0
1
00:00:00,210 --> 00:00:06,060
What we can do now is we can continue
on and what we'll do is we'll go back
1

2
00:00:06,060 --> 00:00:16,080
into our design template will load that
back in again so file open this time
2

3
00:00:16,080 --> 00:00:20,070
local file and our backspace template
and we'll bring it back in again
3

4
00:00:20,070 --> 00:00:24,300
and so that's we've done a bit of a
round trip there and we can start back
4

5
00:00:24,300 --> 00:00:34,950
up where we finished off so for a public
subnet to be a public subnet it needs to
5

6
00:00:34,950 --> 00:00:40,379
have an Internet gateway in its VPC
that it's associated with and it needs
6

7
00:00:40,379 --> 00:00:45,780
to have a route from the public subnet
through to that VPC, so that's what
7

8
00:00:45,780 --> 00:00:48,629
we're going to do now we're going to
create that Internet gateway, so I'll
8

9
00:00:48,629 --> 00:00:54,329
just make this a little bit bigger so we
can see what's going on and I'm going to
9

10
00:00:54,329 --> 00:01:01,170
go back into ec2 and select an Internet
gateway and I'm just going to drag and
10

11
00:01:01,170 --> 00:01:05,129
drop that Internet gateway onto the
canvas not onto the VPC just onto the
11

12
00:01:05,129 --> 00:01:10,890
blank canvas there and what we're going
to do now is that we can see here on the
12

13
00:01:10,890 --> 00:01:15,960
top right hand side there's a little
blue dot or blueish purple colored
13

14
00:01:15,960 --> 00:01:21,479
dot there and that is a VPC gateway
attachment what that means is that
14

15
00:01:21,479 --> 00:01:27,930
that's what we attach our internet
gateway to our VPC, so we just click on
15

16
00:01:27,930 --> 00:01:34,470
that on that that dot and you can see as
we click on it our VPC is highlighted
16

17
00:01:34,470 --> 00:01:40,009
in green so we just go over drop it onto
our VPC icon and it will create an
17

18
00:01:40,009 --> 00:01:46,140
association between the internet gateway
and that VPC so we go into components
18

19
00:01:46,140 --> 00:01:53,189
and we can see there that we have that
created but if we go into the template
19

20
00:01:53,189 --> 00:01:58,890
and we'll just make that a little bit
bigger we can see there that we've
20

21
00:01:58,890 --> 00:02:02,720
actually got our internet gateway
created there
21

22
00:02:02,720 --> 00:02:08,810
and we've got a Internet gateway
attachment which is referencing that
22

23
00:02:08,810 --> 00:02:12,650
that Internet gateway so it's going to
give that Internet gateway a name so
23

24
00:02:12,650 --> 00:02:18,050
it's bit easy to understand so we just
click on the Internet gateway and we're
24

25
00:02:18,050 --> 00:02:21,680
in the template will go into components
and we'll change the name of the
25

26
00:02:21,680 --> 00:02:30,770
Internet gateway so again we're just
called backspace ec2 Internet gateway
26

27
00:02:30,770 --> 00:02:36,590
that will be fine and we'll hit refresh
now if we have another look at our
27

28
00:02:36,590 --> 00:02:42,830
template and we'll just maximize that
again we can see there we've got our ec2
28

29
00:02:42,830 --> 00:02:49,310
Internet gateway and we've also got a 
VPC gateway attachment and that is
29

30
00:02:49,310 --> 00:03:00,200
referencing that ec2 VPC and also in
the back space ec2 Internet gateway so
30

31
00:03:00,200 --> 00:03:05,270
it's it's created a VPC attachment
between the internet gateway and that VPC
31

32
00:03:05,270 --> 00:03:14,510
okay so we've got a VPC and we've
got an Internet gateway we have an
32

33
00:03:14,510 --> 00:03:20,870
attachment of the Internet gateway to a
VPC we have a subnet within that VPC 
33

34
00:03:20,870 --> 00:03:27,080
but this subnet is still not a public
subnet because to become a public sub
34

35
00:03:27,080 --> 00:03:30,560
that we not only need an Internet
gateway and the Internet gateway
35

36
00:03:30,560 --> 00:03:37,100
attached to the VPC but we also need to
have a route from the public subnet
36

37
00:03:37,100 --> 00:03:40,610
through to that Internet gateway and
that's what we're going to do now so
37

38
00:03:40,610 --> 00:03:47,269
again we go into the EC2 section, we
select our route table this time and we
38

39
00:03:47,269 --> 00:03:53,300
drag and drop a route table onto our
public subnet, now I deliberately did
39

