Open in app

Sign in

Write

Sign in

Working with AWS CLI

Saurav Rana
4 min readOct 17, 2020

Today we are going to see some basic AWS CLI and how to setup and run commands using CLI.

AWS CLI

The AWS Command Line Interface (CLI) is a unified tool to manage your AWS services. With just one tool to download and configure, you can control multiple AWS services from the command line and automate them through scripts.

Setup

First step is to download the CLIV2 from aws and just install it simply.Then we need to make an IAM with proper access.

Here how to create IAM :

  • First go to IAM section then to users section and click “add user”
  • Next give username and programmatic access
  • Now give necessary permissions to the user or create own policy
  • Then you can give tags if you like
  • Now just create and you will get your access key and secret key.Download it and keep it secure and never share

This sets us up for the CLI.Now go to your terminal or command prompt and type

aws configure

Now paste those access key and secret key here so that CLIcan access on your behalf.

Now we are all set.Lets proceed to main part i.e. provisioning infrastructure using CLI

You don’t need to cram any command you can take help from AWS CLI itself using help command.Moreover you can use grep to filter the results.

aws ec2 help | grep security

create-key-pair

Creates a 2048-bit RSA key pair with the specified name. Amazon EC2
stores the public key and displays the private key for you to save to
a file. The private key is returned as an unencrypted PEM encoded
PKCS#1 private key.

aws ec2 create-key-pair --key-name myclikey --tag-specifications ResourceType=key-pair,Tags[{Key=Environment,Value=Dev}]

create-security-group

Creates a security group.

aws ec2 create-security-group --group-name myclisg --description "My test sg using cli"

authorize-security-group-ingress

Adds the specified ingress rules to a security group

Note: To specify multiple rules in a single command use the “ — ip-
permissions” option

Previous command only create empty security group with no ingress rule.By default security group allows all outbound traffic so we don’t need to change that unless you have specific requirements.

aws ec2 authorize-security-group-ingress --group-name myclisg --ip-permissions IpProtocol=tcp,FromPort=22,ToPort=22,IpRanges=[{CidrIp=0.0.0.0/0,Description=”SSH enabled from cli”}] IpProtocol=icmp,FromPort=-1,ToPort=-1,IpRanges=[{CidrIp=0.0.0.0/0,Description=”ICMP enabled from cli”}]

If we need to setup single ingress rule we can also do it this way

aws ec2 authorize-security-group-ingress --group-name myclisg --protocol tcp --port 80 --cidr 0.0.0.0/0

run-instances

Launches the specified number of instances using an AMI for which you
have permissions.

For a non default VPC, you must use security group IDs option instead.Here i have made my security group in default vpc i am using security-groups.

aws ec2 run-instances --image-id ami-0e306788ff2473ccb --key-name myclikey --security-groups myclisg --count 1 --instance-type t2.micro --tag-specifications ResourceType=instance,Tags=[{Key=Name,Value=Mycliec2}]

create-volume

Creates an EBS volume that can be attached to an instance in the same
Availability Zone.

aws ec2 create-volume --availability-zone ap-south-1a --size 1 --volume-type gp2 --tag-specifications ResourceType=volume,Tags=[{Key=Name,Value=Mycli_volume}]

attach-volume

Attaches an EBS volume to a running or stopped instance and exposes it
to the instance with the specified device name.

aws ec2 attach-volume --device /dev/xvdh --instance-id i-062dd872df503daf0 --volume-id vol-00c870fc892bcabf1
Before Attaching
After Attaching

This was some basic tutorial of provisioning infrastructure using AWS CLI.

Thanks for providing your time.

AWS
Aws Cli
Cloud Computing

--

--

Saurav Rana

Written by Saurav Rana

30 Followers

When you want to know how things really work, study them when they’re coming apart.

Help

Status

About

Careers

Blog

Privacy

Terms

Text to speech

Teams