How to play with VPC Firewall and Subnets using gcloud CLI

Reading Time: 4 minutes

Hello Readers! In this blog we will see how we can play with VPC Firewall and subnets using gcloud CLI in a few simple steps. Before starting this we again have some prerequisites you need to follow:

You must have a GCP account for this and you must have activated your GCP cloud shell. 

Let’s get started!

List the VPC :

The command for listing the VPC in GCP is:

$ gcloud compute networks list
vpc

List the Subnets :

The command for listing the subnets in GCP is:

$ gcloud compute networks subnets list
subnets

List the Firewall rule :

The command for listing the firewall rule in GCP is:

$ gcloud compute firewall-rules list
firewall

Create a VPC:

Following is the command for creating a VPC:

$ gcloud compute networks create <VPC_NAME> --description "<DESC>" --subnet-mode custom

Here description is optional and –subnet-mode is custom. If I don’t specify subnet-mode then it will create VPC in each region which we don’t want. So, let’s see the output of this command.

vpc

It’s created as you can see in the gcp console.

gcp

We can see here we don’t have any firewall rules attached to this VPC. So, let’s do it also.

Create a Firewall rule:

Following is the command for creating a firewall rule:

$ gcloud compute firewall-rules create <FIREWALL_NAME> --network <VPC_NAME> --allow tcp,udp,icmp --source-ranges <IP_RANGE>
firewall

It’s created now. So, when you refresh the VPC page in GCP Console you will find a firewall attached to our VPC created now.

gcloud

Create a Subnet:

Since subnets are regional, you need to specify the region in which you want to create. And you also need to specify the network in which you want your subnet. So, follow this command to create a subnet:

$  gcloud compute networks subnets create <SUB_NAME> --network <NET_NAME> --region <REGION> --range <RANGE>
subnet

We can see here the output the subnet got created:

gcloud

So, when I list all my subnets you can also see the output here:

$ gcloud compute networks subnets list
subnets

List all the Subnets for a specific VPC :

Use the flag –network for listing all the subnets for a specific VPC.

$ gcloud compute networks subnets list --network <VPC_NAME>
cli

Delete a Subnet:

Before deleting a subnet make sure that there are no resources in that subnet. For example if you have a virtual machine or any resource running on that subnet then you won’t be able to delete it. So, firstly delete those resources. Following is the command for deleting a subnet:

$ gcloud compute networks subnets delete my-subnet --region europe-west2
cli

Now, when I list the subnet I will find 0.

cli

We have deleted the subnets successfully.

Delete a Firewall rule:

Before deleting a VPC firstly delete the firewall rule attached to it. Use the below command for deleting it:

$ gcloud compute firewall-rules delete <FIREWALL_NAME>
cli

Delete a VPC:

Now, we can delete that VPC. Following is the command for deleting a VPC:

$ gcloud compute networks delete <VPC_NAME>
vpc

So, when you refresh the VPC page in GCP Console you will find only default vpc.

gcloud

Congrats! 👏 We are successfully done now!

Here is one of my previous blog for GCP you can refer to this: https://blog.knoldus.com/how-to-deploy-an-application-to-app-engine-in-gcp/

Conclusion

In this blog we have seen how we can play with VPC Firewall and subnets using gcloud CLI. Thank you for sticking to the end. If you like this blog, please do show your appreciation by giving thumbs ups and share this blog and give me suggestions on how I can improve my future posts to suit your needs. Follow me to get updates on different technologies.

HAPPY LEARNING!

knoldus

Written by 

Naincy Kumari is a DevOps Consultant at Knoldus Inc. She is always ready to learn new technologies and tools. She loves painting and dancing.