Adventures in scripting AWS

By | 2 May, 2015

Not entirely sure why I’ve started looking into AWS (altho it might be slightly related to work).

So what am I trying to achieve. I want to launch an EC2 virtual machine from my command line on my Mac OS X Yosemite box.

Things I needed to do first:

Install the AWS Client –

$ curl “https://s3.amazonaws.com/aws-cli/awscli-bundle.zip” -o “awscli-bundle.zip”
$ unzip awscli-bundle.zip
$ sudo ./awscli-bundle/install -i /usr/local/aws -b /usr/local/bin/aws

Grab my AWS credential, do this by going to AWS management console, click your user account name and choose security credentials and use the IAM console to create a user. When asked, download the Access Key and Secret Access key. You’ll need it in the next step.

Now back to the command line.

Run

aws configure

AWS Access Key ID [None]: *****
AWS Secret Access Key [None]: *********
Default region name [None]: eu-west-1
Default output format [None]: json

Input the AWS key and secret access key that you downloaded earlier. The Default Region name is quite important. I got this wrong first time and all the following commands failed due to timeouts and hangs like this

HTTPSConnectionPool(host=’ec2.eu-west-1c.amazonaws.com’, port=443): Max retries exceeded with url: / (Caused by ConnectTimeoutError(, ‘Connection to ec2.eu-west-1c.amazonaws.com timed out. (connect timeout=60)’))

Eventually worked out that it was the region name that was wrong (see here: http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region)

So if all the details are correct, try running

aws ec2 describe-instances

I got a response from AWS of:

{
“Reservations”: []
}

Give the user enough rights to do something through IAM. For me, just to get this running, I created a group named Admins and gave it Admin Access, then added my user to it.

Create a security group:

aws ec2 create-security-group –group-name devenv-sg –description “security group”

Allow ssh access in for this security group (change the cidr range to lock down :

aws ec2 authorize-security-group-ingress –group-name devenv-sg –protocol tcp –port 22 –cidr 0.0.0.0/0

Create a keypair:
aws ec2 create-key-pair –key-name devenv-key –query ‘KeyMaterial’ –output text > devenv-key.pem

Next bit is a bit more complicated. We need to find the security group id that we created and the subnet id of the virtual private.

Security Group ID you can find from the EC2 section of the AWS dashboard.

Subnet ID is in the VPC section of the dashboard under subnets. Once you’ve got those two bits of information, you can run a command like this:

aws ec2 run-instances –image-id ami-bbbbbbbb –count 1 –instance-type t2.micro –key-name devenv-key –security-group-id sg-yyyyyyy –query ‘Instances[0].InstanceId’ –subnet-id subnet-xxxxxxx

the image id (ami-bbbbbbb) is the type of guest you want to run (eg. Linux Distro, Windows etc…) you can find that in the choose an Amazon Machine Image part of EC2, click the launch instance button and the first choice is the type of virtual machine to launch.

This will respond with an instance id of a machine if successful of the form i-ccccccccc

Once you’ve done that, you can do a

aws ec2 describe-instances

which will return some json of the machine you’ve just created. Phew.

If you want to delete your instance, just issue the command

aws ec2 terminate-instance “i-ccccccc”

Be warned this shuts down the instance, then deletes it along with all of its data.