 all these common lines stuff so initial talk was designed to talk about the Amazon CLI and Terraform at some point in time I realized how how complicated it is to talk only about Amazon CLI will take another few presentations so I said okay let's stop at CLI and next time we'll speak about the Terraform so it will be mostly a car crash course it will be what I encounter how I learned this is basically the progression so about quickly bought me and working standard chartered CDO DevOps lead economies by training and was certified so disclaimer just in case so all these source so sources for the course and everything will be later on on the github you can find it so moving so what is Amazon CLI so so basically Amazon CLI it's it's allow you to control Amazon API you can control instances and control almost all the environment as also Julian show as can be done in container services so it's a low-level more it's written in Python it's allowed to control all AWS most of the AWS services automate them through scripting as well and manage AWS resources in programmatic way so we'll show how it is done it's very easy to install control at the US resources through Amazon API only one dependency you have it's only Python basically if you have a Python you can run it so no complicated setup basically pretty straightforward if you have Amazon account you probably have AWS access key and this secret key so probably you will need to make sure you have rights for your account but if you're running as a root probably it should work so as a platform it's run everywhere so which run on Windows Linux Mac OS Unix dependency only on the Python run on the bottom Python 2 and Python 3 so actually Amazon CLI it's more or less they consider the components one is Amazon CLI and Amazon shell Amazon CLI probably most you can use programmatically Amazon shell is mostly for the GUI where it's very nice interface with all these fancy things colors and all the stuff which is coming in so we'll show later on so very quickly maybe most of you already familiar you need to have a Python check with the Python version it's compatible check on the big version as well because we use the P for installation again after installation we can check on AWS versioning so pretty straightforward just to show you how so this will be for example if I want to check my version I'm writing on 1.11 61 base basically like his version of Python 3.6 so this is usually how do you use installation pipe install upgrade advisable to use user so not to mix all the Python stuff so this will be our advisor and macOS you can use a view windows you can install 32 64 bit version as well it's already packaged nice feature that if you use a shell it's nice to use a completion everybody who's using bash completion nice tool people who familiar with the Z shell even more so so this can be done just add this I mean find out ways your AWS completer and add it to the dot bash or C file or dot Z are C file as well the computer comes with the installation yes once you install it it's part of it yeah so I mean in this case if you see it it's completed actually it was installed without a user yeah if it's installed with a user we will find it in the home dot local bin probably over there I mean don't try to use this key doesn't work so it's for demo so basically this is how you configure basically so the common AWS configure you need to have your access key and secret key you need to specify I mean this is most important part it's a access key secret key and nice to specify also the region because always we'll ask you after that so by default it adjacent if you don't specify it but you can specify table attacks as well so so this is quick installation so once one of the example we can use it for example let's describe our regions every time output is in format let's make it nice is in the JSON format so this is how you usually will see it nice tool to have with CLI is a JQ is basically a seat for Jason if you want really to play with it so it's really recommended case so what what is the syntax basically everything what you try to start is start with AWS comment after that depending on you if you want to run on the networking part or the EC2 you start AWS EC2 if you want to start no RDS you start AWS RDS so next we will show so most of the common ones we have a debug output depending on the type of output you want JSON text table query you can do additional filtering from our output you can specify as well the region if you can add additional few profiles so you can once you can configure you can additional profiles you can specify per profiles for example you have a multiple user using the same machine in different types of the day they can use their own profile so again it's possible so let's do a few quick examples let's see so basically for S3 if I want to see my S3 buckets how many buckets I have I just list them here so basically this is a buckets available there I think this is it's go without t-box so let's let's see for example how does it look in case if I want to output the table right so this will be a table output very nice if I wanted the clear text I will do text will give us a text by default if I don't do anything will go the JSON format so most useful for programmatic away will be the JSON still yeah if you want to just to see it it will be a table so debug it will give additional information a lot of additional information if you want so again filtering is very useful let's take a same comment very quickly and we want to see only for Asia-Pacific in this case we have all the regions we have only