AWS 181-[AWSN]-Activity - Troubleshoot a VPC

#AWS 181-[AWSN]-Activity - Troubleshoot a VPC

Check out my GitHub Repository - https://github.com/MFMKURIA/More-AWS-...
Portfolio
1. http://markfrancismk.sciawareness.com...
2. https://d2taxcp5hluc5o.cloudfront.net/
Here is a detailed step-by-step guide for troubleshooting a VPC lab assignment, designed for someone new to AWS. This guide covers everything from starting the lab to completing it, including commands, explanations, potential challenges, and references to AWS documentation.

---

Lab Guide: Troubleshooting a VPC

Lab Overview

In this lab, you'll troubleshoot virtual private cloud (VPC) configurations and analyze VPC Flow Logs. The environment includes two VPCs, Amazon EC2 instances, and other networking components. You’ll follow a series of tasks to create VPC Flow Logs, troubleshoot networking issues, and analyze log data.

Objectives

By the end of this lab, you will be able to:
1. Create VPC Flow Logs.
2. Troubleshoot VPC configuration issues.
3. Analyze flow logs.

Duration

Approximately 75 minutes.

Accessing the AWS Management Console

1. Start Lab:
At the top of these instructions, choose Start Lab to launch your lab environment.
Wait until the message "Lab status: ready" appears.
Close the Start Lab panel by choosing X.

2. Retrieve Credentials:
After the lab is ready, choose Details at the top of these instructions and then Show.
Copy the credentials and other details from the Credentials panel into a text editor for later use.

3. Open AWS Management Console:
At the top of these instructions, choose AWS to open the AWS Management Console in a new tab.
Ensure pop-ups are allowed if the console does not open automatically.
Arrange both tabs (lab instructions and AWS Console) side by side for convenience.

---

Task 1: Connecting to the CLI Host Instance

1.1 Connect to the CLI Host Instance

1. Open EC2 Management Console:
In the AWS Management Console, use the search bar to find and open EC2.

2. Select CLI Host Instance:
In the navigation pane, choose Instances.
Find and select the CLI Host instance from the list.

3. Connect Using EC2 Instance Connect:
Click Connect.
On the EC2 Instance Connect tab, choose Connect to open a terminal window.

1.2 Configure AWS CLI

1. Configure AWS CLI:
In the CLI Host terminal, run the following command to configure the AWS CLI:

```bash
aws configure
```
Enter the following values when prompted:
AWS Access Key ID: Enter the value for AccessKey.
AWS Secret Access Key: Enter the value for SecretKey.
Default region name: Enter `us-west-2`.
Default output format: Enter `json`.

---

Task 2: Creating VPC Flow Logs

2.1 Create an S3 Bucket

1. Create an S3 Bucket for Flow Logs:
Run the following command, replacing `` with a unique set of six random numbers:

```bash
aws s3api create-bucket --bucket flowlog --region 'us-west-2' --create-bucket-configuration LocationConstraint='us-west-2'
```
The output will provide a URL similar to `http://flowlog.s3.amazonaws.com`. Note the bucket name.

2. Handle Bucket Name Conflicts:
If you encounter a "Bucket name already exists" error, use a different set of numbers and run the command again.

2.2 Create VPC Flow Logs

1. Get VPC ID for VPC1:
Run the following command to retrieve the VPC ID for VPC1:

```bash
aws ec2 describe-vpcs --query 'Vpcs[].[VpcId,Tags[?Key==`Name`].Value,CidrBlock]' --filters "Name=tag:Name,Values='VPC1'"
```

Note the VPC ID from the output (e.g., `vpc-01edacbe1c31959d2`).

2. Create Flow Logs for VPC1:
Replace `/flowlog\` with the bucket name and `/vpc-id\` with the VPC ID from the previous step, then run:

```bash
aws ec2 create-flow-logs --resource-type VPC --resource-ids /vpc-id\ --traffic-type ALL --log-destination-type s3 --log-destination arn:aws:s3:::/flowlog\
```
Note the `FlowLogIds` and `ClientToken` from the output.

3. Verify Flow Logs Creation:
Run the following command to ensure the flow log was created:

```bash
aws ec2 describe-flow-logs
```

Confirm that the flow log status is `ACTIVE` and the log destination points to your S3 bucket.