Amazon Web Services - on-demand cloud computing

mail

AWS CLI

Installation

  1. make a new Python virtual environment :
    vEnv='v_awsCli'; python3 -m venv "$vEnv"; source "$vEnv/bin/activate"
  2. install :
    pip3 install awscli
  3. the install should end on : 
    
The scripts pyrsa-decrypt, pyrsa-decrypt-bigfile, pyrsa-encrypt, pyrsa-encrypt-bigfile, pyrsa-keygen, pyrsa-priv2pub, pyrsa-sign and pyrsa-verify are installed in '/home/stuart/.local/bin' which is not on PATH.
Consider adding this directory to PATH or, if you prefer to suppress this warning, use --no-warn-script-location.
    You can do so with :
    export PATH=$PATH:$HOME/.local/bin
  4. check installation :
    aws --version
    aws-cli/1.16.255 Python/3.7.3 Linux/4.19.0-6-amd64 botocore/1.12.245

Configuration

Retrieve AWS credentials

  1. log into the AWS console
  2. in the top-right corner, click on your user name, then in the drop-down menu : My security credentials
  3. on the new page, open the Access keys (access key ID and secret access key) panel then
  4. You'll get 2 new values :
    • Access Key ID
    • Secret Access Key
During this procedure, the GUI may show a warning message saying : 
You are accessing the security credentials page for your AWS account. The account credentials provide unlimited access to your AWS resources.

To help secure your account, follow an AWS best practice by creating and using AWS Identity and Access Management (IAM) users with limited permissions.
  • Since we're only using free resources, let's say it's ok for this time... (but this is BAAAD! )
  • Store keys in a safe place : sound like a good practice, and just in case your infra grows, you won't have to worry about leaked keys...

Configure AWS CLI with AWS credentials (sources : 1, 2)

Configuration goes into :
  • ~/.aws/credentials
  • ~/.aws/config
So :
  1. mkdir -p ~/.aws
  2. cat << EOF > ~/.aws/credentials 
    [default]
aws_access_key_id=Access Key ID
aws_secret_access_key=Secret Access Key
EOF
  3. cat << EOF > ~/.aws/config 
    [default]
region=us-west-2
output=json
EOF
[default] is the profile name being configured.
mail

How to use AWS resources for free ?

Learning Terraform led me here .

Amazon has the Free Tier offer, designed to let users learn and practice with their products and tools. Depending on the product, there are :

offers. The one I'm interested in is the Amazon EC2 — 750 hours / month.

Let's enroll !

To benefit from this offer, there's just to create a new AWS account.

Previously created AWS accounts don't qualify for the Free Tier offers and may be charged. So better create a totally new account.

So that's what I did. The Payment Information page took me some time (setup of a virtual credit card) during which my account was created anyway (albeit incomplete) :
  • the welcoming email said : For the next 12 months, you'll have free access to core AWS compute, storage, database, and application services within the limits of the Free Tier.
  • I could login via the AWS Console and even retrieve keys.
  • but a further step on my Terraform tutorial —actually spawning an instance— caused the error : 
    aws_instance.example: Creating...

Error: Error launching source instance: OptInRequired: You are not subscribed to this service. Please go to http://aws.amazon.com to subscribe.
        status code: 401, request id: c05a9a89-2623-f341-1d8e-8095b6e854ee

  on example.tf line 6, in resource "aws_instance" "example":
   6: resource "aws_instance" "example" {