Deploying a Bastion Server in a Public Subnet with?AWS

A Virtual private cloud, or VPC, gives you an isolated network environment in AWS. You can launch AWS resources in your VPC. Let’s create a VPC step by step.

1. Create?Subnets:

1. Search “VPC” on the search bar.
2. Click on VPC then click on Create VPC
3. You need to give a VPC Name (Test-VPC), an IPV4 CIDR block(10.0.0.0/16), and all other things you may keep it default and then click Create VPC.

I am also attaching those screenshots here how can go through this process

Great! You have successfully created your VPC. Now we will create a public subnet where we will host our Node.js Server.

2. Create?Subnets:?

Subnets help you to partition your VPC’s IP address into smaller segments. To create a subnet inside your VPC, let’s follow those steps.

In your VPC dashboard on the left side, you will find a subnet menu click there, and you will find a create subnet button when you click it, it will open a form

1. Select your desired VPC ID, in my case it is Test-VPC
2. Give a subnet name, in my case it is a public subnet
3. Select an availability zone
4. you need to define a CIDR also as like as you Defined when created your VPC
5. Finally, click on the Create VPC button

Here is some screenshot that will help you to understand it better

Now you need to attach an Internet Gateway with your VPC to communicate with the Internet. So let’s create an IGW (internet gateway)

3. Create Internet?Gateway:

It is fairly simple to create an internet gateway just like a subnet, you will find it on your VPC dashboard’s left side. When you click there, it will open a form. Just give the name of your internet gateway and hit the Create button.

We just created IGW, but we need to attach it to your VPC So select your IGW→Click Action→Attach to VPC→select your VPC→click

?Attach internet gateway

Now we need to define a route table to control the routing of network traffic within our VPC

4. Create Route?Tables

give your route table name→select your VPC→click create table

now you need to add the route to the internet gateway that you created Firstly select your newly created route table then Routes tab→Edit Routes→Add route→destination 0.0.0.0/0→Target select your internet gateway→click save

Now you need to Associate this route table with your public subnet too In the “Subnet associations” tab, click “Edit subnet associations” then select your public subnet and click save

Now we need to work with our security group

5. Create Security?Group

The security group works like a virtual firewall for our EC2 instances to control inbound and outbound traffic. For inbound rules, our Type will be SSH and Source will be anywhere, and for Outbound rules, Type will be All Traffic, and Destination will be Anywhere.

Now we will Launch our EC2 instances

6. Launch EC2 Instances

EC2 instances are virtual servers in the cloud. To launch a public EC2 instance need to give the instance name→select an IOS image→Select instance type→create a key pair→ From the network setting select your VPC, public-subnet and your created security group also enable Auto-assign public IP.

That's all. Now you can connect your EC2 instance.

• Open your terminal.
• Navigate to the directory containing your public-key-pair.pem file.
• Run the following command to set the correct permissions:

chmod 400 "public-key-pair.pem"
ssh -i "public-key-pair.pem" ubuntu@<ec2instance's-public-IP>