The Smart and customized way to work on aws,aws-cli..

Task3,ARTH-The School Of Technologies...to implement some basic services of aws using Command line interface.

Task Description..

• Create a key pair. 
• Create a security group 
• Launch an instance using the above created key pair and security group.
• Create an EBS volume of 1 GB.
• The final step is to attach the above created EBS volume to the instance you created in the previous steps.

Note: All the above steps must be performed using AWS CLI..

Three ways to work...on AWS

• Aws Management Console: AWS Management Console is a web application for managing Amazon Web Services. AWS Management Console consists of list of various services to choose from. It also provides all information related to our account like billing. In simple terms it is a Graphical portal where we can work manually.
• Aws Command Line Interface(cli): The AWS Command Line Interface (CLI) is a unified tool to manage your AWS services. With just one tool to download and configure, you can control multiple AWS services from the command line and automate them through scripts. Being a technical guy one should love to work on cli because we can create our customized commands to make our work better and achieve more simultaneously.
• SDK : SDK stands for software development kit or devkit for short. It’s a set of software tools and programs used by developers to create applications for specific platforms. SDK tools will include a range of things, including libraries, documentation, code samples, processes, and guides that developers can use and integrate into their own apps. The AWS SDK (software development kit) for browser-based development allows developers to access AWS.

In our task we are going to use the *aws-cli* approach to complete the task.

Prerequisites..

• Aws Account
• aws-cli (software installed)

Aws cli setup..check out this link.

We can check the installation by the version command..

Now, let's start our task....to do the task firstly we have to authenticate to aws with the user credentials. If you notice , we use some username and password when we use graphical console. Similarly, we have to use the programmatic access way to authenticate from cli.

Programmatic access: It allows you to invoke actions on your AWS resources either through an application that you write or through a third-party tool. You use an access key ID and a secret access key to sign your requests for authorization to AWS. It is provided by IAM while creating a new user.

Getting required credentials ...by creating new IAM user..

Firstly ,Open the IAM portal from aws console...

Next, we have to attach policies, which are like the permissions we would like to give to our user. Here I'm giving power user access policy.

Power users are ones who have full access to AWS services but management of IAM users ,groups is not allowed to them.

In the above file.. we have the required access key and secret key .

*Authenticate to aws ..*

command : aws configure

Whenever we work using cli , we no need to remember the commands ...we can use help option with every command or subcommand to make our things comfortably.

• aws (command) help

• aws <sub command> help

Create a key pair..

Aws key pair: A key pair, consisting of a private key and a public key, is a set of security credentials that you use to prove your identity when connecting to an instance. Amazon EC2 stores the public key, and you store the private key. You use the private key, instead of a password, to securely access your instances.

We can create the keypair using cli ...and store it in a file to use it further for connecting to EC2 instances.

command:

aws ec2 create-key-pair --key-name awsclikey --query 'KeyMaterial' --output text | out-file -encoding ascii -filepath awsclikey.pem

But in the above command we use the option out-file while converting the key-pair into proper format that supported by most ssh clients, which can't be supported in the cmd terminal...for this we use our powershell of windows to execute as shown below.

Create a Security Group..

Aws Security Group : A security group acts as a virtual firewall for your instance to control inbound and outbound traffic. When you launch an instance in a VPC, you can assign up to five security groups to the instance. Security groups act at the instance level, not the subnet level. Therefore, each instance in a subnet in your VPC can be assigned to a different set of security groups.

Here, is the command to create a simple security group..

 aws ec2 create-security-group --group-name awsclisg --description "My security groupfrom aws cli"

In the above command, we used two options which are for name of the security and for describing the purpose of the grp...we can use few more options like vpc-id etc...to make the command some more customised..you can find those using the help option.

Now, we created the security group successfully but it is like a empty firewall that doesn't know what to allow and what to restrict(traffic).For this we need to create a security group rule for respective inbound and outbound traffic.

Create a Security Group rule..

Security Group rule: Security group rules enable you to filter traffic based on protocols and port numbers..

Now let's create a rule with the ingress to allow the SSH on port 22 ..so that we can do ssh to our instance created later.

Command:
   
aws ec2 authorize-security-group-ingress  --group-name awsclisg  --protocol tcp  --port 22  --cidr 0.0.0.0/0

Create an ebs volume..

We first going to create the ebs volume because the subnet where we create the volume there itself we can use the ebs volume ...as ebs is an zonal service as we learnt.

Command :

  aws ec2 create-volume  --volume-type gp2  --size 80  --availability-zone ap-south-1a

Now let's launch an ec2 instance with the above created key pair and security group..first.

Launch an ec2 instance..

For creating the instance i used the security group id and keypair that are created above also i used the subnet id where i created the ebs volume and launched my instance by using the following command.

aws ec2 run-instances --image-id ami-0e306788ff2473ccb --instance-type t2.micro --count 1 --subnet-id subnet-510b3139 --security-group-ids sg-06e1a23b1ddffcb66 --key-name awsclikey

Attach Ebs volume..

Now, we are into our final task ...where we are going to attch the ebs volume created to our instance launched using the cli...we can achieve the same using the following command.

aws ec2 attach-volume --instance-id i-013e2718c38e052bf --volume-id vol-0d38540581626f810 --device /dev/xvdh

To get the respective instance or volume details you can use the describe command.

Finally after running the attach command...

You can see that our 1gb volume is in use..

Now,let's connect to our instance and check everything..!!

We can use our cli to connect directly to the instance using ssh command with the help of the public ip and keypair created above.. Let's login ..!

We can also destroy the things from cli ...as follows.

Detach and delete the volume..

Terminate the instance..

Similarly, you can follow the same approach to delete the security groups and keypairs created..

And Finally ,That's all for the task..

This task completed under the mentorship of Mr.Vimal Daga from ARTH-The School Of Technologies..

Thanks for reading...hope you like it.

Signing off..????????????