for Asia-Pacific it will filter us for example that's where the filtering is used so filtering is used what it's mean actually stake the name from the JSON and the value of everything which is started they be which is Asia-Pacific inside query even more nicer it can be combined let's see output of the query side ooh okay so this is how it show us basically it's a filter based on the region is give us only the region name you can combine them and output in the text this is more complete one so for the presentation everything what is running in presentation you can should be able to run as well okay this is that's what happened during presentations okay moving forward so if we want to create the first VPC so what I did in my EWS and my region I don't have any VPC I even deleted the default one now I have a default which was created so this is for Singapore so let's delete it meantime what we'll do we'll create a new VPC so very simple things the command is AWS to create VPC you just need to specify CIDR blocks for your network space so basically this is output what we have so we created a new VPC if we compare with a 557 with a VPC number we can quickly see in the VPC layer just refresh it and we see this number here so to speed up we can describe VPC again this is one comment for description of VPC we can do it again from the shell we can see the same data so again we can add additional attributes so I will not edit in this situation because we are limited with the time and we have one speaker so we'll go a little bit faster again we can describe VPC we can one difficulty if you try to use every time the command line purely use every time you need to remember for example to add this additional information that you may not have or may need to query separately basically copy paste it's very inconvenient sometimes and if you want to try to automate it's not very ideal so you need to keep some information as a variable something exported so again not advisable so let's let's say the copy paste is not an option let's try it programmatic way so very nice option the CLI it's show you it's give you a generate a skeleton output so let's see what it does in this case so in this case it doesn't it's it's basically some kind of dry run but it give you output what you would expect based on this generate skeleton on the output side you can now decide what variables do you want to use during the generation and input them as a shell variable and just let's take one example so we can output directly the variable so in this case we are interested in the VPC ID right because we can pass it directly to the next so if we take this example we need only VPC ID so basically what we get here this volume now we base we can create we can do the same in the JQ which is actually much more nicer I like JQ more than in build okay so let's I'll just give an example what output is more colorful which is if I do that it will give us the same VPC idea so I would prefer JQ because it's less typing if you compare the previous one you need to type more so I don't like typing so we're looking forward how do we can export as a variable so let's take example here so we create a shell variables which will contain this data so let's quickly try to run it and see what is happened okay now if I do an echo for this variable I should see my VPC ID which is basically just was created if I'm going to back I should have two VPCs one I created previously now I created now right now that I have a VPC I can move forward and create additional now I'm passing every time I just passing the variables without knowing so I can put basically a simple shell script and start passing all over so to speed up again so in this demo what we do we create few subnets to attach them for different availability zone you can consult a little bit later in the github I'll show you the address where you can see more complicated ones so again rooting table for subnet association we can do internet gateway again to attach and create the root for internet gateway so we'll not run it now this is I did some creativity so some security groups I created security groups with the different names CICD RDS ready is ape so I try to separate for each ELB elastic search to be as secure as possible now the one I try to attach to the security group for example if I try to open additional ports for example I need port 22 and port 80 right so I need to run multiple comments for each port but you have a option in one single comment but you run as a json and I will explain so this is our more complicated comment you will see how it looks it's not very user friendly we parse it in the json parser and basically what I'm doing I'm just running a json passing to the comment and I low json data clear who format okay so this is a simple json what I'm doing here opening port 22 for info this IP range 8080 if I want to run the J Jenkins or anything again I can pass as a parameter another security group okay so ports for RDS so again this is example how to open the ports for RDS for example I'm opening only port 336 only for one group for CICD another one will be application group this is just examples of tagging again is very straightforward once you create everything you create the tags so we can check environment variables so I create a short script we can take a look it's so we have currently only VPC environment over variables so in this script that basically query all environment variables that we have actually it's too big okay so this is just a query basically what I'm doing and every time I query something I put in the as environment