1. Answers
  2. Enabling SSH access to instances within a private network

How do I enable SSH access to instances within a private network?

In this guide, we will create an AWS VPC with a private subnet, launch an EC2 instance within that subnet, and enable SSH access to the instance. We will create a security group to allow SSH access and associate it with the EC2 instance.

import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";

// Create a new VPC
const vpc = new aws.ec2.Vpc("my-vpc", {
    cidrBlock: "10.0.0.0/16",
});

// Create a subnet within the VPC
const subnet = new aws.ec2.Subnet("my-subnet", {
    vpcId: vpc.id,
    cidrBlock: "10.0.1.0/24",
});

// Create an Internet Gateway for the VPC
const igw = new aws.ec2.InternetGateway("my-igw", {
    vpcId: vpc.id,
});

// Create a route table for the subnet
const routeTable = new aws.ec2.RouteTable("my-route-table", {
    vpcId: vpc.id,
    routes: [
        {
            cidrBlock: "0.0.0.0/0",
            gatewayId: igw.id,
        },
    ],
});

// Associate the route table with the subnet
new aws.ec2.RouteTableAssociation("my-route-table-association", {
    subnetId: subnet.id,
    routeTableId: routeTable.id,
});

// Create a security group to allow SSH access
const sshSecurityGroup = new aws.ec2.SecurityGroup("ssh-security-group", {
    vpcId: vpc.id,
    ingress: [
        {
            protocol: "tcp",
            fromPort: 22,
            toPort: 22,
            cidrBlocks: ["0.0.0.0/0"], // Allowing SSH access from anywhere (for demonstration purposes)
        },
    ],
    egress: [
        {
            protocol: "-1",
            fromPort: 0,
            toPort: 0,
            cidrBlocks: ["0.0.0.0/0"],
        },
    ],
});

// Launch an EC2 instance within the subnet
const instance = new aws.ec2.Instance("my-instance", {
    instanceType: "t2.micro",
    ami: "ami-0c55b159cbfafe1f0", // Amazon Linux 2 AMI for demonstration purposes
    subnetId: subnet.id,
    vpcSecurityGroupIds: [sshSecurityGroup.id],
    keyName: "my-key-pair", // Ensure you have created this key pair in your AWS account
});

// Export the instance's public IP address
export const publicIp = instance.publicIp;
export const publicDns = instance.publicDns;

Key Points

  • We created a VPC and a subnet within it.
  • An Internet Gateway was created and associated with the VPC.
  • A route table was created and associated with the subnet to allow outbound internet access.
  • A security group was created to allow SSH access on port 22.
  • An EC2 instance was launched within the subnet and associated with the SSH security group.

Summary

This guide demonstrated how to set up a VPC with a private subnet, create a security group to allow SSH access, and launch an EC2 instance within the subnet on AWS using Pulumi. This setup allows you to securely access your instance via SSH.

Deploy this code

Want to deploy this code? Sign up for a free Pulumi account to deploy in a few clicks.

Sign up

New to Pulumi?

Want to deploy this code? Sign up with Pulumi to deploy in a few clicks.

Sign up