-
-
Save nguyendv/8cfd92fc8ed32ebb78e366f44c2daea6 to your computer and use it in GitHub Desktop.
import boto3 | |
# http://boto3.readthedocs.io/en/latest/reference/services/ec2.html#service-resource | |
ec2 = boto3.resource('ec2', aws_access_key_id='AWS_ACCESS_KEY_ID', | |
aws_secret_access_key='AWS_SECRET_ACCESS_KEY', | |
region_name='us-west-2') | |
# create VPC | |
vpc = ec2.create_vpc(CidrBlock='192.168.0.0/16') | |
# we can assign a name to vpc, or any resource, by using tag | |
vpc.create_tags(Tags=[{"Key": "Name", "Value": "default_vpc"}]) | |
vpc.wait_until_available() | |
print(vpc.id) | |
# create then attach internet gateway | |
ig = ec2.create_internet_gateway() | |
vpc.attach_internet_gateway(InternetGatewayId=ig.id) | |
print(ig.id) | |
# create a route table and a public route | |
route_table = vpc.create_route_table() | |
route = route_table.create_route( | |
DestinationCidrBlock='0.0.0.0/0', | |
GatewayId=ig.id | |
) | |
print(route_table.id) | |
# create subnet | |
subnet = ec2.create_subnet(CidrBlock='192.168.1.0/24', VpcId=vpc.id) | |
print(subnet.id) | |
# associate the route table with the subnet | |
route_table.associate_with_subnet(SubnetId=subnet.id) | |
# Create sec group | |
sec_group = ec2.create_security_group( | |
GroupName='slice_0', Description='slice_0 sec group', VpcId=vpc.id) | |
sec_group.authorize_ingress( | |
CidrIp='0.0.0.0/0', | |
IpProtocol='icmp', | |
FromPort=-1, | |
ToPort=-1 | |
) | |
print(sec_group.id) | |
# find image id ami-835b4efa / us-west-2 | |
# Create instance | |
instances = ec2.create_instances( | |
ImageId='ami-835b4efa', InstanceType='t2.micro', MaxCount=1, MinCount=1, | |
NetworkInterfaces=[{'SubnetId': subnet.id, 'DeviceIndex': 0, 'AssociatePublicIpAddress': True, 'Groups': [sec_group.group_id]}]) | |
instances[0].wait_until_running() | |
print(instances[0].id) |
Whatever floats your boat. Hell where I work we don't use either and we use Terraform instead.
create_vpc currently return dicts. To get the objects you need to make a separate call
Neah that is if you use the client (low level)
He is using resource which is called abstraction I think (object level)
Quick q: Is it better these days to setup services like this directly with Python/boto3 or use Amazon's own CloudFormation which templates all this already?
terraform
Thanks. Anyone else having difficulty finding boto3 'resources' vs 'client' oriented documents?
I don't like the way you allocated subnets. You'll only have 256 IP addresses. You need a /19 suffix, not a /24 suffix. 2^13 = 8192, 2^8 = 256. By going from /16 to /19 you lose 3 bits that can be used in IP addresses in the subnet, but it'll allow you to have 8 subnets (more than the 6 at us-east-1 that AWS allows). If you need 2 subnets, you can do /17, 3 subnets, do /18. It'll give you 10x the number of IP addresses you can use. I think that's worth some math.
Quick q: Is it better these days to setup services like this directly with Python/boto3 or use Amazon's own CloudFormation which templates all this already?