In this tutorial i will describe the steps required to create a VPC using AWS CLI.
1. You need to have a configured AWS CLI on your system. (Refer this tutorial: Configure AWS cli)
First step in creating VPC is decding on the CIDR range. The maximum CIDR range you can have on AWS is /16 network. In this tutorial i am goin to create a VPC with CIDR range 10.0.0.0/16. Please note down all the id’s created in a notepad when you are executing the comand.
To create VPC, we have a aws cli command
create-vpc. Execute the following command to create a VPC with 10.0.0.0/16 range.
aws ec2 create-vpc --cidr-block 10.0.0.0/16
The above command will give an out with a parameter named
VpcId. Note down the Id because we would need it for further commands.
Also Checkout: AWS online Courses
Next, we need to create subnets for the VPC we created. Subnets basically gives you a segregation for you application. Lets say you have a front end, app tier and Db tier. You might need 6 subnets to host that application in high availability mode.
Foe this demo, I will create two subnets, one private and one public.
Execute the following command to create a subnet using
Note: Replace the VPC Id with yours.
aws ec2 create-subnet --vpc-id vpc-99e344fd --cidr-block 10.0.1.0/24
Create the second subnet using the following command.
aws ec2 create-subnet --vpc-id vpc-99e344fd --cidr-block 10.0.2.0/24
Note down the subnet id from the output. We will need it later.
If you want to access ec2 instances over internet, you should attach an internet gateway to your VPC.
You can create an internet gateway using
create-internet-gateway command. Execute the following command to create one.
aws ec2 create-internet-gateway
Note down the
InternetGatewayId from the output.
Attach the internet gateway to the VPC using e
c2 attach-internet-gateway command as shown below. Replace the id’s with your id’s accordingly.
aws ec2 attach-internet-gateway --internet-gateway-id igw-5d685a38 --vpc-id vpc-99e344fd
First, create a route table. Replace the VPC id with yours.
aws ec2 create-route-table --vpc-id vpc-99e344fd
Note down the
Attaching internet gateway does not make all the subnets public. If you want to make a subnet public, you need to add a route table with internet gateway to subnet.
aws ec2 create-route --route-table-id rtb-b86fe2dc --destination-cidr-block 0.0.0.0/0 --gateway-id igw-5d685a38
Associate the route table with the second subnet using
associate-route-table command and the ids.
aws ec2 associate-route-table --route-table-id rtb-b86fe2dc --subnet-id subnet-3b839262
Now our second subnet is a public subnet as we associated a route table with interget gateway rule. We can now launch an instance to the public subnet which can be accessed over the internet. If you launch an ec2 instance in the private subnet (first subnet – 10.0.1.0/24), you will not be able to access it as it does not have an internet gateway rule. But all the instances in a VPC can talk to each other using its private IP’s.
Now we will launch an EC2 instance in the public subnet usint CLI. I hope you have all the id’s noted down in a text file. We will be using those id’s for instance launch.
There are few parametes you shold know before launching the instance.
1. AMI ID: id of the image (OS) that you want to launch.You can get this id from the AWS laucnh wizard as shown below.
2. Secutity Group ID: Create a security group and get the id.
3. Subnet ID
4. Key pair Name – Create a key pair and note down the name.
Execute the following command with relevant ID’s to launch the instance in public subnet.
aws ec2 run-instances --image-id ami-9abea4fb --count 1 --instance-type t2.micro --key-name test-key --security-group-ids sg-af7a50c8 --subnet-id subnet-3b839262 --associate-public-ip-address