Open in app

Sign in

Write

Sign in

|| Hands-On AWS-CLI : Managing AWS Cloud Services (EC2, EBS) using command line interface.

Tamim Dalwai
5 min readOct 17, 2020

--

Amazon Web Services (AWS) is a subsidiary of Amazon providing on-demand cloud computing platforms and APIs to individuals, companies, and governments, on a metered pay-as-you-go basis.

So guys, In this article I am going to show you how you can use AWS-CLI to achieve following tasks.

🔅 Creating a key pair.

🔅 Creating a security group.

🔅 Launching an instance using the above created key pair and security group.

🔅 Creating an EBS volume of 1 GB.

🔅 And to attach the above created EBS volume to the instance that we are going to create.

Aws provides three ways to interact with its services

  1. WebUI : it is a browser interface.
  2. SDK : The AWS SDK is a collection of tools for developers creating programming language based Web apps to run on Amazon cloud components such as Amazon Simple Storage Service (S3), Amazon Elastic Compute Cloud (EC2) and Amazon Simple DB explore more…
  3. AWS CLI :The AWS Command Line Interface (CLI) is a unified tool to manage AWS services. With just one tool to download and configure, we can control multiple AWS services from the command line and automate them through scripts.

Let’s First Download and Install AWS-CLI

  1. Use below link and download the aws-cli software. https://awscli.amazonaws.com/AWSCLIV2.msi

2. Run the setup & install .

3. Run following command to check whether aws is successfully installed or not.

aws
aws --version
AWS-CLI

root user & IAM user

When we first create an AWS account, we begin with a single sign-in identity that has complete access to all AWS services and resources in the account. This identity is called the AWS account root user and is accessed by signing in with the email address and password that we used to create the account. However we can’t access our AWS root user account to connect through aws cli.

Therefore, we have to create IAM user account on top of AWS root account.AWS Identity and Access Management (IAM) is a web service that helps us to securely control access to AWS resources.We use IAM to control who is authenticated (signed in) and authorized (has permissions) to use resources.

  • Programmatic access: The IAM user might need to make API calls, for this we have to start using the AWS CLI.. In that case, we have to create an access key (access key ID and a secret access key) for this user.
  • AWS Management Console access: If the user needs to access the AWS Management Console

Now let’s start getting our hands dirty 💻

STEP I : Create IAM user & download key csv file

STEP II : Configure AWS-CLI with IAM user created

Get Access key & Id from downloaded csv file

STEP III : Creating a key pair

A key pair, consisting of a private key and a public key, is a set of security credentials that you use to prove user identity when connecting to an instance. Amazon EC2 stores the public key, and user stores the private key. We use the private key, instead of a password, to securely access your instances.

command :
aws ec2 create-key-pair --key-name <key name>

STEP IV : Create Security Group (SG) & add inbound rule

A security group acts as a virtual firewall for EC2 instances to control incoming and outgoing traffic. Inbound rules control the incoming traffic to instance, and outbound rules control the outgoing traffic from instance. When we launch an instance, we can specify one or more security groups. If we don’t specify a security group, Amazon EC2 uses the default security group. we can add rules to each security group that allow traffic to or from its associated instances. we can modify the rules for a security group at any time. New and modified rules are automatically applied to all instances that are associated with the security group. When Amazon EC2 decides whether to allow traffic to reach an instance, it evaluates all of the rules from all of the security groups that are associated with the instance.

command for SG:
aws ec2 create-security-group --group-name <SG group name> --description <description>command for inbound rule:
aws ec2 authorize-security-group-ingress  --group-name  <sg name> --protocol <protocol name> --port <port name>  --cidr <source>

STEP V : Launching ec2 Instance using created key pair and security group

Walk through video tutorial, you will see how webui and cli are interconnected.

command:
aws ec2 run-instances --image-id    <image id> --instance-type    <type of instance> --count <count of instance> --subnet-id <id of the subnet> --security-group-ids <security group ids> --key-name <name of the key>

Now Let’s see how to create EBS volume of 1 GB using aws-cli command and how to attach it to our launched instance.

Amazon Elastic Block Store (EBS) is an easy to use, high performance block storage service designed for use with Amazon Elastic Compute Cloud (EC2) for both throughput and transaction intensive workloads at any scale.

AWS supports EBS volume naming of /dev/sd[f-p]. This means that as each EBS volume is attached, it is assign a device name of “/dev/sdf”, then “/dev/sdg”, and so on…

commands:
aws ec2 create-volume --volume-type <volume type> --size <size in gb>  --availability-zone <zone name>aws ec2 attach-volume --volume-id <id of the volume> --instance-id <instance id> --device <device name>

CONCLUSION :

AWS CLI gives you the ability to automate the entire process of controlling and managing AWS services through scripts. These scripts make it easy for users to fully automate cloud infrastructure.

I hope this article will help you to understand about AWS-CLI. Happy Learning 😃

AWS
Aws Ec2
Aws Cli
Ebs Volume
Aws Api Gateway

--

--

Tamim Dalwai
Tamim Dalwai

Written by Tamim Dalwai

10 Followers
12 Following

Computer Engineer

No responses yet

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams