Radish Logic - Developer Blog

How to get the AWS Account ID in Lambda Python

There are use cases where the need to get the AWS Account ID of the Lambda Function during runtime is required. I thought it was easy as getting the AWS Region but it was not. Luckily there is a way to get it, use the step-by-step instructions below.

To get the AWS Account ID where the Lambda Function is running use the code below.

def lambda_handler(event, context):

    aws_account_id = context.invoked_function_arn.split(":")[4]

    print(aws_account_id)

How does the code work?

The context object that is being passed to the lambda_handler function provides different methods and properties about the lambda function, like invocation and execution environment.

Grafana monitoring for AWS CloudWatch via EC2 IAM Role

Grafana is an open source software to create visualization of time-series data. This can graph AWS CloudWatch Metrics too.

As a security best practice when using Grafana on an EC2 Instance it is recommended to use an IAM Role. Using a credentials file may expose access to your AWS Account if ever other people gain access to your Grafana Server.

Follow the step-by-step instructions below on how to attach an IAM Role to your Grafana EC2 Instance and set Grafana to access CloudWatch.

Creation of IAM Role for Grafana EC2 Instance

Create an IAM policy with the below permission in JSON. Name this GrafanaAccessPolicy.

{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Sid": "AllowReadingMetricsFromCloudWatch",
      "Effect": "Allow",
      "Action": [
        "cloudwatch:DescribeAlarmsForMetric",
        "cloudwatch:ListMetrics",
        "cloudwatch:GetMetricStatistics",
        "cloudwatch:GetMetricData"
      ],
      "Resource": "*"
    },
    {
      "Sid": "AllowReadingTagsInstancesRegionsFromEC2",
      "Effect": "Allow",
      "Action": ["ec2:DescribeTags", "ec2:DescribeInstances", "ec2:DescribeRegions"],
      "Resource": "*"
    },
    {
      "Sid": "AllowReadingResourcesForTags",
      "Effect": "Allow",
      "Action": "tag:GetResources",
      "Resource": "*"
    }
  ]
}

Then create an IAM Role with the following properties.

Trusted Entity Type	`EC2`
Policies	`GrafanaAccessPolicy`
Role name	`GrafanaAccessRole`

How to install Grafana on EC2 Amazon Linux 2

Grafana is an open source software that specializes in creating graphs and visualizations for users to easily understand the time-series data.

On this step-by-step guide, we will be launching an EC2 Instance with Amazon Linux 2 as the operating system, then install and run Grafana.

EC2 Instance Setup

Launch an EC2 Instance using the Amazon Linux 2 AMI.

For reference here are the settings of my EC2 Instance.

AMI	Amazon Linux 2
Instance Type	t2.micro (free tier) or t3a.nano (cheapest)
Storage	8GB General Purpose SSD (gp2)
Tags	Key: Name Value: Grafana-Server
Security Group	See below (EC2 Security Group Setup)

Note: This post is about installing Grafana on Amazon Linux 2. Launching an EC2 Instance will not be discussed here.

EC2 Security Group Setup

For the EC2 Instance Security Group I opened SSH (22) and default Grafana port (3000) to the internet (0.0.0.0/0).

How to check if your Windows 10 is 64-bit or 32-bit

When selecting a program installer to download it usually has 2 options: 64-bit installer or 32-bit installer. How do I know which one to download?

TL;DR – click here for instructions.

Nowadays, websites can know which version of Windows you are running and would only give you one link to download the installer. Sometimes, it is not that easy like how I installed Visual Studio Code for all Users in Windows which gave me lots of options, Windows, Linux, Mac, 32-bit or 64-bit versions.

It is important to download the correct version of the installer or else it might not work correctly with your system.

To see what architecture your Windows Operating System is running, see the different ways below.

3 ways to check if your Windows Architecture is 64-bit or 32-bit

Via Graphical User Interface (with screenshots)

To check if your running a Windows 64-bit or 32-bit, right-click on the Start Button (Window button on the lower left of your screen) or on your keyboard click Window+X.

Then click System.

This will open a Settings window that shows details about your computer.

Installing Visual Studio Code for All Users in Windows

I am trying to install Visual Studio Code for all users in Windows but it always installs for a single user. Is there a way to install it one time and it is installed for all users?

Yes, there is a way to install Visual Studio Code for all users in Windows.

TL;DR – Download the System Installer here and install.

The Problem

Visiting the website of Visual Studio Code (code.visualstudio.com) and pressing Download for Windows will download the installer for a single user in Windows.

What if you have multiple users in your Windows computer like me? I have a different User Accounts for different projects and different use cases. I had to install for different users.

