/// <summary>
/// This method will create a VPC, a public subnet, private subnet and a NAT EC2 instance to allow EC2 instances in the private
/// subnet to establish outbound connections to the internet.
/// </summary>
/// <param name="ec2Client">The ec2client used to create the VPC</param>
/// <param name="request">The properties used to create the VPC.</param>
/// <returns>The response contains all the VPC objects that were created.</returns>
public static LaunchVPCWithPublicAndPrivateSubnetsResponse LaunchVPCWithPublicAndPrivateSubnets(AmazonEC2 ec2Client, LaunchVPCWithPublicAndPrivateSubnetsRequest request)
{
LaunchVPCWithPublicAndPrivateSubnetsResponse response = new LaunchVPCWithPublicAndPrivateSubnetsResponse();
LaunchVPCWithPublicSubnet(ec2Client, request, response);
response.PrivateSubnet = ec2Client.CreateSubnet(new CreateSubnetRequest()
{
AvailabilityZone = request.PrivateSubnetAvailabilityZone ?? response.PublicSubnet.AvailabilityZone,
CidrBlock = request.PrivateSubnetCiderBlock,
VpcId = response.VPC.VpcId
}).CreateSubnetResult.Subnet;
WriteProgress(request.ProgressCallback, "Created private subnet {0}", response.PublicSubnet.SubnetId);
WaitTillTrue(((Func <bool>)(() => (ec2Client.DescribeSubnets(new DescribeSubnetsRequest()
{
SubnetId = new List <string>()
{
response.PrivateSubnet.SubnetId
}
}).DescribeSubnetsResult.Subnet.Count == 1))));
ec2Client.CreateTags(new CreateTagsRequest()
{
ResourceId = new List <string>()
{
response.PrivateSubnet.SubnetId
},
Tag = new List <Tag>()
{
new Tag()
{
Key = "Name", Value = "Private"
}
}
});
WriteProgress(request.ProgressCallback, "Launching NAT instance");
response.NATInstance = LaunchNATInstance(ec2Client, new LaunchNATInstanceRequest()
{
InstanceType = request.InstanceType,
KeyName = request.KeyName,
SubnetId = response.PublicSubnet.SubnetId
});
WriteProgress(request.ProgressCallback, "NAT instance is available");
var defaultRouteTable = GetDefaultRouteTable(ec2Client, response.VPC.VpcId);
if (defaultRouteTable == null)
{
throw new AmazonEC2Exception("No default route table found for VPC");
}
ec2Client.CreateRoute(new CreateRouteRequest()
{
RouteTableId = defaultRouteTable.RouteTableId,
DestinationCidrBlock = "0.0.0.0/0",
InstanceId = response.NATInstance.InstanceId
});
WriteProgress(request.ProgressCallback, "Added route to the NAT instance in the default route table");
if (request.ConfigureDefaultVPCGroupForNAT)
{
var defaultSecurityGroup = GetDefaultSecurityGroup(ec2Client, response.VPC.VpcId);
var groupId = ec2Client.CreateSecurityGroup(new CreateSecurityGroupRequest()
{
VpcId = response.VPC.VpcId,
GroupName = "NATGroup",
GroupDescription = "Give EC2 Instances access through the NAT"
}).CreateSecurityGroupResult.GroupId;
WriteProgress(request.ProgressCallback, "Created security group for NAT configuration");
IpPermissionSpecification spec = new IpPermissionSpecification()
{
IpProtocol = "-1",
IpRanges = new List <string>()
{
"0.0.0.0/0"
},
Groups = new List <UserIdGroupPair>()
{
new UserIdGroupPair()
{
GroupId = groupId
}
}
};
ec2Client.AuthorizeSecurityGroupIngress(new AuthorizeSecurityGroupIngressRequest()
{
IpPermissions = new List <IpPermissionSpecification>()
{
spec
},
GroupId = defaultSecurityGroup.GroupId
});
WriteProgress(request.ProgressCallback, "Added permission to the default security group {0} to allow traffic from security group {1}", defaultSecurityGroup.GroupId, groupId);
response.NATSecurityGroup = ec2Client.DescribeSecurityGroups(new DescribeSecurityGroupsRequest()
{
GroupId = new List <string>()
{
groupId
}
}).DescribeSecurityGroupsResult.SecurityGroup[0];
}
return(response);
}
/// <summary>
/// This method will create a VPC with a subnet that will have an internet gateway attached making instances available to the internet.
