ARTH TASK 3

 

First we need to login and have access to our AWS account.  Now the main pre-requisites for the task are:

AWS CLI should be installed on our os.        

  AWS CLI should be configured on our os.

After installation of AWS CLI we can check its version on command prompt using command 

aws --version

Now for configuring AWS CLI , we need a user account with which we can login using its access keys and do our tasks. As a best practice, we do not use the AWS account root user access keys for any task where it's not required. Instead, we must create a new administrator IAM user with access keys for ourselves.

So here for this task I will create an IAM user named Jack . To create an IAM user :

1.                  Sign in to the AWS Management Console and open the IAM console 

2.                  In the navigation pane, choose Users and then choose Add user.

3.                  Type the user name for the new user. This is the sign-in name for AWS. I am keeping the username as Jack.

4.                   We will give programmatic access to this user so that we can use access keys.

5. Here we will not add this user to any group as we do not have much tasks to do. Then we will attach the existing policy PowerUserAccess to the user for our usecase.

6. We can give any tag to the user, here I have given the tag Developer.

7. I have not set any permission boundaries. Here we can see the review of the user below:


8. The user is successfully created and now we should download the .csv file that contains our access id and secret key . We should store this key secretly.


Now we will configure the AWS CLI using command on Windows cmd prompt or Git bash terminal

aws configure

After pressing enter terminal will prompt for access id, secret key , default region , output format. We will copy paste our access id and secret key from the .csv file which we downloaded after creating the user.  We can keep the region ans output format default.

Finally configuration done.


 Now proceeding with the main task steps:

Step 1: Create a key pair

 

$ aws ec2 create-key-pair --key-name Mytestkey --output text

 We can check through GUI console that our key-pair is created.

\
STEP 2: Create a security group

 

$ aws ec2 create-security-group --group-name Mytestsg --description "Security Group created by AWS CLI" --output json 


 We will note this Security group id and also the key-pair id in a separate document as it will be needed while creating the instance.

We can check through GUI console that our security group is created .


 Now we will attach the inbound rules to the security group that means we will authorize the security group with inbound rules.

 If there are rules already present in the security group we will update them and if not present then we will create new rules .

 To create a rule which allows all the traffic to reach our instance, the type of protocol, for example TCP or UDP or something else,  custom port no. or port ranges, cidr, etc then we will use command

$ aws ec2 authorize-security-group-ingress --group-id sg-0531377c1d2aa0225 --protocol all --port all --cidr 0.0.0.0/0

Now we can check through the GUI console that the rule is added to the security group.


STEP 3: Launch an instance using the above created key pair and security group

Now we will create the instance using the above created key pair and security group.

To create any ec2 instance using AWS CLI we use command

$aws ec2 run-instances --image-id ami-0bcf5425cdc1d8a85 --count 1 --instance-type t2.micro --key-name Mytestkey --subnet-id subnet-a3e6efcb --security-group-ids sg-0531377c1d2aa0225 --output text


 Here we can see that the instance is running.

Now we will proceed towards next step.

Step 4. Create an EBS volume of 1 GB

Now we will create an EBS volume of 1 GB . It is mandatory to create the ebs volumes in the same availability zone in which the instance is launched. As volume will be available to instances only when they are created in the same availability zone. 

$ aws ec2 create-volume --availability-zone ap-south-1a --size 1 --volume-type gp2 --output json


From the GUI console we can check that our volume is created.


 STEP 5: Attach the above created EBS volume to the instance created in the previous steps

 With the following AWS CLI command we will attach this EBS volume to the instance previously created

 $ aws ec2 attach-volume --device xvdb --instance-id i-031b987e8851a4aa3 --volume-id vol-0d2be6306869f40a0 --output json


  Here we can see that the volume is attaching. To see in detail we can check through GUI console

Now our EBS volume is successfully attached to the EC2 instance and here we can see there are two volumes attached, one is default and the other one is created by AWS CLI.


Finally our task is successfully completed.

Comments

Post a Comment

Popular posts from this blog

ARTH TASK 23 [📌 Automate Kubernetes Cluster Using Ansible 🔅 Launch ec2-instances on AWS Cloud eg. for master and slave. 🔅 Create roles that will configure master node and slave node seperately. 🔅 Launch a wordpress and mysql database connected to it in the respectine slaves. 🔅 Expose the wordpress pod and client able hit the wordpress ip with its respective port. ]

Image
  Installing Python3:   $ yum install python3 -y Installing the boto3 library:  $ pip3 install boto Creating a inventory directory: $ mkdir -p /opt/ansible/inventory $ cd /opt/ansible/inventory Creating a file aws_ec2.yaml in the inventory directory with the following configuration: plugin: aws_ec2 aws_access_key: <YOUR-AWS-ACCESS-KEY-HERE> aws_secret_key: <YOUR-AWS-SECRET-KEY-HERE> keyed_groups: - key: tags prefix: tag Open /etc/ansible/ansible.cfg and find the [inventory] section and add the following line to enable the ec2 plugin: [inventory] enable_plugins = aws_ec2 Now let’s test the dynamic inventory configuration by listing the EC2 instances: $ ansible-inventory -i /opt/ansible/inventory/aws_ec2.yaml --list The above command returns the list of EC2 instances with all its parameters in JSON format. Now, check if Ansible is able to ping all the machines returned by the dynamic inventory:  ansible all -m ping Dynamic inventory setup done. Launch...
Read more

Arth Task6 "Create High Availability Architecture with AWS CLI" #awscloud #awscli #aws #vimaldaga #righteducation #educationredefine #rightmentor #worldrecordholder #linuxworld #makingindiafutureready #righeudcation #awsbylw #arthbylw

Image
 (1)    Launching and connecting to an EC2 instance :- 2. Installing the web server program :- 3. Connecting EBS volume with the ec2 instance :-  Now to check if you volume is connected or not we use fdisk -l  command  Formating and mouting EBS volume 4. Creating a s3 voulme and uploading data:- 5. Creating a Cloudfront:- 6. updating the html file and starting the services
Read more

RH294 real used cases workshop #RedHat #vimaldaga #righteducation #educationredefine #rightmentor #linuxworld #makingindiafutureready #righeducation #arthbylw #ansiblebylw #ansible #expertsession #sreejith #arun #practicalimplementation #rh294

I found your session very fascinating and insightful and I have definitely received some tools that I will implement both when on the receiving and giving end of feedback.   I've mentioned my learning the below following points Ansible and Ansible Tower, Automation Provisioning of Cloud (as VPC and Instances in Aws ) in seconds Automatic Provision of local cloud platforms Virtual Environment creation in Python Auotmatic CI/CD Credential Management in Ansible Tower                                                                                                                      I just wanted to reach out and say a big thank you to Vimal sir and pretti mam for this whole session. I found them...
Read more