Working with CLI on AWS

I am going to tell you how can you access AWS(Amazon Web Services) using CLI(Command Line Interface)

I have used basic Power Shell and JQ(JSON parser) for parsing the output of AWS commands.

Power Shell

• It is something like bash scripting shell. I don't know much about this but you can find any good video on you tube to learn basics like creating and storing values in variables.
• It is mostly used in windows.

JQ

• AWS commands gives output in JSON format.
• So i have used JQ for parsing the output
• You will understand better when i will talk about commands below,

Task Description

🔅 Create a key pair 

🔅 Create a security group 

🔅 Launch an instance using the above created key pair and security group.

🔅 Create an EBS volume of 1 GB.

🔅 The final step is to attach the above created EBS volume to the instance you created in the previous steps.

Before this you have to download and install AWS CLI client program and create a IAM(Identity Access Management) user in your AWS account. This IAM user provides Access and Secret key using which you have to login inside the AWS form CLI

This is quite simple you can do easily.

Now lets start with explanation

• Following are the shell variables i have created for various purposes

$key_name = "vish_cli_key"
$sg_name = "vish_cli_SG"
$image_id = "ami-0e306788ff2473ccb"
$instance_type = "t2.micro"
$instance_count = 1
$subnet_id = "subnet-e3fdc78b"
$az = "ap-south-1a"
$volume_size = 1

                   
$volume_type = "gp2"

1. Following command is for creating key

aws ec2 create-key-pair --key-name "$key_name" --query 'KeyMaterial' --output text | out-file -encoding ascii -filepath "$key_name.pem"

• Here aws is the main command.
• ec2 is the service of aws under which create-key-pair option is for creating key.
• --key-name option is for naming the key
• --query option is for querying the output provided by AWS. KeyMaterial is a key which has key. Till here is AWS command and now to encode this key i have used JQ and for passing output of one command to other you have to use | this symbol
• I encoded this key and store with same name by .pem extension
• See the result

2. Following command is for creating Security Group and Inbound rule for this SG

$vish_sg_id = aws ec2 create-security-group --group-name "$sg_name" --description "Security group allowing SSH" |  jq ".GroupId"

• I have used create-security-group option for creating SG.
• --group-name option is for naming the SG for which i have used pre-created shell variable "sg_name" and for telling shell that it is variable you have to put $ before the variable
• --description is for telling what purpose you are creating this SG.
• I used JQ for fetching SG id and stored it in a variable

aws ec2 authorize-security-group-ingress --group-id "$vish_sg_id" --protocol tcp --port 22 --cidr 0.0.0.0/0

• This another command for setting inbound rule for the same SG
• authorize-security-group-ingress is a option for telling you want to set ingress rule
• --group-id is for telling the SG in which you want to set rule
• --protocol is used for telling which program you want to allow
• I have allowed ssh which works on port no. 22
• See the SG is created

3 Following command is for launching the Instance

$instance_id = aws ec2 run-instances --image-id "$image_id" --instance-type "$instance_type" --count "$instance_count"  --subnet-id "$subnet_id" --security-group-ids "$sg_id" --key-name "$key_name" | jq ".Instances[0].InstanceId"

• run-instances is telling we want to launch instance. But you have to tell all the necessary things for this.
• --image-id is for what AMI you want to use
• --instance-type is for telling the hardware type
• --count is for how many instances you want to launch
• --subnet-id is for in which region you want to launch instance
• --security-group-ids is for telling what SG you want to use
• --key-name is for attaching the key with the instance
• and in last I have used JQ for retrieving instance id stored it in a variable

4. This command is for launching EBS(Elastic Block Storage) volume and attaching with the instance

$volume_id = aws ec2 create-volume --availability-zone "$az" --size "$volume_size" --volume-type "$volume_type" | jq ".VolumeId"

• create-volume is for telling we want to launch volume under ec2 service
• --availability-zone is for telling the region and you have to create volume in that region where your instance is there
• --size is for telling the size of volume
• --volume-type is for what type of volume you want to create
• Again in last i have used JQ for retrieving volume id and stored it in a variable

aws ec2 attach-volume --volume-id "$volume_id" --instance-id "$instance_id" --device /dev/xvdh

• Above command is for attaching volume in the instance like we put PD(Pen Drive) in our laptops and PCs
• For this you have to tell --volume-id, --instance-id(the instance in which you want to put)
• And --device name
• See the output

See what command I have run on the power shell

Thank you hope you guys will like it.