-
Notifications
You must be signed in to change notification settings - Fork 60
/
aws-cli-create-vpc.sh
executable file
·207 lines (193 loc) · 6.79 KB
/
aws-cli-create-vpc.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
#!/bin/bash
#******************************************************************************
# AWS VPC Creation Shell Script
#******************************************************************************
#
# SYNOPSIS
# Automates the creation of a custom IPv4 VPC, having both a public and a
# private subnet, and a NAT gateway.
#
# DESCRIPTION
# This shell script leverages the AWS Command Line Interface (AWS CLI) to
# automatically create a custom VPC. The script assumes the AWS CLI is
# installed and configured with the necessary security credentials.
#
#==============================================================================
#
# NOTES
# VERSION: 0.1.0
# LASTEDIT: 03/18/2017
# AUTHOR: Joe Arauzo
# EMAIL: [email protected]
# REVISIONS:
# 0.1.0 03/18/2017 - first release
# 0.0.1 02/25/2017 - work in progress
#
#==============================================================================
# MODIFY THE SETTINGS BELOW
#==============================================================================
#
AWS_REGION="us-west-1"
VPC_NAME="My VPC"
VPC_CIDR="10.0.0.0/16"
SUBNET_PUBLIC_CIDR="10.0.1.0/24"
SUBNET_PUBLIC_AZ="us-west-1a"
SUBNET_PUBLIC_NAME="10.0.1.0 - us-west-1a"
SUBNET_PRIVATE_CIDR="10.0.2.0/24"
SUBNET_PRIVATE_AZ="us-west-1c"
SUBNET_PRIVATE_NAME="10.0.2.0 - us-west-1b"
CHECK_FREQUENCY=5
#
#==============================================================================
# DO NOT MODIFY CODE BELOW
#==============================================================================
#
# Create VPC
echo "Creating VPC in preferred region..."
VPC_ID=$(aws ec2 create-vpc \
--cidr-block $VPC_CIDR \
--query 'Vpc.{VpcId:VpcId}' \
--output text \
--region $AWS_REGION)
echo " VPC ID '$VPC_ID' CREATED in '$AWS_REGION' region."
# Add Name tag to VPC
aws ec2 create-tags \
--resources $VPC_ID \
--tags "Key=Name,Value=$VPC_NAME" \
--region $AWS_REGION
echo " VPC ID '$VPC_ID' NAMED as '$VPC_NAME'."
# Create Public Subnet
echo "Creating Public Subnet..."
SUBNET_PUBLIC_ID=$(aws ec2 create-subnet \
--vpc-id $VPC_ID \
--cidr-block $SUBNET_PUBLIC_CIDR \
--availability-zone $SUBNET_PUBLIC_AZ \
--query 'Subnet.{SubnetId:SubnetId}' \
--output text \
--region $AWS_REGION)
echo " Subnet ID '$SUBNET_PUBLIC_ID' CREATED in '$SUBNET_PUBLIC_AZ'" \
"Availability Zone."
# Add Name tag to Public Subnet
aws ec2 create-tags \
--resources $SUBNET_PUBLIC_ID \
--tags "Key=Name,Value=$SUBNET_PUBLIC_NAME" \
--region $AWS_REGION
echo " Subnet ID '$SUBNET_PUBLIC_ID' NAMED as" \
"'$SUBNET_PUBLIC_NAME'."
# Create Private Subnet
echo "Creating Private Subnet..."
SUBNET_PRIVATE_ID=$(aws ec2 create-subnet \
--vpc-id $VPC_ID \
--cidr-block $SUBNET_PRIVATE_CIDR \
--availability-zone $SUBNET_PRIVATE_AZ \
--query 'Subnet.{SubnetId:SubnetId}' \
--output text \
--region $AWS_REGION)
echo " Subnet ID '$SUBNET_PRIVATE_ID' CREATED in '$SUBNET_PRIVATE_AZ'" \
"Availability Zone."
# Add Name tag to Private Subnet
aws ec2 create-tags \
--resources $SUBNET_PRIVATE_ID \
--tags "Key=Name,Value=$SUBNET_PRIVATE_NAME" \
--region $AWS_REGION
echo " Subnet ID '$SUBNET_PRIVATE_ID' NAMED as '$SUBNET_PRIVATE_NAME'."
# Create Internet gateway
echo "Creating Internet Gateway..."
IGW_ID=$(aws ec2 create-internet-gateway \
--query 'InternetGateway.{InternetGatewayId:InternetGatewayId}' \
--output text \
--region $AWS_REGION)
echo " Internet Gateway ID '$IGW_ID' CREATED."