/// </summary>
/// <param name="ec2Client">The ec2client used to create the VPC</param>
/// <param name="request">The properties used to create the VPC.</param>
/// <param name="response">The response contains all the VPC objects that were created.</param>
private static void LaunchVPCWithPublicSubnet(AmazonEC2 ec2Client, LaunchVPCWithPublicSubnetRequest request, LaunchVPCWithPublicSubnetResponse response)
{
response.VPC = ec2Client.CreateVpc(new CreateVpcRequest()
{
CidrBlock = request.VPCCidrBlock,
InstanceTenancy = request.InstanceTenancy
}).CreateVpcResult.Vpc;
WriteProgress(request.ProgressCallback, "Created vpc {0}", response.VPC.VpcId);
var describeVPCRequest = new DescribeVpcsRequest() { VpcId = new List<string>() { response.VPC.VpcId } };
WaitTillTrue(((Func<bool>)(() => ec2Client.DescribeVpcs(describeVPCRequest).DescribeVpcsResult.Vpc.Count == 1)));
if(!string.IsNullOrEmpty(request.VPCName))
{
ec2Client.CreateTags(new CreateTagsRequest()
{
ResourceId = new List<string>(){ response.VPC.VpcId},
Tag = new List<Tag>(){new Tag(){Key = "Name", Value = request.VPCName}}
});
}
response.PublicSubnet = ec2Client.CreateSubnet(new CreateSubnetRequest()
{
AvailabilityZone = request.PublicSubnetAvailabilityZone,
CidrBlock = request.PublicSubnetCiderBlock,
VpcId = response.VPC.VpcId
}).CreateSubnetResult.Subnet;
WriteProgress(request.ProgressCallback, "Created public subnet {0}", response.PublicSubnet.SubnetId);
WaitTillTrue(((Func<bool>)(() => (ec2Client.DescribeSubnets(new DescribeSubnetsRequest() { SubnetId = new List<string>() { response.PublicSubnet.SubnetId } }).DescribeSubnetsResult.Subnet.Count == 1))));
ec2Client.CreateTags(new CreateTagsRequest()
{
ResourceId = new List<string>() { response.PublicSubnet.SubnetId },
Tag = new List<Tag>() { new Tag() { Key = "Name", Value = "Public" } }
});
response.InternetGateway = ec2Client.CreateInternetGateway(new CreateInternetGatewayRequest()
{
}).CreateInternetGatewayResult.InternetGateway;
WriteProgress(request.ProgressCallback, "Created internet gateway {0}", response.InternetGateway.InternetGatewayId);
ec2Client.AttachInternetGateway(new AttachInternetGatewayRequest()
{
InternetGatewayId = response.InternetGateway.InternetGatewayId,
VpcId = response.VPC.VpcId
});
WriteProgress(request.ProgressCallback, "Attached internet gateway to vpc");
response.PublicSubnetRouteTable = ec2Client.CreateRouteTable(new CreateRouteTableRequest()
{
VpcId = response.VPC.VpcId
}).CreateRouteTableResult.RouteTable;
WriteProgress(request.ProgressCallback, "Created route table {0}", response.PublicSubnetRouteTable.RouteTableId);
var describeRouteTableRequest = new DescribeRouteTablesRequest() { RouteTableId = new List<string>() { response.PublicSubnetRouteTable.RouteTableId } };
WaitTillTrue(((Func<bool>)(() => (ec2Client.DescribeRouteTables(describeRouteTableRequest).DescribeRouteTablesResult.RouteTables.Count == 1))));
ec2Client.CreateTags(new CreateTagsRequest()
{
ResourceId = new List<string>() { response.PublicSubnetRouteTable.RouteTableId },
Tag = new List<Tag>() { new Tag() { Key = "Name", Value = "Public" } }
});
ec2Client.AssociateRouteTable(new AssociateRouteTableRequest()
{
RouteTableId = response.PublicSubnetRouteTable.RouteTableId,
SubnetId = response.PublicSubnet.SubnetId
});
WriteProgress(request.ProgressCallback, "Associated route table to public subnet");
ec2Client.CreateRoute(new CreateRouteRequest()
{
DestinationCidrBlock = "0.0.0.0/0",
GatewayId = response.InternetGateway.InternetGatewayId,
RouteTableId = response.PublicSubnetRouteTable.RouteTableId
});
WriteProgress(request.ProgressCallback, "Added route for internet gateway to route table {0}", response.PublicSubnetRouteTable.RouteTableId);
response.PublicSubnetRouteTable = ec2Client.DescribeRouteTables(describeRouteTableRequest).DescribeRouteTablesResult.RouteTables[0];
}
/// <summary>
/// This method will create a VPC with a subnet that will have an internet gateway attached making instances available to the internet.
