Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Connecting to EKS running in the private subnet of AWS VPC from your DevBox.
Follow Connecting to AWS guide.
Go to Amazon Elastic Kubernetes Service > Clusters.
Go to your DevBox and install awscli:
Download the kubectl binaries:
Install kubectl:
Check if the cluster is accessible:
Go to Amazon Elastic Kubernetes Service > Clusters > Add cluster > Create.
Enter the name of the cluster and assign a Cluster service role which has AmazonEKSClusterPolicy permission. If no role is present, create a new one with the same permission.
Click on Next. In the Networking section, choose the VPC where your bastion host is deployed and assign 2 private subnets. In Cluster endpoint access, select Private.
Configure other configurations as required and then create the cluster. After creating the cluster, go to the compute section and under Node groups click on Add node group.
Enter the name of the node group and assign a node IAM role with AmazonEC2ContainerRegistryReadOnly, AmazonEKS_CNI_Policy and AmazonEKSWorkerNodePolicy permissions. If no role is present, create a new one with the same permissions.
Configure other configurations as required and create the nodes.
Go to your DevBox and install awscli:
Download kubectl binaries:
Install kubectl:
Click on your AWS username at the top right corner and go to Security credentials. In the Access keys section, click on Create access key. Create the key and save the CSV file.
In your DevBox, use the csv credentials to configure the awscli to your account:
Check if the cluster is accessible:
``` kubectl get svc
Connecting to EC2 running in the private subnet of AWS VPC from your DevBox.
Follow the Connecting to AWS guide.
Go to Amazon EC2 > Instances > Your Instance.
Click on Connect. You will see the commands for accessing it.
Go to DevBox and make a copy of the key pair.
Connect to EC2 machine:
Follow the Connecting to AWS guide.
Go to Amazon EC2 > Instances > Launch Instances.
Enter the name of the instance.
Use one of the supported linux distros.
Choose the Instance type.
Create a new key pair and save it.
In the Network settings, click on edit and choose the VPC where your bastion host is running, the private subnet and the security group which allows inbound access to VPC.
Go to the DevBox and make a copy of the key pair.
Connect to the desired EC2 instance using ssh and the new key pair:
Connecting to DocumentDB running in the private subnet of AWS VPC from your DevBox.
Go to Amazon DocumentDB > Clusters > Your Cluster.
Select Connectivity & Security. You will see the commands and DocumentDB hostname for accessing it.
In your DevBox, import the MongoDB public GPG key:
Add MongoDB package repository source:
Reload local package database:
Install MongoDB:
Download the certificate:
Connect to the database:
where the cluster endpoint will be available in Connectivity & Security section.
Go to Amazon DocumentDB > Create Cluster.
Select Instance Based Cluster.
In the Configuration section choose Instance Class, number of instances for your cluster.
Set Username and Password.
Turn on Show advanced settings.
In the Network settings , choose the VPC where your bastion host is running, subnet group and assign a security group which has inbound access to only VPC.
Click Create cluster.
In your DevBox, import the MongoDB public GPG key:
Add MongoDB package repository source:
Reload local package database:
Install MongoDB:
Download the certificate:
Connect to the database:
where the cluster endpoint will be available in Connectivity & Security section.
Create a new cluster or start with an existing one. Note: you can only register external nodes after the cluster has been created.
Visit Your Cluster > Infrastructure > Container Instances.
Click on "Register external instances".
In the popup, confirm the settings and click on "Generate registration command".
Copy the command for Linux. You will need it later.
In your DevZero box, download the installation script for ECS Anywhere:
Make sure the the downloaded script has the correct permissions:
Run the installation script with the parameters from the command in step #5:
Note: the installation script will also install Docker.
The new instance should now be visible in the ECS console under Your Cluster > Infrastructure > Container instances as "External" instance type.
If you want to add volumes to your services/tasks:
Go to your Task definition.
Scroll down to the "Storage" section.
Click on the "Add volume" button.
Enter the volume name.
In "Configuration type", select "Configure at task definition creation".
Choose "Docker volume" in the "Volume type" section.
Under "Driver" enter "local" and select "Task" as Scope.
Create a new container mount point: Select the container in question, the source volume and enter a mount path.
The new volume should now be available after your task has been created:
If you select "Configure at deployment" in your task definition, you might not be able to deploy it to the external instance type, because this configuration only supports Amazon EBS, which is not available with external instances.
When running tasks/services you should now be able to select "External" launch type in order to run them on your DevBoxes.
Go to AWS Console > IAM > Users > Create user.
Add the following permissions to the user: AmazonS3FullAccess.
After you obtained the credentials, log into the AWS CLI by running:
Update your S3 access policy to allow access to the new user.
Verify you can query the S3 bucket:
Go to VPC > Endpoints > Create Endpoint.
Enter a name then select "AWS Services" as your Service category.
In the "Services" search bar type "S3" and select the suggested service (Interface).
Under VPC, select your EC2 "relay" VPC.
Select the desired subnets.
Select the desired security groups. Make sure that you allow inbound/outbound access to/from your EC2 instance.
Specify custom VPC endpoint policies, if required.
Click on "Create endpoint" to proceed.
Set your S3 Bucket policy as follows:
Running the following in your DevBox terminal:
Will result in:
Running the same command with a custom endpoint should result in no errors however:
Schedule ECS tasks locally using ecs-cli
Go to AWS Console > IAM > Users > Create user.
Add the following permissions to the user: AmazonECS_FullAccess.
