kudosqujo · September 22, 2022 00:13
diff --git a/aws_vpc-routing_and_ACLs.sh b/aws_vpc-routing_and_ACLs.sh
 # Create internet gateways, route tables, and corresponding ACLs in AWS VPC to secure our network.

 # create internet gateway
 aws ec2 create-internet-gateway

 # attach internet gateway to a vpc
 aws ec2 attach-internet-gateway --internet-gateway-id igw-06604b3e --vpc-id vpc-ad6bd2f7

 # create a route table
 aws ec2 create-route-table --vpc-id vpc-ad6bd2f7

 # create a route rule so that all of the internet will be available
 aws ec2 create-route --route-table-id rtb-79c2bb62 --gateway-id igw-06604b3e --destination-cidr-block 0.0.0.0/0

 # describe subnets
 aws ec2 describe-subnets

 # associate route table with a non-default subnet
 aws ec2 associate-route-table --route-table-id rtb-79c2bb62 --subnet-id subnet-d5c3bf59

 # describe network ACLs
 aws ec2 describe-network-acls

 # delete default ingress rule allowing all incoming traffic
 aws ec2 delete-network-acl-entry --network-acl-id acl-e11740f9 --rule-number 100 --ingress

 # create a new ingress rule that allows incoming TCP traffic through port 80
 aws ec2 create-network-acl-entry --network-acl-id acl-e11740f9 --protocol tcp --rule-action allow --rule-number 100 --ingress --cidr-block 0.0.0.0/0 --port-range From=80,To=80

 # delete default egress rule allowing all outgoing traffic
 aws ec2 delete-network-acl-entry --network-acl-id acl-e11740f9 --rule-number 100 --egress

 # create a new egress rule that allows outgoing TCP traffic over port 80
 aws ec2 create-network-acl-entry --network-acl-id acl-e11740f9 --protocol tcp --rule-action allow --rule-number 100 --egress --cidr-block 0.0.0.0/0 --port-range From=80,To=80

 # create a new ingress & egress rules allowing incoming & outgoing HTTPS traffic over port 443
 aws ec2 create-network-acl-entry --network-acl-id acl-e11740f9 --protocol tcp --rule-action allow --rule-number 101 --ingress --cidr-block 0.0.0.0/0 --port-range From=443,To=443
 aws ec2 create-network-acl-entry --network-acl-id acl-e11740f9 --protocol tcp --rule-action allow --rule-number 101 --egress --cidr-block 0.0.0.0/0 --port-range From=443,To=443

 # create a new ingress rule that allows incoming SSH traffic over port 22 from IPs in the /32 cidr range so we can configure our VPC in the future
 aws ec2 create-network-acl-entry --network-acl-id acl-e11740f9 --protocol tcp --rule-action allow --rule-number 102 --ingress --cidr-block 0.0.0.0/32 --port-range From=22,To=22
	# Create internet gateways, route tables, and corresponding ACLs in AWS VPC to secure our network.

	# create internet gateway
	aws ec2 create-internet-gateway

	# attach internet gateway to a vpc
	aws ec2 attach-internet-gateway --internet-gateway-id igw-06604b3e --vpc-id vpc-ad6bd2f7

	# create a route table
	aws ec2 create-route-table --vpc-id vpc-ad6bd2f7

	# create a route rule so that all of the internet will be available
	aws ec2 create-route --route-table-id rtb-79c2bb62 --gateway-id igw-06604b3e --destination-cidr-block 0.0.0.0/0

	# describe subnets
	aws ec2 describe-subnets

	# associate route table with a non-default subnet
	aws ec2 associate-route-table --route-table-id rtb-79c2bb62 --subnet-id subnet-d5c3bf59

	# describe network ACLs
	aws ec2 describe-network-acls

	# delete default ingress rule allowing all incoming traffic
	aws ec2 delete-network-acl-entry --network-acl-id acl-e11740f9 --rule-number 100 --ingress

	# create a new ingress rule that allows incoming TCP traffic through port 80
	aws ec2 create-network-acl-entry --network-acl-id acl-e11740f9 --protocol tcp --rule-action allow --rule-number 100 --ingress --cidr-block 0.0.0.0/0 --port-range From=80,To=80

	# delete default egress rule allowing all outgoing traffic
	aws ec2 delete-network-acl-entry --network-acl-id acl-e11740f9 --rule-number 100 --egress

	# create a new egress rule that allows outgoing TCP traffic over port 80
	aws ec2 create-network-acl-entry --network-acl-id acl-e11740f9 --protocol tcp --rule-action allow --rule-number 100 --egress --cidr-block 0.0.0.0/0 --port-range From=80,To=80

	# create a new ingress & egress rules allowing incoming & outgoing HTTPS traffic over port 443
	aws ec2 create-network-acl-entry --network-acl-id acl-e11740f9 --protocol tcp --rule-action allow --rule-number 101 --ingress --cidr-block 0.0.0.0/0 --port-range From=443,To=443
	aws ec2 create-network-acl-entry --network-acl-id acl-e11740f9 --protocol tcp --rule-action allow --rule-number 101 --egress --cidr-block 0.0.0.0/0 --port-range From=443,To=443

	# create a new ingress rule that allows incoming SSH traffic over port 22 from IPs in the /32 cidr range so we can configure our VPC in the future
	aws ec2 create-network-acl-entry --network-acl-id acl-e11740f9 --protocol tcp --rule-action allow --rule-number 102 --ingress --cidr-block 0.0.0.0/32 --port-range From=22,To=22