/// </summary>
/// <param name="ec2Client">The ec2client used to create the VPC</param>
/// <param name="request">The properties used to create the VPC.</param>
/// <param name="response">The response contains all the VPC objects that were created.</param>
private static void LaunchVPCWithPublicSubnet(AmazonEC2 ec2Client, LaunchVPCWithPublicSubnetRequest request, LaunchVPCWithPublicSubnetResponse response)
{
response.VPC = ec2Client.CreateVpc(new CreateVpcRequest()
{
CidrBlock = request.VPCCidrBlock,
InstanceTenancy = request.InstanceTenancy
}).CreateVpcResult.Vpc;
WriteProgress(request.ProgressCallback, "Created vpc {0}", response.VPC.VpcId);
var describeVPCRequest = new DescribeVpcsRequest()
{
VpcId = new List <string>()
{
response.VPC.VpcId
}
};
WaitTillTrue(((Func <bool>)(() => ec2Client.DescribeVpcs(describeVPCRequest).DescribeVpcsResult.Vpc.Count == 1)));
if (!string.IsNullOrEmpty(request.VPCName))
{
ec2Client.CreateTags(new CreateTagsRequest()
{
ResourceId = new List <string>()
{
response.VPC.VpcId
},
Tag = new List <Tag>()
{
new Tag()
{
Key = "Name", Value = request.VPCName
}
}
});
}
response.PublicSubnet = ec2Client.CreateSubnet(new CreateSubnetRequest()
{
AvailabilityZone = request.PublicSubnetAvailabilityZone,
CidrBlock = request.PublicSubnetCiderBlock,
VpcId = response.VPC.VpcId
}).CreateSubnetResult.Subnet;
WriteProgress(request.ProgressCallback, "Created public subnet {0}", response.PublicSubnet.SubnetId);
WaitTillTrue(((Func <bool>)(() => (ec2Client.DescribeSubnets(new DescribeSubnetsRequest()
{
SubnetId = new List <string>()
{
response.PublicSubnet.SubnetId
}
}).DescribeSubnetsResult.Subnet.Count == 1))));
ec2Client.CreateTags(new CreateTagsRequest()
{
ResourceId = new List <string>()
{
response.PublicSubnet.SubnetId
},
Tag = new List <Tag>()
{
new Tag()
{
Key = "Name", Value = "Public"
}
}
});
response.InternetGateway = ec2Client.CreateInternetGateway(new CreateInternetGatewayRequest()
{
}).CreateInternetGatewayResult.InternetGateway;
WriteProgress(request.ProgressCallback, "Created internet gateway {0}", response.InternetGateway.InternetGatewayId);
ec2Client.AttachInternetGateway(new AttachInternetGatewayRequest()
{
InternetGatewayId = response.InternetGateway.InternetGatewayId,
VpcId = response.VPC.VpcId
});
WriteProgress(request.ProgressCallback, "Attached internet gateway to vpc");
response.PublicSubnetRouteTable = ec2Client.CreateRouteTable(new CreateRouteTableRequest()
{
VpcId = response.VPC.VpcId
}).CreateRouteTableResult.RouteTable;
WriteProgress(request.ProgressCallback, "Created route table {0}", response.PublicSubnetRouteTable.RouteTableId);
var describeRouteTableRequest = new DescribeRouteTablesRequest()
{
RouteTableId = new List <string>()
{
response.PublicSubnetRouteTable.RouteTableId
}
};
WaitTillTrue(((Func <bool>)(() => (ec2Client.DescribeRouteTables(describeRouteTableRequest).DescribeRouteTablesResult.RouteTables.Count == 1))));
ec2Client.CreateTags(new CreateTagsRequest()
{
ResourceId = new List <string>()
{
response.PublicSubnetRouteTable.RouteTableId
},
Tag = new List <Tag>()
{
new Tag()
{
Key = "Name", Value = "Public"
}
}
});
ec2Client.AssociateRouteTable(new AssociateRouteTableRequest()
{
RouteTableId = response.PublicSubnetRouteTable.RouteTableId,
SubnetId = response.PublicSubnet.SubnetId
});
WriteProgress(request.ProgressCallback, "Associated route table to public subnet");
ec2Client.CreateRoute(new CreateRouteRequest()
{
DestinationCidrBlock = "0.0.0.0/0",
GatewayId = response.InternetGateway.InternetGatewayId,
RouteTableId = response.PublicSubnetRouteTable.RouteTableId
});
WriteProgress(request.ProgressCallback, "Added route for internet gateway to route table {0}", response.PublicSubnetRouteTable.RouteTableId);
response.PublicSubnetRouteTable = ec2Client.DescribeRouteTables(describeRouteTableRequest).DescribeRouteTablesResult.RouteTables[0];
}
/// <summary>
/// This method will create a VPC, a public subnet, private subnet and a NAT EC2 instance to allow EC2 instances in the private
/// subnet to establish outbound connections to the internet.
