Preparation for the AWS Developer Associate Certified certification.
- cd into local folder containing key pair (e.g. EC2Tutorial.pem)
chmod 0400 EC2Tutorial.pem
ssh -i EC2Tutorial.pem ec2-user@<Public IPv4 address of your instance>
- check version of AWS
aws --version
- check list of users (need to assign IAM role first)
aws iam list-users
-
Sometimes, we’d just like to make sure we have the permissions...
-
But not actually run the commands!
-
Some AWS CLI commands (such as EC2) can become expensive if they succeed, say if we wanted to try to create an EC2 Instance
-
Some AWS CLI commands (not all) contain a --dry-run option to simulate API calls
- Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRun-Operation. Otherwise, it is UnauthorizedOperation .
- To dry run in attempting to create a new EC2 Instance:
aws ec2 run-instances help aws ec2 run-instances --dry-run --image-id <AMI ID> --instance-type <instance type>
- When you run API calls and they fail, you can get a long error message.
- This error message can be decoded using the STS command.
aws sts decode-authorization-message --encoded-message <value>
- AWS EC2 Instance Metadata is powerful but one of the least known features to developers
- It allows AWS EC2 instances to ”learn about themselves” without using an IAM Role for that purpose.
- The URL is http://169.254.169.254/latest/meta-data
- You can retrieve the IAM Role name from the metadata, but you CANNOT retrieve the IAM Policy.
- Metadata = Info about the EC2 instance
- Userdata = launch script of the EC2 instance
curl http://169.254.169.254/latest/meta-data/
- Go to AWS directory and view profiles/accounts available
cd ~/.aws ll cat credentials- configure/re-configure my default profile
aws configure- configure a new profile/account
aws configure --profile <name of profile>- to switch to new profile, otherwise, default profile is used
aws <service> <action> --profile <name of the profile>
within the AWS CodeCommit console:
- create a repository
- upload an index.html file
- go to IAM > Users > "IAM User" > Security Credentials > under "HTTPS Git credentials for AWS CodeCommit", generate credentials
- back to AWS CodeCommit, go to your repository and click on "Clone URL" and select "Clone HTTPS"
within your local CLI, do the following:
git clone <copied clone HTTPS URL>
-
to add, commit and push
git add . git commit -m "<your message>" git push