Tuesday, 27 May 2014

How does the AWS SDK retrieve credentials from IAM roles within EC2 instances

This is another in a series of videos that I am producing for my YouTube channel HowDoYouDoStuff.


In this video, I am going to show you how the AWS SDK retrieves credentials from IAM roles within EC2 instances


You can read the transcript below.


HTML 5 Player



Transcript

Hi guys. I'm Phil Stirpe.

In this video, I am going to show you how the AWS SDK is able to retrieve credentials for an IAM role from within EC2 instances.

This demo was recorded live during the delivery of a recent Developing on AWS course.



Due to the live (from the hip) nature of the demo, I did not produce a transcript for this video.


There you have it.

In this video, I have shown you how the AWS SDK is able to retrieve credentials for an IAM role from within EC2 instances.

Thanks for watching and please feel free to comment and suggest more video topics. Most of all, don't forget to subscribe to keep up with my videos as I release them.

Bye for now.




Flash Player








See you soon

Phil Stirpé
"I don't do average!"






Sunday, 18 May 2014

How to work with DynamoDB using the AWS Toolkit in Visual Studio

This is another in a series of videos that I am producing for my YouTube channel HowDoYouDoStuff.


In this video, I am going to show you how to work with DynamoDB using the AWS Toolkit in Visual Studio


You can read the transcript below.


HTML 5 Player



Transcript

Hi guys. I'm Phil Stirpe.

In this video, I am going to show you how to work with DynamoDB using the AWS Toolkit in Visual Studio.

In an earlier video I showed how to download and install the AWS toolkit into visual studio. And associate it with an IAM user authored created earlier in Amazon web services.

Here is that same user called Frank and if I click on the Edit Account button you can see that we have the access key and secret key which represent Frank’s credentials. These are required by the toolkit when I’m trying to carry out management tasks in visual studio, those credentials can be used to authenticate visual studio with Amazon web services.

By the way, if you did watch that earlier video where I associated with the IAM user you should know that I’ve updated the group that it belongs to, to grant it access to DynamoDB.

In this session I don’t want to look at how we might use the SDK to access DynamoDB programmatically. I just want to look at some of the management tasks that we can carry out in the AWS Explorer window.

So that’s going to be things like create a table, add records, delete a table.

Let’s start with creating a table. I’m just going to right click on DynamoDB and select Create Table.

Am going to go with a table named Trainers and put in a hash key name of TrainerName.

Many of the features available in the AWS console are available here. For example you could enable a range key.

You can specify the read and write capacity. I’ll leave the defaults here although you would be likely to enter higher values for production databases.

You could specify secondary indexes both local and global.

Finally, you could also create an alarm. This could be used to notify you if your throughput exceeds in this case 80% of what you had provisioned. For now I’ll leave all of these options alone. I just want to create a simple table.

Let me click the Create button and now you can see that the Trainers table has been created. A very straightforward process.

If you were working away in visual studio and needed a downloaded be table and didn’t have the time or inclination to create the table programmatically or from the command line or AWS console, it is very simple to do with this plug-in.

Let’s add some records. This is also a simple process.

So I’ll right click the Trainers node and select Open. This opens the query window and reveals the hash key. I can literally just start typing in trainer names.

So I’ll begin by entering a trainer name of Phil.

I’ll need some more so I’ll go with Matt, Mike and Geraldine.

Nice and simple.

And if we had range keys and secondary indexes they would all be available via this window.

I’ll just close down that window and deal with the last thing that I want to show you.

How about deleting a table? That is just a simple to do.

Right click the table, select delete, confirm. Gone.

Nothing too taxing I just wanted to show you how simple it was to add a table, insert records and then delete a table. All without leaving Visual Studio.

There you have it.

In this video, I have shown you how easy it is to work with DynamoDB using the AWS Toolkit in Visual Studio.

Thanks for watching and please feel free to comment on my blog (www.philipstirpe.com) and Facebook page (www.facebook.com/philip.stirpe.tutorials). Perhaps you could suggest more video topics? Most of all, don't forget to subscribe to keep up with my videos as I release them.

Bye for now.






Flash Player








See you soon

Phil Stirpé
"I don't do average!"






