Giters

hbombonato / LEARN

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

AWS LEARN

AWS CONSOLE

Check parameters on AWS root AWS console

https://.aws.amazon.com/console

  1. Create user

https://console.aws.amazon.com/iam/home?region=us-east-1#/home

add user learn

  1. Configure credentials in Sign-in credentials

Assigned MFA device

arn:aws:iam::xxxxxxxxxxxx:mfa/learn

  • Apply changes to use MFA (Generate token on mobile authenticator Google apps)

Access keys

  • Use access keys to make secure REST or HTTP Query protocol requests to AWS service APIs. For your protection, you should never share your secret keys with anyone. As a best practice, we recommend frequent key rotation.

SSH keys for AWS CodeCommit

  • Use SSH public keys to authenticate access to AWS CodeCommit repositories
  • Alert's if you lost this files dotn's possible login instance running

Install awscli

AWSCLI Install howto

Provide credentials

$ aws configure
AWS Access Key ID []: KHJHJHJHVCVCVCLKJOUY
AWS Secret Access Key []: dljkhsdjhskjh786786/uhudhuhd
Default region name []: us-east-1
Default output format []: json
$
$ aws sts get-session-token --serial-number arn:aws:iam::849399717715:user/Claude --token-code 1234

OUTPUT
{
    "Credentials": {
        "SecretAccessKey": "dljkhsdjhskjh786786/uhudhuhd",
        "SessionToken": "Fdddn]][[]\\\\wEaDEbcjK18xhcrreP/JSKd87873IVPSGkL46vW+1xBVPNnBu31vBaNP7JICeKhxxtnWdfdfdfdfYBn3Pw56WSLoL92E/7b1EzsVpxIK6OVIUT454545JGgDRzbGVSk2mv0eiern+44444xQp1+Ypzuuuxxx0vFVw3EoBuuuuuuN7RiUz2D7IUUPwyd90vr/KnXru96ks4444JS53sgF",
        "Expiration": "2011-0`-14T11:53:56Z",
        "AccessKeyId": "KHJHJHJHVCVCVCLKJOUY"
    }
}

Export environments

$ export AWS_ACCESS_KEY=KHJHJHJHVCVCVCLKJOUY
$ export AWS_SECRET_ACCESS_KEY=dljkhsdjhskjh786786/uhudhuhd
$ export AWS_SESSION_TOKEN=Fdddn]][[]\\\\wEaDEbcjK18xhcrreP/JSKd87873IVPSGkL46vW+1xBVPNnBu31vBaNP7JICeKhxxtnWdfdfdfdfYBn3Pw56WSLoL92E/7b1EzsVpxIK6OVIUT454545JGgDRzbGVSk2mv0eiern+44444xQp1+Ypzuuuxxx0vFVw3EoBuuuuuuN7RiUz2D7IUUPwyd90vr/KnXru96ks4444JS53sgF

Configure credential files

$ echo '
[mfa-role]
aws_access_key=KHJHJHJHVCVCVCLKJOUY
aws_secret_access_key=dljkhsdjhskjh786786/uhudhuhd
aws_session_token=Fdddn]][[]\\\\wEaDEbcjK18xhcrreP/JSKd87873IVPSGkL46vW+1xBVPNnBu31vBaNP7JICeKhxxtnWdfdfdfdfYBn3Pw56WSLoL92E/7b1EzsVpxIK6OVIUT454545JGgDRzbGVSk2mv0eiern+44444xQp1+Ypzuuuxxx0vFVw3EoBuuuuuuN7RiUz2D7IUUPwyd90vr/KnXru96ks4444JS53sgF
' >> ~/.aws/credentials

Add profile on config awscli

$ echo '
[profile mfa-role]
output = json
region = us-east-1
source-profile = mfa-role
'> ~/.aws/config

Compose json file example

$  echo
{
  "ImageId": "ami-80861296",
  "SecurityGroupIds": [ "sg-095234577" ],
  "InstanceType": "m3.medium",
  "SubnetId": "subnet-1db340dd55",
  "IamInstanceProfile": {
      "Arn": "arn:aws:iam::276376876983:instance-profile/learn"
  }
} > ec2-spot.json

Deploy spot-instances

$ aws ec2 request-spot-instances --spot-price "0.010" --instance-count 1 --type "one-time" --launch-specification file://ec2-spot.json

List spor request instances

aws ec2 describe-spot-instance-requests

OUTPUT

{
    "SpotInstanceRequests": [
        {
            "Status": {
                "UpdateTime": "2012-05-14T01:27:02.000Z",
                "Code": "price-too-low",
                "Message": "Your Spot request price of 0.01 is lower than the minimum required Spot request fulfillment price of 0.0112."
            },
            "ProductDescription": "Linux/UNIX",
            "SpotInstanceRequestId": "sir-dfdf56564fsk",
            "State": "open",
            "LaunchSpecification": {
                "Placement": {
                    "AvailabilityZone": "us-east-1b"
                },
                "ImageId": "ami-80861296",
                "SecurityGroups": [
                    {
                        "GroupName": "launch-wizard-1",
                        "GroupId": "sg-09523477"
                    }
                ],
                "SubnetId": "subnet-d232352dfdf",
                "Monitoring": {
                    "Enabled": false
                },
                "IamInstanceProfile": {
                    "Arn": "arn:aws:iam::3454354564545:instance-profile/learn"
                },
                "InstanceType": "m3.medium"
            },
            "Type": "one-time",
            "CreateTime": "2012-05-14T01:26:57.000Z",
            "SpotPrice": "0.010000"
        }

Cancel spot request instance

$ aws ec2 cancel-spot-instance-requests --spot-instance-request-ids sir-ddkjk8787

OUTPUT
{
    "CancelledSpotInstanceRequests": [
        {
            "State": "cancelled",
            "SpotInstanceRequestId": "sir-ddkjk8787"
        }
    ]
}

Automations next steps...

Ansible

Provisioning sinatnces with ansible automations scripts.

Ansible guide aws

GIT

Git Cheat Sheet

Automatic documentation

Lucidchart

Amazing notification tool

Slack WebHooks

Send notification to slack channels

$ aws ec2 request-spot-instances --spot-price "0.010" --instance-count 1 --type "one-time" --launch-specification file://ec2-spot.json |curl -X POST --data-urlencode 'payload={"channel": "#aws", "username": "webhookbot", "text": "AWS Spot Instance provision", "icon_emoji": ":ghost:"}' https://hooks.slack.com/services/T5sdsdFXs2/Bdfdfdf8DU/AdflkjJKKJkjdfdfdfEc44444v4444z

About