Arth Task 3: AWS CLI

Task description:

1. Create a key pair.

2. Create a security group.

3. Launch an instance using the above created key pair and security group.

4. Create an EBS volume of 1 GB.

5. The final step is to attach the above created EBS volume to the instance you created in the previous steps number 4.

PREREQUISITES:

AWS ACCOUNT

AWS IAM USER WITH PROGRAMMATIC ACCESS TYPE.

AWS CLI COMMAND.

AWS USER CONFIGURED VIA CLI.

AWS COMMAND LINE INTERFACE:

The AWS Command Line Interface (CLI) is a unified tool to manage your AWS services. With just one tool to download and configure, you can control multiple AWS services from the command line and automate them through scripts.

Above screen shows AWS Cli is successfully installed.

WHY CLI:

AWS CLI gives you the ability to automate the entire process of controlling and managing AWS services through scripts. These scripts make it easy for users to fully automate cloud infrastructure. Prior to AWS CLI, users needed a dedicated CLI tool for just the EC2 service.

FIND COMMANDS :

aws help

aws [command] help

aws [command] [subcommand] help

1. Create a key pair:

You can use the AWS Command Line Interface (AWS CLI) to create, display, and delete your key pairs for Amazon Elastic Compute Cloud (Amazon EC2). You use key pairs to connect to an Amazon EC2 instance.

You must provide the key pair to Amazon EC2 when you create the instance, and then use that key pair to authenticate when you connect to the instance.

syntax:

aws ec2 create-key-pair --key-name <keyname>

/* Display key_pair:

  aws ec2 describe-key-pairs --key-name <keyname>

/* Delete key:

 $ aws ec2 delete-key-pair --key-name <keyname>

2. Create a security group : 

A security group acts as a virtual firewall for your instance to control inbound and outbound traffic. When you launch an instance in a VPC, you can assign up to five security groups to the instance. Security groups act at the instance level, not the subnet level. Therefore, each instance in a subnet in your VPC can be assigned to a different set of security groups.

For each security group, you add rules that control the inbound traffic to instances, and a separate set of rules that control the outbound traffic.

syntax: 

aws ec2 create-security-group --description < description >  --group-name <groupname>

        Now we need to add ingress rules so that we can do ssh to the ec2 instance which we are going to launch.

syntax:

aws ec2 authorize-security-group-ingress 

--group-id <group-id> 

--protocol tcp 

--port 22 

--cidr <cidr range>(range of ips allowed to do ssh)[0.0.0.0/0](all)

/* Delete the security group:

aws ec2 delete-security-group --group-id <security group id>

3. Launch an instance using the above created key pair and security group:

syntax:

aws ec2 run-instances  

--image-id  <ami id>     

--instance-type <instance type> 

--count < number of instances to launch with same configurations>  

--security-group-ids <security group id>  

--subnet-id <subnet id> --key-name <key name>

/* Terminate the instance:

aws ec2 terminate-instances --instance-id <instance id>

4. Create an EBS volume of 1 GB:

syntax:

aws ec2 create-volume 

--availability-zone <the zone should be same as the ec2 instance zone>

--size <size of the EBS storage>

--volume-type <type of the volume : depends on the IO speed and other factors>

5. The final step is to attach the above created EBS volume to the instance you created in the previous steps:

syntax: 

aws ec2 attach-volume 

--volume-id <volume id>  

--instance-id  <instance id>             

--device < block device name like : /dev/sd[a-z]> 

/* Detach the volume we have attached:

aws ec2 detach-volume --volume-id <volume id>

/* Delete the volume:

aws ec2 delete-volumes --volume-id <volume id>