# Attach Internet gateway to your VPC
aws ec2 attach-internet-gateway \
--vpc-id $VPC_ID \
--internet-gateway-id $IGW_ID \
--region $AWS_REGION
echo " Internet Gateway ID '$IGW_ID' ATTACHED to VPC ID '$VPC_ID'."
# Create Route Table
echo "Creating Route Table..."
ROUTE_TABLE_ID=$(aws ec2 create-route-table \
--vpc-id $VPC_ID \
--query 'RouteTable.{RouteTableId:RouteTableId}' \
--output text \
--region $AWS_REGION)
echo " Route Table ID '$ROUTE_TABLE_ID' CREATED."
# Create route to Internet Gateway
RESULT=$(aws ec2 create-route \
--route-table-id $ROUTE_TABLE_ID \
--destination-cidr-block 0.0.0.0/0 \
--gateway-id $IGW_ID \
--region $AWS_REGION)
echo " Route to '0.0.0.0/0' via Internet Gateway ID '$IGW_ID' ADDED to" \
"Route Table ID '$ROUTE_TABLE_ID'."
# Associate Public Subnet with Route Table
RESULT=$(aws ec2 associate-route-table \
--subnet-id $SUBNET_PUBLIC_ID \
--route-table-id $ROUTE_TABLE_ID \
--region $AWS_REGION)
echo " Public Subnet ID '$SUBNET_PUBLIC_ID' ASSOCIATED with Route Table ID" \
"'$ROUTE_TABLE_ID'."
# Enable Auto-assign Public IP on Public Subnet
aws ec2 modify-subnet-attribute \
--subnet-id $SUBNET_PUBLIC_ID \
--map-public-ip-on-launch \
--region $AWS_REGION
echo " 'Auto-assign Public IP' ENABLED on Public Subnet ID" \
"'$SUBNET_PUBLIC_ID'."
# Allocate Elastic IP Address for NAT Gateway
echo "Creating NAT Gateway..."
EIP_ALLOC_ID=$(aws ec2 allocate-address \
--domain vpc \
--query '{AllocationId:AllocationId}' \
--output text \
--region $AWS_REGION)
echo " Elastic IP address ID '$EIP_ALLOC_ID' ALLOCATED."
# Create NAT Gateway
NAT_GW_ID=$(aws ec2 create-nat-gateway \
--subnet-id $SUBNET_PUBLIC_ID \
--allocation-id $EIP_ALLOC_ID \
--query 'NatGateway.{NatGatewayId:NatGatewayId}' \
--output text \
--region $AWS_REGION)
FORMATTED_MSG="Creating NAT Gateway ID '$NAT_GW_ID' and waiting for it to "
FORMATTED_MSG+="become available.\n Please BE PATIENT as this can take some "
FORMATTED_MSG+="time to complete.\n ......\n"
printf " $FORMATTED_MSG"
FORMATTED_MSG="STATUS: %s - %02dh:%02dm:%02ds elapsed while waiting for NAT "
FORMATTED_MSG+="Gateway to become available..."
SECONDS=0
LAST_CHECK=0
STATE='PENDING'
until [[ $STATE == 'AVAILABLE' ]]; do
INTERVAL=$SECONDS-$LAST_CHECK
if [[ $INTERVAL -ge $CHECK_FREQUENCY ]]; then
STATE=$(aws ec2 describe-nat-gateways \
--nat-gateway-ids $NAT_GW_ID \
--query 'NatGateways[*].{State:State}' \
--output text \
--region $AWS_REGION)
STATE=$(echo $STATE | tr '[:lower:]' '[:upper:]')
LAST_CHECK=$SECONDS
fi
SECS=$SECONDS
STATUS_MSG=$(printf "$FORMATTED_MSG" \
$STATE $(($SECS/3600)) $(($SECS%3600/60)) $(($SECS%60)))
printf " $STATUS_MSG\033[0K\r"
sleep 1
done
printf "\n ......\n NAT Gateway ID '$NAT_GW_ID' is now AVAILABLE.\n"
# Create route to NAT Gateway
MAIN_ROUTE_TABLE_ID=$(aws ec2 describe-route-tables \
--filters Name=vpc-id,Values=$VPC_ID Name=association.main,Values=true \
--query 'RouteTables[*].{RouteTableId:RouteTableId}' \
--output text \
--region $AWS_REGION)
echo " Main Route Table ID is '$MAIN_ROUTE_TABLE_ID'."
RESULT=$(aws ec2 create-route \
--route-table-id $MAIN_ROUTE_TABLE_ID \
--destination-cidr-block 0.0.0.0/0 \
--gateway-id $NAT_GW_ID \
--region $AWS_REGION)
echo " Route to '0.0.0.0/0' via NAT Gateway with ID '$NAT_GW_ID' ADDED to" \
"Route Table ID '$MAIN_ROUTE_TABLE_ID'."
echo "COMPLETED"