How to automate AWS EC2 stop/start using aws cli?
Objective of this post is to develop a simple controlling script which can use the AWS CLI commands for start-instances, describe-instances, stop-instances and adding bash scripting logic to it. First we start experiment with each aws ec2 command, then we can proceed by collecting those successful commands to form a automation script. Let's explore now.
How to automate AWS EC2 instance using aws-cli |
How to start an AWS EC2 instance "start-instances" command
To start the aws instance you need to pass the instance-id as argument. Following is the command example.
aws ec2 start-instances --instance-id i-instancenumberPlease change to your instance-id value replace the instancenumber with yours.
Execution output looks like this:
aws ec2 start-instances execution initially in pending state |
aws ec2 stop-instances command
To stop the AWS EC2 Instance you need to pass the instance-id as a argument. Following is the command example.
The describe-instances-status subcommand will show the InstanceState, InstanceStatus and also SystemStatus. We can pick any of these as per the automation needs.
Describing instance status specific to InstanceState which can be extracted as Name value and here trick is use the --output to TEXT format.
Once you get the INSTANCE_IP that is Public IP we can connect with ssh command as shown below:
and option
How to modify the security group for running EC2 instance?
aws ec2 stop-instances --instance-id i-instancenumberPlease change to your instance-id value replace the instancenumber with yours.
EXECUTION
aws ec2 stop-instances |
Describe instance status
aws ec2 describe-instances-status --instance-id i-instancenumberPlease change to your instance-id value replace the instancenumber with yours.
Describing instance status specific to InstanceState which can be extracted as Name value and here trick is use the --output to TEXT format.
aws ec2 describe-instance-status --instance-id i-instancenumber \ --query 'InstanceStatuses[*].InstanceState.Name' --output textThis output is nicely choped to test wheather an instance is in 'running', 'stopped', or 'pending' state. Using this we can decide how to proceed next, if it is running we can move to the logic where stop the instance works. otherwise nothing [] is status then we can proceed to start instance logic.
Execution outputs as follows:
aws ec2 describe-instance-status execution output |
How to get the EC2 Instance Public IP address?
The describe-instances subcommand will help us to retrieve all details of instances. So we use this subcommand to pick Private or Public IP Address of given EC2 instance. You need to provide the instanceid to fetch the EC2 instance public IP Address.
aws ec2 describe-instances --instance-id i-instancenumber \ --query "Reservation[*].PublicIpAddress" --output textResults the Public IP Address of given ec2 instance
Using we can prepare nice shell script to automate the instance start and stop and checking the status.
Thanks to SURABH GUPTHA blog post.
Once you get the INSTANCE_IP that is Public IP we can connect with ssh command as shown below:
ssh -o "StrictHostKeyChecking=no" -i aws-key.pem centos@$INSTANCE_IPHere option -i is used for identity file
and option
-o "StrickHostKeyChecking=no" indicates do not prompt for the SSH finger print value entry. You can understand without given this option see use of this.
running automation script output looks like this. |
How to modify the security group for running EC2 instance?
There was a problem when I've ran the aws ec2 run command instance was created and able to see it is in Running state. But unfortunately the ssh connectivity failing with the error message "Port 22 refused connection". Here the solution could be the proper security group must be associated with the EC2 instance.
AWS CLI command to modify the security group which is already existing in my other EC2 instance that is Running state and connectivity also normal, from the AWS Console we can get the seurity-group id from the normal instance (node1) can be used in the Issue instance (node2). Two inputs required here node2 instance-id and node1 security group id.
aws ec2 modify-instance-attribute --instance-id i-instanacenumber --groups sg-securitygroupidExample screenshot of execution:
AWS CLI to modify attribute for running EC2 isntance |
Troubleshoot AWS-CLI connect issues
Issue : Provide region_name 'us-east-1' doesn't match a supported format - though you entered region at the time of `aws configure`
Solution: You first observe your configured file that usually stored in the path ~/aws/config file in JSON format. Here I've found that junk char before the region value entry. Seen in the following screenshot.
junk char in region value in ~/.aws/config file |
Removed the junk char before the region value resolved this issue.
Issue : An error occurred (MissingParameter) when calling the aws-cli-SUBCOMMAND operation: The request must contain the parameter AWSAcessKeyId
Solution: As per the error message it is clear that MissingParameter that is AWSAcessKeyId. open the credentials file from ~/.aws folder using vs-code. It will show the if any junk chars included into the AWSAcessKeyId value.
Strange char in ~/.aws/Credentails file |
This junk entries happens when you us mouse on the browser and copy paste while executing `aws configure` command. In my case I found this with vs-code red colored for junk chars, removed then the issue resolved and able to run the aws-cli command successfully.
No comments:
Post a Comment