connection pairing right today I will show you how to do connection pairing I will create two different cidr block one this one created right similarly I will create another one using this range so here also I will be picking for example 28 I am picking or 27 I am picking in case of 27 how much machines I will get in total 32 machines right so that 32 machines I will be dividing to subnet let's divide in subnet to subnet 1 and subnet 2. here I am going to use 198 168 0.0 slash pradeep you can switch off your camera it is not a good practice file shaping your single sessions so starting from this 192 168 0.0-27 what does it mean that I am going to create 168.0.0 and I need 16 machines right so 16 for 16 you need to do here 28 so starting from 0 starting from 0 to 15 you will get it here and second submit I am going to create this 0 Dot 16 slash 28 that means I am going to create 192 168 0 dot uh 16 to 31.

right guys so I will do a connection pairing between these two vpcs I am going to create two VPC this is my first VPC this is my second VPC let's go to diagram and understand more uh yeah I have a question here I mean uh even the earlier person asked the same thing but these are two different uh vpcs right I mean yes one network and this is uh one more Network so what we are trying to ask is I mean we have a range here I mean these are anyways like internal uh IP addresses because it starts with 10 and 192. so the question is I mean whatever the range we are using in the first VPC can we use the same range in the next VPC because these are two different three pieces can we have same internal IP addresses for those exactly you can you can use but you when you are going for the connection pairing it will not allow you to connect you can use different different range but it will allow you to connection pairing you different you need different range yeah uh sorry one more thing here I mean we as this is two different vpcs like we connect through using a public IP right not privately because we cannot connect using internal IP we will Connect using private IPS oh we cannot using private types because it's two different uh vpcs so I thought like we use external IPS to connect um if you're connecting through external IPS then why we are creating peering connection the meaning of peering connection is you want to connect privately okay okay I will explain you how to do that thank you thank you thank you for the clarification minus so here I am going to create one VPC first 10.0.0 26 and if you go with this diagram here I am going to change the range to 26 and I am going to create two subnets I am going to create two subnet under that VPC I am going to create two subnet and that subnet I am going to tell name of this subnet I am going to tell is this is public subnet and this is private subnet now you might be wondering why I am giving public subnet and why I am giving private subnet meaning of public and private subnet is not only by by giving a name it will become a private supplement for you how it is called private subnet you have to go in details and when you go in details you will find when you actually create a VPC by default one routing table will get created one routing table will get created and there is a concept of internet gateway trust me if you understand this basic fundamentals you will not forget for entire life internet gateway means internet internet facility in AWS internet gateway is a service who is giving you internet services if that internet internet gateway is there in AWS account and the entry of that internet gateway is available in routing table and that routing table is attached to subnet that means it is a public subnet public subnet means that subnet machines can be accessible through outside world so in short I am repeating again if you have one subnet and that subnet is attached to routing table and that routing table has entry for internet gateway that means it is a public subnet if similarly if I have another routing table for private subnet also but that does not have a entry for internet gateway that means it is a private subnet that's the only difference now if you are a fresher if you don't know anything about the uh I would say VPC then you might be wondering why I am creating two different subnet CL the answer would be let's suppose you're working on one application this is front-end application on front-end application you need to put that application in public subnet so users can access that application they need external IP right similarly they nobody cares about your database nobody wants to connect with that that database you can keep in private subnet though that database you can keep in private subnet or the beauty of subnet is within the VPC within the VPC your app can talk to database privately that is possible so let me quickly create one VPC related thing to AWS console and show you one quick demo go to AWS sign into console and let me write a range also go to test diagram just copy it and this time I would be taking range as [Music] and here I'm taking is 10.0 here I would be taking 22 right uh total I will get 64 and here I will get 32 starting from 32 right guys so please let me know if you are able to understand these things this will become nothing for you if you are not understanding this calculation you will be struggling to know let me know if you have any questions on that why I am taking 27 why I'm doing 26 here why I am dividing into two Networks so let me go to AWS Management console and type here we will see once I go to VPC and click