AWS CLI: Another Path to Services – Conclusion

In the previous article, we figured out how to install AWS CLI. Let us now find out how to make it work for us.

Next is to use the CLI. How?

Let us see. We have installed the CLI and we have configured it to our credentials. Now we can use it to work with the services AWS provides.

In our project, we had to work with S3 and EC2.

So what steps to follow? What commands to give? How? Where?  These were some questions we needed answered.

First Steps:

Let’s get a feel of AWS CLI first. Some suggestions:


List all the EC2 tags:

$ aws ec2 describe-regions


Lists the users and outputs in table format:

$ aws iam list-users –output table


Using help with AWS CLI:

$ aws ec2 describe-spot-price-history help


Further Steps:

Now that we are fairly comfortable with AWS CLI, let us deploy a development environment on EC2 using CLI.

To achieve this what are the steps we need to take?

  1. Install AWS CLI.
  2. Configure AWS CLI
  3. Launch the EC2 instance.

Since we have already installed and configured CLI, let us move on to Launching the EC2 instance.


You need to remember that if you launch an instance that is not within the Free Usage Tier, you are billed after you launch the instance and charged for the time that the instance is running, even if it remains idle.


A prerequisite for launching ec2 is to Create a Security Group, Key Pair, and Role for the EC2 Instance


So, let us start creating.


1. First, create a new security group and add a rule that allows incoming traffic over port 22 for SSH. Note the security group ID for later use.


$ aws ec2 create-security-group –group-name devenv-sg –description “security group for development environment in EC2”
    “GroupId”: “sg-b018ced5”
$ aws ec2 authorize-security-group-ingress –group-name devenv-sg –protocol tcp –port 22 –cidr


Replace the CIDR range with an address that you want to connect from for added security.


2. Next, create a key pair, which allows you to connect to the instance.


$ aws ec2 create-key-pair –key-name devenv-key –query ‘KeyMaterial’ –output text > devenv-key.pem


This command saves the key-pair to a file named devenv-key.pem. You can name the pem file with whatever you want.



In the Windows Command Processor, enclose queries with double quotes instead of single quotes.


3. On Linux, you will also need to change the file mode so that only you have access to the key file.


$ chmod 400 devenv-key.pem

Now you are ready to launch the instance and connect to it.



To launch and connect to the instance


1. Run the following command, replacing the security group ID output in the previous step.


$ aws ec2 run-instances –image-id ami-29ebb519 –security-group-ids sg-b018ced5 –count 1 –instance-type t2.micro –key-name devenv-key –query ‘Instances[0].InstanceId’ “i-ec3e1e2k”


2. The instance will take a few moments to launch. Once the instance is up and running, the following command will retrieve the public IP address that you will use to connect to the instance.


$ aws ec2 describe-instances –instance-ids i-ec3e1e2k –query ‘Reservations[0].Instances[0].PublicIpAddress’ “”


3. To connect to the instance, use the public IP address and private key with your preferred terminal program. On Linux, macOS, or Unix, you can do this from the command line with the following command:


$ ssh -i devenv-key.pem


If you get an error like Permission denied (publickey) when attempting to connect to your instance, check that the following are correct:

  • Key – The key specified with the -i option must be at the path indicated and must be the private key, not the public one. Permissions on the key must be restricted to the owner.
  • User name – The user name must match the user associated with the key pair on the instance. For Ubuntu instances, this is ubuntu. For Amazon Linux, it is ec2-user.
  • Instance – The public IP address or DNS name of the instance. Verify that the address is public and that port 22 is open to your local machine on the instance’s security group.

You can also use the -v option to view additional information related to the error.


SSH on Windows

  • On Windows, you can use the PuTTY terminal application
  • Use puttygen.exe to convert your private key to a .ppk file required by PuTTY. Launch putty.exe, enter the public IP address of the instance in the Host Name field, and set the connection type to SSH.
  • In the Category panel, navigate to Connection > SSH > Auth, and click Browse to select your .ppk file, and then click Open to connect.


4. The terminal will prompt you to accept the server’s public key. Type yes and click Enter to complete the connection.


Now the problem is, you are not the administrator. So how can you launch an EC2 instance?

Well. There is an easy solution for this. Create an iam user and add it to the group which is configured to launch the EC2 instancce. Further details can be found here.


So you got this far. Your EC2 instance is ready. You can also connect to it. Great!! Now all that is left over is to deploy your application.


It is quite simple, actually.

You can use AWS CodeDeploy to deploy your application. You can go here to get the steps.

Another way is to do it using the AWS APIs available here


We will look at these deployment methods in the next part of the series.