CONTACT US
en_US EN
en_US EN tr_TR TR

Accessing AWS Services from Your Local Computer with Python and Quickly Creating New Services

Çağdaş Yılmaz

,

Amazon Web Services (AWS) is a platform that enables businesses and developers to utilize various services in the cloud. Accessing AWS accounts with Python allows you to manage and use these services from your local computer. In this article, you will learn how to access AWS accounts using Python.

"There are some advantages and disadvantages to accessing AWS accounts from your local computer using Python or another programming language compared to accessing through the 'AWS Management Console':

Advantages
  • Automation and Programmability: Access by code enables automating and customizing processes.
  • Quick Access and Fast Response: Offers fast processing and response times.
  • Customization and Flexibility: Allows you to develop special solutions to suit your needs.
  • Bulk Operations and Backup: Offers the ability to manage multiple resources in bulk.

Disadvantages
  • Code Writing and Maintenance Time: Code requires writing and updating.
  • Security and Monitoring: Security and monitoring measures depend on the user.
  • Bugs and Problems: You need to use your own code to fix bugs and problems.
  • Learning Curve: Requires learning AWS services and programming.

Requirements to access AWS services from my local computer:

  • Installing Python
  • Installing boto3 module
  • Creating an AWS account
  • Creating users
  • Map AWS Account to Local Computer

Python Installation

Python version 3.11.0 was used in this project. To install Python, you must go to this address and make the necessary installations.

Installing boto3 module

Boto3 is a Python SDK used for developing AWS applications with Python. To install the 'boto3' module, first ensure that the 'pip' package manager is installed on your computer. You can check if the pip package is installed by running the following code in the terminal

pip --version

If the pip package is not installed on your computer, you can download and install it from this address. If 'pip' is already installed, you can install the boto3 module using the following code:

pip install boto3

Creating an AWS account

To create a new account on AWS, you first need to go to the AWS homepage from this address. On the homepage, start the account creation process by clicking on options like “Create an AWS Account” or “Create a new AWS account”.

Creating users

To create a new user in AWS, you must use the AWS Identity and Access Management (IAM) service. To access the IAM service, go to the AWS management console, click on the “Services” tab, and then find and click on the “IAM” option.

Figure-1: Shows how to open the AWS Identity and Access Management (IAM) console page.

After opening the Identity and Access Management console, you will need to click on the “Users” tab located on the left side. Then, after clicking on the “Users” tab, you can press the “Create User” button to add a new user.

Figure-2: Shows how to create a new user in AWS.

After clicking the "Create User" button, you will need to enter the "User name" information. You can then determine the user's access permissions. If you have previously created a "User Group," you can add the user to this group. If you are not going to add the user to a group, you can choose the "Attach policies directly" option to assign permissions directly. After granting permissions, you can press the "Create User" button to create the new user.

Figure-3: Shows how to grant new permissions to the user created in AWS.

Map AWS Account to Local Computer

Providing access to AWS accounts on our local computers is crucial for managing cloud infrastructure and integrating AWS services into our local applications. AWS offers the possibility of programmatic access to its users, allowing code developers and system administrators to access AWS services through programming languages such as Python. The foundation of this access is formed by credentials like "Access key" and "Secret access key." In this article, we will learn how to store these credentials on your local computer and how to securely access AWS accounts.

To obtain "Access key" and "Secret access key" information, you must use the IAM (Identity and Access Management) service. To access the IAM console, log in to the AWS management console and click on the "Users" tab on the left side. Then, you should click on the user you created. After clicking on the user, you should go to the "Security credentials" tab on the opened page.

Figure 4: The tab that needs to be opened first to obtain the 'Access keys' and 'Secret access key' information of the user created in AWS is shown.

After clicking on the "Security credentials" tab, you need to click on the "Create access key" button located in the "Access keys" section, which is found a little further down on the same page.

Figure-5: The button that needs to be clicked to get 'Access keys' and 'Secret access key' information is shown.

After clicking the 'Create access key' button, you will be asked to choose a usage example, and at this point, you should select the 'Local code' option. Then, you will need to click the 'Next' and 'Create access key' buttons.

Figure-6: The purpose of using 'Access keys' and 'Secret access key' information is being selected. In this blog post, the 'Local code' option has been chosen as we will access AWS services from our local computer.

After clicking the 'Create access key' button, you can access the 'Secret access key' and 'Access keys' information from the places shown in the image below.

Figure-7: 'Access keys' and 'Secret access key' information and where to access this information are shown.

After receiving the 'Access keys' and 'Secret access key' information, you will need to enter these details into your local computer. If you are using Ubuntu, you should add this information to the '~/.aws/credentials' file. If you are using Windows, you should insert this information into the 'C:\Users\\.aws\credentials' file.

[default]
aws_access_key_id = YOUR_ACCESS_KEY
aws_secret_access_key = YOUR_SECRET_KEY

If you are not using the "us-east-1" (N. Virginia) AWS region in your project, and you are using Ubuntu, you need to add this regional preference to the "~/.aws/config" file. If you are using Windows, then it should be added to the "C:\Users.aws\config" file.

