Amazon EC2 Operations: Difference between revisions
Jump to navigation
Jump to search
| Line 128: | Line 128: | ||
==Create an Instance Profile== | ==Create an Instance Profile== | ||
{{External|[https://docs.aws.amazon.com/codedeploy/latest/userguide/getting-started-create-iam-instance-profile.html#getting-started-create-iam-instance-profile-cli Create an IAM Instance Profile for Your Amazon EC2 Instances]}} | |||
This procedure describes how to create an EC2 [[Amazon_AWS_Security_Concepts#Instance_Profile|instance profile]]. | This procedure describes how to create an EC2 [[Amazon_AWS_Security_Concepts#Instance_Profile|instance profile]]. | ||
Revision as of 21:38, 19 November 2019
Internal
EC2 CLI
Instance Operations
Describe Instances
aws [--region us-west-2] ec2 describe-instances [--instance-id ...]
{
"Reservations": [
{
"Instances": [
{
"Monitoring": {
"State": "disabled"
},
"PublicDnsName": "",
"State": {
"Code": 16,
"Name": "running"
},
"EbsOptimized": false,
"LaunchTime": "2019-04-10T16:56:01.000Z",
"PrivateIpAddress": "10.10.2.71",
"ProductCodes": [],
"VpcId": "vpc-1d3c8c4c1d99cd6ba",
"CpuOptions": {
"CoreCount": 1,
"ThreadsPerCore": 1
},
"StateTransitionReason": "",
"InstanceId": "i-01a053a09bf6d7b15",
"EnaSupport": true,
"ImageId": "ami-03338e1f67dae0168",
"PrivateDnsName": "ip-10-10-2-71.ca-central-1.compute.internal",
"KeyName": "outerworldly-key-pair",
"SecurityGroups": [
{
"GroupName": "some-sg",
"GroupId": "sg-04efb7c151570f2d0"
}
],
"ClientToken": "",
"SubnetId": "subnet-00102cd730cc69e0a",
"InstanceType": "t2.micro",
"NetworkInterfaces": [
{
"Status": "in-use",
"MacAddress": "02:96:44:f3:af:08",
"SourceDestCheck": true,
"VpcId": "vpc-1d3c8c4c1d99cd6ba",
"Description": "Primary network interface",
"NetworkInterfaceId": "eni-07ebe1e63724f60f2",
"PrivateIpAddresses": [
{
"Primary": true,
"PrivateIpAddress": "10.10.2.71"
}
],
"SubnetId": "subnet-00102cd730cc69e0a",
"Attachment": {
"Status": "attached",
"DeviceIndex": 0,
"DeleteOnTermination": true,
"AttachmentId": "eni-attach-003a2cd69ddac31a4",
"AttachTime": "2019-04-10T16:56:01.000Z"
},
"Groups": [
{
"GroupName": "some-sg",
"GroupId": "sg-04efb7c151570f2d0"
}
],
"Ipv6Addresses": [],
"OwnerId": "777777777777",
"PrivateIpAddress": "10.10.2.71"
}
],
"SourceDestCheck": true,
"Placement": {
"Tenancy": "default",
"GroupName": "",
"AvailabilityZone": "ca-central-1a"
},
"Hypervisor": "xen",
"BlockDeviceMappings": [
{
"DeviceName": "/dev/xvda",
"Ebs": {
"Status": "attached",
"DeleteOnTermination": true,
"VolumeId": "vol-0290718334f7ccdc0",
"AttachTime": "2019-04-10T16:56:02.000Z"
}
}
],
"Architecture": "x86_64",
"RootDeviceType": "ebs",
"RootDeviceName": "/dev/xvda",
"VirtualizationType": "hvm",
"Tags": [
{
"Value": "01 instance",
"Key": "Name"
}
],
"AmiLaunchIndex": 0
}
],
"ReservationId": "r-0c51f172352815e10",
"Groups": [],
"OwnerId": "777777777777"
}
]
View Existing Instance Profiles
aws iam list-instance-profiles aws iam list-instance-profiles-for-role
Create an Instance Profile
This procedure describes how to create an EC2 instance profile.
With AWS CLI
aws iam create-instance-profile
Add a Role to an Instance Profile
aws iam add-role-to-instance-profile
Associate an Instance Profile with an EC2 Instance
This procedure describes how to associate an instance profile with an EC2 instance.
Configure a Public DNS Name to an EC2 Instance
TODO
Load Balancing Operations
Key Pair Operations
It seems there is no way to create a Key pair as part of a CloudFormation template.
Create a Key Pair with Amazon Console
AWS -> EC2 -> Key Pairs -> Create Key Pair.
Region Operations
Availability Zone Operations
Get Availability Zones in a Region
aws ec2 describe-availability-zones --region ca-central-1
Create an EC2 Instance with CloudFormation
Resources:
EC2Instance:
Type: AWS::EC2::Instance
Properties:
ImageId: ami-03338e1f67dae0168
KeyName: !Sub infinity-${AWS::Region}
InstanceType: t2.micro
NetworkInterfaces:
- AssociatePublicIpAddress: 'true'
DeviceIndex: '0'
GroupSet:
- !Ref SomeSecurityGroup
SubnetId: !Ref PublicSubnet
Tags:
- Key: Name
Value: !Sub ${MicroworldName}-bastion
GetAtt Attributes
AvailabilityZone
PrivateDnsName
PublicDnsName
PrivateIp
PublicIp
Create an EC2 Instance with Terraform
AMI Operations
Find an Image
aws ec2 describe-images --filters "Name=image-id,Values=ami-0a85857bfc5345c38" "Name=architecture,Values=x86_64"
{
"Images": [
{
"VirtualizationType": "hvm",
"Description": "Amazon Linux 2 AMI 2.0.20191024.3 x86_64 HVM gp2",
"Hypervisor": "xen",
"ImageOwnerAlias": "amazon",
"EnaSupport": true,
"SriovNetSupport": "simple",
"ImageId": "ami-0a85857bfc5345c38",
"State": "available",
"BlockDeviceMappings": [
{
"DeviceName": "/dev/xvda",
"Ebs": {
"SnapshotId": "snap-0f3ae06326a22c8b0",
"DeleteOnTermination": true,
"VolumeType": "gp2",
"VolumeSize": 8,
"Encrypted": false
}
}
],
"Architecture": "x86_64",
"ImageLocation": "amazon/amzn2-ami-hvm-2.0.20191024.3-x86_64-gp2",
"RootDeviceType": "ebs",
"OwnerId": "137112412989",
"RootDeviceName": "/dev/xvda",
"CreationDate": "2019-10-31T06:01:08.000Z",
"Public": true,
"ImageType": "machine",
"Name": "amzn2-ami-hvm-2.0.20191024.3-x86_64-gp2"
}
]
}
aws ec2 describe-images --filters 'Name=name,Values=amzn2-ami-hvm-2.0.*.*-x86_64-gp" "Name=architecture,Values=x86_64" "Name=virtualization-type,Values=hvm" "Name=root-device-type,Values=ebs"
With ec2-describe-images
Deregister an AMI
aws ec2 deregister-image --image-id <ami_id>