Obtain the credentials under Users > id > Security credentials > Access keys > Create access key.
Install the ECS CLI:
Set the correct permissions:
Configure the default profile:
Configure the default cluster:
Download a task definition:
Bring up the containers:
Connecting to an RDS running in the private subnet of AWS VPC to your DevBox.
Go to RDS > DB Instances > DB Name.
Select Connectivity and Security.
Copy Endpoint.
Go to DevBox.
Connecting to the Database.
Run the following commands as per the RDS Database Engine:
To install the mysql client cli:
To access the database:
To install the psql client cli:
To access the database:
Go to RDS > DB Instances.
Select Standard Create.
Choose the Available Versions of the Database.
Choose the Templates based on your use-case. It could be Production or Dev/Test.
Scroll Down to the Settings and specify your Database Name.
Choose Cluster Storage Configuration and DB Instance Class.
Go to Connectivity > VPC.
Choose your VPC , DB Subnet Group and Security Group. Make sure the specified Security Group allows inbound db connections.
Click on Create Database.
You will see two endpoints. Copy Writer Type Endpoint.
Go to the Secrets Manager.
Click on Retrieve Secret Value. This secret is storing your Database Username and Password.
Go to DevBox.
Connecting to the Database:
psql -h <RDS Endpoint> --username <Username> -d <Database Name> --password
Go to AWS Console > IAM > Users > Create user.
Add the following permissions to the user: AmazonSQSFullAccess.
After you obtained the credentials, log into the AWS CLI by running:
Update your SQS access policy to allow access to the new user.
Send a test message to the queue:
Verify you can recieve the messages:
Go to VPC > Endpoints > Create Endpoint.
Enter a name then select "AWS Services" as your Service category.
In the "Services" search bar type "SQS" and select the suggested service.
Under VPC, select your EC2 "relay" VPC.
Select the desired subnets.
Select the desired security groups. Make sure that you allow inbound/outbound access to/from your EC2 instance.
Specify custom VPC endpoint policies, if required.
Click on "Create endpoint" to proceed.
Set your SQS-queue policy as follows:
Running the following in your DevBox terminal:
Will result in:
Running the same command with a custom endpoint should result in no errors however:
Connecting to ElastiCache running in the private subnet of AWS VPC from your DevBox.
Go to Amazon ElastiCache > Redis OSS Cache > Your Cluster.
Select Configuration & Security.
Copy Primary endpoint.
Go to your DevBox and install the Redis CLI:
Access the cluster using the CLI:
Go to Amazon ElastiCache > Create.
Select Design your own cache.
Select Cluster cache in the Creation method.
Use the default configurations for creating the cluster.
Scroll Down to the Cluster info and specify your Cluster Name.
Choose the Engine Version and Node Type in the Cluster settings.
Go to Connectivity section and choose your VPC and Subnet group.
In the next section, choose the Security Group. Make sure the specified Security Group allows inbound connection from the VPC.
Click on Create.
Go to your ElastiCache and copy Primary endpoint.
Go to your DevBox and install the Redis CLI:
Access the cluster using the CLI:
Connecting to OpenSearch running in the private subnet of AWS VPC from your DevBox.
Go to Amazon OpenSearch Service > Domains.
Select your domain and copy your Domain Endpoint.
Go to your DevBox and connect to Service:
Go to Amazon OpenSearch Service > Create domain.
Give a unique Domain name.
Select Standard create in the Creation method.
Use the default configurations for creating the service.
Keep the Data nodes according to your requirements.
Go to Network section and choose your VPC and Subnets.
In the next section, choose the Security Group. Make sure the specified Security Group allows inbound connection from the VPC
Click on Create.
Go to your OpenSearch and copy Domain endpoint.
Go to your DevBox and connect to Service:
This guide explains connecting to an AWS DynamoDB service running on AWS infrastructure from your DevBox.
If you already have a DynamoDB, you can follow the steps below to access its content from the DevBox.
First, we need to create a recipe for the workspace:
Enter the recipe name and click on Create a recipe.
Now use the below-provided snippet to create a recipe for your workspace:
Click on Save and Build and when the build is successful, click on Publish.
Enter the workspace name and click on Select from recipe library.
Select the recipe you just created above and click on Select.
Click on Launch, and your workspace will be ready shortly.
Now, this is where the real task begins. After downloading the `aws' cli package, we will need to authenticate with our AWS account. To do so, follow the below steps:
Go to AWS Dashboard, and on the top right corner, click on the drop-down menu and select Security credentials.
Under the Access Keys section, click on Create Access Key and agree to the Terms and Conditions.
Click create access key
and note down the Secret Access Key as this will only be shown once.
Go to your DevBox and use the following command to configure the aws
cli:
Enter the Access Key and Secret Access Key when prompted.
Enter your default Region of choice, and your aws
cli setup will be completed.
Now, with the above steps, your AWS DynamoDB connections are completed, and you can check that with the following command:
Follow the guide.
Follow the guide.
You can run services and tasks managed by AWS ECS inside of DevBoxes using .
Install the into your DevBox.
Follow the guide.
Create a new workspace with Docker installed ().
Follow the guide.
Follow the guide.
Use one of the in the Configuration.
Install the into your DevBox.
Follow the guide.
Follow guide.
Follow guide.
is a serverless, NoSQL, fully managed database. You will connect through the aws
cli tool by first authenticating into your AWS Cloud account and then accessing the contents of the DynamoDB Service.
Go to the and click on New recipe.
Go to the by clicking New workspace.