Creating a VPC With Public and Private Subnets in Us-East-1
Introduction
In this guide, we will create an Amazon VPC with both public and private subnets in the us-east-1 region using Pulumi. The key services involved are AWS VPC, subnets, and internet gateway.
Step-by-Step Explanation
Step 1: Set up the Pulumi project
First, ensure you have the Pulumi CLI installed and configured. Create a new Pulumi project:
pulumi new aws-typescript
Step 2: Define the VPC
In your index.ts file, define a new VPC:
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
const vpc = new aws.ec2.Vpc("my-vpc", {
cidrBlock: "10.0.0.0/16",
enableDnsHostnames: true,
enableDnsSupport: true,
});
Step 3: Create Public Subnets
Next, create public subnets within the VPC:
const publicSubnet1 = new aws.ec2.Subnet("public-subnet-1", {
vpcId: vpc.id,
cidrBlock: "10.0.1.0/24",
availabilityZone: "us-east-1a",
mapPublicIpOnLaunch: true,
});
const publicSubnet2 = new aws.ec2.Subnet("public-subnet-2", {
vpcId: vpc.id,
cidrBlock: "10.0.2.0/24",
availabilityZone: "us-east-1b",
mapPublicIpOnLaunch: true,
});
Step 4: Create Private Subnets
Similarly, create private subnets within the VPC:
const privateSubnet1 = new aws.ec2.Subnet("private-subnet-1", {
vpcId: vpc.id,
cidrBlock: "10.0.3.0/24",
availabilityZone: "us-east-1a",
});
const privateSubnet2 = new aws.ec2.Subnet("private-subnet-2", {
vpcId: vpc.id,
cidrBlock: "10.0.4.0/24",
availabilityZone: "us-east-1b",
});
Step 5: Create an Internet Gateway
Create an Internet Gateway and attach it to the VPC:
const igw = new aws.ec2.InternetGateway("igw", {
vpcId: vpc.id,
});
Step 6: Create Route Tables
Create route tables for the public and private subnets:
const publicRouteTable = new aws.ec2.RouteTable("public-route-table", {
vpcId: vpc.id,
routes: [{
cidrBlock: "0.0.0.0/0",
gatewayId: igw.id,
}],
});
const privateRouteTable = new aws.ec2.RouteTable("private-route-table", {
vpcId: vpc.id,
});
Step 7: Associate Route Tables with Subnets
Associate the route tables with the respective subnets:
new aws.ec2.RouteTableAssociation("public-subnet-1-association", {
subnetId: publicSubnet1.id,
routeTableId: publicRouteTable.id,
});
new aws.ec2.RouteTableAssociation("public-subnet-2-association", {
subnetId: publicSubnet2.id,
routeTableId: publicRouteTable.id,
});
new aws.ec2.RouteTableAssociation("private-subnet-1-association", {
subnetId: privateSubnet1.id,
routeTableId: privateRouteTable.id,
});
new aws.ec2.RouteTableAssociation("private-subnet-2-association", {
subnetId: privateSubnet2.id,
routeTableId: privateRouteTable.id,
});
Conclusion
By following these steps, you have successfully created a VPC with both public and private subnets in the us-east-1 region using Pulumi. This setup is essential for deploying applications that require both internet-facing and internal-only resources.
Full Code Example
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
// Create a new VPC
const vpc = new aws.ec2.Vpc("my-vpc", {
cidrBlock: "10.0.0.0/16",
enableDnsHostnames: true,
enableDnsSupport: true,
});
// Create Public Subnets
const publicSubnet1 = new aws.ec2.Subnet("public-subnet-1", {
vpcId: vpc.id,
cidrBlock: "10.0.1.0/24",
availabilityZone: "us-east-1a",
mapPublicIpOnLaunch: true,
});
const publicSubnet2 = new aws.ec2.Subnet("public-subnet-2", {
vpcId: vpc.id,
cidrBlock: "10.0.2.0/24",
availabilityZone: "us-east-1b",
mapPublicIpOnLaunch: true,
});
// Create Private Subnets
const privateSubnet1 = new aws.ec2.Subnet("private-subnet-1", {
vpcId: vpc.id,
cidrBlock: "10.0.3.0/24",
availabilityZone: "us-east-1a",
});
const privateSubnet2 = new aws.ec2.Subnet("private-subnet-2", {
vpcId: vpc.id,
cidrBlock: "10.0.4.0/24",
availabilityZone: "us-east-1b",
});
// Create an Internet Gateway
const igw = new aws.ec2.InternetGateway("igw", {
vpcId: vpc.id,
});
// Create Route Tables
const publicRouteTable = new aws.ec2.RouteTable("public-route-table", {
vpcId: vpc.id,
routes: [{
cidrBlock: "0.0.0.0/0",
gatewayId: igw.id,
}],
});
const privateRouteTable = new aws.ec2.RouteTable("private-route-table", {
vpcId: vpc.id,
});
// Associate Route Tables with Subnets
new aws.ec2.RouteTableAssociation("public-subnet-1-association", {
subnetId: publicSubnet1.id,
routeTableId: publicRouteTable.id,
});
new aws.ec2.RouteTableAssociation("public-subnet-2-association", {
subnetId: publicSubnet2.id,
routeTableId: publicRouteTable.id,
});
new aws.ec2.RouteTableAssociation("private-subnet-1-association", {
subnetId: privateSubnet1.id,
routeTableId: privateRouteTable.id,
});
new aws.ec2.RouteTableAssociation("private-subnet-2-association", {
subnetId: privateSubnet2.id,
routeTableId: privateRouteTable.id,
});
Deploy this code
Want to deploy this code? Sign up for a free Pulumi account to deploy in a few clicks.
Sign upNew to Pulumi?
Want to deploy this code? Sign up with Pulumi to deploy in a few clicks.
Sign upThank you for your feedback!
If you have a question about how to use Pulumi, reach out in Community Slack.
Open an issue on GitHub to report a problem or suggest an improvement.