Powershell AWS Automation Management (2)

Source: Internet
Author: User
Tags unique id ssh access

Yesterday I learned the basics of preparation and successfully linked AWS with PowerShell. Take a look today at how to use PowerShell to manage AWS services.


Ec2,s3,vpc,security group,rds and so on. These early AWS services can be said to be his core skeleton, the goal of the beans is to finally use PowerShell to achieve a highly available blog, such as HTTP/ beanxyz.blog.51cto.com/5570417/1536312


Take a look at how to manage EC2 related services with PowerShell. EC2 is an AWS virtual machine service, when we manually create a virtual machine, we need to use a template (Ami file), need to configure the encrypted key pair, need to configure the security group, VPC (if not using the default), also need to configure the corresponding firewall port for the security group.


First of all, let's look at the number of related orders EC2, there are currently 207 altogether.

Get-command *ec2*-module Awspowershell | Measure


650) this.width=650; "src=" Http://s1.51cto.com/wyfs02/M02/83/6F/wKiom1dzbf2RSVZXAAB2_IEJ2WA099.png "style=" float: none; "title=" 1.PNG "alt=" Wkiom1dzbf2rsvzxaab2_iej2wa099.png "/>


To connect a EC2 virtual machine, we need to generate a PEM file, how to do it?

$Keypair =new-ec2keypair-keyname Mykeypair$keypair | gm


650) this.width=650; "src=" Http://s1.51cto.com/wyfs02/M00/83/6E/wKioL1dzbgiQi1A4AAGr4lKqOl0812.png "style=" float: none; "title=" 2.PNG "alt=" Wkiol1dzbgiqi1a4aagr4lkqol0812.png "/>

Check the private key.

$Keypair | Fl

650) this.width=650; "src=" Http://s1.51cto.com/wyfs02/M00/83/70/wKiom1dzbg_h1wm2AAKQqPlkVXg736.png "style=" float: none; "title=" 3.PNG "alt=" Wkiom1dzbg_h1wm2aakqqplkvxg736.png "/>


Export to Pem file

$Keypair. keymaterial | out-file-encoding ASCII Mykeypair.pem

Make sure you see what I've just created.

Get-ec2keypair

650) this.width=650; "src=" Http://s5.51cto.com/wyfs02/M01/83/6E/wKioL1dzbhbR_awdAADSO2e-Vp0676.png "style=" float: none; "title=" 4.PNG "alt=" Wkiol1dzbhbr_awdaadso2e-vp0676.png "/>



The next preparation involves creating a security group and configuring the associated firewall policy.


The security group was created as follows, I created it directly in the default classic, and if you need to create it in ec2-vpc, you need to specify the ID of the corresponding VPC.


#Create Security Group and Rulenew-ec2securitygroup-groupname mytestsecuritygroup-description "Ec2-classic from PowerShell "

To confirm that the creation was successful. You can see that the {} behind the inpermissions is empty, which indicates that we have not configured any inbound ports yet.

Get-ec2securitygroup-groupname Mytestsecuritygroup

650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M02/83/6E/wKioL1dzbiOgbrT5AAE63q05BHo812.png "style=" float: none; "title=" 5.PNG "alt=" Wkiol1dzbiogbrt5aae63q05bho812.png "/>

Sign in to the AWS management interface and verify that it is already created.


650) this.width=650; "src=" Http://s2.51cto.com/wyfs02/M01/83/70/wKiom1dzbinBNuxHAABpRsiLeqw964.png "style=" float: none; "title=" 6.PNG "alt=" Wkiom1dzbinbnuxhaabprsileqw964.png "/>


See below how to configure the corresponding port. Here I'm going to add two rules, one that allows SSH access, one that allows RDP access


$ip 1=new-object amazon.ec2.model.ippermission$ip1. Ipprotocol= "TCP" $ip 1. Fromport=22$ip1. toport= "1" $ip. Iprange= "0.0.0.0/0" $ip 2=new-object amazon.ec2.model.ippermission$ip2. Ipprotocol= "TCP" $ip 2. Fromport=3389$ip2. Toport=3389$ip2. Iprange.add ("0.0.0.0/0") grant-ec2securitygroupingress-groupname mytestsecuritygroup-ippermission @ ($ip 1, $ip 2)


After executing the command, the Refresh interface discovery has been updated

650) this.width=650; "src=" Http://s1.51cto.com/wyfs02/M02/83/6E/wKioL1dzbi6gSpRrAAAwow7v6bA553.png "style=" float: none; "title=" 7.PNG "alt=" Wkiol1dzbi6gsprraaawow7v6ba553.png "/>

If you want to undo the corresponding rule, you can do it through revoke.

