We are now going to redeploy our application in the new VPC. We will start by generating the new template as follows:

$ python nodeserver-vpc-cf-template.py > nodeserver-vpc-cf.template  

We will use the web interface of CloudFormation to create our new stack:

1. Open the CloudFormation service in your browser by accessing the following URL:

https://console.aws.amazon.com/cloudformation

2. Click on Create Stack.
3. On the next page, click on Browse to select the file nodeserver-vpc-cf.template that we just generated and click on Next.

4. This will bring us to the following screen:

Start by providing a name to the stack such as helloworld-vpc-10, select t2.micro as your instance type, EffectiveDevOpsAWS as your KeyPair and set the ScaleCapacity to 2. Next, we will want to set the PrivateSubnet, PublicSubnet and the VPCId such that our application will now run on our custom VPC. Fill up those fields as shown in the preceding screenshot.

5. Complete the creation of the stack by clicking Next on the next two screens, acknowledge that you are aware of the IAM changes by clicking on the checkbox and, finally, click on Update.

When CloudFormation is done updating our stack, the most notable change will be that our EC2 instances will now have only private IPs:

The instances launched into a virtual private subnet can't communicate with the outside network, the only way those instances can be accessed now is through other resources in the public subnet or by attaching a virtual private gateway to the VPC. If you are working from an office equipped with a customer gateway supporting IPSec hardware VPN such as a Cisco ASA, you can refer to http://amzn.to/2rKAQMA to configure them to create a direct connection to the VPC. If you don't have such infrastructure or want a disaster recovery backup mechanism, you can create a VPN server in your public subnet.