Getting started with Amazon Web Services using the CLI

Start of 2021, Happy New Year y’all. The article covers the introduction to AWS. The article is a hands-on practical on AWS basics. AWS could be operated either using WebUI or the CLI. We will be performing all the tasks using the CLI. Working with CLI gives the developer much more flexibility to use the Amazon Web Services. AWS CLI gives you the ability to automate the entire process of controlling and managing AWS services through scripts.

The article covers the following topics:

  • Installing the AWS CLI on Linux
  • Configuring the AWS CLI
  • Using the Command Line Help for aws-cli
  • Creating a Key-Pair
  • Creating a Security-Group
  • Creating an EC2 instance with Amazon Linux 2 AMI
  • Create an EBS volume and attach it to the Instance

Installing AWS on a Linux Machine

To install the latest version of aws-cli version 2, we need to download the package in the zip format, this could be done by using the curl command.

$ curl "https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip" -o "awscliv2.zip" 

Next, unzip the downloaded zip file and install the package using the following command.

$ unzip awscliv2.zip
$ sudo ./aws/install
You can now run: /usr/local/bin/aws --version

Checking the version of the aws-cli

$ aws --version
aws-cli/2.1.15 Python/3.7.3 Linux/4.18.0-80.el8.x86_64 exe/x86_64.rhel.8 prompt/off

Configuring the AWS-CLI

Once we are done with installing the CLI for Amazon Web Services. We have to configure the command line. For performing any operations, we need to login into our AWS account. We need to provide the AWS Access Key ID, AWS Secret Access Key for authentication. Also, we need to set the Default region we want to work in as well as the default output format. These are given by the Default region name and Default output format parameters.

$ aws configure
AWS Access Key ID [None]: AKIAIOSFODNN7EXAMPLE
AWS Secret Access Key [None]: wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY
Default region name [None]: ap-south-1
Default output format [None]: json

Creating a Key-Pair

Once we have an instance, in order to login inside the instance we need a key. For this, we have to create a Key in AWS which will be used to authenticate inside the instance which we will be creating in a while. create-key-pair could be found in the ec2 module. The following commands create a Key-Pair named my_key_pair and query the KeyMaterial to a file named my-key-pair.pem .

$ aws ec2 create-key-pair --key-name my-key-pair --query "KeyMaterial" --output text > my-key-pair.pem

Using the Command Line Help for aws-cli

The secret to master any tool is the documentation. The aws help command will be very useful for getting familiar with the CLI.

$ aws help$ aws <command> help$ aws <command> <subcommand> help

Suppose we have to create an S3 bucket, collect the possible prerequisites like Service Name → Create S3 Bucket command → arguments required for creating the bucket. For example,

$ aws help
finding the service name
$ aws s3api help
finding the command
$ aws s3api create-bucket help
finding the sub-command and options

Also, the examples at the end of the help would also be quite useful while working with the Command Line Interface. So the complete command to create a basic S3 bucket looks like this,

$ aws s3api create-bucket \
--my-bucket <<bucket_name>> \
--region <<region_name>>

Creating a Security-Group

The security groups are the firewalls for the instances on the AWS cloud. Just like a normal firewall, the Security-Groups have inbound and outbound rules. The following command creates a Security-Group that we will be attaching to the created we will be creating.

$ aws ec2 create-security-group — group-name MySecurityGroup — description “My security group created using CLI”

Creating an EC2 Instance

We will be creating an EC2 instance with

  • AMI —Amazon Linux 2 AMI
  • Instance Type — t2.micro as it's the only instance available in the free tier
  • Security-Group — MySecurityGroup
  • Key-Pair — my-key-pair

Most of the basic requirements have been gathered by us. Note that we have to insert IDs in arguments. The IDs could be collected one time from the WebUI. In order to launch an instance, we also need to define the subnet we want to launch our instance. Note that unlike the Region, every account has a different subnet-ids, each for each DataCentre. A subnet is an allocated space in the DataCentre of your region. Every DataCentre has a subnet allocated to you.

The following commands create the above described EC-2 instance

$ aws ec2 run-instances \
--image-id ami-08f63db601b82ff5f \
--instance-type t2.micro \
--subnet-id subnet-d20d04ba \
--security-group-ids sg-0c40d4a1ac8fh9 \
--keyname my-key-pair

Create an EBS volume and attach it to the Instance

When an instance is launched, the image that is used to boot the instance is copied to the root volume. The root volume is ephemeral type volume, this means that, once the instance is terminated, the root volume is gone forever. Thus the common practices are creating an EBS of the desired volume and attaching the volume to the instance. The attached EBS works kinda like an External storage device on your Computer but for the AWS Instance.

The basic arguments required for creating an EBS volume is the size of the volume and the Availability Zone you want it to get from. We can also define the volume type. To know more about the volume types, visit https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-volume-types.html. The following command creates an EBS volume of volume-type gp2 and size 2 Gib in the Mumbai-1a subnet.

$ aws ec2 create-volume \
--volume-type gp2 \
--size 2 \
--availability-zone ap-south-1a

Attaching the EBS volume to the Instance

Once, the volume is created, we need to attach the volume to the required instance. To attach the instance the basic required parameters are device_name, Instance-id, and the Volume-id. The following command is used to attach the volume to the Instance.

$ aws ec2 attach-volumne \
--device /dev/sdv \
--instance-id i-0da2a50c255704371 \
--volume-id vol-0cd692c65f8200d79

This concludes the article, the purpose of the article was to guide the developers and engineers to use the AWS cloud using the Command-Line as automation could not be possible using the WebUI.

Final Year Student, understanding the industrial approach and tools