/
awscli-create-ec2.sh
executable file
·100 lines (71 loc) · 2.48 KB
/
awscli-create-ec2.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
#!/usr/bin/env bash
# To find the list of Amazon Liunx AMI IDs for each region, go to
# https://aws.amazon.com/amazon-linux-2/release-notes/
echo "[info]: Creating Security Group."
echo "VPC ID: "
read VPC_ID
echo "Security Group name: "
read SECURITY_GROUP_NAME
# Create security group
SECURITY_GROUP_ID=`aws ec2 create-security-group \
--vpc-id ${VPC_ID} \
--description "EC2 Automation Security Group" \
--group-name ${SECURITY_GROUP_NAME} | jq -r .GroupId`
aws ec2 create-tags --resources ${SECURITY_GROUP_ID} --tags "Key=Name,Value=${SECURITY_GROUP_NAME}"
echo "[info]: Applying Ingress rules."
echo "IP Address (CIDR format) to restrict SSH access:"
read YOUR_IP
# Create ingress rules (port 80, 443 and port 22)
# Note: Yes, we could combine these into one command but this is for learning purposes.
aws ec2 authorize-security-group-ingress \
--group-id ${SECURITY_GROUP_ID} \
--protocol tcp \
--port 80 \
--cidr 0.0.0.0/0
aws ec2 authorize-security-group-ingress \
--group-id ${SECURITY_GROUP_ID} \
--protocol tcp \
--port 443 \
--cidr 0.0.0.0/0
aws ec2 authorize-security-group-ingress \
--group-id ${SECURITY_GROUP_ID} \
--protocol tcp \
--port 22 \
--cidr ${YOUR_IP}
aws ec2 authorize-security-group-egress \
--group-id ${SECURITY_GROUP_ID} \
--protocol tcp \
--port 0-65535 \
--cidr 0.0.0.0/0
echo "[info]: Configuring EC2 instance."
echo "Instance name: "
read INSTANCE_NAME
echo "Instance type: "
read INSTANCE_TYPE
echo "AMI ID: "
read AMI_ID
echo "Subnet ID: "
read SUBNET_ID
echo "Key Pair name (must already exist): "
read KEY_PAIR_NAME
echo -e "[info]: Making request to launch instance. Result payload will display once complete.\n"
EC2_RESULT=`aws ec2 run-instances \
--image-id ${AMI_ID} \
--count 1 \
--instance-type ${INSTANCE_TYPE} \
--key-name ${KEY_PAIR_NAME} \
--user-data file://bin/install-docker-amazon-linux.sh \
--subnet-id ${SUBNET_ID} \
--security-group-ids ${SECURITY_GROUP_ID} \
--associate-public-ip-address`
RESULT=$?
echo ${EC2_RESULT} | jq
if [ ${RESULT} != 0 ]; then
echo -e "[error]: Unable to create EC2 instance. Cleaning up security group.\n"
aws ec2 delete-security-group --group-id ${SECURITY_GROUP_ID}
exit ${RESULT}
fi
echo "[info]: Setting instance name."
INSTANCE_ID=`echo ${EC2_RESULT} | jq -r .Instances[0].InstanceId`
aws ec2 create-tags --resources ${INSTANCE_ID} --tags "Key=Name,Value=${INSTANCE_NAME}"
echo "[info]: Finished."