Actually, I lied a little bit, the first part of this tutorial does start by using the AWS Web Console, but that's only because I can't find any other way to set it up via the CLI. If you know how to do this, drop me a line. Anyway, let's get started...
1) The first step is to get an Amazon account. If you've ever bought something through Amazon you'll have one of these so I'm not going to tell you how to do this!
2) From there, we need to set up the accounts and keys that will allow us to securely connect, create and manage our instances. Goto: https://console.aws.amazon.com/iam/home?#users
3) Now, click on the 'Create New Users' icon;
4) Then, create a new user by typing in the name you want to call it, in this case 'testuser';
5) At this point, you should see a screen which shows the Access Key ID and Secret Access Key for that user. These are extremely important and should be kept safe!
6) The next stage is to download these keys in a file and again, put somewhere safe as anyone who has these can work with your EC2 instances. Click the 'Download Credentials' button as shown below;
7) Now, we're at the stage where we have to do one more task in the console (to attach the policies we need to the user) and then we'll dive into the CLI. First, click on the link below;
https://console.aws.amazon.com/iam/home?region=us-east-1#users
8) Then click on the user we've just created and then click on the 'Attach Policy' button;
10) You should then choose the following policies; 'AmazonEC2FullAccess' and 'AdministratorAccess' and then save it.
11) Finally, we are free of the GUI! Everything else from now on comes from the Command Line...
12) So, we're now at the stage we can actually download and install the AWS CLI for Linux and as you're probably using a recent distro, you should already Python 2.6.5 or greater installed and if so, you can simply type;
sudo pip install awscli
13) This will perform everything you need for you to start using the CLI. From here you can run the following to configure the CLI;
aws configure
14) Now, at this stage you will be asked to put in the keys you downloaded earlier and also choose a default region for where your EC2 instances will live and also what the default output for CLI commands will be;
AWS
Access Key ID [None]:
AWS
Secret Access Key [None]:
Default
region name [None]:Default
output format [None]:
The options for default region are shown below;
Code
|
Name
|
---|---|
ap-northeast-1 |
Asia Pacific (Tokyo) |
ap-southeast-1 |
Asia Pacific (Singapore) |
ap-southeast-2 |
Asia Pacific (Sydney) |
eu-central-1 |
EU (Frankfurt) |
eu-west-1 |
EU (Ireland) |
sa-east-1 |
South America (Sao Paulo) |
us-east-1 |
US East (N. Virginia) |
us-west-1 |
US West (N. California) |
us-west-2 |
US West (Oregon) |
Please remember, that although any instance is available to you, the costs for spinning up an instance on each region varies, so please investigate what is more cost effective for you.
15) Now, we're ready to go. To start off with, lets get a current list of current regions;
aws ec2 describe-regions
{
"Regions": [
{
"Endpoint": "ec2.eu-central-1.amazonaws.com",
"RegionName": "eu-central-1"
},
{
"Endpoint": "ec2.sa-east-1.amazonaws.com",
"RegionName": "sa-east-1"
},
{
"Endpoint": "ec2.ap-northeast-1.amazonaws.com",
"RegionName": "ap-northeast-1"
},
{
"Endpoint": "ec2.eu-west-1.amazonaws.com",
"RegionName": "eu-west-1"
},
{
"Endpoint": "ec2.us-east-1.amazonaws.com",
"RegionName": "us-east-1"
},
{
"Endpoint": "ec2.us-west-1.amazonaws.com",
"RegionName": "us-west-1"
},
{
"Endpoint": "ec2.us-west-2.amazonaws.com",
"RegionName": "us-west-2"
},
{
"Endpoint": "ec2.ap-southeast-2.amazonaws.com",
"RegionName": "ap-southeast-2"
},
{
"Endpoint": "ec2.ap-southeast-1.amazonaws.com",
"RegionName": "ap-southeast-1"
}
]
}
The 'strange' format it returns the data in, is JSON and this is default format. You could also have it output as a table or plain text.
16) Now use IAM to add the 'testuser' we created before to a new group called 'testgroup';
16) Now use IAM to add the 'testuser' we created before to a new group called 'testgroup';
aws
iam create-group --group-name testgroup
{
"Group":
{
"Path":
"/",
"CreateDate":
"2015-03-07T22:27:12.110Z",
"GroupId":
"AHPFJRXB4EOJSAGORC3C2",
"Arn":
"arn:aws:iam::267176759287:group/testgroup",
"GroupName":
"testgroup"
}
}
aws
iam add-user-to-group --group-name testgroup --user-name testuser
No comments:
Post a Comment