How to work with DynamoDB using the AWS Toolkit in Eclipse

This is another in a series of videos that I am producing for my YouTube channel HowDoYouDoStuff.


In this video, I am going to show you how to work with DynamoDB using the AWS Toolkit in Eclipse


You can read the transcript below.


HTML 5 Player



Transcript

Hi guys. I'm Phil Stirpe.

In this video, I am going to show you how to work with DynamoDB using the AWS Toolkit in Eclipse.

In an earlier video I showed you how to install the AWS Toolkit into Eclipse and associate it with an IAM user I created earlier.

In this video I just want to show you how to use the AWS Toolkit to perform some management tasks in Eclipse. In particular DynamoDB.

I’m not going to look at how we can use the SDK to write code to interact with DynamoDB. Rather simply create tables, add records and delete tables.

Just as a reminder here is the user account that I associated with when I installed the AWS toolkit.

So there is an IAM user called Frank. And this is Frank’s access key and secret key. It is by using these credentials that Eclipse via the AWS toolkit is able to get authenticated by Amazon web services.

If you saw the earlier video, a just point out that I have now updated Frank’s privileges ( or at least a group he’s in) to allow access to DynamoDB.

So let’s pick one task to get us started. That’s creating a DynamoDB table. Let me right click this node and select Create Table.

This is the kind of task that the developer might carry out in Eclipse when they need a table to work against but it’s not actually worth writing the code to create one.

Creating a table via the AWS toolkit is as simple as using the AWS console.

Let me put in a table name of trainers and I’ll use a hash key name of TrainerName.

Many of the features available in the AWS console are available here. For example you could enable a range key.

You can specify the read and write capacity. I’ll enter 1 for each although you would be likely to enter higher values for production databases.

You could specify secondary indexes both local and global.

Let me click the Finish button and now you can see that the Trainers table has been created. A very straightforward process.

Another thing that you are likely to want to do quickly in Eclipse as a developer is to enter some records into your DynamoDB table. So let’s try that will stop

I’ll right click on the Trainers node and select Open Query Editor.

You can see the hash key here and I can start entering values.

So I’ll begin by entering a trainer name of Phil.

I’ll need some more so I’ll go with Mike, Matt and Geraldine.

Nice and simple.

As a developer working in Eclipse, if you needed a DynamoDB table and didn’t have access to the AWS console you could simply do it here using the toolkit.

Let’s do one last thing. Not only is it easy to create a table and add records to it using the toolkit in Eclipse, it’s also very easy to delete a table.

So let me just right click on the Trainers node, select delete and then confirm.

Not an exhaustive demo so just wanted to show you how simple it is to add a table, insert records and then delete a table. All without leaving Eclipse.



There you have it.

In this video, I have shown you how easy it is to work with DynamoDB using the AWS Toolkit in Eclipse.

Thanks for watching and please feel free to comment on my blog (www.philipstirpe.com) and Facebook page (www.facebook.com/philip.stirpe.tutorials). Perhaps you could suggest more video topics? Most of all, don't forget to subscribe to keep up with my videos as I release them.

Bye for now.






Flash Player








See you soon

Phil Stirpé
"I don't do average!"






How to work with S3 using the AWS Toolkit in Visual Studio

This is another in a series of videos that I am producing for my YouTube channel HowDoYouDoStuff.


In this video, I am going to show you how to work with S3 using the AWS Toolkit in Visual Studio


You can read the transcript below.


HTML 5 Player



Transcript

Hi guys. I'm Phil Stirpe.

In this video, I am going to show you how to work with S3 using the AWS Toolkit in Visual Studio.

In an earlier video I showed you how to download and install the AWS Toolkit into Visual Studio.

But this video I just want to focus on how we can use the AWS toolkit to access S3 whilst working away in Visual Studio.

In that video I showed you how to configure visual studio to use an IAM user called Frank to connect to Amazon web services. That involved entering Frank’s access key and secret key.

Will now we know that Visual Studio is configured let’s focus on using S3.

This video I don’t want to focus on how we might use the SDK to interact with S3 programmatically. I just want to look at how we would carry out management tasks such as creating buckets, dragging files into buckets, and deleting buckets.

Some just going to try and create a new bucket by right clicking on the S3 node in the AWS Explorer.

