Amazon Web Services: “How to launch Instances & attaching additional EBS Volume using AWS CLI 2?”​

Before getting started? First, let me tell you the concept “CLI”. The CLI stands for Command Line Interface which allows users to directly interact with the particular program or system using “Black Screen”. Black Screen is also known as “Shell”. It prompt user to input something or commands to do some operations. The AWS Command Line Interface (CLI) is a unified tool to manage AWS services. With just one tool to download and configure, you can control multiple AWS services from the command line and automate them through scripts.

Installation of Amazon Web Services Command Line Interface (AWS CLI) 2

The AWS CLI version 2 is the most recent major version of the AWS CLI and supports all of the latest features.

Learn more about AWS CLI 2 & Download it from here

Creating User for CLI using IAM Service

In Identity and Access Management, we need to add new user for specific permission for this operation. In IAM Dashboard, under Access Management, we need to click on Users and the steps are following:

  1. In the top left, there is an option called “Add User” we need to click it.
  2. Then, Under “Set User Details” Section, we need to enter User name.
  3. Then, Under “Select AWS Access Type” Section, We need to set the following configurations. “Access type”, “Console password”, “Require password reset” For “Access type”, we need to check both the options: “Programmatic Access” & “AWS Management Console Access”. The “Programmatic Access will allow the user to access AWS Service from client machine using CLI. For “Console password”, we need to select, custom password option and for “Require password reset”, this should be unchecked.
  4. In the next step, we need to set permissions to the user by creating group and assigning the policy name “PowerUserAccess”. The “PowerUserAccess” will give full access to this user except “Accessing the Billing Dashboard & IAM Services”.
  5. The next step is Adding tags to the users (This step is optional).

After creating the user, the IAM Service will provide two major things, the “Access key ID” and “Secret access key”. We can download it as CSV file for future use.

Configuration of “AWS CLI 2”

Steps to configure the AWS CLI 2

  1. First, we need to run “aws — version” command to make sure whether it is installed or not (This is the optional step but recommended)
  2. To configure the AWS, we need to run “aws configure” command to login into all AWS Services which is provided by the IAM Security Group Policy to the account. After running this command, it will ask 4 things: “Access Key”, “Secret Key”, “Region” & “Output Format”. But, three things we need to enter, First Access key, second Secret Key and then Region, and finally for output format, we need to make it blank for initial setup.

Creating Key Pairs for EC2 Instances

aws ec2 create-key-pair --key-name shobhitKeyPair

Creating Security Group

aws ec2 create-security-group --group-name shobhitFirewall --description "Shobhit Sharma, Security Group"

The output will be

{
"GroupId": "sg-0e6e60daXXXXXXXXX"
}

Creating New Amazon Linux Instance using AWS CLI 2

  1. AMI (Amazon Machine Image) ID — An Unique ID for individual operating system
  2. Instance Type — It refers to Compute Engine, or Resources like RAM & CPU, etc.
  3. Key Pair — For Authentication of AMI.
  4. Security Group — The Amazon Web Services policy or firewall to secure network.
  5. Subnet Id — It refers to Availability Zone from the list of AZs of the region.

To Create Instance using CLI, we need to run this command

aws ec2 run-instances --image-id ami-03657b56516ab7912 --count 1 --instance-type t2.micro --key-name shobhitKeyPair --security-group-ids sg-0e6e60daXXXXXXXXX --subnet-id subnet-ffeXXXXX

