Amazon VPC Subnets
A subnet or subnetwork is a logical sub-division of an IP network into multiple smaller networks.
In AWS a subnet is a component(A range of IP addresses) within your VPC to provide a logical grouping of resources. A subnet can exist within one and only one Availability Zone (1 Subnet == 1 Availability Zone). You can launch AWS resources into any selected subnet.
Types of subnet
- Public subnet
- Private subnet
Public Subnet
A public subnet is used to launch resources that must be connected to the internet for example Web Application Server. A public subnet associated with the main route table directs the subnet’s traffic to the Amazon VPC’s Internet Gateway (IGW).
Private Subnet
A Private subnet is used to launch resources that don’t need an internet connection. It secures resources such as database instances from direct access to the Internet. A private subnet associated with the route table that does not direct the subnet’s traffic to the Amazon VPC’s Internet Gateway (IGW).
Important Points about Subnet
- A VPC can span multiple Availability Zones in the Region, but the subnet is always mapped with one and only Availability Zone.
- If you create more than one subnet in a VPC, the CIDR blocks of the subnets must not overlap.
- Subnet inbound and outbound traffic can be controlled using network ACLs.
- Each subnet must be associated with a route table to allow routes for outbound traffic leaving the subnet.
- By default every subnet that you create is automatically associated with the main route table for the VPC.
- You can change the subnet association with main route table.
- All subnets have auto-assign IP settings that determine whether a network interface created in the subnet automatically receives a public IPv4 address or not.
- If you want your instance in a public subnet to communicate with the internet over IPv4, Subnet must have auto-assign IP settings enabled, or use an Elastic IP address (IPv4).