40
00:03:53,300 --> 00:03:59,540
this I created this error so cannot drop
this resource here the resource is too
40

41
00:03:59,540 --> 00:04:06,739
large what that means is not that the
resource itself is too big but the icon
41

42
00:04:06,739 --> 00:04:11,660
is too large so what I've done is that
you need to expand the container so that
42

43
00:04:11,660 --> 00:04:16,400
it fits in the resource you dropped what
that means is so I've grabbed this route
43

44
00:04:16,400 --> 00:04:20,780
table here if I plonk it in the middle it
doesn't come up with that error what I
44

45
00:04:20,780 --> 00:04:26,180
did is I I plonked it between two
entities here, so I plonked it both on
45

46
00:04:26,180 --> 00:04:31,070
the VPC and on the public subnet so
designer doesn't know where I want to
46

47
00:04:31,070 --> 00:04:33,770
put it because it's overlapping two
entities so you need to make sure that
47

48
00:04:33,770 --> 00:04:37,430
it doesn't overlap if you come up with
that error that's what it means
48

49
00:04:37,430 --> 00:04:41,900
so if you plonk it inside of the public
subnet you won't get that error so again
49

50
00:04:41,900 --> 00:04:48,380
we'll click on components and we're
going to give that a different name then
50

51
00:04:48,380 --> 00:04:57,500
we can recognize and again backspace EC2RT sounds good to me
51

52
00:04:57,500 --> 00:05:05,660
and we refresh the designer. Okay so
there are a number of things that we can
52

53
00:05:05,660 --> 00:05:10,760
modify here or that we need to actually
modify to make this for our table work
53

54
00:05:10,760 --> 00:05:15,500
so we go on here we've got a VPN gateway
route propagation we don't need to worry
54

55
00:05:15,500 --> 00:05:21,500
about that we have a subnet route table
Association so we need to associate this
55

56
00:05:21,500 --> 00:05:27,080
route table with a subnet that we need
to do so we click on that and we drag
56

57
00:05:27,080 --> 00:05:31,909
that over to our public subnet and put
that on there and there it's created
57

58
00:05:31,909 --> 00:05:38,659
that Association for this we have
another one there which is a VPC so we
58

59
00:05:38,659 --> 00:05:43,639
need to again we need to associate our
route table to a VPC as well as the
59

60
00:05:43,639 --> 00:05:48,260
public subnet or as well as a subnet so
you can see there that the VPC has been
60

61
00:05:48,260 --> 00:05:52,550
highlighted and we just click on that
like that and that will be fine so if we
61

62
00:05:52,550 --> 00:05:58,550
look into our editor and we can see
there that we have a reference to our
62

63
00:05:58,550 --> 00:06:08,690
backspace VPC them now that we've got
our route table defined and we've got it
63

64
00:06:08,690 --> 00:06:13,550
associated with both our subnet and a 
VPC we can drop a route entry into that
64

65
00:06:13,550 --> 00:06:19,550
route table they will define the route
between our Internet gateway and our
65

66
00:06:19,550 --> 00:06:26,659
public subnet so again we're going to
rename that again we click on it we
66

67
00:06:26,659 --> 00:06:30,080
select components and then we can Rename 
that, we're going to
67

68
00:06:30,080 --> 00:06:46,580
rename this public route and save when
refresh is designer and there we go okay
68

69
00:06:46,580 --> 00:06:50,599
so on this public route we have a number
of different attachments that we've got
69

70
00:06:50,599 --> 00:06:57,500
there and we have it depends on one now
we can't define this route if the
70

71
00:06:57,500 --> 00:07:02,120
Internet gateway doesn't exist we can't
define this route if the VPC doesn't
71

72
00:07:02,120 --> 00:07:06,590
exist and we can't define it
if there is no attachment there between
72

73
00:07:06,590 --> 00:07:11,479
Internet gateway and the VPC so what
we're going to do is we it depends on
73

74
00:07:11,479 --> 00:07:16,550
that being being created before we
create this so if we do if we click on
74

75
00:07:16,550 --> 00:07:21,800
depends on and you can see there that
it's going to be a number of options so
75

76
00:07:21,800 --> 00:07:27,830
we can depend on the VPC the Internet
gateway or the attachment so if we use
76

77
00:07:27,830 --> 00:07:34,340
the attachment and we'll just drag that
onto the attachment this route will not
77

78
00:07:34,340 --> 00:07:39,550
be created until the Internet gateways
created that VPC is created and the
78

79
00:07:39,550 --> 00:07:46,879
attachment is also created so there is
another thing that we need to have a
79

