AWS Command Line Interface
* Terminate Instance from Terminal
1178578-C02NW6G1G3QD:AWS_SSH changsoopark$ ssh ec2-user@IP Address -i EC2KeyPair.pem.txt
The authenticity of host 'IP address (IP address)' can't be established.
ECDSA key fingerprint is SHA256:..........
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '54.175.217.183' (ECDSA) to the list of known hosts.
__| __|_ )
_| ( / Amazon Linux AMI
___|\___|___|
https://aws.amazon.com/amazon-linux-ami/2017.09-release-notes/
No packages needed for security; 1 packages available
Run "sudo yum update" to apply all updates.
[ec2-user@ip-172-31-89-170 ~]$ sudo su
[root@ip-172-31-89-170 ec2-user]# aws s3 ls
Unable to locate credentials. You can configure credentials by running "aws configure".
==> can't access to s3.
[root@ip-172-31-89-170 ec2-user]# aws configure
AWS Access Key ID [None]:
==> Open CSV file you downloaded and enter AWS Access Key ID and AWS Secret.
==> Enter region name
==> type aws s3 ls ==> will display list
==> aws s3 help ==> display all commands
cd ~ -> home directory
ls
cd .aws
ls
nano credentials ==> Access_key_id , secret_access_key
aws ec2 describe-instances ==> display all instances in JSON format
copy instance id of running instance
aws ec2 terminate-instances --instance-ids 'instance id'
==> terminated
When access_key_id and secret_access_key is accidently open to public -> Resolution is Delete the user and re-create it
* Using Role instead of Access Key
------ Identity Access Management Roles Lab -------
- IAM - Create a Role with S3 full access policy
*** All Roles are for Global (*******) - No need to select Region
- Create EC2 Instance : Assign above role to this instance
==> You can replace Role of existing instance
: Actions - Instance Settings - Attach/Replace IAM role
now was s3 ls works
[root@ip-172-31-81-181 ec2-user]# aws s3 ls
[root@ip-172-31-81-181 ec2-user]#
CLI Commands - Developer Associate Exam
[ec2-user@ip-172-31-81-181 ~]$ sudo su
[root@ip-172-31-81-181 ec2-user]# aws s3 ls
[root@ip-172-31-81-181 ec2-user]# cd ~
[root@ip-172-31-81-181 ~]# ls
[root@ip-172-31-81-181 ~]# cd .aws
bash: cd: .aws: No such file or directory
[root@ip-172-31-81-181 ~]# aws configure
AWS Access Key ID [None]:
AWS Secret Access Key [None]:
Default region name [None]: us-east-1
Default output format [None]:
[root@ip-172-31-81-181 ~]# cd .aws
[root@ip-172-31-81-181 .aws]# ls
config
[root@ip-172-31-81-181 .aws]# cat config
[default]
region = us-east-1
[root@ip-172-31-81-181 .aws]#
[root@ip-172-31-81-181 .aws]# aws ec2 terminate-instances --instance-ids i-0575b748b9ec9e3fa
{
"TerminatingInstances": [
{
"InstanceId": "i-0575b748b9ec9e3fa",
"CurrentState": {
"Code": 32,
"Name": "shutting-down"
},
"PreviousState": {
"Code": 16,
"Name": "running"
}
}
]
}
[root@ip-172-31-81-181 .aws]#
Broadcast message from root@ip-172-31-81-181
(unknown) at 0:02 ...
The system is going down for power off NOW!
Connection to 52.70.118.204 closed by remote host.
Connection to 52.70.118.204 closed.
1178578-C02NW6G1G3QD:AWS_SSH changsoopark$
==> Shutting down the instance in AWS console
============ CLI Commands For The Developer Exam
IAM - Create a Role - MyEC2Role - administrator access
Launch new instance - assign the role
ssh ec2-user.......
sudo su
aws configure (enter region only)
docs.aws.amazon.com/cli/latest/reference/ec2/index.html
(*****)
aws ec2 describe-instances
aws ec2 describe-images - enter image id
aws ec2 run-instances
was ec2 start-instances
(*****)
Do not confuse START-INSTANCES with RUN-INSTANCES
START-INSTANCES - START AND STOP INSTANCE
RUN-INSTANCES - CREATE A NEW INSTANCE
========================
-----S3 CLI & REGIONS
Launch new instance
Create S3 buckets (3 buckets)
Upload a file to one of above bucket
go to another bucket and upload other file.
go to another bucket and upload other file.
IAM - Create a new Role (S3 full access)
EC2 - public IP address
terminal
ssh ec2-user@....
sudo su
aws s3 ls - will not work
attach the role to the EC2 instance
attach/replace IAM role (WEB)
go back to terminal
aws s3 ls -> will display
aws s3 cp --recursive s3://bucket1_name /home/bucket2_name
ls
copy file to bucket