Activity: Create Key Pair
ABC Company is in the process of migrating part of their infrastructure to AWS.
1.Break down migration into smaller tasks,
2.Align as per Company ABC to maintain control and optimize resources effectively.
Manager be like make sure Yashvi ABC have smooth transition with minimal disruptions in phase rollout wise manner.
KEY_PAIR Basics
Imagine Alice and Bob are two friends who want to send secret messages to each other, but they don’t trust the postal system to keep their messages private. So, they come up with a lock-and-key system:
Public Key = Open Lock
(Lock A or Lock B)
Alice and Bob each have their own unique lock (public key) that they share with everyone.
These locks are special: once locked, they can only be unlocked with the matching private key.
Private Key = Secret Key
(Lock B or Lock A’s Key)
Alice and Bob each keep a private key that can open only their own lock.
This private key must never be shared.
How Messages are Sent Securely
Bob wants to send Alice a secret message.
He takes Alice’s open lock (public key) and locks a box containing the message.
Once locked, only Alice’s private key can unlock and read the message.
Similarly, Alice can use Bob’s public lock to send him a secure message.
How Digital Signatures Work
Imagine Alice wants to prove she sent a message.
Instead of locking the message, she locks a signature using her private key.
Bob can verify the authenticity of the signature by using Alice’s public lock (public key).
If the lock opens, he knows the message really came from Alice!
Requirements:
Key Pair Name: given as per naming convention in ABC Company
Key Pair Type: rsa
Region: us-east-1
Yashvi will collect AWS Console credentials and 12 digit account number/login link
Method1: UI Console steps after using credentials to login:
1.Navigate to EC2 Dashboard:
2.Ensure you are in the us-east-1 region(as per architecture requirement).
3.Create Key Pair:
Select Key Pairs from the left-hand menu under Network & Security.
Click on Create Key Pair.Enter the Key Pair Name as givenname-kp.
Have rsa as the Key Pair Type.
Click on Create Key Pair.
4.Download Key Pair:
-The key pair givenname-kp.pem will be automatically downloaded to your local machine.
-Store this key pair securely as it is required for SSH access to your instances.
You don’t understand anything until you learn it more than one way.
– Marvin Minsky
** Method 2: Have it simple na Yashvi with CLI ? not fan of UI/Click Ops
**
Here's the catch -prerequistes:
- IAM user (yashvi-kothari-1234) should have permission around create EC2 key pairs.
Sample policy is attached to user yashvi-kothari-1234
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"ec2:CreateKeyPair",
"ec2:DescribeKeyPairs"
],
"Resource": "*"
}
]
}
2.Install AWS CLI on machine
macOS/Linux:
download package using curl command & run/install
Windows:
https://awscli.amazonaws.com/AWSCLIV2.msi
Verify Installation:
aws --version
4.Now before configuring AWS CLI,generate creds for AWS CLI
1.Create a new user with programmatic access, or use your own or request existing user to generate access keys.
2.Navigate to Users, select the user (here yashvi exists) or create a new one for cli, and then go to the Security credentials tab.
3.Under Access keys, click on Create access key and note down the Access Key ID and Secret Access Key.
5.Configure AWS CLI
Open your terminal and configure the AWS CLI using the generated credentials.
aws configure
Now enter in prompt
6.Key-Pair using command:
aws ec2 create-key-pair --key-name givenname-kp --key-type rsa --region us-east-1 --query 'KeyMaterial' --output text > givenname-kp.pem
Short Summary
Top comments (0)