AWS Fundamentals: IAM, GitHub, and AWS CLI

Table of Contents

  1. AWS Fundamentals: Create an Account, Billing Alarm, and Budgets

  2. AWS Fundamentals: IAM user, GitHub, and AWS CLI

Introduction

In this article, we will create an Admin user in AWS. We will also install the AWS CLI to create AWS Billing Alarms and Budgets.

You can do many things with the AWS CLI, but I want to start with something to get a simple understanding of it.

We will use gitpod to install the AWS CLI to make it accessible for everyone following along.

Create a new Admin user

Create a new user in the IAM Users Console by searching IAM or going to https://us-east-1.console.aws.amazon.com/iamv2/home?region=us-east-1#/users

Click Add users

In step 1, Enable AWS Management Console access, choose I want to create an IAM user, choose your password preferences, then click Next.

Step 2 is used to set the user’s permissions. We want to add the user to an Administrator group.

If you don’t have a group, create one by clicking Create group.

  • Give the group a name, such as Admin and check AdministratorAccess

  • Click Create user group at the bottom.

Check the Admin group you want to add the user to.

Click Next, then Create User.

Create IAM User Access Key

Click the user name of the IAM user, then click the Security Credentials tab.

Now click Create Access Key.

Choose Command Line Interface (CLI) then click Next.

Click Create access key

This will give you an access key and a secret access key. Keep these in a safe place.

Create a GitHub Account

We will use GitHub to store our code. Visit GitHub to create a new account.

GitHub: Let's build from here
*GitHub is where over 100 million developers shape the future of software, together. Contribute to the open source…*github.com

At the top right, click the plus icon. Then click New Repository

Give the repository a name and set the visibility

Click Create Repository

Create a Gitpod account

Gitpod gives you an online dev environment. You will run our code here. You can also follow along on your personal computer as well just skip this part.

Sign up for a free Gitpod account here:

Gitpod: Always ready to code.
*Select project, check dependencies, checkout branch, view readme.txt, install tools, run build, run test, check…*www.gitpod.io

It may ask you what editor you want to use if you haven’t chosen a default. We will be using Visual Studio Code.

Download the chrome extension for Gitpod.

Gitpod - Always ready to code
*Spin up fresh, automated dev environments for each task, in the cloud, in seconds.*chrome.google.com

Go back to your Github repository and reload the page. You should now see a green Gitpod button.

Click Gitpod and you should see the following screen

Click Continue with Github

It may ask you what editor you want to use if you haven’t chosen a default. We will be using Visual Studio Code.

You should now have an environment with VS Code similar to the following.

Install the AWS CLI

We will use the Linux instructions for installing the CLI, but you may refer to your operating system’s instructions in the AWS CLI documentation.

Installing or updating the latest version of the AWS CLI
*This topic describes how to install or update the latest release of the AWS Command Line Interface (AWS CLI) on…*docs.aws.amazon.com

Download the AWS CLI

curl "https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip" -o "awscliv2.zip"

Unzip the CLI tool

unzip awscliv2.zip

Install the AWS CLI.

sudo ./aws/install

Check the AWS version installed

aws --version

Set AWS environment variables

Now we can use the keys we created earlier and set them to environment variables so that we may work with the AWS CLI.

gp env AWS_ACCESS_KEY_ID="AKIAIOSFODNN7EXAMPLE"
gp env AWS_SECRET_ACCESS_KEY="wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY"
gp env AWS_DEFAULT_REGION=us-east-1

You can verify that env are saved within gitpod by going here: https://gitpod.io/user/variables

Check that we are getting the expected user with the following command:

aws sts get-caller-identity

We can also save our AWS account id to the gitpod environment variables

gp env AWS_ACCOUNT_ID=$(aws sts get-caller-identity --query Account --output text)

Create a Billing Alarm (via the CLI)

Refer to the AWS CLI docs to create a SNS Topic by running this command in the terminal

aws sns create-topic --name example-billing-alarm

create-topic - AWS CLI 1.27.79 Command Reference
*Creates a topic to which notifications can be published. Users can create at most 100,000 standard topics (at most…*docs.aws.amazon.com

This will give you a topic arn to use in the next command

Refer to the AWS CLI docs to subscribe to a topic using the topic arn from the previous command’s output.

aws sns subscribe \
--topic-arn arn:aws:sns:us-east-2:123456789012:example-billing-alarm \
--protocol email \
--notification-endpoint my-email@example.com

subscribe - AWS CLI 2.10.3 Command Reference
*Subscribes an endpoint to an Amazon SNS topic. If the endpoint type is HTTP/S or email, or if the endpoint and the…*awscli.amazonaws.com

Verify the alarm was created in the AWS Console:

https://us-east-1.console.aws.amazon.com/cloudwatch/home?region=us-east-1#alarmsV2

It may take a few minutes before the alarm is created.

Create an AWS budget (via the CLI)

Create folders aws and json, and go to the json folder using the following command in the terminal

mkdir -p aws/json && cd aws/json

Go to the AWS CLI create budget documentation: https://awscli.amazonaws.com/v2/documentation/api/latest/reference/budgets/create-budget.html#examples

Copy the budget.json and notifications-with-subscribers.json examples into the json folder.

To create a new file you may click the New File… button.

Run this command in your terminal to create the budget

aws budgets create-budget \
--account-id $AWS_ACCOUNT_ID \
--budget file://aws/json/budget.json \
--notifications-with-subscribers file://aws/json/notifications-with-subscribers.json

Verify your budget was created in the AWS console:

https://us-east-1.console.aws.amazon.com/billing/home#/budgets/overview

Congratulations on creating a new IAM user, Github, and Gitpod account. You are now familiar with the AWS CLI, which we will use more in the future.

0
Subscribe to my newsletter

Read articles from Christopher Coffee directly inside your inbox. Subscribe to the newsletter, and don't miss out.

Written by

Christopher Coffee
Christopher Coffee

Documenting things I'm learning.