AWS CloudShell primer
Hello all!
I am making this blog based on AWS official podcast on CloudShell on Spotify happened nearly a year ago. Information about services is up-to-date, though 😛
Here is link to podcast — AWS CloudShell
CloudShell is a browser-based shell. This can be launched from AWS console. It comes with AWS CLI pre-installed And It will use the current logged-in user or assumed role credentials to execute commands in that region. To work on other region you can specify it.
Why CloudShell Exists?
Amazon launched this console-based shell to mitigate resistance to starting with AWS for newbies.
- For the professional players also who work on multiple projects, forget to switch between profile while working.
- For those who are far away from their system setup and want to run a simple script.
- for those who experiment on the new services
- Decrease the hustle of setting up local to run the AWS cmd for automation geeks
What CloudShell Offers
Amazon placed some essential and light tools to spin the shell instance very quickly. We can install our custom tool whatever we want.
It runs on linux env — Amazon AMI 2
Bash shell by default. We can install what ever shell we want.
Pre-installed tools
AWS Tools : AWS CLI, SAM CLI, AWS ECS CLI, AWS SDK (nodejs and python)
Editor : vim,
Source control : Git
Limits & Storage
Storage
Amazon provides space for custom installation. It provides 1 GB persistent storage of home directory per region. When the CloudShell session ends everything will be reloaded fresh; all the data and actions we placed will be restored. But the data in the home will be persistent between sessions.
You can install some on demand dependencies by running the scripts.
You can transfer the files from browser to shell.
Limits
- Inactivity time — 12 minutes
- Maximum time the session will be open without user input - Maximum single session duration — 12 hours
- Maximum time the CloudShell session can continue in one go. - Maximum session per region — 10 sessions
- Maximum no of concurrent CloudShell instances in a particular region egap-south-1
- It might differ with respect to region - Data retention on home storage — 120 days
- Maximum duration beyond which the home directory data will be lost for ever
CloudShell is not available in all the regions. Here is the link to know the currently available regions https://docs.aws.amazon.com/general/latest/gr/cloudshell.html
Security
- CloudShell will run in a dedicated VPC (Virtual Private Cloud). So will have only outbound connections and no inbound connections.
- The restored sessions will have updated version’s of cli’s and tools.
- Security managed by IAM
- Administrator can access the CloudShell. Admin should give permission to access the CloudShell — https://docs.aws.amazon.com/cloudshell/latest/userguide/sec-auth-with-identities.html
- No apis were provided — CloudShell is intended to be used from the AWS Management Console and does not currently support programmatic interaction.
Pinch of salt — Customisation
Developers need some sort of customisation to look things in their way. So Amazon provide little but effective customisation
- Multiple tables and renaming them.
- Light and Dark Mode
Here were couple of samples
Cost
No matter how feature-rich a service is, cost is a big factor in deciding the adoption of any service. So Amazon is providing this CloudShell service for free. They want to reduce friction to work with AWS, so they kept this service for free.
Note: We would be charged for the out-bound traffic we make during our usage.
Conclusion
CloudShell is a great service. I recommend it to be used while demonstrating a service or experimenting or to run some automation scripts to get log insights.
Thanks to Jonathan Weiss for podcast
Thanks for reading. Hope it will be of some help to you 🎉
