# AWS CLI Tutorial

- [AWS Command Line (AWSCLI)](#awscli)
- [AWSCLI tutorial](#awscli-tutorial)
    - [Step 1: Create and AWS IAM user](#cli-step1)
    - [Step 2: Install and configure the AWS CLI](#cli-step2)
    - [Step 2B: Setting up your environmental variables](#cli-step2b)
    - [Step 3: Using the AWS CLI with Amazon S3](#cli-step3)
- [EC2 from the command line](#ec2-cli)
    - [Get the security group id](#security)
    - [Get the AMI id](#ami-id)
    - [Launch spot instance](#launch)
    - [Connect to the spot instance](#connect)
    - [Terminate the spot instance](#terminate)
- [Conclusion](#conclusion)
- [Additional resources](#resources)

## AWS Command Line (AWSCLI)

Wow, great! We have learned to request and access computing power and storage as a service through AWS. Wouldn't it be nice to be able to do this in a quick way from the command line? Yeah! Let's introduce AWSCLI!

AWSCLI is a unified command line interface to Amazon Web Services. It allows us to control most of AWS services from the same command line interface.

>Check: Why is that useful? Why is that powerful? Can you give some examples?
e.g. to be able to programatically turn instances on and off or to create complex architectures or to provision clusters in response to a demand

<a name="awscli-tutorial"></a>
## AWSCLI tutorial
---

Let's go ahead and follow the [tutorial for AWSCLI](https://aws.amazon.com/getting-started/tutorials/backup-to-s3-cli/)


<a id='cli-step1'></a>
### Step 1: Create an AWS IAM user

In order to use the command line we will have to configure a set of access credentials on our laptop. It's very important to create a separate identity with limited permissions instead of using our root account credentials.

**Check:** why is this so important?

![](./assets/images/identitymanager.png)

> **Note:** It's also probably a very good idea to set up 2-Factor Authentication!

> **Note:** When attaching a Policy you can be more restrictive and only give the user permission to use the services you intend him/her to use.


<a id='cli-step2'></a>
### Step 2: Install and configure the AWS CLI

http://docs.aws.amazon.com/cli/latest/userguide/installing.html

Note that one of the method is to simply use `pip` to install the AWSCLI.

> **Note:** If you already have AWSCLI configured and you would like to have multiple roles, you can do that as explained [here](http://docs.aws.amazon.com/cli/latest/userguide/cli-roles.html).

<a id='cli-step2b'></a>
### Step 2.B: Setting up your environmental variables

These environmental variables must be set in order for the AWS client to properly authenticate and thus communicate with your machine.  [This is outlined here.](http://docs.aws.amazon.com/cli/latest/userguide/cli-chap-getting-started.html)

```bash
$ aws configure
AWS Access Key ID [None]: AKIAIOSFODNN7EXAMPLE
AWS Secret Access Key [None]: wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY
Default region name [None]: us-west-2
Default output format [None]: ENTER
```

We should go through where to find these things in our [account settings](https://console.aws.amazon.com/iam/home?#security_credential).

<a id='cli-step3'></a>
### Step 3: Using the AWS CLI with Amazon S3

Now you can go ahead and copy files back and forth from your command line, without ever having to click on the web interface. How cool is that?

Here's a [Cheat Sheet](https://github.com/toddm92/aws/wiki/AWS-CLI-Cheat-Sheet) for the AWSCLI.

<a name="ec2-cli"></a>
## EC2 from the command line
---

Empowered with a well-configured AWSCLI, we can now start and stop EC2 instances from the command line! Let's use it to spin up a spot instance.


In [None]:
%%bash
# MUST RUN `aws configure` in a terminal 1st!
aws ec2 describe-spot-price-history \
    --start-time $(date -u +"%Y%m%dT%H0000") \
    --product "Linux/UNIX" \
    --instance-type "m3.medium" \
    --region us-west-2 \
    --output table

<a id='security'></a>
### Get the security group id

In the previous activity we launched an instance and created a security group that allows SSH access. Let's use the same security group.

(or the region you chose)

This will return a json string. You want to copy the id of the security group that has port 22 open. (if there are running instances)

In [None]:
%%bash
aws ec2 describe-security-groups --region us-west-2

<a id='ami-id'></a>
### Get the AMI id

Get the AMI id of the Ubuntu Linux 14.04 Image. You can find by checking the name in the [launch instance window](https://us-west-2.console.aws.amazon.com/ec2/v2/home?region=us-west-2#LaunchInstanceWizard). 

> At the time of writing it is: `ami-9abea4fb`.

You can check it by typing:

```bash
aws ec2 describe-images --image-ids ami-9abea4fb --region us-west-2
```

<a id='launch'></a>
### Launch spot instance

You're now ready to sumbit the spot instance request:

```bash
aws ec2 request-spot-instances \
    --region us-west-2 \
    --spot-price 0.02 \
    --launch-specification "{
        \"KeyName\": \"MyFirstKey\",
        \"ImageId\": \"<MOST RECENT UBUNTU AMI ID>\",
        \"InstanceType\": \"m3.medium\" ,
        \"SecurityGroupIds\": [\"<YOUR SECURITY GROUP ID>\"]
    }"
```

If working this should return a json description of the instance request.

You can check that the instance request has been opened:

![](./assets/images/instancerequest.png)

or by command line:

```bash
aws ec2 describe-spot-instance-requests --region us-west-2
```

When the request has been accepted, an instance is spawned:

![](./assets/images/spotinstance.png)

Let's retrieve the DNS name:
```bash
aws ec2 describe-instances --region us-west-2 --output json | grep PublicDnsName | head -n 1
```

<a id='connect'></a>
### Connect to the spot instance

```bash
ssh -i ~/.ssh/MyFirstKey.pem ubuntu@<YOUR INSTANCE DNS>
```


<a id='terminate'></a>
### Terminate the spot instance

Let's retrieve the instance id and kill it:

```bash
aws ec2 describe-instances --region us-west-2 --output json | grep InstanceId

aws ec2 terminate-instances --instance-ids i-0aa55cd3363b0f187
```

![](./assets/images/terminatedspot.png)

Et Voilà!