Going to call it demobucket. The thing to be aware of the S3 is that bucket names need to be globally unique stop and I have a strong feeling that demobucket will have gone by now.

Now. That name is not available. So I could try adding in a hyphen to create demo-bucket but am pretty sure that name will have gone also.

All right let me try a prefix of qa to come up with a bucket named of qa-demo-bucket.

Now here we are getting a different error message. What is interesting is that I did create that bucket earlier and then delete it. But when recording and other video I earlier to perform the same task in Eclipse, I created a Pre-signed URL that granted access to that bucket for an hour and because of that, Amazon web services is preventing me from creating a bucket with that same name.

I’m going to have to come up with another bucket name. How about my-demo-bucket?

No. That name has gone also. This is getting a bit tedious.

Okay. Let’s go for aws-toolkit-demo-bucket.

While that’s a relief. There we have the bucket.

So that’s a task you might perform in Visual Studio as a developer. It’s not worth writing code to create a bucket. You just want to go ahead and create one.

Good luck with the naming.

Another task that you might want to perform in Visual Studio is to simply drag a file and drop into a bucket to work with.

Once again it’s not worth writing the code to achieve this, you just want to get the job done.

So let’s say I want to drag a file into my bucket.

What are can’t do, is simply drag a file from Windows Explorer end to a bucket node in AWS Explorer. That will simply open the file in Visual Studio.

What I need to do, is to open or browse the bucket in AWS Explorer by right clicking the bucket name and selecting Browse.

The S3 browse window opens and offers me a number of options that let me manage my folders.

One thing I can do, is drag a file from Windows Explorer into this S3 browse window in Visual Studio.

This results in the upload settings dialog appearing where I am asked a number of questions.

There are a couple of flavours of S3 including standard and reduced redundancy storage. If I wanted to upload my file into reduced redundancy storage then I simply need to check this box. I could also request that my file be encrypted at rest. In other words whilst stored in S3.

I’m also able to specify that the file is publicly readable. I don’t want to do that.

If I click on the Permissions tab you can see that there are no permissions granted on this file

If I chose, I could add permissions in via this window which would result in an access control list or ACL. I would still probably want to create some IAM policies.

I don’t want to manage permissions from here. I would want to do that elsewhere. For example the AWS console.

So I’m just going to go ahead and click OK.

There we go, the file has been uploaded.

I was given an option to define an alternate key, but I’m happy to use the file name.

That’s how simple it is to upload a file into S3 whilst working in Visual Studio.

And if I can upload a file, I can just as easily download or delete a file.

Now although I didn’t want to manage permissions whilst in Visual Studio, I do want to look at how people might access assets in S3.

If I right click the file and copy the URL into the clipboard, I could open up an incognito window and paste it into the address bar. I’m using an incognito window by the way, because I am already logged in to Amazon web services in another browser window.

As you can see, when trying to access the file in S3 using this URL, I receive access denied. Which is to be expected as no permissions are granted.

In fact only the ceiling get that anyone that root account and the IAM user called Frank have access to that bucket and its contents.

A clever thing we can do whilst in Visual Studio, is to right click the file again choose a pre-signed URL.

This allows you to create a time stamped, pre-signed URL. By default I am being offered one hour’s access which I will accept.

I will generate the URL. By the way, note that this is for a GET action but I could also specify a PUT action.

Let me copied this URL and paste it into that same browser window.

Notice that it contains an access key has just been generated and expiry time.

When I press enter, the file and its contents are returned to this unauthenticated window using the signed URL.

So I’ll just pop back into Visual Studio stop using the AWS toolkit with been able to perform some simple management tasks with S3 such as creating a bucket, uploading a file and generate a pre-signed URL.

The last thing I want to do is simply delete the bucket and any objects within it as I want to tidy up after myself.

There is more that I could do with S3 and of course now we have the AWS toolkit installed, we also have access to the SDK and therefore could go ahead and write code to interact with the service. But I just wanted to give you a feel for some of the simple management tasks that you could carry out with S3 whilst using the AWS toolkit in Visual Studio.



There you have it.

In this video, I have shown you how easy it is to work with S3 using the AWS Toolkit in Visual Studio.

Thanks for watching and please feel free to comment on my blog (www.philipstirpe.com) and Facebook page (www.facebook.com/philip.stirpe.tutorials). Perhaps you could suggest more video topics? Most of all, don't forget to subscribe to keep up with my videos as I release them.

