Skip to main content

Subnet Allocation

When we set up a VPC for an environment (AWS account) we provide subnets for transit gateway connection, protected reources such as VPC endpoints, along with a general subnet set. See the subnets section for more information.

Here we go into a bit more detail on how the CIDR ranges have been created and how they are allocated.

Transit Gateway and Protected subnets allocation

Subnets allocation

Subnet Sets

Subnet sets allocation

How have we decided the ranges?

We analysed the existing MoJ network infrastructure to ensure that we didn’t clash with any existing ranges. The modernisation platform CIDR ranges are documented here. Predefining these IP ranges it makes it easier for us to onboard new applications.


Below is an example of how CIDR ranges would be assigned. In this example there are 2 additional subnet sets for this VPC, but normally we would expect the general set to be enough for a business area.

Subnets example

This page was last reviewed on 28 June 2024. It needs to be reviewed again on 28 December 2024 by the page owner #modernisation-platform .
This page was set to be reviewed before 28 December 2024 by the page owner #modernisation-platform. This might mean the content is out of date.