# From Amazon Exercise
https://docs.aws.amazon.com/vpc/latest/userguide/vpc-subnets-commands-example.html

# boto documentation for EC2
https://boto3.amazonaws.com/v1/documentation/api/latest/reference/services/ec2.html?highlight=routetable


In [14]:
import boto3

In [25]:
ec2 = boto3.resource('ec2', region_name='us-west-2')
client = boto3.client('ec2', region_name='us-west-2')

aws ec2 create-vpc --cidr-block 10.0.0.0/16 --query Vpc.VpcId --output text

In [8]:
vpc = ec2.create_vpc(CidrBlock='10.0.0.0/16')

In [10]:
vpc.id

'vpc-0708b5747ee571199'

# Creating 2 subnets in the VPC created above
- aws ec2 create-subnet --vpc-id vpc-2f09a348 --cidr-block 10.0.1.0/24
- aws ec2 create-subnet --vpc-id vpc-2f09a348 --cidr-block 10.0.0.0/24


In [12]:
subnet_0 = ec2.create_subnet(VpcId=vpc.id, CidrBlock='10.0.0.0/24' )

In [13]:
subnet_1 = ec2.create_subnet(VpcId=vpc.id, CidrBlock='10.0.1.0/24' )

# Creating an internet gateway to allow external traffic
aws ec2 create-internet-gateway --query InternetGateway.InternetGatewayId --output text

In [16]:
gw = ec2.create_internet_gateway()

ec2.InternetGateway(id='igw-0656a5e09e0ffd725')

In [18]:
gw = ec2.InternetGateway('igw-0656a5e09e0ffd725')

In [20]:
gw

ec2.InternetGateway(id='igw-0656a5e09e0ffd725')

# Attach Gateway to VPC
aws ec2 attach-internet-gateway --vpc-id vpc-2f09a348 --internet-gateway-id igw-1ff7a07b

In [25]:
response = gw.attach_to_vpc(VpcId = vpc.id)
response

{'ResponseMetadata': {'RequestId': '2b3b24ae-2cc3-4029-8aa4-dd627f757469',
  'HTTPStatusCode': 200,
  'HTTPHeaders': {'x-amzn-requestid': '2b3b24ae-2cc3-4029-8aa4-dd627f757469',
   'cache-control': 'no-cache, no-store',
   'strict-transport-security': 'max-age=31536000; includeSubDomains',
   'content-type': 'text/xml;charset=UTF-8',
   'content-length': '243',
   'date': 'Sun, 05 Feb 2023 13:55:11 GMT',
   'server': 'AmazonEC2'},
  'RetryAttempts': 0}}

# Create a route table "In a VPC" to allow all internet traffic to a gateway and then to a subnet 
aws ec2 create-route-table --vpc-id vpc-2f09a348 --query RouteTable.RouteTableId --output text


In [27]:
route_table = ec2.create_route_table(VpcId=vpc.id)

In [28]:
route_table

ec2.RouteTable(id='rtb-08f5bebb85b644da0')

# Create a route that points all traffic to the internet gateway 
aws ec2 create-route --route-table-id rtb-c1c8faa6 --destination-cidr-block 0.0.0.0/0 --gateway-id igw-1ff7a07b

In [32]:
route = route_table.create_route(DestinationCidrBlock='0.0.0.0/0', GatewayId=gw.id)

In [38]:
route

ec2.Route(route_table_id='rtb-08f5bebb85b644da0', destination_cidr_block='0.0.0.0/0')

# Associsate route to one of the subnets created above (subnet_1)
aws ec2 associate-route-table  --subnet-id subnet-b46032ec --route-table-id rtb-c1c8faa6

In [41]:
assoc = route_table.associate_with_subnet(SubnetId=subnet_1.id)
assoc

ec2.RouteTableAssociation(id='rtbassoc-01ee9f21df42b9926')

In [16]:
gw = ec2.InternetGateway('igw-0656a5e09e0ffd725')

In [17]:
route_table = ec2.RouteTable('rtb-08f5bebb85b644da0')

In [18]:
vpc = ec2.Vpc('vpc-0708b5747ee571199')

In [19]:
subnet_0 = ec2.Subnet(id='subnet-00c4124dcecf14ea1')
subnet_1 = ec2.Subnet(id='subnet-0bb7ea5088612392d')

In [20]:
subnet_1.id

'subnet-0bb7ea5088612392d'

You can modify the public IP addressing behavior of your subnet so that an instance launched into the subnet automatically receives a public IP address using the following modify-subnet-attribute command

In [29]:
response = client.modify_subnet_attribute(
    MapPublicIpOnLaunch={
        'Value': True,
    },
    SubnetId=subnet_1.id,
)

In [27]:
response

{'ResponseMetadata': {'RequestId': 'c6466078-6584-44ef-984d-fc262cd6b28c',
  'HTTPStatusCode': 200,
  'HTTPHeaders': {'x-amzn-requestid': 'c6466078-6584-44ef-984d-fc262cd6b28c',
   'cache-control': 'no-cache, no-store',
   'strict-transport-security': 'max-age=31536000; includeSubDomains',
   'content-type': 'text/xml;charset=UTF-8',
   'content-length': '243',
   'date': 'Thu, 09 Feb 2023 22:53:45 GMT',
   'server': 'AmazonEC2'},
  'RetryAttempts': 0}}

# Launching an instance into the subnet

## Create a keypair

In [38]:
# Run the following commands on command line 
# aws ec2 create-key-pair --key-name MyKeyPair --query "KeyMaterial" --output text > MyKeyPair.pem
# chmod 400 MyKeyPair.pem

## Create a security group to allow ssh access 

aws ec2 create-security-group --group-name SSHAccess --description "Security group for SSH access" --vpc-id vpc-2f09a348

In [39]:
sg = ec2.create_security_group(Description='Security group for SSH access', GroupName='SSHAccess', VpcId=vpc.id)

In [40]:
sg

ec2.SecurityGroup(id='sg-0b24589f6b07e54ac')

## Authorize port 22 (ssh) access to the security group 

aws ec2 authorize-security-group-ingress --group-id sg-0b24589f6b07e54ac --protocol tcp --port 22 --cidr 0.0.0.0/0

In [43]:
response = sg.authorize_ingress(IpProtocol='tcp', FromPort=22, ToPort=22, CidrIp='0.0.0.0/0')

## Launch an Ec2 instance
aws ec2 run-instances --image-id ami-06e85d4c3149db26a --count 1 --instance-type t2.micro --key-name MyKeyPair --security-group-ids sg-0b24589f6b07e54ac --subnet-id subnet-0bb7ea5088612392d

### Finding a Linux AMI 
https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/finding-an-ami.html

In [47]:
instance = client.run_instances(ImageId='ami-06e85d4c3149db26a', InstanceType='t2.micro', KeyName='MyKeyPair', 
                                SecurityGroups= [sg.id], SubnetId=subnet_1.id, 
                               MinCount=1, MaxCount=1)

ClientError: An error occurred (InvalidParameterCombination) when calling the RunInstances operation: The parameter groupName cannot be used with the parameter subnet