PowerShell Automation Management AWS (4)-VPC

The beans continue to see how PowerShell manages the AWS Virtual network VPC.

I did not find a quick-start document on the Web, and the related commands came mainly from official API documents and Get-command searches.

Http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_Route_Tables.html#route-tables-api-cli

The Configuration Wizard for VPC gives the configuration of 4 scenarios by default, and I'll configure it with PowerShell for the first simplest scenario.

The scene is as follows, simply put, I need to configure a VPC, which further divides a subnet as a public area, this public area needs to access the Internet through a gateway, I need to configure his routing table

650) this.width=650; "src=" Http://s2.51cto.com/wyfs02/M01/83/8E/wKioL1d1_u3iTAArAAKAzsqyZi0710.png "style=" float: none; "title=" 1.PNG "alt=" Wkiol1d1_u3itaaraakazsqyzi0710.png "/>

Now look at the exact order.

Start by creating a new VPC 10.2.0.0/16

#VPC #create new VPC new-ec2vpc-cidrblock 10.2.0.0/16

650) this.width=650; "src=" Http://s2.51cto.com/wyfs02/M00/83/8E/wKioL1d1_vXTbr5rAAAmpjFnbdQ174.png "style=" float: none; "title=" 2.PNG "alt=" Wkiol1d1_vxtbr5raaampjfnbdq174.png "/>

Then divide a subnet into this VPC 10.2.1.0/24

#Create subnet in the new VPC$VPCID=GET-EC2VPC | Where-object {$_. Cidrblock-eq "10.2.0.0/16"} | Select-expandproperty Vpcidnew-ec2subnet-cidrblock 10.2.1.0/24-vpcid $vpcid

650) this.width=650; "src=" Http://s5.51cto.com/wyfs02/M00/83/90/wKiom1d1_v-T5bzoAAA4VC-NFzg804.png "style=" float: none; "title=" 3.PNG "alt=" Wkiom1d1_v-t5bzoaaa4vc-nfzg804.png "/>

Login to the Web page to see, has been successfully created, but he does not have a name tag, it seems inconvenient.

650) this.width=650; "src=" Http://s1.51cto.com/wyfs02/M01/83/8E/wKioL1d1_wiCLohxAABfd3EttKs220.png "title=" 4.PNG " Style= "Float:none;" alt= "Wkiol1d1_wiclohxaabfd3ettks220.png"/>

I added a tag to him to indicate his position in Sydney.

$subid =get-ec2subnet | Where-object{$_. Cidrblock-eq "10.2.1.0/24"} | Select-expandproperty Subnetid#add a name Tag to the Subnet$tag=new-object amazon.ec2.model.tag-property @{key= "Name"; v Alue= "Sydney"}new-ec2tag-resource $subid-tag $tag

After executing the command you can see that the name has been updated

650) this.width=650; "src=" Http://s1.51cto.com/wyfs02/M01/83/90/wKiom1d1_xHykU91AABdeVbIMco731.png "style=" float: none; "title=" 5.PNG "alt=" Wkiom1d1_xhyku91aabdevbimco731.png "/>

Next, I need to configure a gateway, first to see if there is no spare, if not, create a

#Create Internet Gateway, if there is no free IGW, Create a new one and attach to Vpcif ((Get-ec2internetgateway | Where-object {$_. Attachments[0]-eq $null} | Measure). Count-eq 0) {New-ec2internetgateway}

650) this.width=650; "src=" Http://s4.51cto.com/wyfs02/M01/83/90/wKiom1d1_xry2nLOAAAbaPsUKcI820.png "style=" float: none; "title=" 6.PNG "alt=" Wkiom1d1_xry2nloaaabapsukci820.png "/>

The following interface is created as follows, there is no name at this time, nor is it bound to any VPC network.

650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M02/83/8E/wKioL1d1_yORZMhBAAAjozM0rOU007.png "style=" float: none; "title=" 7.PNG "alt=" Wkiol1d1_yorzmhbaaajozm0rou007.png "/>

Give a name and then bind to the VPC created above (note not subnet)

$igwid =get-ec2internetgateway | Where-object {$_. Attachments[0]-eq $null} | Select-expandproperty internetgatewayidnew-ec2tag-resource $igwid-tag $tagGet-ec2internetgateway $igwid | Add-ec2internetgateway-vpcid $vpcid

650) this.width=650; "src=" Http://s1.51cto.com/wyfs02/M02/83/8E/wKioL1d1_yyBqXesAABFQI7Gi1s660.png "style=" float: none; "title=" 8.PNG "alt=" Wkiol1d1_yybqxesaabfqi7gi1s660.png "/>

If you want to unbind, use the dismount command

Dismount-ec2internetgateway-internetgatewayid Igw-08d9476d-vpcid $vpcid

Finally, let's take a look at the routing table. He defaults to a main routing table with a default route pointing locally.

650) this.width=650; "src=" Http://s4.51cto.com/wyfs02/M02/83/90/wKiom1d1_zWjdyggAAAx814pjrc191.png "style=" float: none; "title=" 9.PNG "alt=" Wkiom1d1_zwjdyggaaax814pjrc191.png "/>

I can modify the main routing table directly, or you can create a new

For example, I create a new one, and then add a new route on top of him, and all network access points to my gateway.

#RouteTableNew-ec2routetable-vpcid $vpcid $routetable =get-ec2routetable | Where-object {$_. Vpcid-eq $vpcid} #Add new Routenew-ec2route-destinationcidrblock "0.0.0.0/0"-gatewayid $igwid-routetableid $ RouteTable. Routetableid

As shown below

650) this.width=650; "src=" Http://s5.51cto.com/wyfs02/M00/83/8E/wKioL1d1_z7zG2PeAAArGIDYbJY472.png "style=" float: none; "title=" 10.PNG "alt=" Wkiol1d1_z7zg2peaaargidybjy472.png "/>

I can also force associations to the corresponding subnets. If it is in the default main routing table, all subnets will automatically inherit VPC-related routes, of course, I created a new one, I can also force binding a subnet to this routing table.

The command is as follows

Get-ec2subnet-subnetid $subid | Gmregister-ec2routetable-routetableid $routetable. Routetableid-subnetid $subid

650) this.width=650; "src=" Http://s4.51cto.com/wyfs02/M00/83/90/wKiom1d1_0fiG8aLAAA5sjsv3g8423.png "style=" float: none; "title=" 11.PNG "alt=" Wkiom1d1_0fig8alaaa5sjsv3g8423.png "/>

In this way, one of the simplest VPC networks is complete, including vpc,subnet, Internet gateways, and routing tables. The rest of the public network IP, mapping, DHCP and so on I have not been manually configured, the default AWS has been automatically configured to be ready to use.

The next article looks at the user management of IAM.

This article is from the "Mapo Tofu" blog, please be sure to keep this source http://beanxyz.blog.51cto.com/5570417/1794912

PowerShell Automation Management AWS (4)-VPC