What is Public Subnet in AWS? Step-by-Step Explanation with Example

 

VPC:-

 A VPC (Virtual Private Cloud) in AWS is a private, isolated network you create in the AWS cloud to launch and manage your resources like EC2 instances, databases, etc. 

Think of it as your own private data center inside AWS, where you have full control over:

 • IP address ranges (CIDR blocks)

 • Subnets (public & private) 

 • Routing (via route tables)

 • Internet access (via Internet Gateway or NAT Gateway) 

 • Security (via security groups & network ACLs)

Example 

 • Suppose you rent a building (AWS Cloud). 

 • Inside it, you design your own office layout (VPC). 

 • You decide rooms (subnets), doors (gateways), and locks (security groups).

Key Features of VPC 

 1. Isolated Environment – Your VPC is separated from other AWS users’ networks.

 2. Customizable IP Range – You choose IPv4/IPv6 address range.

 3. Multiple Subnets – Create public and private subnets.

 4. Internet & VPN Connectivity – Control access using gateways. 

 5. Security Controls – Security Groups (stateful) and Network ACLs (stateless).

In short:

 A VPC is the foundation of your AWS network, where you build and control how your cloud resources communicate with each other and the internet. 

Specifications of VPC 

 • It is an region specific service. 

 • It is an AWS IAS part.

 • It is fully managed service. 

 • You can create 5 VPC in single region. 

 • You can create 200 Subnet in single VPC. 

 • Every region have a default VPC.

                                                   Create VPC with Public Subnet

Steps to Create a VPC with a Public Subnet in AWS 

 1. Create a VPC 

 1. Go to AWS Management Console → VPC service. 

 2. Click Create VPC. 

 3. Select VPC only option.

 4. Enter: a. Name tag: MyVPC b. IPv4 CIDR block: 10.0.0.0/16 c. Leave IPv6 No IPv6 CIDR block (optional). 

 5. Click Create VPC.

2. Create an Internet Gateway (IGW) 

 1. Go to Internet Gateways → Click Create internet gateway. 

 2. Name it: MyIGW.

 3. Click Create internet gateway. 

 4. Select the IGW → Click Actions → Attach to VPC → Select MyVPC.

3. Create a Public Subnet

 1. Go to Subnets → Click Create subnet.

 2. Select VPC: MyVPC.

 3. Subnet details: a. Name: PublicSubnet b. Availability Zone: Choose any (e.g., ap-south-1a). c. IPv4 CIDR block: 10.0.1.0/24. 

 4. Click Create subnet.  

4. Enable Auto-Assign Public IP for the Subnet 

 1. Select PublicSubnet. 

 2. Click Actions → Edit subnet settings. 

 3. Enable Auto-assign IP settings → Check Enable auto-assign public IPv4 address. 

 4. Save changes.

5. Create a Route Table for Public Subnet 

 1. Go to Route Tables → Click Create route table.

 2. Name it: PublicRouteTable. 

 3. Select VPC: MyVPC. 

 4. Click Create route table.

6. Add a Route to the Internet

 1. Select PublicRouteTable. 

 2. Go to Routes → Edit routes. 

 3. Add route: a. Destination: 0.0.0.0/0 b. Target: Select Internet Gateway (MyIGW).

 4. Save routes.

7. Associate Route Table with Public Subnet 

 1. In PublicRouteTable, go to Subnet associations → Edit subnet associations. 

 2. Select PublicSubnet → Save associations.

Now your VPC with a public subnet is ready. Any EC2 instance launched here will get a public IP and can connect to the internet through the IGW.

What is Subnet ?

A Subnet (short for Subnetwork) in AWS is a smaller section of your VPC’s IP address range where you place your resources like EC2 instances. 

It helps you organize and control network traffic within your VPC.

Simple Example 

• Imagine your VPC is a big city. 

 • Subnets are different neighborhoods in that city.  

• Each neighborhood has its own houses (EC2, RDS, etc.) and rules for entry/exit (route tables, gateways). 

Key Points about Subnets in AWS 

1. Part of a VPC – Every subnet belongs to exactly one VPC. 

 2. CIDR Range – Each subnet gets a portion of the VPC’s IP address range. 

Example: 

 a. VPC: 10.0.0.0/16

 b. Public Subnet: 10.0.1.0/24 

 c. Private Subnet: 10.0.2.0/24 

3. Public vs Private Subnet – 

 a. Public: Connected to the internet (via Internet Gateway). 

 b. Private: No direct internet access.

4. Availability Zone Specific – A subnet is always inside one Availability Zone (AZ). 

 5. Traffic Control – Subnets use Route Tables to decide where traffic goes.

In short:

 A subnet is like a room inside your AWS house (VPC) where you decide what devices go there and how they connect to the outside world.

What is IGW ?

An IGW (Internet Gateway) in AWS is a horizontally scaled, redundant, and highly available VPC component that allows communication between your VPC resources (like EC2) and the Internet.

Think of it as the main gate of your VPC that connects your private AWS network to the public internet.

Key Points about Internet Gateway

1. Two-way communication

 a. Outbound: EC2 in a public subnet → Internet.

 b. Inbound: Internet → EC2 in a public subnet (if allowed by security rules).

2. Free to use – You only pay for the traffic/data transfer, not the IGW itself. 

 3. One per VPC – A VPC can have only one IGW attached at a time. 

 4. Needs routing setup – For internet access, you must: a. Attach the IGW to the VPC. b. Add a route in the route table (0.0.0.0/0 → IGW). 

 5. Works only with public subnets – A subnet becomes “public” if its route table points to an IGW.

Simple Analogy

• Your VPC = Your home. 

 • IGW = Your home’s front gate to the main road (Internet). 

 • Without it, your home is cut off from the outside world.

In short: 

 An Internet Gateway is the bridge between AWS and the Internet, enabling resources in your VPC to send and receive data publicly.

What is Route Table ?

A Route Table in AWS is a set of rules (routes) that tell your VPC where network traffic should go.

Think of it like a GPS navigation system for your VPC — it decides the path for outgoing and incoming traffic.

Key Points about Route Tables

1. Belongs to a VPC – Each VPC has a main route table by default. 

 2. Contains Routes – Each route has:

 a. Destination (CIDR block) 

 b. Target (where to send the traffic) 

 3. Subnet Association – Every subnet must be linked to exactly one route table. 

 4. Controls Connectivity –

a. To reach the internet → Route points to Internet Gateway (IGW). 

 b. To reach other VPCs → Route points to VPC Peering or Transit Gateway. 

 c. To reach private resources → Route stays within the VPC. 

 5. Custom Route Tables – You can create your own route tables for different subnets (public/private separation).

Analogy

• VPC = Your city 

 • Subnet = Neighborhood 

 • Route Table = Road map that shows how to reach other places (inside the city, other cities, or the highway to the internet).

In short: 

 A Route Table decides the path for network traffic inside and outside your VPC.