variables inside the memory this is in the case if I'm running copy pasting right if you like to copy paste and you like to see only monitor things so this is a very useful so basically we try to describe everything what is here so just to load the environment variables so basically I'm loading this from this way so they will load into the memory so I did create a small shell script we'll run for it now I think depending on the speed of the network sometimes it takes time sometimes it takes so yeah basically squaring some environment variables that doesn't exist but this is known it's not an error so this is output so let's try to delete our VPCs and we create a new VPC all together okay so what we'll do now I created a script basically will try you just copy paste from the common line without much logic inside which will try to create entire environment will create VPCs subnets routing tables RDS redis and some EC2 instances plus all permissions just as for your idea to see how we let me see where is it first so it's AWS create environment we take a quick glance okay so so what did you see here basically if you take these comments and manually paste it in the shell it will work so what we'll do we'll just the run this comment AWS so and we'll see as well the output so it will run few minutes I will not stop here but ideally by the end of the day we should see complete environment we can go by including we can I include it as well the redis load balancer as well some instances with user data with complete updates and everything so basically everything in one script I'm not big fan actually on the CLI I think is some better tools around select terraform with a packer they can do better job much more easier CLI is still has its use cases I think I if you know the CLI to learn the terraform it's much more easier so I mean the screen is doing its works I hope it works I didn't test it today so if the skip is very simple it's absolutely plain text copy paste from the command line it's no no this is still I saw what what is interesting if you I'm exiting my shells shell I'm going back basically all information gone so I need to run another script which is go and describe every single instance is passes to them and if I have multiple is still be difficult I don't know which is the first one is showing the second one so that's why consistent is consistency is a difficult it's a tool which is very useful in this case would be to run the cloud formation as you run as a template so then it's really make sense terraform is give you additional flexibility to structure your code because cloud formation you dump everything in single file so this is very difficult to read if you want to modify something it's not it's more difficult to make it consistent in terraform you have you can structure your code in multiple files and if you need any update so again it will work so if you can see just latest update I have here already I already have all my environment up running and let's see my VPCs subnets Internet recruiting I quickly check my RDS as well and elastic cash just to make sure it's up running yeah I have one instance amazing is still creating and elastic cash let me see what is there ma'am cash I should have no I don't I really yes correct yeah it's still there awesome now I have a chance to feel proud of myself so on EC2 we should see security groups yeah there this we are just created load balancer I hope is there yes is there so even with DS3 for logs as well we have a target groups and I use load balancer version 2 in this case so I think we still don't have instances yeah okay not everything is perfect so again if I want to delete it because I already have them in environment variables I can delete it straightforward so I just need to invoke AWS tell environment it will take another 10 minutes as so presentation basically this is a web based presentation if you can see URL so you can find will be there the source again so we have some more information on more visual PDF so if you go to github you can file all the scripts which is some of them as I reference it would be useful so any questions quick ones I think we have yeah cloud formation is a template you from the beginning you need to set up every single part in the template you run it completely it will dump into the basically it's mostly the same you can do it but here you have a more granular control and it's not you can use basically the both so I don't see the much difference depending on how you like it if you like shell scripts but the consistency will be much more better in the in the template to run the big difference is that transformation you just described to stop at your launch it and then with with the CLI you have to monitor and control it basically what what we are using it for is just that when you have a waterfall between ELBs API gateways EC2 instances and and and rapidly tree zones at one point you say someone of you guys in the company says oh this domain is not working like who's involved with that so you run your set of CLI tools to say okay this domain name points of this load balancer that points with this auto scaling group that contains these five instances so if you like the picture back yeah basically so I didn't invest much time in the cloud formation so I still like more terraform so it's my preference so but it's again if you want to learn the terraform properly or even confirmation would be good start to good start with the CLI because you go deep enough to understand how the confirmation works so it's more work with celli absolutely so okay thank you