Bye for now.






Flash Player








See you soon

Phil Stirpé
"I don't do average!"






How to work with S3 using the AWS Toolkit in Eclipse

This is another in a series of videos that I am producing for my YouTube channel HowDoYouDoStuff.


In this video, I am going to show you how to work with S3 using the AWS Toolkit in Eclipse


You can read the transcript below.


HTML 5 Player



Transcript

Hi guys. I'm Phil Stirpe.

In this video, I am going to show you how to work with S3 using the AWS Toolkit in Eclipse.

In an earlier video I showed you how to install the AWS Toolkit into Eclipse and associate it with an IAM user I created earlier.

In fact if I go into the menu and select preferences, you can see that with already configured Eclipse to identify itself as an IAM user called Frank when connecting to Amazon web services. This involves using the user’s access key and secret key.

In the AWS Explorer window in Eclipse you can see a number of AWS services that you can work with. They are the services it is assumed you might work with when working in Eclipse.

In this video I want to work with S3 so let me just expand that node.

The very fact that I can see some buckets listed, proves that Eclipse has been authenticated by Amazon web services and that the AWS user account has privileges to access S3.

In this video I’m not going to show how to use SDK to interact with S3 using code, rather I want to show how you might use S3 as a developer within Eclipse. For example the creation of buckets and copying of files.

Let me begin by creating a bucket.

A right click the S3 node and select create new bucket.

I want to call this bucket demobucket. Now have to be careful because bucket names must be globally unique as you can see that name is already taken.

Let me try adding a hyphen and calling it demo-bucket. No that’s also in use.

Let me try qa-demo-bucket. That’s okay.

So that’s a thing to remember. This is not an Eclipse thing or and AWS toolkit thing, it’s an S3 thing.

I’ll click the Finish button and now I have a bucket.

It may well be that when you’re working in Eclipse you need an S3 bucket is not worth the effort to write code to create one. As you have seen you can use simple right click to create one.

Now that created a bucket in Eclipse, let’s look at something else I might want to do. I might simply want to upload some files into a bucket whilst I’m working away in Eclipse.

Well I can just do that with a drag and drop.

If I open up Windows Explorer, I can just drag a file onto a bucket in the AWS Explorer window and the AWS toolkit will take care of the upload for me.

The AWS toolkit prompts me for a keyname. I’m actually uploading a file S3 uses a mechanic of a keyname. The keyname can be the same as the filename although doesn’t have to be.

So I’ll just accept the file name as a keyname and click OK to upload the file.

If I want to view the file in the bucket within Eclipse I just need to right click the bucket name and select Open in S3 Bucket Editor.

When that window opens we can see the item in the bucket.

You can see the keyname and also the owner. Interestingly although eclipses connecting to Amazon web services using an IAM user called Frank, this field is actually showing the root account name which happens to be Phil Stirpe.

Window also shows that we using S3 standard storage rather than reduced redundancy storage. The storage class is not something that we can modify in this window.

Another thing I can do in this window is select the key and edit the bucket ACL or access control list.

This is one way of managing permission. I.e. you could use access control lists rather than IAM policies. In fact you could use a combination.

I don’t want to use access control lists so I’ll just cancel that dialog.

As I have assigned any privileges, no one should be able to access this file. Unless is the root account or an IAM user with full privileges to access S3.

Let me just show you this file in the AWS console.

The reason I have come here is so that I can right click the file and select properties. One of the properties is a URL that could publish and share with users in order to locate it. This URL isn’t available within Eclipse.

If I copy that URL and then open and incognito window. By the way I’m doing this because I already have another window open and authenticated with Amazon web services in it.

If I try to navigate using that URL you will see that I get an access denied.

Clearly there is a file up there and we got it there via Eclipse. By default S3 prevents any access.

Here’s something we are able to do in Eclipse. We can right click the file or key and select Generate Pre-signed URL. At the same time you can specify an expiry date and time for the URL. So I’ll try publishing a URL that will expire in an hour’s time.

So I’ll copy the new URL into the clipboard and switch back to the browser and try that in the address bar instead. As you can see the URL includes an expiry time and an access key.