on this PPC you will find in by default one vpcs available here why default one VPC is available here this is VPC right guys default VPC [Music] so I am going to create my VPC uh I'm sorry don't ping again again and again in the private chat yes this will be a course this will be a paid course right we have we are going to start a batch again uh yes that will be a paid that will be a 40 to 50 hours of training that would be a 40 to 50 hours of trading just keep this as a demo that I am giving to you that how I teach so mostly it will be Advanced topics I am going to cover and everything in a practical way yes we are going to start from this weekend only yes so let me go to create VPC so once you go to create VPC first thing it will ask you your name of VPC here I am giving is name as for example test VPC or demo VPC all right demo VPC and what range I want to give 10.0.0 26 I want to give that's it nothing you need to do that's it your VPC is created right with the range of 10.0.0 you can see the your VPC this is

your VPC right one VPC I have created now I will go to subnets under the subnet I will be creating two subnet go to subnet create subnet and click on creating a subnet under the demo VPC and here I am giving a name public PPC public subnet public subnet here I am giving novel Liberty Zone reference and the range I am choosing here is 10.0 slash 27. create subnet similarly I am going to create another Subnet in demo VPC and this time I am taking a range name as private subnet private subnet 10.0.0 Dot 32 7 [Music] I am going to create the subnet right refresh close the filter now you will see I have created two vpcs right private subnet public subnet and see the beauty here I have told you right so you will be getting 32 32 here you will get to 32 IP here also you will get 32 IP but here what you are getting 27 so AWS has blocked 5ip subnet it has blocked five IPS so now I have created two subnet also now when you create your VPC guys when you create your VPC automatically one route table will get created in again stop VPC this is your table route table in this route table what I'm gonna do is that I am going to create one internet gateway once I click on internet gateway I am going to create one internet gateway and name I'm giving is demo Gateway igw you can give any name demo hyphen igw and create internet gateway once you are creating internet gateway it will be created in detached stage once you are going to create it it will be created in detached stage that you have to attach it at later moment of time with VPC so if you refer now I'm talking about this this is detach right as of now this is detached so you have to attach with your VPC ID as of now VPC ID is plan right you have to attach it so what I'm gonna do is I'm going to internet gateways and click on this igw as of now it is showing you D test right I'm going to attach it with my VPC attached to bpc and this is my VPC demo VPC and going to attach this internet gateway with my VPC my VPC is a test right now what I say to you if you have subnet if you have a routing table and that routing table is associated with your subnet and if that routing table has a entry for internet gateway that becomes a public subnet not only via giving a name public subnet private subnet it becomes public or private by owning a giving of Entry of internet gateway becomes public private so here I am going to do same thing I am going to writing tables and in routing tables this is my routing table right public demo VPC let me click on this right let me click on this demo VPC and here I need to go to uh subnet associations in subnet Association uh you need to click on edit subnet Association first I am doing Association of public subnet not private because I want to attach to this routing table to public subnet this is one thing save Association second what I said there should be an entry of internet gateway exactly go to this and click on routes one once you go to routes click on edit routes and here you need to add a entry for whole traffic should move to internet gateway once you select internet gateway here it will it will publish your existing that you have created this internet gateway right demo IDW that you need to select here and save changes that's all guys that is VPC any questions as of now so internet gateway will be attached to the VPC or the subnets no internet gateway will be attached to your routing table and that routing table will be attached to subnet see once I go to Route tables let me go to Route tables once you go to Route tables this is my route table my VPC route table let it be download yeah this is right so this is uh what's your name okay so this is my route table right this route table has two section one is route in route you should have entry for internet gateway in subnet Association whatever as whatever subnets are attached to this routing table that all subnet will become public subnet are you following yes so there is a relation that relation is in first you have to create internet gateway then you need to go to routing tables in the routing tables you will find two sections one is routing this should be a routing table entry then Association whatever subnet Association is there that will become private or public subnet based on Entry of internet gateway in routes basically the internet gateway will be attached to the route table and the route table will be attached to the public subnets or uh private subnets whatever it is if you are going to attach it with the private subnet that also will become a public subnet