Abhisek's blog
IAM Programmatic access and AWS CLI

IAM Programmatic access and AWS CLI

Day 42 of 90daysofdevops

Abhisek Moharana's photo
Abhisek Moharana
ยท

4 min read

Table of contents

IAM Programmatic access

  • IAM (Identity and Access Management) programmatic access refers to the ability of an IAM user or role to interact with AWS services and resources programmatically using API calls, command-line tools, or SDKs (Software Development Kits).

  • When granting programmatic access to an IAM entity (user or role), you provide them with access key credentials, which consist of an access key ID and a secret access key.

  • In order to access your AWS account from a terminal or system, you can use AWS Access keys and AWS Secret Access keys.

  • Programmatic access allows IAM users or roles to perform various tasks programmatically, such as creating and managing AWS resources, retrieving information, configuring services, and performing administrative actions.

  • To ensure security and minimize the exposure of access keys, it is important to follow AWS security best practices, such as regularly rotating access keys, restricting access permissions to the minimum required for the task, and using secure storage for access keys.

AWS CLI

  • The AWS CLI (Command Line Interface) is a unified command-line tool provided by AWS for interacting with various AWS services. It allows users to manage and automate AWS resources and services from the command line or scripts

  • With the AWS CLI, users can perform tasks like creating and managing EC2 instances, S3 buckets, IAM users, and more. It provides a simple and consistent interface to access and control AWS services.

  • The AWS CLI v2 offers several new features including improved installers, new configuration options such as AWS IAM Identity Center (successor to AWS SSO), and various interactive features.

AWS CLI Use Cases:

  1. Launching an EC2 instance:

     aws ec2 run-instances 
 --name <INSTANCE_Name> 
 --image-id <AMI_ID> 
 --count <No. of Instance>
 --instance-type <INSTANCE_TYPE> 
 --key-name <KEY_PAIR_NAME> 
 --security-group-ids <SECURITY_GROUP_ID> 
 --subnet-id <SUBNET_ID> 
 --region <REGION>

  2. Adding a tag to your EC2 Instance

     aws ec2 create-tags 
 --resources <Instance-ID>
 --tags Key=Name,Value=MyInstance

  3. List your instances

     aws ec2 describe-instances

  4. Terminate your instance

     aws ec2 terminate-instances --instance-ids <Instance-ID>

  5. Refer to the office Docs for more details

    CLI Use Cases

Task-01: Create AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY from AWS Console.

Log in to your AWS Management Console with your user-id and password.

  • Click on the username in the top right corner of the console and select "Security Credentials" from the drop-down menu.

Click on the "Access Keys( Access key ID and Secret access key)" section.

  • Click on "Create Access key".

  • Choose the Command Line Interface(CLI) as the Access Key alternative

Your Access key ID and secret key will be displayed. Make sure to download the CSV (Excel) file with your access key information and store it in a secure location.

Task-02: Setup and install AWS CLI and configure your account credentials

  1. Install the AWS CLI by following the instructions for your operating System:

    AWS CLI Installation Docs

     sudo apt update

 sudo apt-get install awscli

 aws --version

  2. Once you have installed the AWS CLI, open a terminal or command prompt and run the following command to configure your account credentials.

  3. You will be prompted to enter your AWS Access Key ID and Secret Access Key. Copy and paste the access key and secret key from the download CSV file, it will be asked to enter your default region and output format. choose the region that is closest to your location and select a suitable output format.

     aws configure

 # pass the access key and token
 # pass the region name
 # output format: json

  4. Once you have entered your credentials and configured your default settings, you can test that the CLI is working by running the following commands.

    This command should list the contents of your default s3 bucket. you have now set up and installed the AWS CLI and Configured your account credentials.

     aws s3 ls

Thank You,

I want to express my deepest gratitude to each and every one of you who has taken the time to read, engage, and support my journey.

Feel free to reach out to me if any corrections or add-ons are required on blogs. Your feedback is always welcome & appreciated.

~ Abhisek Moharana ๐Ÿ™‚

2Articles1Week#90daysofdevopsDevopsAWSaws cli
ย