1. Create a VPC<\/p>\n
aws ec2 create-vpc –cidr-block 10.0.0.0\/16<\/p>\n
2. Create a VPC with dedicated tenancy<\/p>\n
aws ec2 create-vpc –cidr-block 10.0.0.0\/16 –instance-tenancy dedicated<\/p>\n
3. Create a VPC with an IPv6 CIDR block<\/p>\n
aws ec2 create-vpc –cidr-block 10.16.0.0\/16 –amazon-provided-ipv6-cidr-block >> \/root\/awscreateVPC.json<\/p>\n
4. Create a subnet within the VPC<\/p>\n
aws ec2 create-subnet –vpc-id\u00a0 vpc-b774aace –cidr-block 10.16.1.0\/24\u00a0 >> \/root\/awscreateSubnet1.json<\/p>\n
aws ec2 create-subnet –vpc-id\u00a0 “vpc-b774aace” –cidr-block “10.16.2.0\/24”\u00a0 –availability-zone\u00a0 “us-east-1a” >> \/root\/awscreateSubnet2.json<\/p>\n
6. Delete VPC<\/p>\n
aws ec2 delete-vpc\u00a0 –vpc-id vpc-7c6ab405<\/p>\n
7. Create route table (a default route table is created during vpc creation)<\/p>\n
aws ec2 create-route-table –vpc-id vpc-b774aace\u00a0 >>\u00a0 \/root\/awscreateRouteTable.json<\/p>\n
8. Associate subnet (say our subnet2 id = subnet-2b8a2c07) with the above route table (say route table id = rtb-0068f078)<\/p>\n
aws ec2 associate-route-table –route-table-id\u00a0 rtb-0068f078 –subnet-id subnet-2b8a2c07 >>\u00a0 \/root\/awsassociateRouteTable.json<\/p>\n
9. Dissociate subnet from route table<\/p>\n
aws ec2 disassociate-route-table –association-id rtbassoc-802b6efb<\/p>\n
10. Create Internet Gateway<\/p>\n
aws ec2 create-internet-gateway >> \/root\/awscreateInternetGateway.json<\/p>\n
11. Attach Internet Gateway to VPC (An Internet gateway already attached to an vpc cannot be attached to another vpc)<\/p>\n
aws ec2 attach-internet-gateway –internet-gateway-id\u00a0\u00a0 igw-b946d3df\u00a0\u00a0 –vpc-id vpc-b774aace >> \/root\/awsattachInternetGateway.json<\/p>\n
12. Detach Internet Gateway<\/p>\n
aws ec2 detach-internet-gateway\u00a0\u00a0\u00a0\u00a0 –internet-gateway-id\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 igw-b946d3df\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 –vpc-id\u00a0 vpc-b774aace<\/p>\n
13.\u00a0 Create Route\u00a0\u00a0 (To create new route you need a Internet Gateway, Network Interface, or Virtual Private Gateway as targets.)<\/p>\n
aws ec2 create-route –route-table-id\u00a0 rtb-714cd209 –destination-cidr-block 0.0.0.0\/0 –gateway-id igw-b946d3df<\/p>\n
14. Create NACL<\/p>\n
aws ec2\u00a0 create-network-acl\u00a0 –vpc-id vpc-b774aace >> \/root\/awscreateNetworkACL.json<\/p>\n
15. Create NACL entry (to add a allow or deny rule)<\/p>\n
aws ec2 create-network-acl-entry –network-acl-id\u00a0\u00a0\u00a0 acl-f769128e\u00a0\u00a0 –ingress\u00a0 –rule-number 25 –protocol tcp –port-range From=22,To=22–cidr-block 0.0.0.0\/0\u00a0 –rule-action allow<\/p>\n
aws ec2 create-network-acl-entry –network-acl-id\u00a0\u00a0\u00a0 acl-f769128e\u00a0\u00a0 –ingress\u00a0 –rule-number 35 –protocol tcp –port-range From=80,To=80–cidr-block 0.0.0.0\/0\u00a0 –rule-action allow<\/p>\n
aws ec2 create-network-acl-entry –network-acl-id\u00a0\u00a0\u00a0 acl-f769128e\u00a0\u00a0 –ingress\u00a0 –rule-number 50 –protocol all –port-range From=0,To=65535 –cidr-block 10.16.2.251\/32 –rule-action deny<\/p>\n
aws ec2 create-network-acl-entry –network-acl-id\u00a0\u00a0\u00a0 acl-f769128e\u00a0\u00a0 –exgress\u00a0 –rule-number 50 –protocol all –port-range From=0,To=65535 –cidr-block 10.16.2.251\/32 –rule-action deny<\/p>\n
16. Modify NACL Entry<\/p>\n
aws ec2 replace-network-acl-entry –network-acl-id\u00a0\u00a0\u00a0 acl-f769128e\u00a0\u00a0 –ingress\u00a0 –rule-number 100 –protocol all –port-range From=0,To=65535 –cidr-block 10.16.2.0\/24 –rule-action allow<\/p>\n
17. create security group<\/p>\n
aws ec2 create-security-group –group-name mySG1 –description “my security group” –vpc-id vpc-b774aace<\/p>\n