like I say don't go with the names whatever you are going to attach with this for example I am just adding this subnet also so I am removing this div subnet also I am going to attach with this then these both subnets will become public subnet okay in that case I think we can have uh this Nat Gateway serves a different role but what I am talking about is internet gateway as of now first understand internet gateway I am going to explain navigate view also okay now you are clear about uh this internet gateway okay yeah cool animals any questions it doesn't uh one confirmation that uh first we will create an internet gateway then after that we will route it then after that we will uh match map it with the submissions subnet then the subnet will be under the uh our main VPC yes right okay okay um yeah I mean can you just go to the application I mean the console yeah sure uh uh yeah so far I mean can can I just see the internet sorry I'm new to this console that language okay okay so you have an internet gateway okay we created one okay so and then we have attached it with the routing tables right like can you show me that Gateway I have done the entering routing table okay and that routing table you have to associate with subnet okay okay okay got it I got it okay there's a dependency that you need to draw this in on the plain paper generally what I suggest to my students that you can design this in on over the Whiteboard or somewhere here then you will understand better like the way I have explained to you so this is internet gateway if internet gateway is having entry this in routing table and that routing table is attached to any subnet that will become public subnet that's it always should I proceed yes sir yes cool let me create few instances now then I'm going to show you that let me go to ec2 quickly I will be creating two instances and I will show you for one instance you can take a remote because that's part of your public subnet and for one instance you will not be having a remote so let me click on launch instance I am not going to explain you what is ec2 how it works because we are working mainly on the VPC that you can consider when you are going to join enroll for this course we are definitely going to cover that but just put demonstration purpose I am going to quickly initiate to machines here one is and keeping the name here is for example public machine I'm giving the name public machine I am working with Windows and under the windows I am taking for example I am taking 8GB of instance because I have a privilege to work with AWS as a free so I am taking this 8 GB so when you are doing a practice you can choose free dear accounts and all so I am taking 8GB that's not a problem for me so I am going to create this instance using Sim demo so I'm just choosing or create new keeper I would be choosing and here I'm saying is doing key and create a new key pair so one thing I want to share with you that once you go to network settings in network settings I am saying I want to work with my VPC which is T4 demo VPC right under this demo VPC under this demo VPC I want to create instance and these two in public machine so sorry for that so I am going to choose here public subnet once you are going to choose public subnet you need to Auto assign public IP enable that's it your settings are done now I am going to create this instance and RDP is allowed and 30 GB is a root volume I am 100 sure I am going fast on this part because this is how you create ec2 instance is a general process like somebody said everyone should be aware about this very basic thing right so I'm going to launch instance in my own VPC this time demo VPC and these two in public subnet and auto sign public IPS unable I am going to launch this instance launch similarly I am going to launch another instance go to instance and click on launch instance and this time I am going to give a name private machine [Music] private machine under the private machine I am going to work with Windows and in Windows Sim I am going to choose this time 8 GB and keep here I want to use my keypad that I have created Win key so winky use are using and in network settings I am going to chain to demo VPC and here I'm selecting private subnet this time private subnet and I am going to take Auto sign public IPS disabled RDP allowed that's it let me launch this instance also so I have guys I have created two instances just to recap I have created two instances one is public machine and one is private machine both the machines I've I've created for the purposefully that public machine you can take a remote from internet that I am going to show you that how I'm taking a remote of this machine and private machine you will not get private public IP right let me click on public machine once I click on public machine very very important thing you need to remember here who are not joining this session for the first time then they might be not able to understand why we have created VPC that is a purpose that range you have the control on that range now because I have chosen my this subnet 10.0.027 that's the reason it is coming under 27 only it's starting from 0.013 it is coming to you right

