4. Networking setup for Private Roost ControlPlane

Create Subnet, Route Table, NAT Gateway for Private EC2 instance to connect to Internet

To setup private Roost Controlplane, follow below mentioned steps to create private subnet with NAT gateway attached. This prevents external (internet) traffic to reach to private instance instead allows private EC2 instance to connect with internet (one-way). Observe below diagram for reference

Open

Subnet Creation
1. Open Subnet section in VPC Service of AWS.
2. Click on Create Subnet.

Open

3. Select your VPC where you will start your controlplane.

4. Type your Subnet name, choose availability zone and pick your IPv4 CIDR block.
5. Click on Create Subnet.

NAT Gateway Creation
1. Go to NAT Gateway section in VPC Service of AWS.
2. Click on Create NAT Gateway.

3. Type your gateway name, choose any public subnet where Internet Gateway is attached, Connectivity type as public and click on Allocate Elastic IP.

4. Click on Create NAT Gateway.

Route Table Creation
1. Go to Route Tables section in VPC service of AWS.
2. Click on Create Route Table.

3. Type your Route Table name and select your VPC where your control-plane will be running.

4. Click on Create route table.
5. After creation Edit routes of table by clicking Edit routes.

6. Add the entry in route table where destination is 0.0.0.0/0 and Target will be your NAT Gateway which we have created in above step.

7. Save the changes.

Associate the Subnet with newly created Route Table

1. Go to Subnet Section of VPC Service of AWS.
2. Click on Subnet that is created in the above step.

3. Click Route table in bottom configuration view.

4. Click on Edit route table association.

5. Select your newly created route table from the dropdown.

6. Click on Save.

The Private Subnet with Internet is ready and we can now start our control-plane in the same VPC and Subnet.