[default]
region=eu-central-1
output=json

Examples of Accessing AWS Services with Python

1-) AWS S3 Buckets Listing Code:

import boto3

# Boto3 S3 istemcisini oluşturun
s3 = boto3.client('s3')

# S3 kovalarını listeleyin
response = s3.list_buckets()

# Kovaları ekrana yazdırın
print("S3 Kovaları:")
for bucket in response['Buckets']:
    print(f"- {bucket['Name']}")

2-) Creating an Ec2 Instance

import boto3

# Boto3 EC2 istemcisini oluşturun
ec2 = boto3.client('ec2')

# EC2 örneği oluşturma isteği
response = ec2.run_instances(
    ImageId='AMI_ID',             # AMI kimliğini belirtin
    InstanceType='t2.micro',      # EC2 örneği türünü seçin (t2.micro örneği burada örnek olarak verilmiştir)
    MinCount=1,
    MaxCount=1,
    KeyName='YOUR_KEY_PAIR_NAME',  # Kullanacağınız SSH anahtar çiftinin adını belirtin
    SubnetId='subnet-0e463a80879202dff',  # SubnetId bilgisini girin
    SecurityGroupIds=['sg-065ed36e35c199e6c'] # kullanılan Security Group'un id bilgisi
)

# Oluşturulan EC2 örneği bilgilerini alın
instance_id = response['Instances'][0]['InstanceId']
public_ip = response['Instances'][0]['PublicIpAddress']

print(f"EC2 örneği oluşturuldu. Örnek Kimliği: {instance_id}, Genel IP: {public_ip}")

To check if the EC2 instance is running, go to the EC2 Management Console and click on the “Instances (running)” button found in the “Resources” section.

Figure-8: The 'Instances (running)' button that needs to be clicked to view the created EC2 instances is shown.

After clicking the “Instances (running)” button, you can see the instances that are currently running. When we press the box next to the running instances, you can also access more detailed information about that instance. (Public IP, Instance ID, Public IPv4 DNS, etc.)

Şekil-9: Şekil-9: Oluşturulan EC2 servisinin detaylı bilgilerine nasıl erişileceği gösterilmektedir.

NOT: aşağıdaki kod ile sizin için uygun olan “SubnetId” bilgilerini listeleyebilirsiniz.

import boto3

ec2 = boto3.client('ec2')

# Subnetleri listele
response = ec2.describe_subnets()

# SubnetId'leri ekrana yazdır
for subnet in response['Subnets']:
    print("SubnetId:", subnet['SubnetId'])

NOTE: To learn the information of SecurityGroupIds, after logging into the AWS Management Console, click on the “EC2” tab from the menu on the left. Then, in the menu on the left under “Network & Security,” click on the “Security Groups” option to view your security groups. Here, you can click on the name of a security group to see its identity information (“Group ID” or “Group Identity”) and other details. In this way, you can easily learn the identity information of your security groups. If you want to create a new “Security Group,” you can do so by clicking the “Create security group” button.

3-) Stopping the Ec2 Instance

import boto3

# EC2 istemcisini oluştur
ec2_client = boto3.client('ec2')

# Duraklatmak istediğiniz EC2 örneğinin kimliği
instance_id = 'YOUR_INSTANCE_ID'

# EC2 örneği durdurma işlemi
response = ec2_client.stop_instances(InstanceIds=[instance_id])

# Yanıtı kontrol etme
if response['ResponseMetadata']['HTTPStatusCode'] == 200:
    print(f"EC2 örneği {instance_id} başarıyla durduruldu.")
else:
    print(f"EC2 örneği {instance_id} durdurulurken bir hata oluştu.")

In this code example, the "instance id" is the same as the "instance id" that is printed during the creation of the Ec2 instance.

4-) Starting the Ec2 Instance

import boto3

# EC2 istemcisini oluştur (kimlik bilgileri ve bölge otomatik olarak alınır)
ec2_client = boto3.client('ec2')

# Başlatmak istediğiniz EC2 örneğinin kimliği
instance_id = 'YOUR_INSTANCE_ID'

# EC2 örneği başlatma işlemi
response = ec2_client.start_instances(InstanceIds=[instance_id])

# Yanıtı kontrol etme
if response['ResponseMetadata']['HTTPStatusCode'] == 200:
    print(f"EC2 örneği {instance_id} başarıyla başlatıldı.")
else:
    print(f"EC2 örneği {instance_id} başlatılırken bir hata oluştu.")

You can restart EC2 instances that you previously stopped with the code above. 

5-) Terminating the Ec2 Instance

import boto3

# EC2 istemcisini oluştur
ec2_client = boto3.client('ec2')

# Terminate etmek istediğiniz EC2 örneğinin kimliği
instance_id = 'YOUR_INSTANCE_ID'

# EC2 örneği terminate işlemi
response = ec2_client.terminate_instances(InstanceIds=[instance_id])

# Yanıtı kontrol etme
if response['ResponseMetadata']['HTTPStatusCode'] == 200:
    print(f"EC2 örneği {instance_id} başarıyla terminate edildi.")
else:
    print(f"EC2 örneği {instance_id} terminate edilirken bir hata oluştu.")

Stopping an AWS EC2 instance temporarily shuts down the instance, but retains the data and configurations, allowing it to be restarted later. On the other hand, the Termination process permanently deletes all data.

Connecting to an EC2 Instance with SSH

To connect to an EC2 instance using SSH, a 'Key Pair' is required. To create a Key Pair, first go to the 'EC2 Management Console'. Then, click on the 'Key Pairs' tab located under 'Network & Security' in the menu on the left. On the page that opens, you can start creating the Key Pair by clicking the 'Create Key Pair' button.

If you have created the key pair, you can make an SSH connection with the following command:

ssh -i /path/to/your-key.pem ec2-user@your-instance-public-ip

Conclusion

In this blog post, we explored how to securely access AWS services from your local computer. We took a step-by-step look at how you can utilize AWS's powerful features and services through the Python language and the boto3 library. These methods, which save time and resources for developers and system administrators, enable you to fully benefit from the power of cloud computing. We hope that this content has been a guide for you in more effectively using AWS.

Çağdaş Yılmaz
cagdas.yilmaz@golive.com.tr