Versions Compared

Old Version 8

changes.mady.by.user Evan Parker

Saved on

compared with

New Version 9

changes.mady.by.user Evan Parker

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

AWS Console Login:

...

...

  • jcsda-noaa

...

AWS Spend Overview (update every month on the 10th for the previous month using the numbers from the AWS Cost Explorer): https://docs.google.com/spreadsheets/d/19f3kLF-IJg7IrmPdA6c3L3nSwWY1WqVQI79Ihp-6Lco/edit#gid=1457851180

Old Other AWS confluence pageWiki Pages:


Table of Contents

Table of Contents

...

  1. Install the AWS CLI if necessary (HPC platforms include the CLI in spack-stack).
    1. Mac: from your shell run brew install awscli  or use one of the other recommended install methods 
  2. Go to your “My security credentials” page in the AWS console (see step 4 and 5 in Account setup).
    1. Click “Create access key” in the Access Keys panel.
    2. Select the “Command Line Interface (CLI)” use case.
    3. Check the box to acknowledge and disregard the other recommended options and click “Next”
    4. Give a short description like “Key for CLI use” and click “Create”
    5. Save the key ID and the key secret value in a secure location, you will need both in the next step.
  3. On the command line configure credentials for for your account using one of the commands listed below. The profile name is important since some of our tools (especially skylab) are sensitive to this profile name when authenticating resources. Use your key ID and secret gathered in step two. Configure the region to be the same as used above. Set your output format to “json”.
    1. To configure jcsda-usaf
    4. :
      1. aws configure –profile=jcsda-usaf-aws-us-east-2 
      2. Access Key ID and secret: see step #2 above
      3. Region: us-east-2 
    2. To configure jcsda-noaa
    5. :
      1. aws configure –profile=jcsda-noaa-aws-us-east-1
      2. Access Key ID and secret: see step #2 above
      3. Region: us-east-1

Pages

      1.  

Glossary

  • AWS: Amazon Web Services, a cloud computing platform provided by Amazon. It provides a wide range of cloud computing services including virtual servers, data storage, databases, and applications.
  • AWS Account: A standalone grouping of resources in AWS that organizes service resources, authentication and authorization policies, billing details, monitoring, and more. While AWS Accounts have a “root user” they can also allocate many additional user accounts, service accounts, and can use federated authentication.
  • IAM: The AWS service “Identity and Access Management”. This service is tied to all AWS account resources for a specific account and it used to specify resource permissions and user identities. The “Identity” component allows the creation of user accounts, service roles, and federated login. The “access management” component allows the creation of policies that gate access to services and/or specific service resources (such as read or write on a specific S3 bucket).  Within some narrowly defined limits, IAM policies can be used to allow cross-account access.
  • IAM Policy: A resource that defines permissions within AWS. Each policy specifies actions that are allowed on specific IAM resources. Policies are attached to IAM users and/or roles.
  • IAM User: A login-account for human users of AWS accounts. Each IAM user is associated with a specific AWS account.AWS ParallelCluster