In the previous blog, we learned about load balancers and different kinds of ELB provided by AWS. In this blog let's learn about IAM Programmatic access and AWS CLI.
IAM Programmatic access
IAM programmatic access refers to enabling access to AWS services and resources through APIs and command-line tools using access keys.
When you enable programmatic access for an IAM user, you generate access keys (access key ID and secret access key) that can be used to authenticate and authorize API requests.
Here's how you can enable IAM programmatic access and obtain access keys:
Open the IAM console: Sign in to the AWS Management Console, open the IAM service, and navigate to the "Users" section.
Create a new IAM user or select an existing user: Click on "Add user" or choose an existing user from the list.
Set the access type: In the "Set permissions" step, select the desired permissions for the user. You can choose to assign policies directly or add the user to IAM groups with preconfigured policies.
Configure the user details: Provide a user name and select the "Programmatic access" checkbox to enable programmatic access for the user.
Set permissions boundaries and tags (optional): You can set additional permissions boundaries or add tags to the user if required.
Review and create the user: Review the user details and click on "Create user" to create the IAM user.
Access key creation: After creating the user, you will be presented with the option to download the access keys. Click on "Download .csv" to obtain a CSV file containing the access key ID and secret access key. Make sure to securely store this file, as the secret access key will not be accessible again.
AWS CLI
The AWS Command Line Interface (AWS CLI) is a unified tool to manage your AWS services. With just one tool to download and configure, you can control multiple AWS services from the command line and automate them through scripts.
Here's the link to the documentation of the latest version of AWS CLI.
To use the AWS CLI:
You need to have it installed on your local machine.
Once the AWS CLI is installed, you need to configure it with your AWS credentials.
The configuration will be stored in a file named
~/.aws/credentialson Linux and macOS or%USERPROFILE%\.aws\credentialson Windows.
Some common AWS CLI commands used are aws s3 <cmd>, aws ec2 <cmd>, aws rds <cmd>, and aws iam <cmd>.
Here's the link to AWS CLI Command Reference.
Tasks
Task 1: Create AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY from AWS Console.
On the right top corner, Click on your profile name > Select Security Credentials.
Scroll down to Access Keys > Select Create Access Key.
Click on I understand checkbox > Create Access Key.
Make sure you download the access key file and store it securely with you.
Task 2: Set up and install AWS CLI and configure your account credentials.
Here is the official documentation for installing AWS CLI in different OS.
Install AWS CLI in your Linux machine using the following steps:
sudo apt-get update
sudo apt install unzip
curl "https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip" -o "awscliv2.zip"
unzip awscliv2.zip
unzip awscliv2.zip
sudo ./aws/install
To check the version & installation, try running the commands:
aws --version
Configure your account credentials by using:
aws configure
Pass the Access Key ID, Secret Access Key, Region Name, and default output format you need through the terminal.
Don't worry, by the time you read this blog I would have deleted these access keys, so I am safe.
Let's check if the AWS CLI is working or not. To check the S3 bucket details:
aws s3 ls
To list all EC2 instances:
aws ec2 describe-instances
Like this, we can use more of AWS CLI.
In this blog, I have discussed IAM Programmatic Access and AWS CLI. If you have any questions or would like to share your experiences, please leave a comment below. Don't forget to read my blogs and connect with me on LinkedIn and let's have a conversation.
To help me improve my blog and correct my mistakes, I am available on LinkedIn as Sneha K S. Do reach me and I am open to suggestions and corrections.
#Day42 #90daysofdevops