# AWS basics Commands

# EC2

## Create keypair
```bash
aws ec2 create-key-pair --key-name bofher_keypair --query 'KeyMaterial' --output text > AWS_bofher_keypair.pem
chmod 400 AWS_bofher_keypair.pem
```

Then show info:
```bash
aws ec2 describe-vpcs
```
Result is a json, so you can filter it like:
```bash
aws ec2 describe-vpcs | jq  ".Vpcs[].VpcId"
```


## Create VPC
```bash
aws ec2 create-vpc --cidr-block 10.0.0.0/24 --query Vpc.VpcId --output text
```

Then show info:
```bash
aws ec2 describe-key-pairs --key-name bofher_keypair
```

## security group

for firewall rules

### Create security group
```bash
aws ec2 create-security-group --group-name test_sg --description "test_security_group" --vpc-id vpc-04738d91cd27e3a68
```
To easy your live, export the security group id:
```bash
export SG_ID="sg-07332f264769ee59c"
```

Check:
```bash
aws ec2 describe-security-groups --group-ids  ${SG_ID}
```

### Grant accesss to your public ip only

```bash
aws ec2 authorize-security-group-ingress --group-id ${SG_ID} --protocol tcp --port 22 --cidr $(curl ifconfig.me)/32
```
You will see something like:
```json
{
    "Return": true,
    "SecurityGroupRules": [
        {
            "SecurityGroupRuleId": "sgr-0a20e51c280054d45",
            "GroupId": "sg-07332f264769ee59c",
            "GroupOwnerId": "183631327649",
            "IsEgress": false,
            "IpProtocol": "tcp",
            "FromPort": 22,
            "ToPort": 22,
            "CidrIpv4": "149.102.236.197/32"
        }
    ]
}
```