AWS Command Line Interface(CLI )-Some basic applications!
So to begin with AWS CLI ,firstly let’s take a look at some basic terminologies.
What is AWS?
Amazon web service is a platform that offers flexible, reliable, scalable, easy-to-use and cost-effective cloud computing solutions. AWS is a comprehensive, easy to use computing platform offered Amazon. The platform is developed with a combination of Infrastructure as a Service (IaaS), Platform as a Service (PaaS) and packaged Software as a Service (SaaS) offerings.
What is CLI?
A command-line interface (CLI) processes commands to a computer program in the form of lines of text. The program which handles the interface is called a command-line interpreter or command-line processor. Operating systems implement a command-line interface in a shell for interactive access to operating system functions or services.
Amazon Web Services (AWS) basically provides us three pathways to work on it. They are :
1) WebUI (https://aws.amazon.com/)
2) AWS Command line approach (CLI)
3) Terraform (HCL) codesIn this article I am going to discuss how to use CLI to perform basic operations on AWS that can be easily done through the webUI in the AWS Management Console
So Let’s Get Started !!
Installing and Setting up AWS CLI
You have to download AWS CLI firstly. You can download it from https://aws.amazon.com/cli/ . Then install it on your computer. After installing, you just need to add the path in the path variables in the environment variable of the OS and we are done! You can if it has been installed or not and also check the version by running the command shown.
Next you have to configure the IAM-Identity and Access Management.
You will notice that at the end of installation, a credentials.csv file gets downloaded automatically. That file contains the Access Key ID an Secret Access key.(Don’t share that with anyone else , it’s highly confidential. This is because if it gets leaked anybody will be able to access your account.
Run the command: aws configure
After this the command prompt will ask you to enter the access key , secret key , region and default output format. Set the access keys from the csv file, region to your appropriate choice and default output format to json.
And that’s it you are all set to go!!
So coming to the operations that we are going to perform today using CLI are:
🔅 Create a key pair
🔅 Create a security group
🔅 Launch EC2 instance attached to an 1GB EBS volume to it.
1.Creating a key-pair
A key pair, consisting of a private key and a public key, is a set of security credentials that you use to prove your identity when connecting to an instance. Amazon EC2 stores the public key, and you store the private key. You use the private key, instead of a password, to securely access your instances. Anyone who possesses your private keys can connect to your instances, so it’s important that you store your private keys in a secure place.
*The command required to save the generated key as a public key ASCII encoded (out-file option along with pipe | symbol) is not supported in the command prompt but supported by the Windows PowerShell. So we need to be using PowerShell command to generate key-pair.
To create the key run the following command:
powershell.exe -Command "aws ec2 create-key-pair --key-name clikey --query "KeyMaterial" --output text | out-file --encoding ascii --filepath "clikey.pem"In the command in place of “clikey” you can give any name as that will be the key name. I named my key “Mykey”.
2.Creating a security group
A security group acts as a virtual firewall for your instance to control inbound and outbound traffic. When you launch an instance in a VPC, you can assign up to five security groups to the instance. Security groups act at the instance level, not the subnet level. Therefore, each instance in a subnet in your VPC can be assigned to a different set of security groups.
We can get VPC ID by running the following command:
aws ec2 describe-vpcs --vpc-id
From the above output you will get your VPC ID. Now using this ID we will create a security group. Note down the VPC Id.
aws ec2 create-security-group --group-name "security group name" --description "SG created from AWS CLI" --vpc-id "VPC ID"In the above command replace “security group name ” with any name you want to give to your security group. Similarly replace “VPC ID” with the vpc ID you got previously. I named my security group Mysg. Running this command will give you the Group Id. Note it down as we will need it later .
A firewall is something that protects your instance or machine from unwanted access. For this we are now going to add a rule to the security group. I am going to add the TCP protocol with port no. 22 to the created security group which will enable us the SSH sub-protocol and we will be able to access any instance from any host IP with this security group later on.
aws ec2 authorize-security-group-ingress --group-id sg-04b84568a14af092d --group-name sgcli --protocol tcp --port 22 --cidr 0.0.0.0/0
3.Run an EC2 instance and attach an EBS volume to it
First let us create a EBS volume of 1GB using the following command:
aws ec2 create-volume --availability-zone ap-south-1a --size 1 --volume-type gp2Here are I have set the zone to ap-south-1a. You can do it as per your choice . Running the above command will give you the volume ID .Note it down as we will need it later.
Now to launch any instance we do need the subset in which it will be launched. To find out the subset ID, run the following command:
aws ec2 describe-subnets --subnet-ids
Now let’s create the instance. The AMI id used is of Amazon Linux, instance type t2.micro, and the key and security groups used are the ones that we created using CLI.
Remember I asked you to note down the IDs. W are now going to use them.
aws ec2 run-instances --image-id ami-0e306788ff2473ccb --instance-type t2.micro --count 1 --subnet-id subnet-ef404b87 --security-group-ids sg-0f32142583283ef72 --key-name MykeyIn the above command give your IDs and key name that you created.
In this part of the output , you can see your “Instance ID”.
Now finally let’s attach the EB volume to the instance by running the following command:
aws ec2 attach-volume --instance-id i-0c2fc842dd2fbb125 --volume-id vol-078f3e8efa4a2c63 --device /dev/xvdhRemember to replace Volume I and Instance ID with you own IDs.
And that’s it , we are done !! Hope you guys liked my article :)