Prepare and download packages

Before starting, ensure that the region selected for the workshop supports CDK and Cloud9 services. It’s recommended using us-east-1 (N. Virginia) for the workshop.

Please carry out the following steps in order to run the workshop:

(a) Access to Linux Shell Terminal

This example uses AWS Command Line Interface to be run in Terminal / Shell application on your local machine.

We recommend using AWS Cloud9 service to setup your environment that comes pre-installed with AWS CLI packages, git and many other useful utilities along with inbuilt IDE functionalities. Once logged in, you can use this browser-based IDE for coding, bash shell to run the Linux commands. While creating the Cloud9 environment, ensure the hibernate settings are configured to 30 minutes or more.

  1. Go to Cloud9
  2. Select Create environment
Screenshot showing how to create the Cloud9 environment
  1. Name it devopsguru-workshop, click Next step
  2. Choose “t3.small” for instance type, take all default values and click Next step
  3. Click Create environment

After logging into one of your desired environments, it will give access to the IDE:

Screenshot showing the Cloud9 shell

Please follow the steps as explained below to configure credentials to be used by Cloud9:

Create IAM role (devopsguru-workshop-admin) with admin rights

  1. Follow this deep link to create an IAM Role with Administrator access.
  2. Confirm that AWS service and EC2 are selected, then click Next: Permissions to view permissions.
  3. Confirm that AdministratorAccess is checked, then click Next: Tags to assign tags.
  4. Take the defaults, and click Next: Review to review.
  5. Enter devopsguru-workshop-admin for the Name, and click Create role.

Attach IAM role to the Cloud9 EC2 instance

  1. Follow this deep link to find your Cloud9 EC2 instance
  2. Select the instance, then choose Actions / Security / Modify IAM Role
  3. Choose devopsguru-workshop-admin from the IAM Role drop down, and select Apply

Access AWS Settings in Cloud9 and disable AWS managed temporary credentials

Cloud9 normally manages IAM credentials dynamically. This is currently incompatible with the CodeCommit IAM authentication, so we recommend disabling it and rely on the IAM role instead.

  1. Return to your workspace and click the gear icon (in top right corner), or click to open a new tab and choose “Open Preferences”
  2. Select AWS SETTINGS
  3. Turn off AWS managed temporary credentials
  4. Close the Preferences tab
Screenshot showing how to disable Cloud9 IAM

To ensure temporary credentials aren’t already in place we will also remove any existing credentials file:

rm -vf ${HOME}/.aws/credentials

Install jq

sudo yum install jq -y

We should configure our aws cli with our current region as default.

export ACCOUNT_ID=$(aws sts get-caller-identity --output text --query Account)
export AWS_REGION=$(curl -s 169.254.169.254/latest/dynamic/instance-identity/document | jq -r '.region')

Check if AWS_REGION is set to desired region

test -n "$AWS_REGION" && echo AWS_REGION is "$AWS_REGION" || echo AWS_REGION is not set

Let’s save these into bash_profile

echo "export ACCOUNT_ID=${ACCOUNT_ID}" | tee -a ~/.bash_profile
echo "export AWS_REGION=${AWS_REGION}" | tee -a ~/.bash_profile
aws configure set default.region ${AWS_REGION}
aws configure get default.region

Validate the IAM role

aws sts get-caller-identity --query Arn | grep devopsguru-workshop-admin -q && echo "IAM role valid" || echo "IAM role NOT valid"

(b) AWS CLI Installed:

AWS CLI is installed by default if using Cloud9 service. If you would like to use your own local shell, please follow these instructions if you haven’t installed AWS CLI. Your CLI configuration needs PowerUserAccess and IAMFullAccess IAM policies associated with your credentials.

Please test your CLI access by running the below command:

aws --version
aws configure get region

If the region is not configured above, please configure using: aws configure set region.

Output from aws cli version above must yield AWS CLI version >= 1.19.12

(c) Install the pre-requisite packages:

You may check the existing version of the packages Python, and pip using these commands:

python --version
pip --version
  • Python version must be equal or higher than 3.6
  • pip version must be equal or higher than 20.2.3

If needed, use the below commands to update Python and pip:

sudo yum -y update
sudo yum -y install python36
sudo python3 -m pip install --upgrade pip

Install the necessary packages:

sudo pip3 install requests