it is 13 and when you go to private machine this is coming as 40. right ways that in that thing you need to understand why why we are creating purpose of this PPC so you if you go to public machine you will get a public IP when you go to private machine you will not get any public IP simple let's not complicate the uh topic of VPC it is nothing just you have to understand basic networking it is nothing else I will show you other Advanced things also endpoint also that does also nothing you just had to understand basic terminologies so now I will go to public machine and let's login to public machine let's click on this go to actions networking uh in networking basically I need to retrieve a password so that password I would be retrieving using get Windows option and here I am going to work with Win key so under this winky decrypt the password this is the password let me copy the password say okay and I want to login in that machine what you can do is click on connect right click on RDP I will go for download RDP right once this done this is downloaded you need to click double click on this and connect with this instance double click and enter your password here that I have in clipboard so okay so once you say okay you are connected with this instance and this instance is getting created in my own VPC it has 8 GB of RAM similarly I have private machine also right so but that private machine if you see carefully if you go to that private machine you will see public IP is not available within the VPC you can connect very easily without any entry or nothing just take the public private IP copy this IP have to take and go to this instance now now from this instance I am going to take RDP I am going to take RDP and of which which machine this machine this is private IP from your network you can even talk to private IP machines click on connect so asking for details administrator by default password would be sorry a username would be administrator password you have to retrieve for private machine to go to actions security get Windows password click on public upload private key file Win key and then there you go it is a password copy this and go to this and paste and say okay yes you are connected with this instance also right this is your private instance right guys you are following so the private instance only be accessible from the public yes right so I'll not be able to add DP from my Local Host no okay that's the purpose of it if you see this diagram because I if this is a user right this user can connect to this this public subnet machines publicly this is allowed but nobody can access to private subnet because the purpose is to give security to your database let's imagine your own uh your hosted your database on private subnet nobody can interact directly but your application needs to have connectivity right that's the purpose of it thank you got it cool so now you have two machines with you right this is uh let me just uh design in a way so that you can see this is your private machine this one short one this is your public machine where you have the public IP also public IP address but on this machine you will not see public IP public IP is blank like this you are following this I hope yes sir cool let me do another uh all right should I proceed now to another topic navigate away I'm going to work with net Gateway now what is the use of net Gateway Navigator means let me go to design navigate away means instead of internet gateway we have another service we call Net Gateway net Gateway will always be part of subnet public subnet why because public subnet is giving you internet gateway and that Navigator service will be used internally internet gateway so what is the use of net Gateway Navigator the usage is that now you have blogged entire subnet from Outer World from Outer world you have excluded that nobody can take a remote of your DB nobody can talk to your machine in an internet manner right nobody can talk to you this instances but imagine a situation where your your database is looking for some updates from Microsoft from AWS from Oracle from another website some pairing connection he wants to create under that how it will be done so by creating a private subnet means nobody can interact to your instances and that also means that you will not be able to contract with it out the world like the same status when we work with WhatsApp and uh when we change our settings to nobody can see your status or nobody can see your last scene similarly you cannot see last scene of others right here also same example that if you're blocking yourself from external world you cannot talk to external world that's why we AWS has given a new service with the name of nat Gateway with the net Gateway you can contact to Outer world but still outer world will not be able to contact with you let me show you what I'm talking about let me go to private instance and click on internet here I want to access internet can I access can I access by default no if I die Google Now do not put dot in this will not allow you to connect by default no internet that means you are in private subnet right for this what I am going to do is I am going to create one more thing that thing is I am going to create my own routing table now by default when you create a VPC one routing table would be created right here I am customizing uh creating one route table and now product table I am giving a name private route table bpc which VPC demo VPC create this route table now you will ask me what is the purpose of creating this route table the purpose is I want to go to this table and first I want to create a net Gateway and that Navigator entry you have to meet in private Round Table so first of all you need to go to navigator and create navigate available so I am giving a navigator over here for example demo that with subnet like I said negatively whenever you are going to create that would be created in