Output will be

{
"Groups": [],
"Instances": [
{
"AmiLaunchIndex": 0,
"ImageId": "ami-03657b56516ab7912",
"InstanceId": "i-01521fd1XXXXXXXXX",
"InstanceType": "t2.micro",
"KeyName": "shobhitKeyPair",
"LaunchTime": "2020-10-13T07:04:07+00:00",
"Monitoring": {
"State": "disabled"
},
"Placement": {
"AvailabilityZone": "us-east-2a",
"GroupName": "",
"Tenancy": "default"
},
"PrivateDnsName": "ip-172-31-0-218.us-east-2.compute.internal",
"PrivateIpAddress": "172.31.0.218",
"ProductCodes": [],
"PublicDnsName": "",
"State": {
"Code": 0,
"Name": "pending"
},
"StateTransitionReason": "",
"SubnetId": "subnet-ffXXXXXX",
"VpcId": "vpc-81XXXXXX",
"Architecture": "x86_64",
"BlockDeviceMappings": [],
"ClientToken": "aff01bea-7b9f-4560-a8eb-af0XXXXXXXXX",
"EbsOptimized": false,
"EnaSupport": true,
"Hypervisor": "xen",
"NetworkInterfaces": [
{
"Attachment": {
"AttachTime": "2020-10-13T07:04:07+00:00",
"AttachmentId": "eni-attach-004f52c3XXXXXXXXX",
"DeleteOnTermination": true,
"DeviceIndex": 0,
"Status": "attaching"
},
"Description": "",
"Groups": [
{
"GroupName": "shobhitFirewall",
"GroupId": "sg-0e6e60daXXXXXXXXX"
}
],
"Ipv6Addresses": [],
"MacAddress": "02:73:cc:00:26:58",
"NetworkInterfaceId": "eni-0c2d1d44XXXXXXXXX",
"OwnerId": "934204XXXXXX",
"PrivateDnsName": "ip-172-31-0-218.us-east-2.compute.interna
l",
"PrivateIpAddress": "172.31.0.218",
"PrivateIpAddresses": [
{
"Primary": true,
"PrivateDnsName": "ip-172-31-0-218.us-east-2.compute
.internal",
"PrivateIpAddress": "172.31.0.218"
}
],
"SourceDestCheck": true,
"Status": "in-use",
"SubnetId": "subnet-ffXXXXXX",
"VpcId": "vpc-81d77eea",
"InterfaceType": "interface"
}
],
"RootDeviceName": "/dev/xvda",
"RootDeviceType": "ebs",
"SecurityGroups": [
{
"GroupName": "shobhitFirewall",
"GroupId": "sg-0e6e60daXXXXXXXXX"
}
],
"SourceDestCheck": true,
"StateReason": {
"Code": "pending",
"Message": "pending"
},
"VirtualizationType": "hvm",
"CpuOptions": {
"CoreCount": 1,
"ThreadsPerCore": 1
},
"CapacityReservationSpecification": {
"CapacityReservationPreference": "open"
},
"MetadataOptions": {
"State": "pending",
"HttpTokens": "optional",
"HttpPutResponseHopLimit": 1,
"HttpEndpoint": "enabled"
}
}
],
"OwnerId": "934204XXXXXX",
"ReservationId": "r-079af78eXXXXXXXXX"
}

After creation of instance, we need to run this optional command for identification.

aws ec2 create-tags --resources i-01521fd1XXXXXXXXX --tags Key=Name,Value="Shobhit Sharma CLI"

Creating EBS Additional Volume

  1. I’ve used “us-east-2a” as an availability zone.

To Create EBS Volume using CLI, we need to run this command

aws ec2 create-volume --size 1 --availability-zone us-east-2a

The output will be

{
"AvailabilityZone": "us-east-2a",
"CreateTime": "2020-10-13T07:26:05+00:00",
"Encrypted": false,
"Size": 1,
"SnapshotId": "",
"State": "creating",
"VolumeId": "vol-00abe3aaXXXXXXXXX",
"Iops": 100,
"Tags": [],
"VolumeType": "gp2"
}

Attaching Additional EBS Volume to the EC2 Instance

aws ec2 attach-volume --volume-id vol-00abe3aaXXXXXXXXX --instance-id i-01521fd1XXXXXXXXX --device /dev/sdf

The output will be

{
"AttachTime": "2020-10-13T07:34:55.869000+00:00",
"Device": "/dev/sdf",
"InstanceId": "i-01521fd1XXXXXXXXX",
"State": "attaching",
"VolumeId": "vol-00abe3aaXXXXXXXXX"
}

This is how we can create CLI User, key pairs, security group, instance, additional EBS Volume and also how can we attach additional EBS Volume to the instance.

This Article is originally written, edited and published by Shobhit Sharma.

Shobhit Sharma (born 8 December 2000) is an Indian Technology Journalist, Computer Engineer, EDM Artist, Blogger, and Entrepreneur from Agra, Uttar Pradesh.