AWS CLI (Contd…)
Activity 1: Lets create a shell script to use aws cli to create rds mysql instance
- Steps:
- We need a security group
- We need a db subnet group
default or create one
- We need to create a free tier eligble db instance
- instance class
db.t2.micro
- storage size 20GB
- Creating security group
- command line
#!/bin/bash
aws ec2 create-security-group \
--description "rds mysql security group" \
--group-name "mysqlsg" \
--vpc-id "vpc-0263a09e73d00080c"\
--tag-specifications "ResourceType=security-group,Tags=[{Key=Name,Value=mysqlsg}]"
# {
# "GroupId": "sg-08bcb448f727c9e96",
# "Tags": [
# {
# "Key": "Name",
# "Value": "mysqlsg"
# }
# ]
# }
### Add 3306 open rule to every one
aws ec2 authorize-security-group-ingress \
--group-id sg-08bcb448f727c9e96 \
--protocol tcp \
--port 3306 \
--cidr 0.0.0.0/0
# {
# "Return": true,
# "SecurityGroupRules": [
# {
# "SecurityGroupRuleId": "sgr-0c0e32b5788018104",
# "GroupId": "sg-08bcb448f727c9e96",
# "GroupOwnerId": "678879106782",
# "IsEgress": false,
# "IpProtocol": "tcp",
# "FromPort": 3306,
# "ToPort": 3306,
# "CidrIpv4": "0.0.0.0/0"
# }
# ]
# }
# Create a mysql rds instance
aws rds create-db-instance \
--db-name 'employees' \
--db-instance-identifier 'qtemployeesdbinst' \
--allocated-storage 20 \
--db-instance-class "db.t2.micro" \
--engine "mysql" \
--master-username "root" \
--master-user-password "rootroot" \
--backup-retention-period 0 \
--no-multi-az \
--no-auto-minor-version-upgrade \
--publicly-accessible \
--vpc-security-group-ids "sg-08bcb448f727c9e96"
# {
# "DBInstance": {
# "DBInstanceIdentifier": "qtemployeesdbinst",
# "DBInstanceClass": "db.t2.micro",
# "Engine": "mysql",
# "DBInstanceStatus": "creating",
# "MasterUsername": "root",
# "DBName": "employees",
# "AllocatedStorage": 20,
# "PreferredBackupWindow": "21:33-22:03",
# "BackupRetentionPeriod": 0,
# "DBSecurityGroups": [],
# "VpcSecurityGroups": [
# {
# "VpcSecurityGroupId": "sg-08bcb448f727c9e96",
# "Status": "active"
# }
# ],
# "DBParameterGroups": [
# {
# "DBParameterGroupName": "default.mysql8.0",
# "ParameterApplyStatus": "in-sync"
- Write a script to create a security group and then lets make it reusable
- We have made the script partially reusable
#!/bin/bash
VPC_ID=$(aws ec2 describe-vpcs --filters "Name=is-default,Values=true" --query "Vpcs[0].VpcId" --output text)
echo "Found default vpc with id ${VPC_ID}"
SG_ID=$(aws ec2 create-security-group \
--description "rds mysql security group" \
--group-name "mysqlsg" \
--vpc-id ${VPC_ID}\
--tag-specifications "ResourceType=security-group,Tags=[{Key=Name,Value=mysqlsg}]" \
--query "GroupId" \
--output text)
echo "Created security group with id ${SG_ID}"
### Add 3306 open rule to every one
OUTPUT=$(aws ec2 authorize-security-group-ingress \
--group-id ${SG_ID} \
--protocol tcp \
--port 3306 \
--cidr 0.0.0.0/0)
Like this:
Like Loading...