public subnet always public subnet and when you are going to create net Gateway net Gateway always need elastic IP that I am going to allocate elastic IP means static IP that I have allocated this is a static IB right and to create your Navigator once you have created a net Gateway right you need to go back to routing tables and under the routing tables you have to do the same thing whatever you have done earlier first thing first you have to do a subnet Association that this time you are seeing I am doing a subnet Association and subnet Association and doing for private subnet same Association right and similarly I want to give here routes under the routes I am going to edit routes and adding an entry for 0.0 all traffic should move to net Gateway and this is my net Gateway save changes cool all things are done now go back to your instances and run it again [Music] google.co.in I want to run this

let me check all the entries again private Round Table this is fine go to routes I think navigation takes for some times in initializing slow it is not working probably we have to wait for one or two minutes it is showing as of now pending so probably it will be coming up in some time so till that time this is not working right let's wait for one or two minutes eat fresh yeah now it is available now let's test it again google.co.in wow it is working right right guys you are following this yes so I have a question like in which uh scenario we will use net instance NAD instance nobody use now Nat instance means net instance there was one instance now we use net Gateway navigatable means AWS is giving you highly availability in the net instance we used to create one instance as a Nat okay so it will work as a um public instance I mean it will take a public IP and it will be exposed to the outside of the world right the net instance if I'm not really so what I'm saying is the NAT instance will have the public IP and it will be exposed to the outside world so that it will be accessible so that is the purpose of that instance or no the purpose is the difference between net Gateway and Nat instances Nat instance is going if net instance is not working there is no plan B but if Nat Gateway is going down for some reason AWS is taking care internally and creating another system for you in the background so this net Gateway is handling highly higher availability but in case of nat instance if net instance is going down your services will not work that's the difference okay one question yeah so these are the two ways basically uh you want to do peering I mean from uh you want to connect between private and public networks is that what is the main motor here no these are older way I would say navigator is the older way none Ways available in the market with the name of endpoint peering connections good so let me take one more topic let's talk about peering connection so peeling connection under the peering connection what I want to do is I'm I'm going to create another VPC quickly I am going to create another VPC and this time I'm saying uh this is test VPC right and the range I am giving is 192 168 0.0 slash 27 or 26. right let me copy this range and create VPC similarly I am going to create two subnet create subnet I am going to create an under test VPC and I am saying this is my private subnet and in last I am adding and last last name test subnet and here I'm giving a range 192 168 0.0 and this time I'm giving 27 or create subnet similarly I am going to create another subnet and range I am giving it test to be PC and subnet name I want to give is uh earlier I have choose private right let me see what I have given um private one right private I have started from 0 and this time I'm going to give s2bpc and I'm giving public subnet and name and giving us test and here I am giving a range and rain starting from 32 I hope you understand this calculation now right yes I am creating another subnet so I have to submit right starting from 0 this is my private and starting from 32 this is my public subnet cool now I am going in routing tables I am going in routing tables I have one routing table created for test also test PPC right now what I want to do is uh I want to create one instance I want to create one instance in private so let me go to ec2 in private of test I want to create one instance click on launch instance and this time I am going to create one private test so that means I want to create private instance in test and test VPC here I am selecting windows and I'm taking 4GB and this time I am taking one bin Keys existing key and changing a network network I am changing to test VPC and under that test see I am taking private subnet and that private subnet that's it launch instance now what I want to do is I want to connect this instance that I have created this one private test from public machine of another assignment right this is another subnet and this is another subnet how can I connect with this by default it is not allowing you by default it will not allow you to connect with different the PCS it will not allow you for that purpose you need to do pairing when you go to this you need to do a pairing I will tell you how that meeting will be done first let this instance come into the picture this is initializing so till the time I'll go to pairing connections I'll go to PD connections here I am going to create a peering connection and here I'm saying is uh test pairing connection any name you can give and not too much good in giving naming convention so I am fine with test pin connection select the local