Revoke-ec2securitygroupingress-groupname mytestsecuritygroup-ippermission @ ($ip 1, $ip 2)


Next look at the template file. An AMI file has a unique ID that can be called

650) this.width=650; "src=" Http://s4.51cto.com/wyfs02/M00/83/6F/wKioL1dzdXihdh3tAAA2qGjs5LE281.png "title=" 15.PNG "Style=" Float:none; "alt=" Wkiol1dzdxihdh3taaa2qgjs5le281.png "/>

If you know the ID, you can find the corresponding image.


Get-ec2image-imageid AMI-DC361EBF

650) this.width=650; "src=" Http://s1.51cto.com/wyfs02/M00/83/6F/wKioL1dzdXPw1OmVAAJrbubY0tU298.png "title=" 14.PNG "Style=" Float:none; "alt=" Wkiol1dzdxpw1omvaajrbuby0tu298.png "/>



However, this ID will be updated according to the version of the change, how to find according to our needs?


For example, you can filter by Amazon.EC2.Mode.Filter this object.

#Find an Imageget-ec2image-owner amazon,self$platform_values = New-object ' collections.generic.list[string] ' $ Platform_values.add ("Windows") $filter _platform = new-object amazon.ec2.model.filter-property @{name = "platform"; Values = $platform _values}get-ec2image-owner Amazon, Self-filter $filter _platform


650) this.width=650; "src=" Http://s4.51cto.com/wyfs02/M02/83/70/wKiom1dzbjSya3i5AAJMvzWjIws853.png "style=" float: none; "title=" 8.PNG "alt=" Wkiom1dzbjsya3i5aajmvzwjiws853.png "/>

If you query directly by name, the Windows system does not add parameters.

Get-ec2imagebyname

650) this.width=650; "src=" Http://s2.51cto.com/wyfs02/M02/83/70/wKiom1dzbj-A4GzFAAIRKGTvTos893.png "style=" float: none; "title=" 9.PNG "alt=" Wkiom1dzbj-a4gzfaairkgtvtos893.png "/>


Of course, you can also specify a specific name

Get-ec2imagebyname-name *ami*

650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M00/83/6E/wKioL1dzbkShm4gfAAHrf5usFg4471.png "style=" float: none; "title=" 10.PNG "alt=" Wkiol1dzbkshm4gfaahrf5usfg4471.png "/>


Finally, let's look at how the actual EC2 is created.


As with the GUI configuration, the command line specifies the private key keypair, security groups, templates, and virtual machine types on the line.

#Create EC2 instancenew-ec2instance-imageid ami-dc361ebf-mincount 1-maxcount 1-keyname mykeypair-securitygroup MyTest Securitygroup-instancetype T2.micro


650) this.width=650; "src=" Http://s1.51cto.com/wyfs02/M00/83/70/wKiom1dzbkrg6nZUAAEJD2bIaeU939.png "style=" float: none; "title=" 11.PNG "alt=" Wkiom1dzbkrg6nzuaaejd2biaeu939.png "/>

Filter by Reservationid to confirm

Get-ec2instance-filter (new-object amazon.ec2.model.filter-property @{name= "Reservation-id"; values= " r-069ce2e012d6adf7e "}) | Select-expandproperty instances

650) this.width=650; "src=" Http://s2.51cto.com/wyfs02/M00/83/70/wKiom1dzbk_C2izHAAI3hz_LKrU661.png "style=" float: none; "title=" 12.PNG "alt=" Wkiom1dzbk_c2izhaai3hz_lkru661.png "/>


Also confirm on the webpage, create successfully.

650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M01/83/6E/wKioL1dzblTTUdK_AACTcUyXLpQ114.png "style=" float: none; "title=" 13.PNG "alt=" Wkiol1dzblttudk_aactcuyxlpq114.png "/>

If you need to delete an instance, you can perform


Remove-ec2instance-instanceid i-0bb1bc83486b933b1



Such a basic EC2 operation is completed, tomorrow to see the relevant configuration of S3.

This article is from the "Mapo Tofu" blog, please be sure to keep this source http://beanxyz.blog.51cto.com/5570417/1794196

Powershell AWS Automation Management (2)

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.