AWS CLI – Provision EC2 instance

By mikado on

Steps

  1. VPC
  2. Internet Gateway and VPC Attachment
  3. Route Table with Public Route
  4. Subnet
  5. Subnet-Route Table Association
  6. Key Pair
  7. Security Group with Rules
  8. EC2 Instance
  9. Elastic IP Allocation and EC2 Instance Association
  10. Connect and Test

1. Create a VPC

aws ec2 create-vpc \
    --cidr-block 10.69.0.0/16 \
    --tag-specifications ResourceType=vpc,Tags='[{Key=Name,Value="VPC from CLI"},{Key=Owner,Value="MIKA"}]'

2. Create an Internet Gateway (IGW) and attach to VPC

aws ec2 create-internet-gateway \
    --tag-specifications ResourceType=internet-gateway,Tags='[{Key=Name, Value=myIGW}]'
aws ec2 attach-internet-gateway \
    --internet-gateway-id igw-05ef0911baf4ed97d \ 
    --vpc-id vpc-062f367e1f4179f33

3. Create a Route Table with a public Route

aws ec2 create-route-table \
    --vpc-id vpc-062f367e1f4179f33 \
    --tag-specifications ResourceType=route-table,Tags='[{Key=Name, Value=Public-RT}]'
aws ec2 create-route \
    --route-table-id rtb-08fabc600737d3608 \
    --destination-cidr-block 0.0.0.0/0 \
    --gateway-id igw-05ef0911baf4ed97d

4. Create a Subnet

aws ec2 describe-subnets
aws ec2 describe-subnets --filters "Name=vpc-id, Values=vpc-062f367e1f4179f33"

Subnet-1

aws ec2 create-subnet \
    --vpc-id  vpc-062f367e1f4179f33 \
    --cidr-block 10.69.10.0/24 \
    --availability-zone us-east-1a \
    --tag-specifications ResourceType=subnet,Tags='[{Key=Name,Value=Subnet-1}]'

Subnet-2

aws ec2 create-subnet \
    --vpc-id vpc-062f367e1f4179f33 \
    --cidr-block 10.69.20.0/24 \
    --availability-zone us-east-1b \
    --tag-specifications ResourceType=subnet,Tags='[{Key=Name,Value=Subnet-2}]'

5. Associate the Subnet with the Route Table

aws ec2 associate-route-table \
    --route-table-id rtb-08fabc600737d3608 \
    --subnet-id subnet-0ac8ccb75468a425a
aws ec2 associate-route-table \
    --route-table-id rtb-08fabc600737d3608 \
    --subnet-id subnet-071f789533599fd73

6. Create a Key Pair

aws ec2 create-key-pair \
    --key-name myKeyPair \
    --tag-specifications ResourceType=key-pair,Tags='[{Key=Owner,Value=Mika}]'

7. Create a security group (SG) allowing HTTP and RDC

aws ec2 create-security-group \
    --group-name webRDC \
    --description "My security group" \
    --vpc-id vpc-062f367e1f4179f33 \
    --tag-specifications ResourceType=security-group,Tags='[{Key=Name,Value=webRDC}]'
aws ec2 authorize-security-group-ingress \
    --group-id sg-09d878908d0fb1086 \
    --ip-permissions IpProtocol=tcp,FromPort=3389,ToPort=3389,IpRanges='[{CidrIp=0.0.0.0/0}]' IpProtocol=tcp,FromPort=80,ToPort=80,IpRanges='[{CidrIp=0.0.0.0/0}]'

8. Launch EC2 instances

aws ec2 run-instances \
    --image-id ami-0f9a92942448ac56f \
    --count 1 --instance-type t3.small \
    --key-name myKeyPair \
    --security-group-ids sg-09d878908d0fb1086 \
    --subnet-id subnet-0ac8ccb75468a425a \
    --tag-specifications ResourceType=instance,Tags='[{Key=Name,Value=Instance-1}]'
aws ec2 run-instances \
    --image-id ami-0f9a92942448ac56f \
    --count 1 \
    --instance-type t3.small \
    --key-name myKeyPair \
    --security-group-ids sg-09d878908d0fb1086 \
    --subnet-id subnet-071f789533599fd73 \
    --tag-specifications ResourceType=instance,Tags='[{Key=Name,Value=Instance-2}]'

9. Allocate an Elastic IP (EIP) and associate with the instance

aws ec2 allocate-address \
    --tag-specifications ResourceType=elastic-ip,Tags='[{Key=Name,Value=EIP-1}]'
aws ec2 allocate-address \
    --tag-specifications ResourceType=elastic-ip,Tags='[{Key=Name,Value=EIP-2}]'

Associate EIPs with its instance

aws ec2 associate-address \
    --instance-id i-04372c921501c3e70 \
    --allocation-id eipalloc-071254f57c14e20f9
aws ec2 associate-address \
    --instance-id i-0ed16a3c26a14b326 \
    --allocation-id eipalloc-0e294989374e53a58

10. Connect to the EC2 instances

Windows

via RDP port 3389 (mstsc)

Linux

via SSL port 22

ssh -i /path/my-key-pair.pem ec2-user@my-instance-public-dns-name
Category: AWS CLI