I would like to setup mu Amazon account on Intellij AWS plugin.
I want to be able to access S3 and EC2.
I have the Intellij AWS plugin installed, but I can't figure out how to login with my Amazon credentials.
As you can see here (image below), I can choose an account, but I can't figure out where to set it up.
Screenshot:
Open Settings dialog (File->Settings).
In AWS->Accounts section create a new account and enter account number, access key ID and secret access key. (You can get them in your AWS account profile)
Press "Test Connection" button to verify that your settings are correct.
Press "Apply" after you are finished.
Related
This might be a rather simple question, but is it possible to log into an EC2 Windows Server instance over RDP, using an IAM user's credentials, or am I stuck using the password from the KeyPair?
The only way to do that would be to have IAM identity center setup with SSM Fleet manager.
From the documentation:
Fleet Manager integrates with IAM Identity Center so you can connect to your instances without providing additional credentials.
Otherwise, you have to specify either username/password or a the .pem file:
When connecting to your instance, you can use Windows credentials or the Amazon EC2 key pair (.pem file) associated with the instance for authentication.
EC2 instance access over RDP steps as below:
In aws ec2 service site with your IAM login.
screenshot reference
Select your windows server in EC2 instance list. let respective EC2 instance in running state. note then only "Connect" button will be active.
Select connect button. In the new window select 'RDP client' > select the 'Get Password'.
In 'Get password Window', import the pem which was associated with respective windows served in EC2 service. select 'Decrypt password'.
Copy the password, keep pasted in txt file for your future use.
Run 'mstsc' for remote desktop and type the public DNS address (which you can get it from above step 3 window) and login as .\Administrator and use the copied password for login.
Pre requisite steps to edited in EC2 windows instance:
Start the Windows Registry editor (type regedit in the "Start > Run" dialog)
Navigate to: [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa] "LimitBlankPasswordUse"=dword:00000001 3. Change LimitBlankPasswordUse to 0 (zero) to enable the use of blank passwords, 1 to prevent blank passwords over the network.
this solution considered as alternate.
In the code below, i am getting one error attached. Also there is a service_account_path i have to enter, where do i find this path and how can i download this file?
# Replace with your service account path
path_service_account = 'service1'
os.environ["GOOGLE_APPLICATION_CREDENTIALS"] = path_service_account
# Replace with your input file path
input_file = 'C:\tumbling window\store_sales.csv'
# create publisher
publisher = pubsub_v1.PublisherClient()[enter image description here][1]
Client libraries make use of service account credentials to authenticate into GCP services and APIs, such as Pub/Sub.
To do this, an environment variable named GOOGLE_APPLICATION_CREDENTIALS needs to be set and its value is a string with the path of the JSON key value of that service account.
First, you need to make sure that you've created a service account with enough permissions to do the required Pub/Sub operations:
In the Cloud Console, go to the Service accounts page.
Select your project.
Click Create service account.
Enter a service account name to display in the Cloud Console.
Choose one or more IAM roles to grant to the service account on the project. This is an important step, if you're only planning to use this account to consume the Pub/Sub service, then you could grant it the Pub/Sub admin role. If your code also makes use of another service (Such as BigQuery, for example) you need to grant the required roles as well. An easy option would be to grant it the Project Editor role, which grants access to all GCP services, but is always a recommended security practice to grant only the required minimal necessary permissions.
Once you've granted the required role(s), click Done to finish creating the service account.
Once you've created the service account, then you need to generate a JSON key file:
In the Cloud Console, go to the Service accounts page.
Select your project.
Find the row of the service account that you want to create a key for. In that row, click the More (3-dot) button, and then click Create key.
Select a JSON Key type and click Create.
Clicking Create downloads a service account key file.
That is the file which path needs to be referenced in path_service_account. Let's say that your JSON key file was downloaded in C:\Downloads\YOUR_JSON_KEY_FILENAME.json, then your code would be something like:
path_service_account = 'C:\Downloads\YOUR_JSON_KEY_FILENAME.json'
This should solve the authentication errors that you're getting.
I want to use GCP Stackdriver for my AWS accounts.
When I go to my workspace settings and click the "Add AWS Account" it gives the following instructions:
Log in to your Amazon IAM console and click Roles
Click "Create New Role"
Select the role type "Another AWS account"
Check the box "Require external ID"
Enter the following:
Account ID: 123456789012
External ID: ab12345678
Require MFA: unchecked
Click "Next: Permissions".
