IAM Programmatic access and AWS CLI ๐Ÿš€ โ˜

IAM Programmatic access and AWS CLI ๐Ÿš€ โ˜

ยท

5 min read

๐Ÿ”‘ AWS Programmatic Access

AWS programmatic access refers to the ability to interact with AWS services and resources using code, scripts, or command-line tools, rather than through the AWS Management Console, which is the web-based graphical user interface. Programmatic access is crucial for automation, scripting, and managing AWS resources at scale. It involves the use of AWS access keys, specifically:

  • Access Key ID: A unique identifier for an AWS user.

  • Secret Access Key: A secret key associated with the Access Key ID.

Here's what you need to know about AWS programmatic access:

  • Purpose: Programmatic access allows you to automate AWS tasks, integrate AWS services into your applications, and manage AWS resources using APIs (Application Programming Interfaces) and command-line tools.

  • Security: Access keys must be kept secure, as they provide full access to your AWS resources. They should not be exposed or shared unnecessarily.

  • Usage: AWS programmatic access is commonly used for tasks such as deploying and managing EC2 instances, automating data backups to S3, and invoking AWS Lambda functions.

  • Permissions: Access to AWS resources is controlled through AWS Identity and Access Management (IAM) policies, which specify what actions a user or application can perform.

ยฉ๏ธ AWS CLI (Command Line Interface)

AWS CLI (Command Line Interface) is a unified, command-line tool provided by AWS to interact with AWS services from the terminal or command prompt. It offers a powerful and efficient way to manage AWS resources, ideal for developers, administrators, and automation tasks. Here are the key aspects of AWS CLI:

  • Installation: You can install AWS CLI on various operating systems, including Linux, macOS, and Windows. The installation process is straightforward.

  • Configuration: To use AWS CLI, you must configure it with your AWS credentials, including the Access Key ID and Secret Access Key. You can also set default regions and output formats during configuration.

  • Commands: AWS CLI provides a wide range of commands for managing AWS services. These commands are organized by AWS service and allow you to perform actions like creating EC2 instances, listing S3 buckets, configuring security groups, and much more.

  • Scripting and Automation: AWS CLI is script-friendly, enabling you to create scripts and automate AWS tasks. This is particularly useful for infrastructure as code (IaC) deployments using tools like AWS CloudFormation.

  • Extensions: AWS CLI can be extended with additional plugins and tools to enhance its functionality for specific use cases.

  • Cross-Platform: AWS CLI is cross-platform, meaning you can use it on various operating systems with the same commands and syntax.

  • Access Control: The AWS CLI respects AWS IAM permissions, ensuring that users and applications can only perform actions for which they have been granted access.

โ˜๏ธHands-On Practice

Task-01: Create AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY from AWS Console

Step 1: Create an IAM user

  • Create an IAM user just like we created in previous blogs

  • You can refer to this blog for the steps of creating an IAM user.

Step 2: Save Access Key Credentials

  • After the user is created, click on the user name and you will see all the information about the user

  • Click on the security credentials.

  • Scroll down to the access key and click on Create Access Key

  • Select Command Line Interface (CLI) then provide an optional tag

  • Now, you will see a confirmation screen. It will display the user's username and an option to download the CSV file containing the user's access key ID and secret access key.

  • Download the CSV file and store it securely. This file contains sensitive credentials and should not be shared or exposed.

Task-02: Setup and install AWS CLI and configure your account credentials

Step 1: Create an Instance

  • Create an EC2 instance just like we created in the previous blog.

  • In the Advance Details , to go User data and paste the below script to install

    aws-cli and click on launch instance.

      #!/bin/bash
    
      sudo apt-get update
      sudo apt-get install -y awscli
      sudo apt-get update
    
  • Connect to the instance via SSH

  • You can refer the previous blog.

Step 2: Configure AWS CLI

  1. After launching the instamce, you need to check the aws --version to confirm if aws-cli is installed or not and to configure it with the credentials you obtained earlier.

  2. In your terminal, run the following command to configure AWS CLI:

     aws configure
    
  3. You will be prompted to enter the following information:

    • AWS Access Key ID: Enter the Access Key ID from the CSV file you downloaded during Task-01.

    • AWS Secret Access Key: Enter the Secret Access Key from the CSV file.

    • Default region name: Enter the AWS region you want to use as the default (e.g., "us-east-1").

    • Default output format: You can leave this as "json" or choose another format.

  1. After entering this information, the AWS CLI will be configured with your IAM user's credentials.

You have now successfully created an IAM user and configured AWS CLI on your local machine. You can use the CLI to interact with AWS services using the credentials of the IAM user you created.

You can refer this blog for more understanding

I hope now you can configure your AWS CLI .
Stay tuned fo rmore content !!
Happy Learning :D

ย