AWS CSA Quick start Guide

During my internship at AWS, my team and I held weekly sessions to assist colleagues on tech concepts. We made this quick start guide to help our peers know some basics and cover the minimum to tackle the required labs. We wanted to avoid going too much into depth as we were going to cover some of the items in the following weeks. Some topics even have books, courses, and certifications dedicated to them.

Intro to linux & networking

What is Linux and Amazon Linux 2?
■ Linux is an open source Operating System
■ A stable, secure, and high-performance execution environment for applications running on Amazon EC2
■ Supports the latest EC2 instance-type features and includes packages that enable easy integration with AWS
■ AWS provides ongoing security and maintenance updates to all instances running the Amazon Linux AMI
■ The AMI is provided at no additional charge to Amazon EC2 users

What is a directory?

■ Directories (folders) are used to help organize files. Think of directories like folders in a file cabinet. They have names, just like files, but their function is to contain other files and other directories
■ Everything on your Linux system is located under the / directory, the root directory. The / directory is similar to the C:\ directory on Windows

Navigating directories

■ pwd – writes the full path name of your current directory
■ cd – change directory (ex. cd home to navigate into the home directory, cd .. allows you to go back one directory in the tree) syntax: cd Directory name
■ ls – list all folders and files in the current directory syntax: ls Directory
■ mkdir – used to create a directory syntax: mkdir NewDirectory
■ rm – used to remove a directory syntax: rm NewDirectory
■ cat – show the contents of a file syntax: cat file.txt

Permissions

Downloading a private key sometimes requires to be strict, such as 0400.
■ sudo – gives root permissions, sometimes you need root privilege to run specific commands
■ chmod – change mode, used to change the read, write, and execute permissions of a file
■ Key pairs - a key pair, consisting of a public key and a private key, is a set of security credentials you use to prove your identity when connecting to an Amazon EC2 instance. The private key allows you to SSH into your instance securely for Linux instances.

What is SSH?

■ The most common tool to connect to Linux servers is Secure Shell (SSH)
■ When connecting to hosts via SSH, SSH key pairs are often used to authorize users individually
■ SSH utilizes TCP port 22
■ With SSH, you can connect to your EC2 instance, perform operations, modify files, and transfer data
■ You can use your OS’ terminal or command line to SSH into remote computers or servers

SSH into an EC2 instance

■ There are many ways to connect to your EC2 instance, including EC2 Instance Connect, AWS Systems Manager Session Manager, or SSH. In this guide, we are going to discuss the SSH method
■ For macOS, to SSH into your EC2 instance on Linux:

1. Download the private key (if applicable for the instance)
2. Open the MacOS terminal
3. Navigate to where the key is (ex. cd Downloads if the key is in Downloads)
4. Change the read, write, and execute permissions for the private key (if applicable), ex. chmod 400 for read permissions on the current user
5. Finally, you can connect to the instance by using ssh –i ec2-user@(instance IP)
6. Once in the instance, you are following the syntax and commands for the OS of the Instance, for example, Linux AMI Windows Users can use PowerShell and follow the same steps as above!

What is the Domain Name System (DNS)?

■ All computers on the Internet, find and communicate with one another by using a set of numbers. These numbers are known as IP addresses. When you open a web browser and go to a website, you don’t have to remember and enter a long number. Instead, you can enter a domain name like example.com and still end up in the right place.
■ The Internet’s DNS system works much like a phone book by managing the mapping between names and numbers. DNS servers translate requests for names into IP addresses, controlling which server an end user will reach when they type a domain name into their web browser.

Commands/tools for networking

■ dig – Used for retrieving and troubleshooting DNS information
■ nslookup – Used to enter a hostname and find out the corresponding IP address or DNS record.
■ ping – Used to test connectivity between two different devices. It sends and receives packets to determine if connectivity was successful.
■ netstat – Used to show network status and protocol statistics. It also displays the status of TCP and UDP endpoints in table format, routing table information, interface information, and even port numbers. It uses tags such as: s , r , and i.
■ telnet – Can be used to check for open ports on a system
■ nmap – Used to identify the devices connected on a network. It can also be used to get information about the services running on the network and the Operating System
■ ethtool – Used to help manage network interfaces. It can also display and configure the ethernet driver and hardware settings.
■ traceroute – prints the route (router “hops”) that a packet takes to reach the host
■ ip – Used to show or manipulate routing, devices, and tunnels

What are network ports?

■ A port in Linux is a virtual concept that helps access different network services. It is a 16-bit integer ranging from 0 to 65535 with no physical existence. When combined with an IP address, a port results in a socket address that is used to establish a connection between the client and the server.
■ Port 80: HTTP
■ Port 443: HTTPS
■ Port 22: SSH
■ Port 3389: RDP
■ Port 3306: mySQL
■ To ensure connectivity with the above services, the designated ports must be open or allow traffic of such services to pass through!

Installing and starting services

■ Depending on the AMI, there may be different package managers and init systems installed
■ The default package manager for Amazon Linux 2023 is DNF (Dandified YUM) and the default for Amazon Linux 2 is YUM (Yellowdog Updater, Modified)
■ To install using YUM, the command is yum install servicename
■ To install using DNF, the command is dnf install servicename
■ To start a service (ex. Apache/httpd), the command is systemctl start servicename or service start servicename

References

■ A. (n.d.). Which network ports are reserved by the Linux Operating System? Retrieved from https://www.thegeekdiary.com/which-network-ports-are-reserved-by-the-linux-operating-system/
■ Connect to your Linux instance using SSH - Amazon Elastic Compute Cloud. (n.d.). Retrieved from https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/AccessingInstancesLinux.html
■ Hoffman, C. (2016, September 21). The Linux Directory Structure, Explained. Retrieved from https://www.howtogeek.com/117435/htg-explains-the-linux-directory-structure-explained/
■ ip command in Linux with examples. (2023, May 5). Retrieved from https://www.geeksforgeeks.org/ip-command-in-linux-with-examples/
■ Linux on AWS. (n.d.). Retrieved from https://aws.amazon.com/mp/linux/
■ Linux, B. O., & Linux, B. O. (2022, November 26). Find Open Ports in Linux | Baeldung on Linux. Retrieved from https://www.baeldung.com/linux/find-open-ports#:~:text=A%20port%20in%20Linux%20is,the%20client%20and%20the%20server
■ New: Using Amazon EC2 Instance Connect for SSH access to your EC2 Instances | Amazon Web Services. (2019, June 29). Retrieved from https://aws.amazon.com/blogs/compute/new-using-amazon-ec2-instance-connect-for-ssh-access-to-your-ec2-instances/ #:~:text=About%20Amazon%20EC2%20Instance%20Connect&text=The%20most%20common%20tool%20to,used%20to%20individually%20authorize%20users
■ traceroute command in Linux with Examples. (2022, December 8). Retrieved from https://www.geeksforgeeks.org/traceroute-command-in-linux-with-examples/
■What is DNS? – Introduction to DNS - AWS. (n.d.). Retrieved from https://aws.amazon.com/route53/what-is-dns/