After you've created the VPC and subnets, you can make both subnets public by attaching asn internet gateway to your VPC, creating a custom route table, and configuring routing for the subnets to the internet gateway.
To make your subnet a public subnet
- Create an internet gateway using the following
create-internet-gateway
$ aws ec2 create-internet-gateway --query InternetGateway.InternetGatewayId --output text
The command returns the ID of the new internet gateway. The following is an example.
igw-1ff7a07b
- Using the ID from the previous step, attach the internet gateway to your VPC using the following
attach-internet-gateway
$ aws ec2 attach-internet-gateway --vpc-id vpc-2f09a348 --internet-gateway-id igw-1ff7a07b
- Create a custom route table for your VPC using the following
create-route-tablecommand.
$ aws ec2 create-route-table --vpc-id vpc-2f09a348 --query RouteTable.RouteTableId --output text
The command returns the ID of the new route table. The following is an example.
rtb-c1c8faa6
- Create a route in the route table that points all traffic (
0.0.0.0/0) to the internet gateway using the followingcreate-routecommand.
$ aws ec2 create-route --route-table-id rtb-c1c8faa6 --destination-cidr-block 0.0.0.0/0 --gateway-id igw-1ff7a07b
- (Optional) To confirm that your route has been created and is active, you can describe the route table using the following
describe-route-tablescommand.
$ aws ec2 describe-route-tables --route-table-id rtb-c1c8faa6
{
"RouteTables": [
{
"Associations": [],
"RouteTableId": "rtb-c1c8faa6",
"VpcId": "vpc-2f09a348",
"PropagatingVgws": [],
"Tags": [],
"Routes": [
{
"GatewayId": "local",
"DestinationCidrBlock": "10.0.0.0/16",
"State": "active",
"Origin": "CreateRouteTable"
},
{
"GatewayId": "igw-1ff7a07b",
"DestinationCidrBlock": "0.0.0.0/0",
"State": "active",
"Origin": "CreateRoute"
}
]
}
]
}
- The route table is currently not associated with any subnet. You need to associate it with the subnets in your VPC so that traffic from that subnets is routed to the internet gateway. Use the following
describe-subnetscommand to get the subnets IDs. The--filteroption restricts the subnets to your new VPC only, and the--queryoption returns only the subnet IDs and their CIDR blocks.
$ aws ec2 describe-subnets --filters "Name=vpc-id,Values=vpc-2f09a348" --query "Subnets[*].{ID:SubnetId,CIDR:CidrBlock}"
[
{
"CIDR": "10.0.1.0/24",
"ID": "subnet-b46032ec"
},
{
"CIDR": "10.0.0.0/24",
"ID": "subnet-a46032fc"
}
]
- You can choose which subnet to associate with the custom route table, for example,
subnet-b46032ec, and associate it using theassociate-route-tablecommand. This subnet is your public subnet and you need almost two.
$ aws ec2 associate-route-table --subnet-id subnet-b46032ec --route-table-id rtb-c1c8faa6
- (Optional) You can modify the public IP addressing behaviour of your subnet so that an instance launched into the subnet automatically receives a public IP address using the following
modify-subnet-attributecommand. Otherwise, associate an Elastic IP address with your instance after launch so that the instance is reachable from the internet.
$ aws ec2 modify-subnet-attribute --subnet-id subnet-b46032ec --map-public-ip-on-launch
Top comments (0)