Getting Started with AWS CLI
The AWS Command Line Interface (AWS CLI) is a powerful, open-source tool developed by Amazon Web Services that allows you to interact with and manage your AWS services directly from your terminal or command prompt.
Instead of navigating through the web-based AWS Management Console, the AWS CLI provides a unified interface to control nearly all AWS services using text-based commands.
Download the Installer Visit the official AWS CLI download page and choose the 64-bit Windows Installer if you're on a 64-bit system.
Run the Installer Double-click the downloaded .msi file and follow the installation wizard:
Verify Installation Open Command Prompt or PowerShell and run:
aws --version
You should see the installed version displayed.
Getting Started with Terraform CLI
Terraform is an open-source Infrastructure as Code (IaC) tool created by HashiCorp. It allows you to define, provision, and manage your cloud and on-premises infrastructure using human-readable configuration files.
Think of it this way: instead of manually clicking through a web console (like the AWS Management Console) to create virtual machines, databases, networks, and other cloud resources, you write code that describes the desired state of your infrastructure. Terraform then takes this code and makes sure your actual infrastructure matches it.
Key aspects:
- IaC: Defines infrastructure in version-controlled code, making it consistent and repeatable.
- Declarative: You state what you want, not how to do it.
- Providers: Works with many cloud providers (AWS, Azure, GCP) and other services via plugins.
- Workflow: Write your code, Plan to see what changes will occur, and Apply to make those changes.
- State File: Keeps track of your deployed resources, crucial for knowing what to change.
Installation:
Terraform is distributed as a single binary.
Download: Go to the official Terraform downloads page:
Extract: Unzip the downloaded package.
Add to PATH: Move the terraform executable to a directory that is in your system's PATH. Common locations include /usr/local/bin (macOS/Linux) or C:\Program Files\Terraform (Windows, then add to PATH manually).
Verification:
Open a new terminal/command prompt and verify the installation:
terraform --version
You should see output similar to Terraform v1.x.x
Create a Terraform Project
- Create a folder like C:\TerraformProjects\demo.
- For better organization, we'll use a few .tf files:
- main.tf: Defines the AWS provider and our primary EC2 instance.
- variables.tf: Declares input variables for our configuration.
- outputs.tf: Defines output values after creation.
# variables.tf
variable "region" {
description = "AWS region"
type = string
default = "eu-west-2"
}
variable "ami_id" {
description = "AMI ID for the EC2 instance"
default = "ami-09a2a0f7d2db8baca"
type = string
}
variable "instance_type" {
description = "Instance type for the EC2 instance"
type = string
default = "t2.micro"
}
main.tf (Define the EC2 Instance)
# main.tf
# Configure the AWS Provider
provider "aws" {
region = var.region # Uses the region from variables.tf
}
# Create the EC2 instance
resource "aws_instance" "my_instance" {
ami = var.ami_id
instance_type = var.instance_type
# User data to install a simple web server (Apache2 on Ubuntu)
user_data = <<-EOF
#!/bin/bash
sudo apt update -y
sudo apt install apache2 -y
sudo systemctl start apache2
sudo systemctl enable apache2
echo "<h1>Hello from Terraform deployed EC2!</h1>" | sudo tee /var/www/html/index.html
EOF
tags = {
Name = "terraform-example-web-server"
}
}
outputs.tf (Define output values)
# outputs.tf
output "instance_id" {
description = "The ID of the EC2 instance."
value = aws_instance.my_instance.id
}
output "web_server_public_ip" {
value = aws_instance.my_instance.public_ip
description = "The public IP address of the web server."
}
output "public_dns" {
description = "The public DNS name of the EC2 instance."
value = aws_instance.my_instance.public_dns
}
Initialize Terraform
terraform init
This command analyzes your configuration files, downloads the necessary AWS provider plugin, and sets up the working directory.
