So I hope you people have successfully created your own IAM in the AWS Console. But Rather than the console, we people can also create these services through Command line. Moreover, AWS services can be managed by AWS Management Console (or) API (or) the Command Line Interface (CLI). So today in this block, we will learn about the AWS CLI.
What is an AWS CLI?
AWS Command Line Interface (CLI) is a unified tool through which you can manage and monitor all the AWS services from the client terminal session
AWS CLI is the combination of various tools to manage all the Amazon Web Services (AWS) associated with the organization. Moreover, this platform allows the users to download, configure as well as control from the command line through the script automation. AWS Platform allows the Linux, Windows as well as the Mac OS users to manage the AWS main services from the local terminal session command line. This AWS CLI is responsible for the reduction of traditional module development. So with a single step installation and the minimal configuration. Moreover, you can easily start all the AWS Console Management functions from the terminal.
Linux Shells:
.Here you can use the Linux shell programs like bash, tsch and Zsh to run the commands in various operating systems like Linux, Mac Os (or) Unix.
Windows Command Line:
On windows, you can command in Power Shell (or) in the Windows Command prompt.
Remotely:
You can run the commands on the Amazon EC2 instances, through the remote terminal such as Putty (or) SSH. Moreover, you can use AWS System Manager to automate the operational tasks across your AWS resources. Besides, it provides direct access to the AWS public Service API. In addition to the Low-level API Equivalent commands, AWS CLI offers the customization of several services.
So now let us see these services at the CLI.
step - 1:
Login to any one of your instance from the terminal
step -2:
Login as root with the following command
sudo su -
Then you will be entered into the following screen
step -3:
Then start installing the AWS CLI with the following command
step- 4:
Configure the AWS
step - 5:
Provide ls -la then you will be entering into the following screen
Step -6:
Change your directory to .aws
step -7:
List all your files
step - 8:
Check the services in your account.
Once you run this command, you can get all the instance with the keys
step- 9:
Also, check the s3 buckets list with the following command
So likewise you people can check all the AWS services from the Command line.
For instance, we will now create the bucket from the terminal.
step -1:
Create a bucket from your terminal as shown below
step - 2:
And you also check the buckets with command as shown below
So we have successfully created the buckets
And we will now discuss the roles
What is an IAM role?
An IAM role is an IAM identity that you can create in your account which has specific permissions. An IAM role is similar to that of the IAM user. Here the AWS identity and policies determine what an identity can and cannot do in AWS. However instead of being unique associated with one person. And the role can be grant to anyone who needs it. Moreover, a role does not have the long term credentials such as passwords (or) the access keys associated with it. So if you assume a role, it provides the temporary security credentials to your role session.
Click the link to know how to empower your business with IAM?
you can also use roles to delegate access to the users. applications (or) services that do have access to AWS services. For instance, you can grant the users in your AWS account, to access the resource that usually doesn't have. Besides this platform allows the users to access the resources in one account by another. In addition, we can also grant access your account to the third parties.
So let us see how to create the role in practical
step - 1 :
Navigate to IAM from your AWS Console.
step - 2:
Click on Create Role.
step - 3:
Click on EC2 and click on Permissions
step - 4:
Select the policy type (Here, in this case, I'm selecting S3 full access)
step - 5 :
Click on Review
step - 6:
Provide any name and click on Create role
So in you can IAM service, you can see the IAM roles as follows
And you people can add these roles to the instances. So you people can add this as shown below
step - 1:
Select the instance for which you want to add the IAM role and click on Action and then navigate to instance setting and then select on Add/ Replace the IAM role
Step - 2:
Select the IAM role and click on Apply.
step - 3:
Click on Close.
Also, check the future of aws identity and identity management
Policies:
A policy is an entity that, when attached to the identity (or) resources define the permissions. Policies were stored in AWS as JSON documents. And these were attached to the principles as identity -based policies in IAM. And this platform allows you to attach the identity-based policy to the principal such as IAM group, user (or) role. Moreover, Identity based policies include the AWS Managed policies, Customer managed policies and inline policies. Besides, this platform allows you to create the policies in the following methods:
Import
You can import the managed policy within your AWS account. Here this platform allows you to edit the policy and customize as per their requirements. Usually a managed policy can be either of the AWS managed policy (or) the customer-managed blogs.
Visual editor:
Using the visual editor, you can create a new policy from scratch. If you use the visual editor, then you need to understand the JSON Syntax.
JSON:
In JSON, you can create a policy using the JSON Syntax.
And you can create an inline policy in the AWS Management console. Basically, an inline policy is one that you create and embed directly to an IAM group (or) user (or) role.
So we will see how to create the policy practically
step -1:
Log in to the AWS console and click on Policies in the IAM tab
step - 2:
Click on Create Policy.
step - 3 :
Click on Choose a service
step - 4:
Select any service. (Here, in this case, I'm selecting the EC2)
Step - 5:
Select the Access level. (Here I'm providing the full access) and click on Review Policy
step- 6:
Provide any name and click on Create Policy
And you people can search this policy through the search bar
Besides, you people can also add this policy to roles as shown below
step -1:
Once again navigate to roles and click on Attach policies
step - 2:
Click on Attach Policy.
Uses of AWS CLI:
Easy Installation:
Before the introduction of AWS CLI installation tool kits like old AWS API involved too many complex steps. Here the users need to set up the multiple environments variables. But the AWS CLI installation is simple, quick as well as standardized.
Saves time:
Despite user-friendly, AWS console management is sometimes problematic. For instance, if you were trying to find the file in the large Amazon S3 folder, you need to search for the right S3 bucket and then navigate to the right folder and then to the right file. But with AWS CLI, if you know the right command, you can do the entire task in just a few commands.
Automates Process:
AWS CLI gives you the ability to automate the entire process of controlling and managing the AWS services through scripts. Moreover, these scripts make it easy for users to fully automate cloud infrastructure.
Supports all Amazon Web services:
Prior to AWS CLI, users need a dedicated CLI, for the EC2 Service. It Works good but does not let users control other Amazon Web Services like AWS Relational Databases (RDS). Besides AWS CLI you can control all the services from one simple tool.