Create a Workspace
The Cloud9 workspace should be built by an IAM user with Administrator privileges, not the root account user. Please ensure you are logged in as an IAM user, not the root account user.
Ad blockers, javascript disablers, and tracking blockers should be disabled for the cloud9 domain, or connecting to the workspace might be impacted. Cloud9 requires third-party-cookies. You can whitelist the specific domains.
Launch Cloud9 in your closest region:
-
Log into the AWS Console.
-
Create a Cloud9 Environment: https://us-west-2.console.aws.amazon.com/cloud9/home?region=us-west-2
-
Log into the AWS Console.
-
Create a Cloud9 Environment: https://eu-west-1.console.aws.amazon.com/cloud9/home?region=eu-west-1
-
Log into the AWS Console.
-
Create a Cloud9 Environment: https://eu-central-1.console.aws.amazon.com/cloud9/home?region=eu-central-1
-
Log into the AWS Console.
-
Create a Cloud9 Environment: https://us-east-2.console.aws.amazon.com/cloud9/home?region=us-east-2
-
Log into the AWS Console.
-
Create a Cloud9 Environment: https://ap-southeast-1.console.aws.amazon.com/cloud9/home?region=ap-southeast-1
-
Log into the AWS Console.
-
Create a Cloud9 Environment: https://ap-southeast-2.console.aws.amazon.com/cloud9/home?region=ap-southeast-2
-
Log into the AWS Console.
-
Create a Cloud9 Environment: https://ap-northeast-1.console.aws.amazon.com/cloud9/home?region=ap-northeast-1
-
Select Create environment
-
Name it ecsworkshop, and select Next Step
-
Change the Instance type to t3.small, and select Next Step
-
Lastly, select Create Environment
-
When it comes up, customize the environment by closing the welcome tab and lower work area, and opening a new terminal tab in the main work area:
-
Your workspace should now look like this:
-
If you like this theme, you can choose it yourself by selecting View / Themes / Solarized / Solarized Dark in the Cloud9 workspace menu.
Create the IAM Role and attach it to the Cloud9 instance
-
Follow this deep link to create an IAM role with Administrator access.
-
Confirm that AWS service and EC2 are selected, then click Next to view permissions.
-
Confirm that AdministratorAccess is checked, then click Next: Tags to assign tags.
-
Take the defaults, and click Next: Review to review.
-
Enter ecsworkshop-admin for the Name, and click Create role.
-
Select the instance, then choose Actions / Security / Modify IAM Role
-
Choose ecsworkshop-admin from the IAM Role drop down, and select Save
-
Return to your workspace terminal and perform the next steps
Install jq, as we will use this quite a bit throughout the workshop when interacting with json outputs.
sudo yum install -y jq
Upgrade AWS CLI according to guidance in AWS documentation.
curl "https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip" -o "awscliv2.zip"
unzip awscliv2.zip
sudo ./aws/install
To ensure temporary credentials aren’t already in place we will remove any existing credentials file as well as disabling AWS managed temporary credentials for Cloud9:
aws cloud9 update-environment --environment-id $C9_PID --managed-credentials-action DISABLE
rm -vf ${HOME}/.aws/credentials
We should configure our aws cli with our current region as default.
echo "export AWS_DEFAULT_REGION=$(curl -s 169.254.169.254/latest/dynamic/instance-identity/document | jq -r .region)" >> ~/.bashrc
echo "export AWS_REGION=\$AWS_DEFAULT_REGION" >> ~/.bashrc
echo "export AWS_ACCOUNT_ID=$(aws sts get-caller-identity --query Account --output text)" >> ~/.bashrc
source ~/.bashrc
Check if AWS_REGION is set to desired region
test -n "$AWS_REGION" && echo AWS_REGION is "$AWS_REGION" || echo AWS_REGION is not set
Let’s save these into bash_profile
echo "export AWS_ACCOUNT_ID=${AWS_ACCOUNT_ID}" | tee -a ~/.bash_profile
echo "export AWS_REGION=${AWS_REGION}" | tee -a ~/.bash_profile
aws configure set default.region ${AWS_REGION}
aws configure get default.region
Validate the IAM role
Use the GetCallerIdentity CLI command to validate that the Cloud9 IDE is using the correct IAM role.
aws sts get-caller-identity --query Arn | grep ecsworkshop-admin -q && echo "IAM role valid" || echo "IAM role NOT valid"
If the IAM role is not valid, DO NOT PROCEED. Go back and confirm the steps on this page.
Increase the disk size on the Cloud9 instance
pip3 install --user --upgrade boto3
export instance_id=$(curl -s http://169.254.169.254/latest/meta-data/instance-id)
python3 -c "import boto3
import os
from botocore.exceptions import ClientError
ec2 = boto3.client('ec2')
volume_info = ec2.describe_volumes(
Filters=[
{
'Name': 'attachment.instance-id',
'Values': [
os.getenv('instance_id')
]
}
]
)
volume_id = volume_info['Volumes'][0]['VolumeId']
try:
resize = ec2.modify_volume(
VolumeId=volume_id,
Size=30
)
print(resize)
except ClientError as e:
if e.response['Error']['Code'] == 'InvalidParameterValue':
print('ERROR MESSAGE: {}'.format(e))"
if [ $? -eq 0 ]; then
sudo reboot
fi
- Note: The above command is adding more disk space to the root volume of the EC2 instance that Cloud9 runs on. Once the command completes, we reboot the instance which could take a minute or two for the IDE to come back online.