Plan the Infrastructure Changes
terraform plan
terraform will compare your configuration with the current state of your AWS account and show you a detailed execution plan. It will indicate what resources will be added, changed, or destroyed.
Apply the Changes
terraform apply
Terraform will then proceed to provision the EC2 instance and associated resources. This may take a few moments.
Create IAM User and Access Keys
To use AWS CLI, you need credentials:
Log in to AWS Console: Access the AWS Management Console with administrative privileges.
Go to IAM: Navigate to the IAM service.
Option 1: Create New User
Click "Add users" and provide a descriptive name. Crucially, select "Access key - Programmatic access" for the AWS access type.
Set Permissions: Grant necessary permissions. Best practice is to add the user to an IAM group with appropriate policies (e.g., AdministratorAccess for full access, or more specific policies for least privilege). Alternatively, attach policies directly.
Review and Create: Confirm the details and create the user.
Download Credentials: Immediately download the .csv file containing the "Access key ID" and "Secret access key." This is your only chance to retrieve the Secret Access Key.
If an IAM user already exists, you cannot retrieve their original "Secret Access Key" because AWS only shows it once during the initial creation for security reasons.
Option 2: Generate a New Access Key for the Existing User (Most Common Scenario)
This is the typical approach if you need programmatic access for an existing IAM user but don't have their current secret access key.
Log in to the AWS Management Console: Use your root account or an IAM user with sufficient permissions (e.g., iam:CreateAccessKey and iam:DeleteAccessKey on the target user, or AdministratorAccess).
Navigate to the IAM Service: Go to "IAM" in the console.
Find the User: Click "Users" in the left-hand navigation pane, then select the specific IAM user you want to configure.
Go to Security Credentials: On the user's details page, click on the "Security credentials" tab.
Create New Access Key:
Under "Access keys," you'll see a list of existing access keys for that user.
Click the "Create access key" button.
AWS will prompt you for the use case (e.g., Command Line Interface (CLI)). Select the appropriate option.
Important: You will be presented with a new "Access key ID" and "Secret access key." Download the .csv file or copy them immediately. This is the only time you'll see the Secret Access Key for this newly generated pair.
Note that an IAM user can have a maximum of two active access keys at any given time. If they already have two, you'll need to delete one of the existing ones before creating a new one.
Save Access Keys Copy or download the access key ID and secret access key.
Configure AWS CLI
Run the following command in your terminal:
aws configure
You'll be prompted to enter:
AWS Access Key ID
AWS Secret Access Key
Default region name (e.g., us-east-1)
Default output format (json, text, or table)
Test Your Setup
All AWS CLI commands follow a consistent pattern:
aws <service> <command> [options/parameters]
How to Get Help and Explore Commands:
aws help: Lists all available AWS services.
aws <service> help: Lists all commands for a specific service (e.g., aws s3 help).
Setting Up Terraform for AWS (Example: EC2 instance)
Prerequisites:
AWS Account: You need an active AWS account.
AWS CLI Configured: Ensure you have the AWS CLI installed and configured with an IAM user that has all required permissions.Terraform will use these credentials by default.
Preparing Your AWS Account (for EC2)
Before running Terraform, you must have an SSH Key Pair created in AWS.
Create an EC2 Key Pair (if you don't have one):
Using AWS Management Console:
Go to the EC2 Dashboard -> In the left navigation pane, under "Network & Security," click "Key Pairs." -> Click "Create key pair." -> Give it a name (e.g., my-ec2-key). This name must match the key_pair_name variable in variables.tf. -> Choose "pem" for the private key format. ->Click "Create key pair." You'll need it to SSH into the instance.
Using AWS CLI:
aws ec2 create-key-pair --key-name my-ec2-key --query 'KeyMaterial' --output text > my-ec2-key.pem
References
🧠 AI Assistance — Content and explanations are partially supported by ChatGPT, Microsoft Copilot, and GitLab Duo.
Top comments (0)