Skip to main content

Lab 001: Create Key Pair

Requirements

The Nautilus DevOps team is strategizing the migration of a portion of their infrastructure to the AWS cloud. Recognizing the scale of this undertaking, they have opted to approach the migration in incremental steps rather than as a single massive transition. To achieve this, they have segmented large tasks into smaller, more manageable units. This granular approach enables the team to execute the migration in gradual phases, ensuring smoother implementation and minimizing disruption to ongoing operations. By breaking down the migration into smaller tasks, the Nautilus DevOps team can systematically progress through each stage, allowing for better control, risk mitigation, and optimization of resources throughout the migration process.

For this task, create a key pair with the following requirements:

  1. Name of the key pair should be devops-kp.

  2. Key pair type must be rsa

Note

The solution can be implemented using both the AWS Cloud Console and the AWS CLI. This document outlines the CLI-based approach to accomplish these tasks. It is recommended to first explore the AWS Cloud Console for hands-on experience and a practical understanding of the process before utilizing the CLI approach, unless specifically instructed otherwise.

Prerequisites

  • AWS CLI is installed and authenticated on the working host.
  • The active AWS identity has permission to create and describe EC2 key pairs.

Steps

# Define variables
KEY_PAIR_NAME="devops-kp"
KEY_PAIR_TYPE="rsa"

# Create the key pair and save private key material to a local file
aws ec2 create-key-pair --key-name $KEY_PAIR_NAME --key-type $KEY_PAIR_TYPE --query "KeyMaterial" --output text > ${KEY_PAIR_NAME}.pem

# Restrict file permissions for SSH usage
chmod 400 ${KEY_PAIR_NAME}.pem

# Confirm the key pair exists
aws ec2 describe-key-pairs --key-name $KEY_PAIR_NAME --query "KeyPairs[0].{KeyName:KeyName,KeyType:KeyType,KeyPairId:KeyPairId}" --output table

Verification

  • Run aws ec2 describe-key-pairs --key-name devops-kp and confirm KeyType is rsa.
  • Confirm the local private key file devops-kp.pem exists.
  • Confirm file permissions are restricted using ls -l devops-kp.pem.

Cleanup

# Optional cleanup command
aws ec2 delete-key-pair --key-name devops-kp
rm -f devops-kp.pem

Resources

AWS CLI Docs