VPC
The power of our own virtual network awaits with Amazon VPC. As a secure and isolated environment within the AWS cloud, VPC gives us full control over how we host our resources. No more sharing space with the rest of the internet – here, we define the rules and build the network that perfectly suits our specific needs.
We have ultimate flexibility:
- Isolation is key: Our resources operate in a private, shielded from unauthorized access and safeguarding our valuable data.
- Compliance becomes achievable: We can tailor the network to meet even the strictest regulations, ensuring peace of mind and regulatory compliance.
- Scalability is effortless: As our needs grow, our VPC expands seamlessly, accommodating more resources .
- Customization empowers us: We design the network that perfectly complements our infrastructure, optimizing performance and efficiency just the way we want.
- Private connectivity opens doors: Our VPC connects seamlessly to other AWS services or even on-premises environments, all within a secure tunnel.
VPC with CDK
Simple VPC in AWS, with CDK - let's code!
Prerequisites
- Create a project
mkdir cdk-workshop-vpc && cd cdk-workshop-vpc
- Initialize the project
cdk init sample-app --language typescript
Implementation
/cdk-workshop-vpc/cdk-workshop-vpc-stack.ts
import { Duration, Stack, StackProps } from 'aws-cdk-lib';
import { Construct } from 'constructs';
import * as ec2 from 'aws-cdk-lib/aws-ec2';
export class CdkWorkshopVpcStack extends Stack {
constructor(scope: Construct, id: string, props?: StackProps) {
super(scope, id, props);
const vpc = new ec2.Vpc(this,'vpcdk',{
ipAddresses:ec2.IpAddresses.cidr('10.0.0.0/16'),
vpcName:"cdk_demo_vpc",
maxAzs:1,
subnetConfiguration:[{
cidrMask: 24,
name: 'vpcdk_publicsubnet',
subnetType: ec2.SubnetType.PUBLIC,
},
{
cidrMask: 24,
name: 'vpccdk_privatesubnet',
subnetType: ec2.SubnetType.PRIVATE_ISOLATED,
},]
})
}
}
Importing Essential Libraries:
- aws-cdk-lib: Offers core CDK constructs to build AWS resources.
- constructs: Provides fundamental building blocks for CDK applications.
- aws-cdk-lib/aws-ec2: Enables access to EC2-specific constructs, including VPCs.
Creating the VPC Stack:
The CdkWorkshopVpcStack class is designed to manage VPC resources efficiently, responsible for their creation and maintenance.
Utilizing Stack as the parent class, it inherits functionalities for defining and deploying cloud resources.
Constructor Details:
- vpcdk: Initiates a new VPC with specified characteristics.
- ipAddresses: Specifies the 10.0.0.0/16 CIDR block for the VPC's IP address range.
- vpcName: Set as "cdk_demo_vpc" for easy identification.
- maxAzs: Configured as 1 for deployment within a single Availability Zone.
- subnetConfiguration: Defines two distinct subnets:
- vpcdk_publicsubnet (PUBLIC): Designed to be accessible from the internet for public-facing services.
- vpccdk_privatesubnet (PRIVATE_ISOLATED): Isolated to secure private resources, inaccessible from external sources.
Deployment
Run the following commands:
cdk synth: To synthesize the CloudFormation template
cdk bootstrap: To set up the necessary resources in AWS account
cdk deploy: To deploy the AWS resources defined in CDK application
Takeaways:
- CDK Simplifies VPC Setup: Create VPC structure with programming concepts, making infrastructure management easier.
- Clear and Maintainable Code: Keep the code short and organized, improving readability and ease of long-term upkeep.
- Customization Options: Easily modify CIDR blocks, subnet setups, and other parameters to customize the VPC based on specific requirements.
Result:
References:
https://docs.aws.amazon.com/vpc/latest/userguide/what-is-amazon-vpc.html
https://docs.aws.amazon.com/cdk/api/v2/docs/aws-cdk-lib.aws_ec2.Vpc.html
0
