/ AWS

AWS: Create a VPC and Launch EC2 Instance using the CLI

What we will be doing Today:

In this tutorial we will setup a VPC on AWS with the AWS CLI tools, and also Launching an EC2 Instance to our newly created VPC.

This will include:

  • Creating the VPC, Enabling DNS and DNS Hostname Support
  • Creating and Attaching our Internet Gateway
  • Creating our Subnets, associating our Route Tables
  • Creating a Security Group, authorizing SSH traffic
  • Creating a SSH KeyPair
  • Launching an Amazon Linux Instance on EC2
  • and Finally, connecting to our Instance

Getting Started:

Create the VPC, you will be returned with the vpcid:

$ aws ec2 create-vpc --cidr-block 192.168.0.0/16 --query 'Vpc.VpcId' 
``` <p>
`"vpc-abcfddde"`


Enable DNS and DNS Hostname Support:

```language-bash
$ aws ec2 modify-vpc-attribute --vpc-id <returned-vpcid> --enable-dns-support "{\"Value\":true}"

$ aws ec2 modify-vpc-attribute --vpc-id <returned-vpcid> --enable-dns-hostnames "{\"Value\":true}"
``` <p>

Create an Internet Gateway and associate the Internet Gateway to your VPC:

```language-bash
$ aws ec2 create-internet-gateway --query 'InternetGateway.InternetGatewayId' 
"igw-bb8604df"

$ aws ec2 attach-internet-gateway --internet-gateway-id <returned-igw> --vpc-id <returned-vpcid>
``` <p>

Create a Subnet, Specify your CIDR, and associate it to your VPC. 

Then create a Routing Table by specifying the VPC you would like to associate the Routing Table to and then associate the returned routing table id with your returned subnet id. Then create a routing entry to the default gateway which will be the Internet Gateway (IGW)

```language-bash
$ aws ec2 create-subnet --vpc-id <returned-vpcid> --cidr-block 192.168.0.0/16 --query 'Subnet.SubnetId' 
"subnet-dc143384"

$ aws ec2 create-route-table --vpc-id <returned-vpcid> --query 'RouteTable.RouteTableId' 
"rtb-9c6ddffb"

$ aws ec2 associate-route-table --route-table-id <returned-route-tblid> --subnet-id <returned-subnetid>

$ aws ec2 create-route --route-table-id <returned-route-tblid> --destination-cidr-block 0.0.0.0/0 --gateway-id <returned-igw>
``` <p>

Create a Security Group and add an inbound rule to allow SSH traffic from everywhere:

```language-bash
$ aws ec2 create-security-group --group-name my-security-group --description "my-security-group" --vpc-id <returned-vpcid> --query 'GroupId' 
"sg-ca4b85b3"

$ aws ec2 authorize-security-group-ingress --group-id <returned-security-groupid> --protocol tcp --port 22 --cidr 0.0.0.0/0
``` <p>

Create a KeyPair, output it to disk:

```language-bash
$ aws ec2 create-key-pair --key-name myKey --query 'KeyMaterial' --output text > ~/.ssh/myKey.pem
``` <p>

Apply needed permissions:

```language-bash
$ chmod 400 ~/.ssh/myKey.pem
``` <p>

Now we will launch an EC2 Instance into our VPC. When looking for the Latest Amazon Linux HVM AMI, you can call a describe-images call and [thanks to](https://recursive.cloud/blog/latest-amazon-ami/): 

```language-bash
$ aws ec2 describe-images --owners amazon --filters 'Name=name,Values=amzn-ami-hvm-????.??.?.x86_64-gp2' 'Name=state,Values=available' | jq -r '.Images | sort_by(.CreationDate) | last(.[]).ImageId'
ami-f9dd458a
``` <p>

Launch EC2 Instance:

```language-bash
$ aws ec2 run-instances --image-id ami-f9dd458a --count 1 --instance-type t2.micro --key-name myKey --security-group-ids <returned-security-groupid> --subnet-id <returned-subnetid> --associate-public-ip-address --query 'Instances[0].InstanceId' 
"i-1234528abce88b44"
``` <p>

Get the Public IP by calling the Describe-Instances API call:

```language-bash
$ aws ec2 describe-instances --instance-ids <returned-instance-id --query 'Reservations[0].Instances[0].PublicDnsName' 
"ec2-34-12-34-56.eu-west-1.compute.amazonaws.com"
``` <p>

SSH into your EC2 Instance with your KeyPair and Public IP:

```language-bash
$ ssh -i ~/.ssh/myKey.pem ec2-user@ec2-34-12-34-56.eu-west-1.compute.amazonaws.com
[ec2-user@ip-192-168-103-84 ~]$
``` <p>

Aditionally, you can also tag your resource, by doing the following:

```language-bash
$ aws ec2 create-tags --resources "i-1234528abce88b44" --tags 'Key="ENV",Value=DEV'
``` <p>