P VPC to peer with what would be requester requester in my case I'm saying is demo VPC is a requester and where you want to do a connection acceptor acceptor would be test VPC right it this VPC pairing guys can be happen in same account or another account also so here I'm going to work with this as a requester this has a acceptor this is requested this is accepted that's it create peering connection once you create a peering connection once you go to back to create peering connections you will see the status of his pending acceptance pending acceptance you need to click on this and approve it for because we are in same account that's why we are getting requests here to accept it but if you're in different account you will also get a option here to accept and reject so here it says the peering connection ID is this requester ID is demo acceptor ID is test VPC so are you fine yes I am saying fine except the your connection pairing has been done can I connect with that instance now any any thought on that can I connect now answer would be no I still not connect let me show you first let's wait for this instance to be live in a minute it's taking much time let's wait for it in uh during the uh let me share that yeah that number for your information if you want to enroll is a myth his name is Amit is the account manager you can contact to him about any details fees or any course durations everything will be assisting you plus nine one nine five four zero six six two eight zero six his name is Amit so you can contact on this number let me pass on this number to chat window also Let me refresh now it is available right let me try this copy this IP and try to connect go to your public instance [Music] go to RDP paste and connect it says no you cannot write it is in continuously mode Prime but there will be no connection you can meet because peeling connection is one thing then you have to allow the traffic also and for traffic there is a thing you need to do first thing first you need to keep your IPS ready for example here I am going in VPC under the VPC under the VPC you have one demo VPC right demo VPC ranges 10.0.0 this one right and then you have test to be PC test VPC and the range of that is this is the range copy this this is our range right so keep remember this ranges and now go back to routing tables when you go to routing tables you have a routing table for uh test VPC right go to test VPC routing table go to routes here you need to edit a route and add route this is for which route this is for test right need to click on this test go to routes and it routes in test one you need to enter add for demo one this is IP this is IP range cadr block range and you need to add here pairing connection under the peering connection test pairing connection save changes this is test VPC now similarly you need to go in public subnet public routing table public routing table of demo VPC this is the entry right you need to go routes and it routes and add an entry of opposite test VPC right copy this range and here pairing connection this is appearing connection save changes that's it guys now you can connect it try it once connect cool it is asking you details right details you can give administrator right and password you can retrieve go to ec2 instances this is an instance go to security get window password upload private key file and this is the Win key decrypt is copy and paste here that's it connect you are connected with another VPC machine right guys you are with me following this any question so far yes so the VPC pairing can be done inside the one account and maybe with a different region as well right so when there is a situation like we have to peer two vpcs in a two different AWS account so is it possible if if yes then how physical this is feasible you need to go to peering connections when you create a pairing connections it will allow you for example I am I'm just kidding ABC and PC requester is demo EPC if you say another account in that case you need to choose another account in another account you need to give account ID account ID will be copied from that another account ID you need to copy here that's it okay okay good thanks guys I have uh I have to stop here because I have another meeting at 6 30 probably otherwise I could have covered this endpoint also for you so endpoint is also very easy so once you go for end points you have to create an end point and you will say for which Services you are going to create a endpoint for dynamodb 4s3 every Services AWS is gradually giving a end point so end point in short end point meaning is that internally it use private Link Technology private link means it is creating a tunnel between your VPC and AWS Network it is going to create one tunnel and that thing is very very popular nowadays everyone is using endpoint so probably I can take some another time to explain you this uh end point still now you can let me know whatever I've explained you you have any questions anything in case you want to see a course content that we are offering is this is a course of content what you can do is probably you can talk to Amit on this number he will be sharing every detail with you in terms of what's the fees we are charging how much hours it is going to take there are two varieties we are proving one is AWS architect one is AWS devops so you can talk to him and let me know if you are interested for it so I am good for today this is a number thank you very good very much guys time dropping the call thanks a lot for your time all right

2023-04-16

Show video