/// </summary>
/// <param name="ec2Client">The ec2client used to create the VPC</param>
/// <param name="request">The properties used to create the VPC.</param>
/// <returns>The response contains all the VPC objects that were created.</returns>
public static LaunchVPCWithPublicAndPrivateSubnetsResponse LaunchVPCWithPublicAndPrivateSubnets(AmazonEC2 ec2Client, LaunchVPCWithPublicAndPrivateSubnetsRequest request)
{
LaunchVPCWithPublicAndPrivateSubnetsResponse response = new LaunchVPCWithPublicAndPrivateSubnetsResponse();
LaunchVPCWithPublicSubnet(ec2Client, request, response);
response.PrivateSubnet = ec2Client.CreateSubnet(new CreateSubnetRequest()
{
AvailabilityZone = request.PrivateSubnetAvailabilityZone ?? response.PublicSubnet.AvailabilityZone,
CidrBlock = request.PrivateSubnetCiderBlock,
VpcId = response.VPC.VpcId
}).CreateSubnetResult.Subnet;
WriteProgress(request.ProgressCallback, "Created private subnet {0}", response.PublicSubnet.SubnetId);
WaitTillTrue(((Func<bool>)(() => (ec2Client.DescribeSubnets(new DescribeSubnetsRequest(){SubnetId = new List<string>(){response.PrivateSubnet.SubnetId}}).DescribeSubnetsResult.Subnet.Count == 1))));
ec2Client.CreateTags(new CreateTagsRequest()
{
ResourceId = new List<string>() { response.PrivateSubnet.SubnetId },
Tag = new List<Tag>() { new Tag() { Key = "Name", Value = "Private" } }
});
WriteProgress(request.ProgressCallback, "Launching NAT instance");
response.NATInstance = LaunchNATInstance(ec2Client, new LaunchNATInstanceRequest()
{
InstanceType = request.InstanceType,
KeyName = request.KeyName,
SubnetId = response.PublicSubnet.SubnetId
});
WriteProgress(request.ProgressCallback, "NAT instance is available");
var defaultRouteTable = GetDefaultRouteTable(ec2Client, response.VPC.VpcId);
if (defaultRouteTable == null)
throw new AmazonEC2Exception("No default route table found for VPC");
ec2Client.CreateRoute(new CreateRouteRequest()
{
RouteTableId = defaultRouteTable.RouteTableId,
DestinationCidrBlock = "0.0.0.0/0",
InstanceId = response.NATInstance.InstanceId
});
WriteProgress(request.ProgressCallback, "Added route to the NAT instance in the default route table");
if (request.ConfigureDefaultVPCGroupForNAT)
{
var defaultSecurityGroup = GetDefaultSecurityGroup(ec2Client, response.VPC.VpcId);
var groupId = ec2Client.CreateSecurityGroup(new CreateSecurityGroupRequest()
{
VpcId = response.VPC.VpcId,
GroupName = "NATGroup",
GroupDescription = "Give EC2 Instances access through the NAT"
}).CreateSecurityGroupResult.GroupId;
WriteProgress(request.ProgressCallback, "Created security group for NAT configuration");
IpPermissionSpecification spec = new IpPermissionSpecification()
{
IpProtocol = "-1",
IpRanges = new List<string>(){"0.0.0.0/0"},
Groups = new List<UserIdGroupPair>() { new UserIdGroupPair() { GroupId = groupId } }
};
ec2Client.AuthorizeSecurityGroupIngress(new AuthorizeSecurityGroupIngressRequest()
{
IpPermissions = new List<IpPermissionSpecification>(){spec},
GroupId = defaultSecurityGroup.GroupId
});
WriteProgress(request.ProgressCallback, "Added permission to the default security group {0} to allow traffic from security group {1}", defaultSecurityGroup.GroupId, groupId);
response.NATSecurityGroup = ec2Client.DescribeSecurityGroups(new DescribeSecurityGroupsRequest()
{
GroupId = new List<string>(){ groupId }
}).DescribeSecurityGroupsResult.SecurityGroup[0];
}
return response;
}