Intro to AWS CloudShell

So what is AWS CloudShell? It is just like your local shell on your terminal, but it is a browser based shell that makes it easy to manage, explore and interact with your AWS resources. It’s just like setting up your AWS CLI on your local, but you don’t have to authenticate or setup any other configuration or credentials, like unlocker. Also, this service provides a number of popular tools like Python, Node, KubeCTL, database CLI pre-installed, so you don’t have to create a session and install the most commonly used tools every time. And this is free service, which can be used from your browser, and there are no additional or hidden charges to use it.

The question is when to use the service? There could be two situations when you don’t want to configure your credentials, like on your local, and when you want to quickly access AWS systems programmatically. If we use this service within an AWS account for a specific region, it will inherit the credentials using your console password and user. If you have administrator access, for example, the AWS CloudShell will be using the same permissions for you to use.

A number of additional information here. This CloudShell can be used for various shells like Bash, Z shell, or PowerShell, if you are interacting based on Windows concepts. Other than that, every session is region-based. It means that if you have a session in North Virginia, and you want to fire up another session in another region, those two sessions will be independent and separate. They will have their own home directory. One cool feature that I came forward is that we can download or upload files from your local machine or to your local machine. So this is quite handy when you have a bunch of configurations like your Kubernetes configurations or resource references, you can just provide your relative path and download on your local. The shell can also be customized. For example, you can change its theme or you can enable the secure copy and paste feature, which will first check if the pasted code or some text has no vulnerability or exploitation.

Okay, so let’s go to demo. This is my AWS console. If you just write CloudShell and if you click this, you will have your CloudShell immediately. It will not require any other configuration. For example, we have Cloud Nine which is an integrated development environment. It will use EC2 instances, it will use something at the back end but the user does not have to manage anything at all. This is the welcome page. We have CLI by 10 or GS and a couple of more and the storage. The free storage is one GB and if you want to use more than one GB then of course it will be charged, but I think for one session one GB is more than enough.

Save the file in settings. File Save in your home directory on CloudShell, whether it’s auto generated or you wish to create new ones are available and ready for future sessions, as well. If I just go ahead and create a bunch of files and close this CloudShell and after a while, I decided to come back to it. I can then see the same number of files present in the home directory. That’s that’s a good feature. It has prepared our terminal and it has been solved AWS, as you can see. It also has a number of other tools like KubeCTL, Node, etc. Okay, so let’s go ahead and create a file. Let’s edit it. If we just catch it, we can see the content for this. For example, we want to download it directly on my local machine. What I’ll do is I will click on Actions. And here we can see the option Download File. Here, you will provide the individual file path. By default, it will use the home directory as prefix, I just have to provide my general file name, which is file-demo.txt. As you can see, it was directly downloaded on my local and I can see the contents of the file here. Also, we can delete AWS CloudShell home directory. But this operation will delete everything I mean, every data will be deleted from the home directory and it will recreate the home directory for us. Other than that, there is a Preferences section where you can enable or disable the safe paste. It will verify the multi line text that you have copied before pasting. It will pop up dialog box to confirm if the pasted code is okay, from the user side. Once a user clicks on ok, it will cross check on its side, as well. And it will paste the contents. If it has any vulnerability, it will deny the paste operation. I think if you want to use AWS ecosystem programmatically and in a fast way, I think this is the service you should use.