Connecting AWS account with CLI: Creation of new instance, Keypair, security-group(firewall rule) and attaching EBS volume

How to connect the AWS CLI to AWS account:

Step 1: For connecting the AWS to the AWS CLI we need to first install the aws cli: For Windows: https://awscli.amazonaws.com/AWSCLIV2.msi

Step 2: Now Create an IAM user in the aws account, to do so: Goto aws console -> Click IAM -> click on users -> on upper left corner click on add user -> Give a IAM username -> In access-type, check programmatic access which is needed, AWS management console access is optional -> Now next it will ask to set permission for the user, Select Attach existing policy directly option and below search for PowerUserAccess -> Click next tag -> Add tags page appears, it is optional -> click on review-> Create User.

Step 3: After successfully creation of IAM user it will show you the Access key ID and Security Access ID which is required to attach the aws cli with aws account. Download the csv file.

Step 4: Open Command prompt, after successfully installation og aws cli, check it on cmd using command: aws --version, it will show you the version, and to configure use command: aws configure, it will prompt you to enter access key, security key, and enter region name e.g For mumbai : ap-south-1 is the region, Keep the output format default which is JSON format, click enter tab and here the connection is completed..!

Now lets quickly perform the following below listed task command step by step to get started with AWS CLI:

Task Description:

?? Create a key pair 

?? Create a security group 

?? Launch an instance using the above created key pair and security group.

?? Create an EBS volume of 1 GB.

?? The final step is to attach the above created EBS volume to the instance you created in the previous steps.

Creation of Key-pair:

A key pair, consisting of a private key and a public key, is a set of security credentials that you use to prove your identity when connecting to an instance. Amazon EC2 stores the public key, and you store the private key. You use the private key, instead of a password, to securely access your instances. while creating a keypair use below command and at the place of key name provide a unique keyname

Command: aws ec2 create-key-pair --key-name accesskey

Following output you can see on your command line interface.

Creation of Security-group:

Security groups consist of firewall rules which we create to protect our instance from unknown networks, Following is the command to create Security group, where we provide a unique group name.

Command: aws ec2 create-security-group --group-name secure1 --description "security group"

Following output you can see on your console.

Now we set the firewall rule, where we allow only known ip's to connect the cloud instance

Commands: aws ec2 authorize-security-group-ingress --group-id sg-0d5fa990a1d18ab8c --protocol tcp --port 22 --cidr _Your public_ip here_/32

In above command after your public ip it is mandatory to add /32 because for individual IPv4 address, you must use the /32 prefix length; for example, 203.0.113.1/32.

Launch an instance using the above created key pair and security group:

Now for launching a new instance, you need to gather following info from your aws web UI account, --image-id, --instance-type, --count, --subnet-id, and for --security-group-ids and --key-name use the above created security group id and keypair name

Command: aws ec2 run-instances --image-id ami-0e306788ff2473ccb --instance-type t2.micro --count 1 --subnet-id subnet-ab0c05c3 --security-group-ids sg-0d5fa990a1d18ab8c --key-name accesskey

Create an EBS volume of 1 GB:

EBS Stands for elastic block storage, provides persistent block level storage volumes for use with Amazon EC2 instances in the AWS Cloud

Command: aws ec2 create-volume --size 1 --availability-zone ap-south-1a --encrypted

The above command will create an encrypted storage volume.

Now we add the snapshot id, which is a point-in-time copy of your Amazon EBS volume and KMS Key which stands for Key Management Service is a managed service that makes it easy for you to create and control customer master keys (CMKs), the encryption keys used to encrypt your data.

Command: aws ec2 create-volume --size 1 --encrypted --snapshot-id snap-0e6a213e0e34fe4bc --kms-key-id 501fdece-dd54-458d-98ed-bc87316dae12 --availability-zone ap-south-1a

Following output you can see on your console.

The final step is to attach the above created EBS volume to the instance you created in the previous steps:

To attach the volume to the created instance we need to provide the Instance id and the volume id, id's helps the uniquely identify the instances and volumes

Command: aws ec2 attach-volume --device /dev/sdh --instance-id i-0d77851d6f8e8fd8e --volume-id vol-0a12887c213a0a386

Following output you can see, where it shows you the details about the attach time, device, instance id you prompted to attach and the volume id.

Thank-You..!