Skip to content

Create alb.py #1

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
BhavyaBojanapalli wants to merge 1 commit into
base: master
Choose a base branch
from
Open

Create alb.py #1

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
220 changes: 220 additions & 0 deletions ALB-with-secureEC2/alb.py
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,220 @@
import boto3
import time

ec2 = boto3.resource('ec2')
client = boto3.client('ec2')
user_data_script = """#!/bin/bash
yum clean all
yum update -y
yum install httpd -y
echo "Hello this is test website" >> /var/www/html/index.html
systemctl start httpd
systemctl restart httpd
systemctl enable httpd"""


# create a file to store the key locally
outfile = open('test-ec2-keypair.pem','w')
# call the boto ec2 function to create a key pair
key_pair = ec2.create_key_pair(KeyName='test-ec2-keypair')
# capture the key and store it in a file
KeyPairOut = str(key_pair.key_material)
outfile.write(KeyPairOut)


def awslogin():
session = boto3.Session(
aws_access_key_id="XXXXX",
aws_secret_access_key="XXXX",
)
return session


def create_security_group(descript, group_name, vpc_id):
sg1_response = client.create_security_group(Description=descript, GroupName=group_name, VpcId=vpc_id)
return sg1_response


def create_instances(subnet_name, instance_name):
web_instance = ec2.create_instances(ImageId='ami-0e1d30f2c40c4c701', InstanceType='t2.micro', MinCount=1,
MaxCount=1, KeyName='test-ec2-keypair', SubnetId=subnet_name, UserData=user_data_script,
SecurityGroupIds=[sgId], TagSpecifications=[
{'ResourceType': 'instance', 'Tags': [{'Key': 'Name', 'Value': instance_name}]}])
return web_instance


def get_ec2id(data):
for reservation in data["Reservations"]:
for instance in reservation["Instances"]:
ec2 = boto3.resource('ec2')
response = ec2.Instance(instance["InstanceId"])
return response
Comment on lines +46 to +51
Copy link

@baz-reviewer baz-reviewer bot Oct 1, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The get_ec2id function iterates through all instances but only returns the last one found. This causes instance1, instance2, and instance3 to all reference the same instance when registering targets.

Suggested change
def get_ec2id(data):
for reservation in data["Reservations"]:
for instance in reservation["Instances"]:
ec2 = boto3.resource('ec2')
response = ec2.Instance(instance["InstanceId"])
return response
def get_ec2id(data):
for reservation in data["Reservations"]:
for instance in reservation["Instances"]:
ec2 = boto3.resource('ec2')
response = ec2.Instance(instance["InstanceId"])
return response

Finding type: Logical Bugs



def vpc_creation():
# Create VPC
response = client.create_vpc(CidrBlock='172.16.0.0/16', InstanceTenancy='default')
# Assign tags to VPC
client.create_tags(Resources=[response['Vpc']['VpcId']], Tags=[{'Key': 'Name', 'Value': 'test-vpc', }])
print('***** VPC Created with ID*********', response['Vpc']['VpcId'])
vpc_id = response['Vpc']['VpcId']
return vpc_id


def create_ig(vpc_id):
ig = ec2.create_internet_gateway()
client.attach_internet_gateway(InternetGatewayId=ig.id, VpcId=vpc_id)
return ig

def create_tag_for_route_table(route_table_number, route_table_name):
tag = client.create_tags(Resources=[route_table_number['RouteTable']['RouteTableId']],Tags=[{'Key': 'Name','Value': route_table_name}])
return tag
# create subnets
def create_subnet(cidr, vpc_id, azname):
subnet_response = client.create_subnet(CidrBlock=cidr, VpcId=vpc_id, AvailabilityZone=azname)
return subnet_response


def create_sg_tag(websg_or_elbsg, sg_group_name):
sg_tag_response = client.create_tags(Resources=[websg_or_elbsg['GroupId']],
Tags=[{'Key': 'Name', 'Value': sg_group_name}])
return sg_tag_response


# def create_tag(subnet_number, subnet_name):
# client.create_tags(Resources=[subnet_number['Subnet']['SubnetId']], Tags=[{'Key': 'Name', 'Value': subnet_name}])


def create_alb(ec2_subnet2, ec2_subnet4, ec2_subnet6, elbsgId):
lb = boto3.client('elbv2')
lb_response = lb.create_load_balancer(
Name='test-alb',
Subnets=[
ec2_subnet2, ec2_subnet4, ec2_subnet6,
],
SecurityGroups=[
elbsgId,
],
Scheme='internet-facing',
Tags=[
{
'Key': 'Name',
'Value': 'test-alb'
},
],
Type='application',
IpAddressType='ipv4'
)
lbId = lb_response['LoadBalancers'][0]['LoadBalancerArn']
print('Successfully created load balancer - ', lbId)
return lb, lbId


def create_tg(lb, vpc_id):
create_tg_response = lb.create_target_group(
Name='test-web-tg',
Protocol='HTTP',
Port=80,
TargetType='instance',
HealthCheckPath='/index.html',
VpcId=vpc_id
)
tgId = create_tg_response['TargetGroups'][0]['TargetGroupArn']
print('Successfully created target group - ', tgId)
return tgId

def createlistner(lb, lbId, tgId):
Copy link

@baz-reviewer baz-reviewer bot Oct 1, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Should createlistner be createlistener? The 'e' seems to be missing.

Finding type: Naming and Typos

listnerId = lb.create_listener(
LoadBalancerArn=lbId,
Protocol='HTTP',
Port=80,
DefaultActions=[
{
'Type': 'forward',
'TargetGroupArn': tgId
},
]
)
def regis_targets(lb, tgId, instance1, instance2, instance3):
register_targets = lb.register_targets(TargetGroupArn=tgId, Targets=[{'Id': instance1.id, },
{'Id': instance2.id, },
{'Id': instance3.id, },
],)

if __name__ == '__main__':
session = awslogin()
vpc_id = vpc_creation()
ig = create_ig(vpc_id)
routetable1_response = client.create_route_table(VpcId=vpc_id)
tag = create_tag_for_route_table(routetable1_response, 'test-rt1')
print('Route Table 1 Created - ', routetable1_response['RouteTable']['RouteTableId'])
route_table1 = ec2.RouteTable(routetable1_response['RouteTable']['RouteTableId'])
#route_table1.create_route(DestinationCidrBlock='0.0.0.0/0', GatewayId=ig.id)
# Create Security Group for EC2 instances which will accept traffic from ALB
ec2_sg1 = create_security_group('Accept traffic from ALB', 'test-ec2-sg', vpc_id)
sgId = ec2_sg1['GroupId']
create_sg_tag(ec2_sg1, 'test-ec2-sg')
print('Created Security Group for EC2 Web Instances -', sgId)
web1 = ec2.SecurityGroup(sgId)
web1.authorize_ingress(GroupId=sgId, IpPermissions=[
{'IpProtocol': 'tcp', 'FromPort': 22, 'ToPort': 22, 'IpRanges': [{'CidrIp': '0.0.0.0/0'}]}])
web1.authorize_ingress(GroupId=sgId, IpPermissions=[
{'IpProtocol': 'tcp', 'FromPort': 80, 'ToPort': 80, 'IpRanges': [{'CidrIp': '172.31.0.0/16'}]}])

client.authorize_security_group_ingress(GroupId=sgId, IpPermissions=[
{'IpProtocol': '-1', 'UserIdGroupPairs': [{'GroupId': sgId}]}])

# Create Security for ALB which will accept traffic from Internet
elb_sg1 = create_security_group('Accept traffic from Internet', 'test-alb-sg', vpc_id)
elbsgId = elb_sg1['GroupId']
create_sg_tag(elb_sg1, 'test-alb-sg')
print('Created Security Group for ELB -', elbsgId)
elb1 = ec2.SecurityGroup(elbsgId)
elb1.authorize_ingress(GroupId=elbsgId, IpPermissions=[
{'IpProtocol': 'tcp', 'FromPort': 80, 'ToPort': 80, 'IpRanges': [{'CidrIp': '0.0.0.0/0'}]}])

client.authorize_security_group_ingress(GroupId=elbsgId, IpPermissions=[
{'IpProtocol': '-1', 'UserIdGroupPairs': [{'GroupId': elbsgId}]}])
subnet1 = create_subnet('172.16.1.0/24', vpc_id, 'us-east-1a')
subnet2 = create_subnet('172.16.2.0/24', vpc_id, 'us-east-1a')
subnet3 = create_subnet('172.16.3.0/24', vpc_id, 'us-east-1b')
subnet4 = create_subnet('172.16.4.0/24', vpc_id, 'us-east-1b')
subnet5 = create_subnet('172.16.5.0/24', vpc_id, 'us-east-1c')
subnet6 = create_subnet('172.16.6.0/24', vpc_id, 'us-east-1c')

ec2_subnet1 = subnet1['Subnet']['SubnetId']
route_table1.associate_with_subnet(SubnetId=ec2_subnet1)
ec2_subnet3 = subnet3['Subnet']['SubnetId']
route_table1.associate_with_subnet(SubnetId=ec2_subnet3)
ec2_subnet5 = subnet5['Subnet']['SubnetId']
route_table1.associate_with_subnet(SubnetId=ec2_subnet5)
routetable2_response = client.create_route_table(VpcId=vpc_id)
tag = create_tag_for_route_table(routetable2_response, 'test-rt2')
print('Route Table 2 Created - ', routetable2_response['RouteTable']['RouteTableId'])
route_table2 = ec2.RouteTable(routetable2_response['RouteTable']['RouteTableId'])
route_table2.create_route(DestinationCidrBlock='0.0.0.0/0', GatewayId=ig.id)
ec2_subnet2 = subnet2['Subnet']['SubnetId']
route_table2.associate_with_subnet(SubnetId=ec2_subnet2)
ec2_subnet4 = subnet4['Subnet']['SubnetId']
route_table2.associate_with_subnet(SubnetId=ec2_subnet4)
ec2_subnet6 = subnet6['Subnet']['SubnetId']
route_table2.associate_with_subnet(SubnetId=ec2_subnet6)
instance_1 = create_instances(ec2_subnet1, 'test1')
time.sleep(60)
response1 = client.describe_instances()
instance1 = get_ec2id(response1)
print('Launching ec2 instance1 - ', instance1.id)
instance_2 = create_instances(ec2_subnet3, 'test2')
time.sleep(60)
response2 = client.describe_instances()
instance2 = get_ec2id(response2)
print('Launching ec2 instance2 - ', instance2.id)
instance_3 = create_instances(ec2_subnet5, 'test3')
time.sleep(60)
response3 = client.describe_instances()
instance3 = get_ec2id(response3)
print('Launching ec2 instance3 - ', instance3.id)
lb, lbId = create_alb(ec2_subnet2, ec2_subnet4, ec2_subnet6, elbsgId)
tgId = create_tg(lb, vpc_id)
createlistner(lb, lbId, tgId)
regis_targets(lb, tgId, instance1, instance2, instance3)