1. Create a VPC
aws ec2 create-vpc –cidr-block 10.0.0.0/16
2. Create a VPC with dedicated tenancy
aws ec2 create-vpc –cidr-block 10.0.0.0/16 –instance-tenancy dedicated
3. Create a VPC with an IPv6 CIDR block
aws ec2 create-vpc –cidr-block 10.16.0.0/16 –amazon-provided-ipv6-cidr-block >> /root/awscreateVPC.json
4. Create a subnet within the VPC
aws ec2 create-subnet –vpc-id vpc-b774aace –cidr-block 10.16.1.0/24 >> /root/awscreateSubnet1.json
aws ec2 create-subnet –vpc-id “vpc-b774aace” –cidr-block “10.16.2.0/24” –availability-zone “us-east-1a” >> /root/awscreateSubnet2.json
6. Delete VPC
aws ec2 delete-vpc –vpc-id vpc-7c6ab405
7. Create route table (a default route table is created during vpc creation)
aws ec2 create-route-table –vpc-id vpc-b774aace >> /root/awscreateRouteTable.json
8. Associate subnet (say our subnet2 id = subnet-2b8a2c07) with the above route table (say route table id = rtb-0068f078)
aws ec2 associate-route-table –route-table-id rtb-0068f078 –subnet-id subnet-2b8a2c07 >> /root/awsassociateRouteTable.json
9. Dissociate subnet from route table
aws ec2 disassociate-route-table –association-id rtbassoc-802b6efb
10. Create Internet Gateway
aws ec2 create-internet-gateway >> /root/awscreateInternetGateway.json
11. Attach Internet Gateway to VPC (An Internet gateway already attached to an vpc cannot be attached to another vpc)
aws ec2 attach-internet-gateway –internet-gateway-id igw-b946d3df –vpc-id vpc-b774aace >> /root/awsattachInternetGateway.json
12. Detach Internet Gateway
aws ec2 detach-internet-gateway –internet-gateway-id igw-b946d3df –vpc-id vpc-b774aace
13. Create Route (To create new route you need a Internet Gateway, Network Interface, or Virtual Private Gateway as targets.)
aws ec2 create-route –route-table-id rtb-714cd209 –destination-cidr-block 0.0.0.0/0 –gateway-id igw-b946d3df
14. Create NACL
aws ec2 create-network-acl –vpc-id vpc-b774aace >> /root/awscreateNetworkACL.json
15. Create NACL entry (to add a allow or deny rule)
aws ec2 create-network-acl-entry –network-acl-id acl-f769128e –ingress –rule-number 25 –protocol tcp –port-range From=22,To=22–cidr-block 0.0.0.0/0 –rule-action allow
aws ec2 create-network-acl-entry –network-acl-id acl-f769128e –ingress –rule-number 35 –protocol tcp –port-range From=80,To=80–cidr-block 0.0.0.0/0 –rule-action allow
aws ec2 create-network-acl-entry –network-acl-id acl-f769128e –ingress –rule-number 50 –protocol all –port-range From=0,To=65535 –cidr-block 10.16.2.251/32 –rule-action deny
aws ec2 create-network-acl-entry –network-acl-id acl-f769128e –exgress –rule-number 50 –protocol all –port-range From=0,To=65535 –cidr-block 10.16.2.251/32 –rule-action deny
16. Modify NACL Entry
aws ec2 replace-network-acl-entry –network-acl-id acl-f769128e –ingress –rule-number 100 –protocol all –port-range From=0,To=65535 –cidr-block 10.16.2.0/24 –rule-action allow
17. create security group
aws ec2 create-security-group –group-name mySG1 –description “my security group” –vpc-id vpc-b774aace
18. Create SG inbound (To add a rule that allows inbound SSH traffic)
aws ec2 authorize-security-group-ingress –group-id sg-3fdcc241 –protocol tcp –port 22 –cidr 0.0.0.0/0
19. Create SG inbound (To add a rule that allows inbound HTTP traffic from another security group)
aws ec2 authorize-security-group-ingress –group-id sg-3fdcc241 –protocol tcp –port 80 –cidr 0.0.0.0/0
Note: for https use port 443
20. Create key pair
aws ec2 create-key-pair –key-name MyKeyPair –query ‘KeyMaterial’ –output text >> /root/awsMyKeyPair.pem
aws ec2 create-key-pair –key-name MyKeyPair –query ‘KeyMaterial’ –output text | out-file -encoding ascii -filepath MyKeyPair.pem [windows powershell]
21. Launches the specified number of instances using an AMI for which you have permissions.
aws ec2 run-instances
15. Delete route table
aws ec2 delete-route-table –route-table-id rtb-4069f138
9. aws ec2 associate-route-table –route-table-id rtb-22574640 –subnet-id subnet-9d4a7b6c
4. To create an endpoint
aws ec2 create-vpc-endpoint –vpc-id vpc-1a2b3c4d –service-name com.amazonaws.us-east-1.s3 –route-table-ids rtb-11aa22bb
This example creates a VPC endpoint between VPC vpc-1a2b3c4d and Amazon S3 in the us-east-1 region, and associates route table rtb-11aa22bb with the endpoint.
5. To create a VPC peering connection between your VPCs
aws ec2 create-vpc-peering-connection –vpc-id vpc-1a2b3c4d –peer-vpc-id vpc-11122233
6. To create a VPC peering connection with a VPC in another account
aws ec2 create-vpc-peering-connection –vpc-id vpc-1a2b3c4d –peer-vpc-id vpc-11122233 –peer-owner-id 123456789012
7. To create a VPN connection with dynamic routing
aws ec2 create-vpn-connection –type ipsec.1 –customer-gateway-id cgw-0e11f167 –vpn-gateway-id vgw-9a4cacf3
8. To create a static route for a VPN connection
aws ec2 create-vpn-connection-route –vpn-connection-id vpn-40f41529 –destination-cidr-block 11.12.0.0/16
9. To create a virtual private gateway
Recent Comments