AWS CLI Commands for Cloud Network Engineers

1. VPC Management

View VPCs

aws ec2 describe-vpcs

Use Case: Lists all VPCs in your account.

Create a VPC

aws ec2 create-vpc --cidr-block 10.0.0.0/16

Use Case: Creates a new VPC.

Delete a VPC

aws ec2 delete-vpc --vpc-id vpc-12345678

Use Case: Deletes a VPC.

2. Subnet Management

List Subnets

aws ec2 describe-subnets

Use Case: Lists all subnets.

Create a Subnet

aws ec2 create-subnet --vpc-id vpc-12345678 --cidr-block 10.0.1.0/24 --availability-zone us-east-1a

Use Case: Creates a subnet.

Delete a Subnet

aws ec2 delete-subnet --subnet-id subnet-12345678

Use Case: Deletes a subnet.

3. Route Table Management

List Route Tables

aws ec2 describe-route-tables

Use Case: Displays route tables.

Create a Route Table

aws ec2 create-route-table --vpc-id vpc-12345678

Use Case: Creates a custom route table.

Add Route to Internet Gateway

aws ec2 create-route --route-table-id rtb-12345678 --destination-cidr-block 0.0.0.0/0 --gateway-id igw-12345678

Use Case: Enables internet access.

4. Internet Gateway & NAT Gateway

List Internet Gateways

aws ec2 describe-internet-gateways

Use Case: Shows all IGWs.

Create an Internet Gateway

aws ec2 create-internet-gateway

Use Case: Creates an IGW.

Attach IGW to a VPC

aws ec2 attach-internet-gateway --vpc-id vpc-12345678 --internet-gateway-id igw-12345678

Use Case: Connects an IGW to a VPC.

List NAT Gateways

aws ec2 describe-nat-gateways

Use Case: Checks NAT gateways.

5. Security Groups & Network ACLs

List Security Groups

aws ec2 describe-security-groups

Use Case: Shows security groups.

Create a Security Group

aws ec2 create-security-group --group-name MySG --description "My Security Group" --vpc-id vpc-12345678

Use Case: Defines a security group.

Add Inbound Rule to Security Group

aws ec2 authorize-security-group-ingress --group-id sg-12345678 --protocol tcp --port 22 --cidr 0.0.0.0/0

Use Case: Allows SSH access.

List Network ACLs

aws ec2 describe-network-acls

Use Case: Displays network ACLs.

6. Elastic Load Balancer (ELB)

List Load Balancers

aws elbv2 describe-load-balancers

Use Case: Shows all ALBs and NLBs.

Register an Instance to a Target Group

aws elbv2 register-targets --target-group-arn arn:aws:elasticloadbalancing:region:account-id:targetgroup/my-target-group/123456 --targets Id=i-12345678

Use Case: Adds an EC2 instance to a target group.

7. AWS Transit Gateway

List Transit Gateways

aws ec2 describe-transit-gateways

Use Case: Checks Transit Gateways.

Attach a VPC to a Transit Gateway

aws ec2 create-transit-gateway-vpc-attachment --transit-gateway-id tgw-12345678 --vpc-id vpc-12345678 --subnet-ids subnet-12345678

Use Case: Connects a VPC to a TGW.

8. AWS VPN (Site-to-Site & Client VPN)

List Site-to-Site VPNs

aws ec2 describe-vpn-connections

Use Case: Displays VPN connections.

Create a VPN Connection

aws ec2 create-vpn-connection --customer-gateway-id cgw-12345678 --vpn-gateway-id vgw-12345678 --type ipsec.1

Use Case: Establishes a VPN connection.

List Client VPN Endpoints

aws ec2 describe-client-vpn-endpoints

Use Case: Checks Client VPN endpoints.

9. Direct Connect

List Direct Connect Connections

aws directconnect describe-connections

Use Case: Shows Direct Connect links.

Create a Virtual Interface

aws directconnect create-private-virtual-interface --connection-id dxcon-12345678 --new-private-virtual-interface ...

Use Case: Sets up Direct Connect.

10. Network Troubleshooting

Check Reachability of an Instance

aws ec2 get-console-output --instance-id i-12345678

Use Case: Retrieves logs for debugging.

Run Reachability Analyzer

aws ec2 start-network-insights-analysis --network-insights-path-id nip-12345678

Use Case: Analyzes connectivity issues.

11. Elastic IP (EIP) Management

List Elastic IPs

aws ec2 describe-addresses

Use Case: Shows allocated EIPs.

Allocate a New EIP

aws ec2 allocate-address

Use Case: Reserves a new EIP.

Associate an EIP with an Instance

aws ec2 associate-address --instance-id i-12345678 --allocation-id eipalloc-12345678

Use Case: Assigns an EIP to an instance.

12. AWS Global Accelerator

List Accelerators

aws globalaccelerator list-accelerators

Use Case: Shows AWS Global Accelerators.

Update Accelerator Attributes

aws globalaccelerator update-accelerator --accelerator-arn arn:aws:globalaccelerator::12345678 --enabled

Use Case: Enables or disables Global Accelerator.

Conclusion

These AWS CLI commands are essential for managing cloud networking components efficiently. Use them to automate network tasks, troubleshoot issues, and configure AWS network services.