Table of contents
IAM Programmatic access:
Programmatic access in the context of AWS (Amazon Web Services) refers to the ability for software, applications, or scripts to interact with AWS services and resources using AWS Identity and Access Management (IAM) credentials. IAM is a service that allows you to control access to AWS resources securely. When you enable programmatic access for an IAM user or role, you provide them with access keys (access key ID and secret access key) that they can use to make API requests to AWS services.
Create an IAM User or Role: You start by creating an IAM user or role within your AWS account. IAM users represent individual people or applications, while roles are assumed by AWS services or other trusted entities.
Assign Permissions: You then attach policies to the IAM user or role. These policies define what actions and resources the user or role can access. AWS provides pre-defined policies for common use cases, and you can also create custom policies.
Generate Access Keys (for Users): If you are setting up programmatic access for an IAM user, you can generate access keys for that user. These access keys consist of an access key ID and a secret access key. The secret access key should be kept secure, as it's used to sign API requests.
Access Configuration (for Roles): If you are setting up programmatic access for an IAM role, you define how and where the role can be assumed. For example, you might specify that an EC2 instance can assume the role when it starts.
Use Access Keys or Assume Roles: Programmatic access can be established using either access keys (for users) or by assuming roles (for roles). Access keys are used directly in API requests, while roles can be assumed by AWS services, applications, or even other AWS accounts.
Implement Security Best Practices: To maintain security, it's crucial to follow AWS security best practices, such as regularly rotating access keys, restricting permissions to the minimum necessary, and monitoring and auditing API activity.
AWS CLI:
The AWS Command Line Interface (AWS CLI) is a command-line tool provided by Amazon Web Services (AWS) that allows users to interact with AWS services and manage their AWS resources from a terminal or command prompt. It provides a convenient and scriptable way to perform various AWS tasks, including:
Resource Management: You can create, modify, and delete AWS resources such as EC2 instances, S3 buckets, RDS databases, and more.
Configuration and Credentials: AWS CLI allows you to configure your AWS credentials, region settings, and other configuration options.
Service Integration: It provides access to a wide range of AWS services, allowing you to interact with services like AWS Lambda, AWS CloudFormation, AWS IAM, AWS S3, and many others.
Scripting and Automation: AWS CLI is often used in scripts and automation workflows, making it a valuable tool for DevOps and Infrastructure as Code (IaC) practices.
Querying and Output Formatting: You can use AWS CLI to filter and format the output of AWS commands to suit your needs. It supports various output formats, including JSON, text, and table.
Access to AWS APIs: AWS CLI interacts with AWS services via AWS APIs, so it provides a programmatic way to work with AWS without using the AWS Management Console.
To get started with AWS CLI, you'll need to install it on your local machine and configure it with your AWS access keys and preferred region. Here are the basic steps to set up AWS CLI:
Install AWS CLI: You can download and install AWS CLI on various operating systems, including Windows, macOS, and Linux. Installation instructions can be found on the AWS documentation.
Configure AWS CLI: After installation, you'll need to run the
aws configurecommand to set up your AWS credentials (access key ID and secret access key), default region, and output format.Start Using AWS CLI: Once configured, you can start using AWS CLI commands to manage your AWS resources and interact with AWS services. For example, you can use
aws ec2 describe-instancesto list EC2 instances in your AWS account.
Task-01
Create AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY from AWS Console.
On the right top corner, Click on your profile name > Select Security Credentials.
Scroll down to Access Keys > Select Create Access Key.
Click on I understand checkbox > Create Access Key.
Make sure you download the access key file and store it securely with you.
**
Task 2:**
- Setup and install AWS CLI and configure your account credentials
Here is the official documentation for installing AWS CLI in different OS.
Install AWS CLI in your Linux machine using the following steps:
sudo apt-get update
sudo apt install unzip
curl "https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip" -o "awscliv2.zip"
unzip awscliv2.zip
unzip awscliv2.zip
sudo ./aws/install
To check the version & installation, try running the commands:
aws --version
Configure your account credentials by using:
Pass the Access Key ID, Secret Access Key, Region Name, and default output format you need through the terminal.
Don’t worry, by the time you read this blog I would have deleted these access keys, so I am safe.
Let’s check if the AWS CLI is working or not. To check the S3 bucket details:
aws ec2 describe-instances
Like this, we can use more of AWS CLI.
In this blog, I have discussed IAM Programmatic Access and AWS CLI. If you have any questions or would like to share your experiences, please leave a comment below. Don’t forget to read my blogs and connect with me on LinkedIn and let’s have a conversation.
If you have questions or experiences to share, please feel free to comment below. You can also connect with me on LinkedIn; my name there is Akash Singh. I'm open to suggestions and corrections to improve my blog.
#Day42 #90daysofdevops
Thank you for reading!
Thank You! Stay Connected ☁️👩💻🌈
Contact me at :