Starting and Stopping AWS EC2 Instances Using the AWS Command Line Interface

You can start and stop AWS (Amazon Web Services) EC2 instances using the command line interface instead of the AWS Console website.  This is helpful if you want to programmatically start and stop instances, in cases where you do not want to leave an instance running constantly but want to be able to bring it up and shut it down on demand or on a schedule.  In this blog post I’m going to show the basics of how to do this.

 

Creating a User with an Access Key

In order to use the AWS command line interface, you will first need to create a user account with an access key.  This is different from the account you use to log into AWS console.  This is an account is used to execute aws commands and can be granted fine-grained permissions.  To create a new user:

Login to the AWS IAM Console (Identity and Access Management Console)

Click on Users and then click on the Create New Users button.  Enter the name of the user to create (testuser in this example), make sure Generate an access key for each user is checked, and then click the Create button.

CreateUsers

Next, you will see a confirmation that the user was created. Click to expand Show User Security Credentials.  Make sure you copy the Access Key ID and Secret Access Key.  This is the only time you will be able to see the secret access key and if you don’t copy it or lose it, you will have to regenerate the access key!

UserCreated2

 

Assigning Permissions to the Newly Created User

When a new user is created, they have no permissions, so you will need to assign them.  Permissions are assigned by attaching policies to the user, or by adding the user to a group that has policies attached to it.  In this example, because we only have a single user, I am going to attach a policy directly to the user that was created.

To attach a policy to the user in the IAM Console, select Users again, click on the user we just added (testuser) and then switch to the Permissions tab.

UserPermissions

Now click on the Attach Policy button, select one or more policies and click the Attach Policy button.  In this example, we’re just going to attach the AmazonEC2FullAccess policy to this user.

AttachPolicy

Now we have a user that can be used to make command line calls.

 

Installing the AWS Command Line Interface

Next, we will need to install the AWS Command Line Interface.  I’m using Ubuntu in this example, and the instructions for installing the CLI are located here.  Amazon also provides instructions for installing this on other platforms, such as Windows.  Basically, you will need to have Python installed, Unzip installed, and then execute the following commands to download and install the AWS CLI:

$ curl "https://s3.amazonaws.com/aws-cli/awscli-bundle.zip" -o "awscli-bundle.zip"
$ unzip awscli-bundle.zip
$ sudo ./awscli-bundle/install -i /usr/local/aws -b /usr/local/bin/aws

 

Using the AWS Command Line Interface

In order to use the AWS Command Line Interface, we need to specify our credentials (the access key and secret key we generated earlier). There are two ways you can do this: First, by running the aws configure command which will create a ~/.aws/credentials file, or Second, by setting environment variables. There is actually a third way to specify credentials, using IAM Roles, but that is specific to using the CLI from another EC2 instance.

In this example, I’m just going to set the credentials using environment variables. I’m also going to set a default region so that I don’t need to specify the region on each command. Replace the XXXXXXs with your generated Access Key ID and Secret Access Key.

$ export AWS_ACCESS_KEY_ID=XXXXXXXXXXXXXXXXXXXX
$ export AWS_SECRET_ACCESS_KEY=XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
$ export AWS_DEFAULT_REGION=us-east-1

 
Now you can start using the CLI.

Here is a command to check the status of an EC2 instance (is it running, stopped, stopping, etc). I’m using grep and awk to pull out just the text that says “stopped” or “running”. Make sure to put your own instance ID in this command instead of i-XXXXXXXX:

$ aws ec2 describe-instances --instance-ids i-XXXXXXXX --output text | grep -w STATE | awk '{print $3}'

Here are the commands to start and stop an instance.

To start an instance:

$ aws ec2 start-instances --instance-ids i-XXXXXXXX --output text | grep -w CURRENTSTATE | awk '{print $3}'

To stop an instance:

$ aws ec2 stop-instances --instance-ids i-XXXXXXXX --output text | grep -w CURRENTSTATE | awk '{print $3}'

Keep in mind that the commands return immediately, so if you start an instance, the initial state returned will be “pending” until it has finished starting and then will change to “running”. Similarly, when you stop an instance, the initial state returned will be “stopping” and will change to “stopped” once it has finished stopping.

I hope this post has been a helpful introduction of how to use the AWS Command Line Interface to do some simple management of EC2 instances.

Leave a Reply

Your email address will not be published. Required fields are marked *