Saikat Mukherjee's blog
IAM Programmatic access and AWS CLI ๐Ÿš€ โ˜

IAM Programmatic access and AWS CLI ๐Ÿš€ โ˜

#90 Days of DevOps Challenge - Day 42

Saikat Mukherjee's photo
Saikat Mukherjee
ยท

4 min read

Table of contents

IAM Programmatic access

  • IAM (Identity and Access Management) programmatic access refers to the ability of an IAM user or role to interact with AWS services and resources programmatically using API calls, command-line tools, or SDKs (Software Development Kits).

  • When granting programmatic access to an IAM entity (user or role), you provide them with access key credentials, which consist of an access key ID and a secret access key.

  • In order to access your AWS account from a terminal or system, you can use AWS Access keys and AWS Secret Access keys.

  • Programmatic access allows IAM users or roles to perform various tasks programmatically, such as creating and managing AWS resources, retrieving information, configuring services, and performing administrative actions.

AWS CLI

  • The AWS CLI (Command Line Interface) is a unified command-line tool provided by AWS for interacting with various AWS services. It allows users to manage and automate AWS resources and services from the command line or scripts

Benefits of AWS CLI

AWS CLI provides loads of benefits, including:

  • It is a unified tool through which you can access all of your cloud services from a single tool. Note that Amazon has over 200 services.

  • The installation and configuration of CLI are very easy. In the upcoming section, we will guide you through the installation and configuration of AWS CLI on different operating systems.

  • You can automate the management of your AWS services through scripts. The provisioning and management of your cloud infrastructure can be automated through shell scripts.

  • AWS CLI saves you a lot of time โ€“ as you can perform multiple steps and complex operations with just a few commands,

Types of AWS CLI

There are two types of CLI tools offered by AWS:

  1. The AWS CLI tool which we cover in this article. You install it locally on your computer, and you can only use it on the systems you have installed and configured it.

  2. AWS CloudShell is a browser-based shell that you can launch directly from your AWS console and run the standard CLI commands. CloudShell is an extension to the AWS CLI and offers many advantages compared to AWS CLI. You do not need to install any tool here; you can access it from anywhere. Note that AWS CloudShell is not available in all AWS regions.

AWS CLI Use Cases

  1. Launching an EC2 instance:

      aws ec2 run-instances 
  --name <INSTANCE_Name> 
  --image-id <AMI_ID> 
  --count <No. of Instance>
  --instance-type <INSTANCE_TYPE> 
  --key-name <KEY_PAIR_NAME> 
  --security-group-ids <SECURITY_GROUP_ID> 
  --subnet-id <SUBNET_ID> 
  --region <REGION>

  2. Adding a tag to your EC2 Instance

      aws ec2 create-tags 
  --resources <Instance-ID>
  --tags Key=Name,Value=MyInstance

  3. List your instances

      aws ec2 describe-instances

  4. Terminate your instance

      aws ec2 terminate-instances --instance-ids <Instance-ID>

Task-01:-

Create AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY from AWS Console.

Step 1:- Firstly we need to login to the AWS console and need to click on user here it is "Saikat" and then Security credentials

Step 2:- Now in the Access keys section need to click on Create Access key

We need to choose Command Line Interface(CLI) as the Access Key and click on next-> create access key

Step 3:- Once we received the Access key and secret key, we need to make sure to download them.csv file .

Task-02:-

Setup and install AWS CLI and configure your account credentials

Step 1:- We need to install AWS CLI on an Ubuntu machine by running the below command

sudo apt-get update
sudo apt-get install awscli -y
aws --version

Step 2:- Then we need to run aws configure in the terminal

AWS Access Key ID [None]: We need to the acess Id which we have download
AWS Secret Access Key [None]: We need to give the password
Default region name [None]: need to give closest region name 
Default output format [None]: json

Step 3:- Now we need to test the CLI by running the below command

# This command should list the contents of your default s3 bucket
aws s3 ls

Devops#devops,#90daysofDevOps

Thank you for reading!! I hope you find this article helpful!!

if any queries or corrections to be done to this blog please let me know.

Happy Learning!!

Saikat Mukherjee

Did you find this article valuable?

Support Saikat Mukherjee's blog by becoming a sponsor. Any amount is appreciated!

DevopsDevops articles
ย