18. Create SG inbound (To add a rule that allows inbound SSH traffic)<\/p>\n
aws ec2 authorize-security-group-ingress –group-id sg-3fdcc241 –protocol tcp –port 22 –cidr 0.0.0.0\/0<\/p>\n
19. Create SG inbound (To add a rule that allows inbound HTTP traffic from another security group)<\/p>\n
aws ec2 authorize-security-group-ingress –group-id sg-3fdcc241 –protocol tcp –port 80 –cidr 0.0.0.0\/0<\/p>\n
Note: for https use port 443<\/p>\n
20. Create key pair<\/p>\n
aws ec2 create-key-pair –key-name MyKeyPair –query ‘KeyMaterial’ –output text >> \/root\/awsMyKeyPair.pem<\/p>\n
aws ec2 create-key-pair –key-name MyKeyPair –query ‘KeyMaterial’ –output text | out-file -encoding ascii -filepath MyKeyPair.pem\u00a0 [windows powershell]<\/p>\n
21. Launches the specified number of instances using an AMI for which you have permissions.<\/p>\n
aws ec2 run-instances<\/p>\n
15. Delete route table<\/p>\n
aws ec2\u00a0 delete-route-table –route-table-id\u00a0\u00a0\u00a0 rtb-4069f138<\/p>\n
9. aws ec2 associate-route-table –route-table-id rtb-22574640 –subnet-id subnet-9d4a7b6c
\n4. To create an endpoint<\/p>\n
aws ec2 create-vpc-endpoint –vpc-id vpc-1a2b3c4d –service-name com.amazonaws.us-east-1.s3 –route-table-ids rtb-11aa22bb<\/p>\n
This example creates a VPC endpoint between VPC vpc-1a2b3c4d and Amazon S3 in the us-east-1 region, and associates route table rtb-11aa22bb with the endpoint.<\/p>\n
5. To create a VPC peering connection between your VPCs<\/p>\n
aws ec2 create-vpc-peering-connection –vpc-id vpc-1a2b3c4d –peer-vpc-id vpc-11122233<\/p>\n
6. To create a VPC peering connection with a VPC in another account<\/p>\n
aws ec2 create-vpc-peering-connection –vpc-id vpc-1a2b3c4d –peer-vpc-id vpc-11122233 –peer-owner-id 123456789012<\/p>\n
7. To create a VPN connection with dynamic routing<\/p>\n
aws ec2 create-vpn-connection –type ipsec.1 –customer-gateway-id cgw-0e11f167 –vpn-gateway-id vgw-9a4cacf3<\/p>\n
8. To create a static route for a VPN connection<\/p>\n
aws ec2 create-vpn-connection-route –vpn-connection-id vpn-40f41529 –destination-cidr-block 11.12.0.0\/16<\/p>\n
9. To create a virtual private gateway<\/p>\n","protected":false},"excerpt":{"rendered":"
1. Create a VPC<\/p>\n
aws ec2 create-vpc –cidr-block 10.0.0.0\/16<\/p>\n
2. Create a VPC with dedicated tenancy<\/p>\n
aws ec2 create-vpc –cidr-block 10.0.0.0\/16 –instance-tenancy dedicated<\/p>\n
3. Create a VPC with an IPv6 CIDR block<\/p>\n
aws ec2 create-vpc –cidr-block 10.16.0.0\/16 –amazon-provided-ipv6-cidr-block >> \/root\/awscreateVPC.json<\/p>\n
4. Create a subnet within the VPC<\/p>\n
aws ec2 create-subnet –vpc-id vpc-b774aace –cidr-block 10.16.1.0\/24 >> […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[49],"tags":[],"_links":{"self":[{"href":"https:\/\/mohan.sg\/index.php?rest_route=\/wp\/v2\/posts\/7497"}],"collection":[{"href":"https:\/\/mohan.sg\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/mohan.sg\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/mohan.sg\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/mohan.sg\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=7497"}],"version-history":[{"count":1,"href":"https:\/\/mohan.sg\/index.php?rest_route=\/wp\/v2\/posts\/7497\/revisions"}],"predecessor-version":[{"id":7498,"href":"https:\/\/mohan.sg\/index.php?rest_route=\/wp\/v2\/posts\/7497\/revisions\/7498"}],"wp:attachment":[{"href":"https:\/\/mohan.sg\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=7497"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/mohan.sg\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=7497"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/mohan.sg\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=7497"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}