Created
November 2, 2020 23:36
-
-
Save colemickens/755df2bc4a61c9c657794eef4adce261 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env bash | |
| set -x | |
| set -euo pipefail | |
| # TODO: maybe we need to upload our own AMI or something? | |
| REGION="us-west-2" | |
| #AMI_ID="ami-073449580ff8e82b5" #NixOS-20.03.2351.f8248ab6d9e-aarch64-linux | |
| #AMI_ID="ami-09d0dda914bed4052" # Amazon Linux 2 | |
| AMI_ID="ami-053c71bfc2f2ae88d" # NixOS-20.09alpha417.a780c60f9f7-aarch64-linux | |
| INSTANCE_TYPE="m6g.4xlarge" | |
| INDEX="2" | |
| # TODO: aws cli can query built-in, remove jq usage | |
| awsweeper-tag foo | |
| vpc="$(aws ec2 create-vpc \ | |
| --cidr-block "10.${INDEX}.0.0/16" \ | |
| --region "${REGION}" \ | |
| | jq -r '.Vpc.VpcId')" | |
| sub="$(aws ec2 create-subnet \ | |
| --vpc-id "${vpc}" \ | |
| --region "${REGION}" \ | |
| --cidr-block "10.${INDEX}.1.0/24" | jq -r '.Subnet.SubnetId')" | |
| gw="$(aws ec2 create-internet-gateway --region "${REGION}" | jq -r '.InternetGateway.InternetGatewayId')" | |
| aws ec2 attach-internet-gateway \ | |
| --vpc-id "${vpc}" \ | |
| --internet-gateway-id "${gw}" \ | |
| --region "${REGION}" | |
| rt="$(aws ec2 create-route-table --vpc-id "${vpc}" --region "${REGION}" | jq -r '.RouteTable.RouteTableId')" | |
| aws ec2 create-route \ | |
| --route-table-id "${rt}" \ | |
| --destination-cidr-block 0.0.0.0/0 \ | |
| --gateway-id "${gw}" \ | |
| --region "${REGION}" | |
| aws ec2 associate-route-table \ | |
| --subnet-id "${sub}" \ | |
| --route-table-id "${rt}" \ | |
| --region "${REGION}" | |
| sg="$(aws ec2 create-security-group \ | |
| --description "${vpc}-ssh" \ | |
| --vpc-id "${vpc}" \ | |
| --group-name "${vpc}-ssh" \ | |
| --region "${REGION}" | jq -r '.GroupId')" | |
| aws ec2 authorize-security-group-ingress \ | |
| --group-id "${sg}" \ | |
| --protocol tcp \ | |
| --port 22 \ | |
| --cidr 0.0.0.0/0 \ | |
| --region "${REGION}" | |
| inst="$(aws ec2 run-instances \ | |
| --image-id "${AMI_ID}" \ | |
| --count 1 \ | |
| --region "${REGION}" \ | |
| --subnet-id "${sub}" \ | |
| --security-group-id "${sg}" \ | |
| --instance-type "${INSTANCE_TYPE}" \ | |
| --block-device-mappings "[{\"DeviceName\": \"/dev/xvda\",\"Ebs\":{\"VolumeSize\":100,\"VolumeType\":\"gp2\"}}]" \ | |
| --key-name "colemickens" \ | |
| --associate-public-ip-address | jq -r '.Instances[0].InstanceId')" | |
| aws ec2 create-tags \ | |
| --resources "${vpc}" "${sub}" "${gw}" "${rt}" "${sg}" "${inst}" \ | |
| --region "${REGION}" \ | |
| --tags Key=project,Value=foo | |
| # add SG rule for tcp/22 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment