Table of content:
In this lab, we’ll explore the localstack project as a training and CI tool for AWS resource development
Skills Learned
- localstack
- AWS CLI
- Terraform
AWS CLI
AWS CLI s3 bucket workflow
awslocal s3api --region us-east-1 create-bucket --bucket testwebsite
awslocal s3 cp index.html s3://testwebsite
awslocal s3 sync ./assets s3://testwebsite
awslocal s3 ls s3://testwebsite/
# Enable staic website hosting
awslocal s3 website s3://testwebsite/ --index-document index.html --error-docume
nt error.html
curl http://testwebsite.s3-website.localhost.localstack.cloud:4566/
Lab Setup:
Now we are going to use the terrform conifugration managment tool.
Do a plan by specifying values in terfacof
cd into
terraform plan -var="bucket_name=kurtis"
terraform apply -var="bucket_name=kurtis"
Modules
Modules allow us apply the following code we just wrote as a function.
mkdir -p modules/module-s3-website
# move current files into module
mv index.html assets main.tf outputs.tf variables.tf modules/module-s3-website/
Update main.tf to add 2 new buckets now:
module "module_s3_website" {
source = "./modules/module-s3-website"
bucket_name = "kurtis2"
}
module "module_s3_website_kurtis3" {
source = "./modules/module-s3-website"
bucket_name = "kurtis3"
}
Path variables for uploading content:
Values are a available:
- path.module – Filesystem path of the invoked module
- path.root – Filesystem path or root module.
- path.cwd – Filesystem path of original working directory
You need to run terraform init
everything you add a module call.
IAM Testing
Next we will create useres and roles to access the s3 bucket we just create.
IAM INTRO
awslocal sts get-caller-identity
$ /Users/kurtisvelarde/Library/Python/3.9/bin/awslocal sts get-caller-identity
{
"UserId": "AKIAIOSFODNN7EXAMPLE",
"Account": "000000000000",
"Arn": "arn:aws:iam::000000000000:root"
}
$ awslocal iam create-user --user-name test
{
"User": {
"Path": "/",
"UserName": "test",
"Arn": "arn:aws:iam::000000000000:user/test",
"CreateDate": "2024-01-01T23:44:13.448000Z"
}
}
$ awslocal iam create-access-key --user-name test
{
"AccessKey": {
"UserName": "test",
"AccessKeyId": "LKIAQAAAAAAAN5HPM7IN",
"Status": "Active",
"SecretAccessKey": "CPmrae/3AtxqqaXj2QK2p85H4PdaFZ5qe56FNOuK",
"CreateDate": "2024-01-01T23:44:31Z"
}
}
IAM Policies
List Policys and attach
awslocal iam list-policies | grep EC2FullAccess
aws iam attach-user-policy --user-name kurtis --policy-arn "arn:aws:iam::aws:pol
icy/AmazonEC2FullAccess"
awslocal iam list-attached-user-policies --user-name kurtis
Conclusion
We’ve demonstrated basic aws cli and terraform with local stack.