bezpieczenstwo-w-chmurze/skrypty/create-vpc.sh

87 lines
4.8 KiB
Bash
Raw Permalink Normal View History

2024-11-29 14:07:24 +01:00
#!/bin/bash
# Set variables
REGION="us-east-1"
VPC_NAME="uam-bwc-vpc1"
VPC_CIDR="10.10.0.0/16"
IGW_NAME="uam-bwc-ig1"
PUBLIC_SUBNET1_CIDR="10.10.0.0/24"
PUBLIC_SUBNET2_CIDR="10.10.1.0/24"
PRIVATE_SUBNET1_CIDR="10.10.2.0/24"
PRIVATE_SUBNET2_CIDR="10.10.3.0/24"
PUBLIC_SUBNET1_NAME="uam-bwc-public-subnet1"
PUBLIC_SUBNET2_NAME="uam-bwc-public-subnet2"
PRIVATE_SUBNET1_NAME="uam-bwc-private-subnet1"
PRIVATE_SUBNET2_NAME="uam-bwc-private-subnet2"
NAT_GW_NAME="uam-bwc-nat1"
PUBLIC_RT_NAME="uam-bwc-public-rt1"
PRIVATE_RT_NAME="uam-bwc-private-rt1"
# Create VPC
VPC_ID=$(aws ec2 create-vpc --cidr-block $VPC_CIDR --region $REGION --query 'Vpc.VpcId' --output text)
aws ec2 create-tags --resources $VPC_ID --tags Key=Name,Value=$VPC_NAME
echo "Created VPC: $VPC_ID with name $VPC_NAME"
# Create Internet Gateway
IGW_ID=$(aws ec2 create-internet-gateway --region $REGION --query 'InternetGateway.InternetGatewayId' --output text)
aws ec2 create-tags --resources $IGW_ID --tags Key=Name,Value=$IGW_NAME
echo "Created Internet Gateway: $IGW_ID with name $IGW_NAME"
# Attach Internet Gateway to VPC
aws ec2 attach-internet-gateway --internet-gateway-id $IGW_ID --vpc-id $VPC_ID --region $REGION
echo "Attached Internet Gateway to VPC"
# Create Public Subnets
PUBLIC_SUBNET1_ID=$(aws ec2 create-subnet --vpc-id $VPC_ID --cidr-block $PUBLIC_SUBNET1_CIDR --availability-zone ${REGION}a --region $REGION --query 'Subnet.SubnetId' --output text)
aws ec2 create-tags --resources $PUBLIC_SUBNET1_ID --tags Key=Name,Value=$PUBLIC_SUBNET1_NAME
echo "Created Public Subnet 1: $PUBLIC_SUBNET1_ID with name $PUBLIC_SUBNET1_NAME"
PUBLIC_SUBNET2_ID=$(aws ec2 create-subnet --vpc-id $VPC_ID --cidr-block $PUBLIC_SUBNET2_CIDR --availability-zone ${REGION}b --region $REGION --query 'Subnet.SubnetId' --output text)
aws ec2 create-tags --resources $PUBLIC_SUBNET2_ID --tags Key=Name,Value=$PUBLIC_SUBNET2_NAME
echo "Created Public Subnet 2: $PUBLIC_SUBNET2_ID with name $PUBLIC_SUBNET2_NAME"
# Create Private Subnets
PRIVATE_SUBNET1_ID=$(aws ec2 create-subnet --vpc-id $VPC_ID --cidr-block $PRIVATE_SUBNET1_CIDR --availability-zone ${REGION}a --region $REGION --query 'Subnet.SubnetId' --output text)
aws ec2 create-tags --resources $PRIVATE_SUBNET1_ID --tags Key=Name,Value=$PRIVATE_SUBNET1_NAME
echo "Created Private Subnet 1: $PRIVATE_SUBNET1_ID with name $PRIVATE_SUBNET1_NAME"
PRIVATE_SUBNET2_ID=$(aws ec2 create-subnet --vpc-id $VPC_ID --cidr-block $PRIVATE_SUBNET2_CIDR --availability-zone ${REGION}b --region $REGION --query 'Subnet.SubnetId' --output text)
aws ec2 create-tags --resources $PRIVATE_SUBNET2_ID --tags Key=Name,Value=$PRIVATE_SUBNET2_NAME
echo "Created Private Subnet 2: $PRIVATE_SUBNET2_ID with name $PRIVATE_SUBNET2_NAME"
# Create and Attach NAT Gateway
EIP_ALLOC_ID=$(aws ec2 allocate-address --domain vpc --region $REGION --query 'AllocationId' --output text)
NAT_GW_ID=$(aws ec2 create-nat-gateway --subnet-id $PUBLIC_SUBNET1_ID --allocation-id $EIP_ALLOC_ID --region $REGION --query 'NatGateway.NatGatewayId' --output text)
aws ec2 create-tags --resources $NAT_GW_ID --tags Key=Name,Value=$NAT_GW_NAME
echo "Created NAT Gateway: $NAT_GW_ID with name $NAT_GW_NAME"
# Wait for NAT Gateway to become available
aws ec2 wait nat-gateway-available --nat-gateway-ids $NAT_GW_ID --region $REGION
echo "NAT Gateway is now available"
# Create Route Tables
PUBLIC_RT_ID=$(aws ec2 create-route-table --vpc-id $VPC_ID --region $REGION --query 'RouteTable.RouteTableId' --output text)
aws ec2 create-tags --resources $PUBLIC_RT_ID --tags Key=Name,Value=$PUBLIC_RT_NAME
echo "Created Public Route Table: $PUBLIC_RT_ID with name $PUBLIC_RT_NAME"
PRIVATE_RT_ID=$(aws ec2 create-route-table --vpc-id $VPC_ID --region $REGION --query 'RouteTable.RouteTableId' --output text)
aws ec2 create-tags --resources $PRIVATE_RT_ID --tags Key=Name,Value=$PRIVATE_RT_NAME
echo "Created Private Route Table: $PRIVATE_RT_ID with name $PRIVATE_RT_NAME"
# Create Routes
aws ec2 create-route --route-table-id $PUBLIC_RT_ID --destination-cidr-block 0.0.0.0/0 --gateway-id $IGW_ID --region $REGION
echo "Created route in Public Route Table to Internet Gateway"
aws ec2 create-route --route-table-id $PRIVATE_RT_ID --destination-cidr-block 0.0.0.0/0 --nat-gateway-id $NAT_GW_ID --region $REGION
echo "Created route in Private Route Table to NAT Gateway"
# Associate Route Tables with Subnets
aws ec2 associate-route-table --route-table-id $PUBLIC_RT_ID --subnet-id $PUBLIC_SUBNET1_ID --region $REGION
aws ec2 associate-route-table --route-table-id $PUBLIC_RT_ID --subnet-id $PUBLIC_SUBNET2_ID --region $REGION
echo "Associated Public Route Table with Public Subnets"
aws ec2 associate-route-table --route-table-id $PRIVATE_RT_ID --subnet-id $PRIVATE_SUBNET1_ID --region $REGION
aws ec2 associate-route-table --route-table-id $PRIVATE_RT_ID --subnet-id $PRIVATE_SUBNET2_ID --region $REGION
echo "Associated Private Route Table with Private Subnets"
echo "VPC setup complete"