Follow the tutorial below to install Visual Studio Code for all Users.

Copying a Key Pair Generated by AWS to Another Region (with Screenshots)

I have an existing key pair that was generated via AWS Console. Since I do not want to create another set of Key Pair for the other regions, I would like to use the same Key Pair. Is it possible to copy the Key Pair to another Region? How can I do this?
Dany

Hi Dany, the short answer to your question is yes, it is possible to copy your existing AWS generated Key Pair to another region and even copy this to another AWS account.

The Challenge with AWS Generated Key Pairs

Generating the Key Pairs via AWS Console is easy, it gives you the Private Key and you can launch EC2 instances and associate it with your instance by adjusting the settings during EC2 Instance Launch. Then you can SSH to your EC2 Instance via the Private Key.

The issue here is the Public Key. AWS does not provide the Public Key during creation or any time after that.

Do not worry, we can still get the Public Key. It is not easy as clicking on the console then selecting copy to other region, but it is still doable.

See the steps below.

Step-by-step guide on copying a Key Pair to another region.

For this tutorial, I have created an AWS Key Pair in N. Virginia Region (us-east-1) – radishlogic_key.

The goal is to copy the Key Pair to Oregon Region (us-west-2).

Here are screenshots of my Key Pair.

1. Retrieving the Private Key in N. Virginia Region (us-east-1)

Launch a temporary Linux EC2 Instance in where the Key Pair is located (us-east-1). Any Linux Image will do.

Setup IIS FTP on Windows Server

I will be transferring a lot of files to my Windows Server and File Transfer Protocol (FTP) would be a great way to do this.

Below is a step-by-step instruction on how you can install and configure FTP via Windows Internet Information Services (IIS).

By the way, I have tried the instructions below on Windows Server 2012, Windows Server 2016 and Windows Server 2019.

Setup

Testing

Installation of IIS FTP

1. On Windows Server open Server Manager.

Click on Start Button on the taskbar, then click Server Manager.

Start Button is the window icon on the bottom left of the screen.

2. On Server Manager window, click on Manage then Add Roles and Features.

3. On Add Roles and Features Wizard window, click on Next.

Running Minikube in AWS EC2 (Ubuntu)

If you are studying Kubernetes and having a hard time running Minikube on an EC2 Instance, you are not alone. I had a hard time doing it when it was my first time.

Below are the steps (and some comments) that I took to help me run Minikube on my EC2 Instance.

Installation of Minikube on EC2 Ubuntu

1. Run a public EC2 Server with the following setup

AMI	Ubuntu Server 18.04 LTS (HVM), SSD Volume Type
Instance Type	t3.micro (2 vCPU, 1GB Memory)
Storage	8 GB (gp2)
Tags	– Key: Name – Value: Minikube
Security Group	Name: Minikube Security Group – SSH, `0.0.0.0/0` Later we will be editing this.
Key Pair	Create your own keypair. You will need this to SSH to your EC2 Instance

Update: I changed the Instance Type from t2.micro (1 vCPU) to t3.micro (2 vCPU). An update to Minikube required a minimum of 2 vCPUs. The error when running with t2.micro was Requested cpu count 1 is less than the minimum allowed of 2.

t3.micro is no longer in the Free Tier, make sure to stop or terminate the instance after you are done testing to avoid a huge AWS bill.

Thank you to everyone in the comments section who pointed this change.

2. SSH into your created EC2 Instance using your keypair.

ssh [email protected]<ipv4_public_ip> -i <keypair>.pem

3. Install kubectl

curl -LO https://storage.googleapis.com/kubernetes-release/release/`curl -s https://storage.googleapis.com/kubernetes-release/release/stable.txt`/bin/linux/amd64/kubectl

chmod +x ./kubectl

sudo mv ./kubectl /usr/local/bin/kubectl

4. Install Docker

sudo apt-get update && \
    sudo apt-get install docker.io -y

Minikube requires Docker. Continue reading Running Minikube in AWS EC2 (Ubuntu)

Compare files in Visual Studio Code

To compare files in Visual Studio Code, right-click on the first file then click Select for Compare.

boto3: Convert AMI Creation Date from string to Python datetime

When retrieving the AMI Creation Date from boto3 it returns a string data type. Visually, this is okay but it is challenging to do operations and comparisons to the AMI Creation Date like if the date is before or after a certain date.

To solve the issue we need to convert the AMI Creation Date from type string to datetime before we could do some operations.

The AMI Creation Date string looks like <strong><span style="color:#e53b51" class="tadv-color">2019-09-18T07:34:34.000Z</span></strong>. To convert this we need to use the strptime function from the datetime.datetime library.