AWS Command Line Interface
he AWS Command Line Interface (AWS CLI) is an open source tool that enables you to interact with AWS services using commands in your command-line shell. With minimal configuration, the AWS CLI enables you to start running commands that implement functionality equivalent to that provided by the browser-based AWS Management Console from the command prompt in your terminal program:
- Linux shells — Use common shell programs such as
bash,zsh, andtcshto run commands in Linux or macOS. - Windows command line — On Windows, run commands at the Windows command prompt or in PowerShell.
- Remotely — Run commands on Amazon Elastic Compute Cloud (Amazon EC2) instances through a remote terminal program such as PuTTY or SSH, or with AWS Systems Manager.
PROJECT: Launch AWS instance and attach volume using AWS CLI & script
Goals or steps:
- Create a key pair.
- Create a security group.
- Launch an instance using the above created key pair and security group.
- Create an EBS volume of 1 GB.
- The final step is to attach the above created EBS volume to the instance you created in the previous steps.
All the above steps must be performed using AWS CLI.
The AWS Command Line Interface (CLI) is a unified tool to manage your AWS services. With just one tool to download and configure, you can control multiple AWS services from the command line and automate them through scripts. For more info: https://docs.aws.amazon.com/cli/latest/userguide/cli-chap-install.html
aws --version
aws configure aws ec2 help
Step 1: Creating the key pairs from the command line.
To create the key-pair from the AWS CLI, we will be using the AWS command. Key-pair comes under the umbrella of EC2 services. You can also check all the commands and services under AWS EC2 using the following command:
For creating the key-pair, use the following command:
- Key name: mytest
- profile name: aws_task
$ aws ec2 create-key-pair --key-name mytest --key-format pem --profile aws_task > mytestCreate IAM user :
Then create a IAM user which you have to create using Access Key and Secret key which we will required to connect with your AWS account remotely and while creating the IAM user give proper policies so that the user account can do anything in the AWS account.
Then from the local system use the aws command to connect with the aws account.
> aws configure --profile aws_task
For confirming, either you can check from the AWS Web Console or Command line using the following command:
aws ec2 describe-key-pairs
Step 2: Creating the security group
Security groups in the AWS act as the virtual firewall and help secure the instance or other resources that you have created in the AWS.
For creating the security group, you can use the following command:
- Security Group name: lw-http-allow-all.
- “LW user allow all Web http traffic.”
$ aws ec2 create-security-group --group-name lw-http-allow-all --description "LW user allow all Web http traffic" --profile aws_taskaws ec2 create-security-group helpFor confirming that your security group is created successfully or not, you can use Web Console of AWS or the following command from CLI.
aws ec2 describe-security-groups
Step 3: Add the inbound rules to the security group
For allowing the specific IP or allowing the specific port connection from the outside world, you need to add the inbound rules in the security group. For instance, for allowing everyone from the outside world to be able to access the resource, but only in port 22 (which is used for ssh), you can run the following command:
$ aws ec2 authorize-security-group-ingress --group-name lw-http-allow-all --port 80 --cidr 0.0.0.0/0 --protocol tcp --profile aws_taskNote: ingress rules are the ones that control the inbound traffic (which is coming from the outside world to your instance).
You can check whether the above command worked properly or not by describing the security groups.
aws ec2 describe-security-groupsStep 4: Launching the EC2 instance
For launching the EC2 instance, you can use the following command:
aws ec2 run-instances --image-id ami-0e306788ff2473ccb --count 1 --instance-type t2.micro --key-name mytest --security-group-ids sg-0186840bb87671260In the above command, while launching the ec2 instance, you have to specify some of the things, like the number of instances, image-id, instance-type, and the key which you want to use, and the security group that you want to attach.
Step 5: Creating the EBS volume
To create the EBS volume, you can make use of the create-volume command available in AWS CLI. Along with this command, you need to provide the availability zone that you want to use. So, here, you must need to specify the same availability zone as that of your instance’s AZ because only then, you will be able to attach the volume to the instance.
ws ec2 create-volume --availability-zone ap-south-1a --size 1 --tag-specification ResourceType=volume,Tags=[{Key=Name,Value=clivolume}]
Step 6: Attaching that EBS Volume to the EC2 instance that we have already created
For attaching the volume, you need the device name and instance-id to which you need to attach the volume and obviously the volume-id of the volume that is to be attached to the instance.
Now, to get the volume-id, you can make use of the following command:
aws ec2 describe-volumes --query "Volumes[*].{ID:VolumeId,AZ:AvailabilityZone,Size:Size}" --filters "Name=tag:Name,Values=clivolume"
aws ec2 attach-volume --device /dev/xvdb --instance-id i-0159851f2556c1a04 --volume-id vol-0536d4b73a5937242This is all about the project. That’s the integration of so many technologies of AWS and let us explore more!
THANKYOU!