AWS: Create a VPC and Launch EC2 Instance using the CLI
What we will be doing Today:
In this tutorial we will setup a VPC on AWS with the AWS CLI tools, and also Launching an EC2 Instance to our newly created VPC.
This will include:
- Creating the VPC, Enabling DNS and DNS Hostname Support
- Creating and Attaching our Internet Gateway
- Creating our Subnets, associating our Route Tables
- Creating a Security Group, authorizing SSH traffic
- Creating a SSH KeyPair
- Launching an Amazon Linux Instance on EC2
- and Finally, connecting to our Instance
Getting Started:
Create the VPC, you will be returned with the vpcid
:
$ aws ec2 create-vpc --cidr-block 192.168.0.0/16 --query 'Vpc.VpcId'
``` <p>
`"vpc-abcfddde"`
Enable DNS and DNS Hostname Support:
```language-bash
$ aws ec2 modify-vpc-attribute --vpc-id <returned-vpcid> --enable-dns-support "{\"Value\":true}"
$ aws ec2 modify-vpc-attribute --vpc-id <returned-vpcid> --enable-dns-hostnames "{\"Value\":true}"
``` <p>
Create an Internet Gateway and associate the Internet Gateway to your VPC:
```language-bash
$ aws ec2 create-internet-gateway --query 'InternetGateway.InternetGatewayId'
"igw-bb8604df"
$ aws ec2 attach-internet-gateway --internet-gateway-id <returned-igw> --vpc-id <returned-vpcid>
``` <p>
Create a Subnet, Specify your CIDR, and associate it to your VPC.
Then create a Routing Table by specifying the VPC you would like to associate the Routing Table to and then associate the returned routing table id with your returned subnet id. Then create a routing entry to the default gateway which will be the Internet Gateway (IGW)
```language-bash
$ aws ec2 create-subnet --vpc-id <returned-vpcid> --cidr-block 192.168.0.0/16 --query 'Subnet.SubnetId'
"subnet-dc143384"
$ aws ec2 create-route-table --vpc-id <returned-vpcid> --query 'RouteTable.RouteTableId'
"rtb-9c6ddffb"
$ aws ec2 associate-route-table --route-table-id <returned-route-tblid> --subnet-id <returned-subnetid>
$ aws ec2 create-route --route-table-id <returned-route-tblid> --destination-cidr-block 0.0.0.0/0 --gateway-id <returned-igw>
``` <p>
Create a Security Group and add an inbound rule to allow SSH traffic from everywhere:
```language-bash
$ aws ec2 create-security-group --group-name my-security-group --description "my-security-group" --vpc-id <returned-vpcid> --query 'GroupId'
"sg-ca4b85b3"
$ aws ec2 authorize-security-group-ingress --group-id <returned-security-groupid> --protocol tcp --port 22 --cidr 0.0.0.0/0
``` <p>
Create a KeyPair, output it to disk:
```language-bash
$ aws ec2 create-key-pair --key-name myKey --query 'KeyMaterial' --output text > ~/.ssh/myKey.pem
``` <p>
Apply needed permissions:
```language-bash
$ chmod 400 ~/.ssh/myKey.pem
``` <p>
Now we will launch an EC2 Instance into our VPC. When looking for the Latest Amazon Linux HVM AMI, you can call a describe-images call and [thanks to](https://recursive.cloud/blog/latest-amazon-ami/):
```language-bash
$ aws ec2 describe-images --owners amazon --filters 'Name=name,Values=amzn-ami-hvm-????.??.?.x86_64-gp2' 'Name=state,Values=available' | jq -r '.Images | sort_by(.CreationDate) | last(.[]).ImageId'
ami-f9dd458a
``` <p>
Launch EC2 Instance:
```language-bash
$ aws ec2 run-instances --image-id ami-f9dd458a --count 1 --instance-type t2.micro --key-name myKey --security-group-ids <returned-security-groupid> --subnet-id <returned-subnetid> --associate-public-ip-address --query 'Instances[0].InstanceId'
"i-1234528abce88b44"
``` <p>
Get the Public IP by calling the Describe-Instances API call:
```language-bash
$ aws ec2 describe-instances --instance-ids <returned-instance-id --query 'Reservations[0].Instances[0].PublicDnsName'
"ec2-34-12-34-56.eu-west-1.compute.amazonaws.com"
``` <p>
SSH into your EC2 Instance with your KeyPair and Public IP:
```language-bash
$ ssh -i ~/.ssh/myKey.pem ec2-user@ec2-34-12-34-56.eu-west-1.compute.amazonaws.com
[ec2-user@ip-192-168-103-84 ~]$
``` <p>
Aditionally, you can also tag your resource, by doing the following:
```language-bash
$ aws ec2 create-tags --resources "i-1234528abce88b44" --tags 'Key="ENV",Value=DEV'
``` <p>