Creating Key-pair,Security group and launching EC2 Instance with external EBS Volume attached using AWS CLI

In this post,we are going to create a key-pair,security group and then launch an ec2 instance with them.Then,we will create an external EBS Volume and attach it to the recently launched instance.This whole setup will be done using AWS CLI.

How to install AWS CLI?

To use AWS from CLI we have to install the AWS CLI Software.You can download the software from here.After downloading,you have to follow the steps for installation which are pretty simple.

What Next?

After installing the AWS CLI software we have to first configure our AWS credentials from the CLI using aws configure command.Here we require our Access Key Id and Secret Key which can be generated very easily from the IAM portal of AWS WebUI.

After configuring the AWS credentials we are ready to start the practical.

Create Key-pair

For creating key-pair we have to use just 1 simple command which as follows

aws ec2 create-key-pair --key-name <KEY_NAME> --query "KeyMaterial" --output text > <KEY_NAME>.pem

The important part here is retrieving the key-pair once it’s created and storing it locally in a file for future use because once the key-pair is created AWS does not have any provision of downloading an existing key-pair.So,we have to retrieve the key-pair at the time of creation.This is done by querying the “KeyMaterial” of the json output which displays the public key content and then storing it any local file.

Create Security group

Again for creating securing,we have to just run one simple command which is as follows

aws ec2 create-security-group --group-name <SG_name>--description "Any description"

This just creates the security group without any rules.For adding inbound rules to the Security group we have to use the option authorize-security-group-ingress in aws ec2 command.

#Allows Inbound SSH traffic
aws ec2 authorize-security-group-ingress --group-name <SG_name> --protocol tcp --port 22 --cidr 0.0.0.0/0
#Allows Inbound HTTP traffic
aws ec2 authorize-security-group-ingress --group-name <SG_name> --protocol tcp --port 80--cidr 0.0.0.0/0

Launch ec2 instance

For launching ec2 instance we need to mention the ami-id,instance type,key-pair name and security group.

aws ec2 run-instances --image-id <Image_id> --instance-type <Instance_type> --key-name <Key_Name> --security-group-ids <SG_id> --count 1

Create EBS Volume of size 1GB

For creating EBS Volume we have to specify the volume-type and size.We also have to mention the Availability Zone in which we want to create the volume.The AZ should be same as that in which the instance was launched.If there is a mismatch between the AZ in which instance was launched and the one in which the volume is created then the volume will not be attachable to this instance.

aws ec2 create-volume --volume-type gp2 --size 1 --availability-zone <AZ in which instance was launched>

Attach volume to instance

For attaching volume we have to mention the volume-id,instance-id and the device name.The device name should be in this format range /dev/xvda to /dev/xvdf.

aws ec2 attach-volume --instance-id <Instance_id> --volume-id <Vol_id> --device /dev/xvdf

If we connect to the instance then we can see the new volume has been successfully attached using the fdisk -l command.

Thus,we have successfully launched an ec2 instance and attached an external EBS Volume to it using CLI.

Thank You!