80
00:07:46,879 --> 00:07:53,569
look at so there are quite a lot of
things that we can use in this route
80

81
00:07:53,569 --> 00:07:59,000
entry so we've got here we can we can
have an ec2 instance here we can have
81

82
00:07:59,000 --> 00:08:05,389
VPC peering connection, a nat
gateway and egress only Internet gateway
82

83
00:08:05,389 --> 00:08:11,779
which is not what we've got here, we've
got the route table which we associated
83

84
00:08:11,779 --> 00:08:18,310
to and we've got the network interface
we don't have to worry about that
84

85
00:08:18,310 --> 00:08:24,979
Dependson we've already done but we've
also got here a VPN gateway or ec2
85

86
00:08:24,979 --> 00:08:30,919
Internet gateway attachment or Gateway
ideas it's called there so that is where
86

87
00:08:30,919 --> 00:08:39,229
we need to create this route between the
subnet and the Internet gateway so again
87

88
00:08:39,229 --> 00:08:43,940
we click on that and you can see there
in green our internet gateway has
88

89
00:08:43,940 --> 00:08:50,390
being highlighted we drag that over to
our internet gateway and that now has
89

90
00:08:50,390 --> 00:08:58,850
created that link between our public
subnet a route between a public subnet
90

91
00:08:58,850 --> 00:09:04,310
and our internet gateway so that is now
a public subnet because it has an
91

92
00:09:04,310 --> 00:09:09,440
Internet gateway it has an attachment
from the internet gateway to the VPC and
92

93
00:09:09,440 --> 00:09:15,320
it also has a route defined between that
subnet and the internet gateway which is
93

94
00:09:15,320 --> 00:09:22,580
what we need for it to become a public
subnet now the next thing we need to do
94

95
00:09:22,580 --> 00:09:26,990
is we need to define what the
destination CIDR block is going to be
95

96
00:09:26,990 --> 00:09:31,040
it's going to be to the wider Internet
and it's going to be to everything so
96

97
00:09:31,040 --> 00:09:37,880
what we can do is I will just go into
the the notes and I'll just select a
97

98
00:09:37,880 --> 00:09:46,640
destination CIDR block and I'll just
click on our route again open the editor
98

99
00:09:46,640 --> 00:09:52,000
up and put it into the properties in
99

100
00:09:53,500 --> 00:09:59,780
okay so we've got a route table ID which
is our backspace ec2 round table we've
100

101
00:09:59,780 --> 00:10:05,450
got a gateway ID which is our backspace
ec2 Internet gateway and we've also got
101

102
00:10:05,450 --> 00:10:13,160
our destination CIDR block there of 0
is 0 0 is 0 /0 or everything, so that
102

103
00:10:13,160 --> 00:10:17,950
is what we need to do to create that
route, so we just click on refresh and
103

104
00:10:17,950 --> 00:10:22,550
that's done that for us, so what we can
do now is that we can look at first of
104

105
00:10:22,550 --> 00:10:27,530
all saving this what we've done, so we're
just go into here file save again local
105

106
00:10:27,530 --> 00:10:38,060
file save that there we'll give a name
backspace template is fine and what
106

107
00:10:38,060 --> 00:10:43,280
we can do now is we can go into cloud
formation, we leave that, we've already
107

108
00:10:43,280 --> 00:10:48,920
saved it, now instead of creating a new
stack we can update this stack, so we
108

109
00:10:48,920 --> 00:10:54,830
just click on that stack, now we click on
update stack, we choose a
109

110
00:10:54,830 --> 00:10:59,620
file first,
so our new file that we just created
110

111
00:10:59,620 --> 00:11:12,820
click on next and we keep the stack name
the same and next, and we update, and that
111

112
00:11:12,820 --> 00:11:21,170
update is in progress, and after certain
amount of time that update will be
112

113
00:11:21,170 --> 00:11:29,000
completed. Ok so after a certain amount
of time we're going to see the update
113

114
00:11:29,000 --> 00:11:33,950
has been completed we can see here that
the saying here that updates completed
114

115
00:11:33,950 --> 00:11:38,480
the EC2 route has been created the VPN
gateway attachment the subnet route
115

116
00:11:38,480 --> 00:11:45,320
table Association all that has been
created successfully so again we'll jump
116

117
00:11:45,320 --> 00:11:53,930
back into the design template and we'll
bring it back in again so file open
117

118
00:11:53,930 --> 00:11:57,230
their local file the one that we last
saved
118

119
00:11:57,230 --> 00:12:03,350
so again try and use different names for
each different template and there it is
119

120
00:12:03,350 --> 00:12:07,060
so we just zoom in a little bit