2.1 Summary

Summary: To SSH, you need to generate a .pem private key via AWS UI.
The private key should be held in the local computer AKA user computer.
The public key should be held in the remote computer AKA AWS EC2 instance.
The public key is generated from the .pem private using a bash command that all linux PCs have meaning you will have to generate the public key on a local computer then copy it into your remote AWS EC2 instance.

2.2 instructions

• To ssh in your EC2 you MUST setup a keypair when initializing a EC2
  • Private keys are Only generated once on creation through the UI, so if you forgot your private key you need to make a new one.
  • Public key can be found if you enter the EC2 and go to `~/.ssh/
  • Network&Security >> Key Pairs >> Create New Key
• However you can connect to EC2 with EC2 Instance Connect, However you must make sure you allow SSH access from the internet
  • check this by looking at Network&Security >> Security Groups >> vpc-instance >> inbound-rules >> Port 22

1. Drag your ForSSH.pem (private key) into your openroot.com server
2. sudo chmod 400 ForSSH.pem
3. ssh-keygen -y -f ForSSH.pem , this generates the public key which is shown below

ssh-rsa XXXXXXXXXXXXXXXXXXXXXXX+XXXXXXX/A/XXXXXXXXXXXXXXX 

4. go to AWS console, connect via EC2 INSTANCE CONNECT in UI and nano /.ssh/authorized_keys

add the text below, notice this is the public key we generated but we also added ForSSH label at the end

ssh-rsa XXXXXXXXXXXXXXXXXXXXXXX+XXXXXXX/A/XXXXXXXXXXXXXXX ForSSH

5. After doing do look in the UI, Network&Security >> Key Pairs and you should see an added ForSSH keypair.
   • OPINION: I think it is strange the UI doesnt let you add the public key and we have to go directly into the EC2 machine to add it.
6. Log-in via SSH from local computer using ssh -i ./ForSSH.pem ec2-user@54.210.175.47 with 54.210.175.47 being the public IP of the aws instance.

3.1 Download CLI

mkdir awstmp
curl "https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip" -o "awscliv2.zip"
unzip awscliv2.zip
sudo ./awstmp/aws/install
#You can now run: /usr/local/bin/aws --version
aws --version

3.2 Create Administrator account

1. check both boxes, programmatic access and web console browser access
2. Add User “Administrator” with your custom password
3. Make new group, “Administrator”
4. Filter, add “AdministratorAccess” check
5. Finish adding user, final page will show
   • IAM id
   • Username
   • Access key ID: AKIAIOSFODNN7EXAMPLE
   • Secret access key: wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY

IAM id, Username and your custom password is used to logon browser.
Access key and Secret access key is used for code.

aws configure
AWS Access Key ID [None]: your_access_key_id
AWS Secret Access Key [None]: your_secret_access_key
Default region name [None]: 
Default output format [None]:

3.3 Download SAM

mkdir SAMtmp
wget https://github.com/aws/aws-sam-cli/releases/latest/download/aws-sam-cli-linux-x86_64.zip
unzip aws-sam-cli-linux-x86_64.zip
sudo ./install

sam --version

mkdir SAMtmp
wget https://github.com/aws/aws-sam-cli/releases/latest/download/aws-sam-cli-linux-x86_64.zip
unzip aws-sam-cli-linux-x86_64.zip
sudo ./install --update ##THIS IS THE ONLY DIFF from regular install

sam --version

4.1 Local lambda call

• this emulate the aws cloud env locally as a docker

#local lambda invoke
sam local invoke "HelloWorldFunction" -e events/event.json

4.2 Real AWS cloud deploy

#real lambda deploy
sam deploy --guided