Configuring AWS CLI and Creating VPC from CLI

• Watch Here for configuring and installing aws cli
• Lets use cli to create vpc, 4 subnets, two route tables (public and private), igw and change public route table routes
• How to find cli commands
  • Using google aws <service> cli so our command would be aws vpc cli
  • Build the basic command as mentioned in the image aws ec2 create-vpc <options>
  • Now navigate to console to findout options
  • Now compare these options with cli options
  • Now lets build an aws cli command to create a vpc with cidr range of 10.10.0.0/16

  aws ec2 create-vpc --cidr-block 10.10.0.0/16
  

  • whenever we execute a command we get some return values from aws. The structure would as mentioned in the output section. generally we get id for most of the cli commands
  • Make a note of vpc-id
  • Now lets create subnet-1

  aws ec2 create-subnet --cidr-block 10.10.0.0/24 --vpc-id 'vpc-0aeff0cc4443b28c9' --availability-zone 'ap-south-1a'
  

  
  • Now create other 3

  aws ec2 create-subnet --cidr-block 10.10.0.0/24 --vpc-id 'vpc-0aeff0cc4443b28c9' --availability-zone 'us-west-2a'
  # subnet-0f0773903274c200a
  
  aws ec2 create-subnet --cidr-block 10.10.1.0/24 --vpc-id 'vpc-0aeff0cc4443b28c9' --availability-zone 'us-west-2b'
  # subnet-0926413588e319ce0
  
  aws ec2 create-subnet --cidr-block 10.10.2.0/24 --vpc-id 'vpc-0aeff0cc4443b28c9' --availability-zone 'us-west-2c'
  # subnet-08afbbf3b9a05b575
  
  aws ec2 create-subnet --cidr-block 10.10.3.0/24 --vpc-id 'vpc-0aeff0cc4443b28c9' --availability-zone 'us-west-2a'
  #subnet-070c68a2f0ac13c51
  

  • We can verify the vpcids and subnet ids on the console. What should we do if we don’t have console access, we can use cli to query the details. AWS CLI generally has describe commands for querying

  aws ec2 describe-vpcs
  
  aws ec2 describe-vpcs --filters "Name=cidr, Values=10.10.0.0/16"
  

  • Can you find subnets

  aws ec2 describe-subnets
  aws ec2 describe-subnets --filter "Name=vpc-id, Values=vpc-0aeff0cc4443b28c9"
  aws ec2 describe-subnets --filter "Name=vpc-id, Values=vpc-0aeff0cc4443b28c9" "Name=availability-zone, Values=us-west-2b"
  

  • When we create vpc a default route table is created, find that route table information of your vpc

  aws ec2 describe-route-tables --filter "Name=vpc-id, Values=vpc-0aeff0cc4443b28c9"
  

  • Now create a route table in your vpc
  • Create an internet gateway and attach to your vpc

  aws ec2 create-route-table --vpc-id vpc-0aeff0cc4443b28c9
  # rtb-091eb84749f25aaee
  aws ec2 create-route-table --vpc-id vpc-0aeff0cc4443b28c9
  # rtb-0f84064aa86550c90
  
  aws ec2 create-internet-gateway
  # igw-0d5ccecf38dfdaf9b
  
  aws ec2 attach-internet-gateway --internet-gateway-id igw-0d5ccecf38dfdaf9b --vpc-id vpc-0aeff0cc4443b28c9
  

  • Lets associate one route-table (rtb-091eb84749f25aaee) to two subnets (one and two)

  aws ec2  associate-route-table --route-table-id rtb-091eb84749f25aaee --subnet-id subnet-0f0773903274c200a
  # "AssociationId": "rtbassoc-0a0e5995ca9940ba8"
  
  aws ec2  associate-route-table --route-table-id rtb-091eb84749f25aaee --subnet-id subnet-0926413588e319ce0
  # "AssociationId": "rtbassoc-000721624c4ffa39c"
  

  • Lets associate second route table with remaining subnets and make note of association ids

  aws ec2 associate-route-table --route-table-id rtb-0f84064aa86550c90 --subnet-id subnet-08afbbf3b9a05b575
  #"AssociationId": "rtbassoc-006cc54051e2521a9"
  
  aws ec2 associate-route-table --route-table-id rtb-0f84064aa86550c90 --subnet-id subnet-070c68a2f0ac13c51
  # "AssociationId": "rtbassoc-014341b74f85e9fff"
  

  • Now lets make route table (rtb-091eb84749f25aaee) public

  aws ec2 create-route --route-table-id rtb-091eb84749f25aaee --gateway-id igw-0d5ccecf38dfdaf9b --destination-cidr-block 0.0.0.0/0
  

  • Now verify in the console and experiment with two ec2 instances in public and private subnets
  • Exercise: Write CLI to delete whatever you create