Select "ReadOnlyAccess" from the policy template list and click "Next: Review"
Enter a "Role Name" such as Stackdriver and click "Create Role"
Select the "Role Name" you just entered from the role list to see the summary page
Copy the "Role ARN" value and paste it in the AWS Role ARN field below
I tried that on my AWS account but it's obvious that the IDs aren't real. How can I get the IDs to create my AWS link account?
I'm the GCP project's owner and have permissions to create projects too.
Thanks
By looking the steps mentioned you are trying this document; The ID's are exactly the ones that Stackdriver monitoring is telling you to use to create the role on AWS.
There is some issue with the new UI for Stackdriver Monitoring. To workaround this issue please follow this steps:
On stackdriver Monitoring console you will see a banner at the top
"Stackdriver Monitoring in the Google Cloud Console is Generally Available. This is now the default experience and will be the only experience available by the end of January 2020"
Then click to use classic button to change to the old interface, there you will be able to say why you are changing to the old interface.
Once you get the old interface, go to Workspace Settings (located in your project name on the top/left side of the screen) --> Monitored accounts --> Add AWS account. There you will be able to get the correct Account ID and External ID for your OWN Stackdriver Workspace.
Then continue the steps as the guide say by creating the role on AWS and sharing the ARN to Stackdriver.
I installed AWS Toolkit for Visual Studio 2017. I clicked "Connect" and provided all the necessary keys. It got connected to my office AWS account.
Now I have a free account of AWS for learning purpose. I have a sample repository in CodeCommit under free account. Now I want to connect to this account.
Whenever I click "Connect", it automatically connects to office account and not offering me to enter credentials of the free account.
I opened "Manage Connections", but there I can only add a new Microsoft account not AWS.
You need to add your free account as a profile. The Providing AWS Credentials guide will walk you through adding multiple AWS profiles. Then, when you click "Connect" a pop up will allow you to choose the AWS profile that you would like for the connection. Once connected, there is an option to sign out if you would like to connect with a different profile.
I'm totally new to AWS.
I downloaded some sample code from Amazon and I need to set a number of constants:
AWS_ACCESS_KEY_ID
AWS_SECRET_ACCESS_KEY
MERCHANT_ID
MARKETPLACE_ID
I just created an AWS account. I want some type of sandbox account so I can try out the code samples.
What are the exact steps I have to take to:
Create a sandbox account
Get these credentials
Go to: http://aws.amazon.com/
Sign Up & create a new account (they'll give you the option for 1 year trial or similar)
Go to your AWS account overview
Account menu in the upper-right (has your name on it)
sub-menu: Security Credentials
Open the AWS Console
Click on your username near the top right and select My Security Credentials
Click on Users in the sidebar
Click on your username
Click on the Security Credentials tab
Click Create Access Key
Click Show User Security Credentials
Amazon changes the admin console from time to time, hence the previous answers above are irrelevant in 2020.
The way to get the secret access key (Oct.2020) is:
go to IAM console: https://console.aws.amazon.com/iam
click on "Users". (see image)
go to the user you need his access key.
As i see the answers above, I can assume my answer will become irrelevant in a year max :-)
HTH
Amit's answer tells you how to get your AWS_ACCESS_KEY_ID, but the Your Security Credentials page won't reveal your AWS_SECRET_ACCESS_KEY. As this blog points out:
Secret access keys are, as the name implies, secrets, like your
password. Just as AWS doesn’t reveal your password back to you if you
forgot it (you’d have to set a new password), the new security
credentials page does not allowing retrieval of a secret access key
after its initial creation. You should securely store your secret
access keys as a security best practice, but you can always generate
new access keys at any time.
So if you don't remember your AWS_SECRET_ACCESS_KEY, the blog goes on to tell how to create a new one:
Create a new access key:
"Download the .csv key file, which contains the access key ID and secret access key.":
As for your other questions:
I'm not sure about MERCHANT_ID and MARKETPLACE_ID.
I believe your sandbox question was addressed by Amit's point that you can play with AWS for a year without paying.
It is very dangerous to create an access_key_id in "My Account ==> Security Credentials". Because the key has all authority.
Please create "IAM" user and attach only some policies you need.
To find the AWS_SECRET_ACCESS_KEY Its better to create new create "IAM" user
Here is the steps https://docs.aws.amazon.com/IAM/latest/UserGuide/id_users_create.html
1. Sign in to the AWS Management Console and open the IAM console at https://console.aws.amazon.com/iam/.
In the navigation pane, choose Users and then choose Add user.