When I press enter, I now retrieve the file from S3.

Now there are lots of things that might want to do with S3 but the I’m just focusing on those simple tasks carry out within Eclipse using the AWS toolkit. What we’ve been able to do with the AWS toolkit is create a bucket, drag a file into the bucket. And if I can drag a file in, I could easily delete it.

I’ve also shown how create a Pre-signed URL to give users temporary access to a file in S3.

As I said start this video, I’m just focusing on those management tasks that you can perform in Eclipse rather than what we might be able to achieve using the SDK programmatically. That would be material for another video.

There you have it.

In this video, I have shown you how easy it is to work with S3 using the AWS Toolkit in Eclipse.

Thanks for watching and please feel free to comment on my blog (www.philipstirpe.com) and Facebook page (www.facebook.com/philip.stirpe.tutorials). Perhaps you could suggest more video topics? Most of all, don't forget to subscribe to keep up with my videos as I release them.

Bye for now.





Flash Player








See you soon

Phil Stirpé
"I don't do average!"






How to install the AWS Toolkit for Eclipse

This is another in a series of videos that I am producing for my YouTube channel HowDoYouDoStuff.


In this video, I am going to show you how to install the AWS Toolkit for Eclipse


You can read the transcript below.


HTML 5 Player



Transcript


Hi guys. I'm Phil Stirpe.

In this video, I am going to show you how to install the AWS Toolkit for Eclipse.

The AWS Toolkit is an extension for Eclipse that makes it easier for developers to develop, debug, and deploy Java applications using Amazon Web Services.

You begin by visiting this page at http://aws.amazon.com/eclipse/

In fact there is nothing that you need to download from this page. You simply need to follow these short instructions.

The 1st stage is to get yourself into Eclipse.

Okay, I’m already in a workspace so I need to go to the Help Menu and select Install New Software.

This 1st box is where I need to put the URL. Rather than type it I’ll just copy it from the address bar.

Now I click the Add button and for a repository name I’m going to enter AWS.

I’ll just wait for it to build up the list.

Now rather than select the whole Toolkit, I’m going to select all except the SDK for Android as I had a problem installing this earlier.

I’ll accept the rest of these defaults and then click Next.

I review all of these items and then accept the license agreement before clicking Finish.

When I receive the security warning, I’ll just click OK to continue.

Once the AWS Toolkit has installed, I just need to restart Eclipse.

Following the restart, I am now prompted for an access key and a secret key.

These are credentials associated with an IAM user.

It is strongly recommended that you don’t use the credentials for your Root account. Instead you should create one or more IAM users.

Now I do have an IAM user created. In fact I created it in an earlier video and downloaded it credentials at that time.

Here is the file for the user called Frank, and here are his access key and secret key.

So I’ll just copy those values and switch back into Eclipse and paste them into this dialog.

We are now giving the AWS Toolkit the credentials for that IAM user named Frank. So whenever I work in Eclipse, I will be connected to Amazon web services as Frank and will be able to carry out any task that Frank has privileges for.

At the bottom of the screen we can see the open AWS Explorer window.

Rather than listing all of the available AWS services, the AWS Explorer is only showing the usual suspects. I.e. those services that the developer is most likely to interact with whilst working in Eclipse.

Perhaps I would want to access to S3 buckets, perhaps I would want to interact with EC2 and view instances?

Let me try to access S3. I’m told the AWS Explorer is unable to connect. However this is actually an access denied result.

The user named Frank does actually have permission to access S3. However this permission only relates to a particular bucket. Let me switch back to the AWS console to show you.

If I connect to the IAM console and find the user named Frank, you can see that he’s in a group called Developers.

If I check out the permissions for the Developers group, you can see that members have access to a bucket named qa-cookbooks.

Unfortunately the AWS Toolkit and therefore Eclipse cannot work at such a low level. If you want to access a service using the Toolkit menu going to have to have access to the service and not part of the service.

Now do have another group called S3Developers and if we examine it policy we can see that it has full access to the S3 service regardless of bucket. That will be more than enough for the AWS Toolkit.

So I’ll just add Frank to the S3Developers group.

Those changes should take effect straightaway and so I shouldn’t need to restart Eclipse.

Back in Eclipse, I’ll just refresh the AWS Explorer window.

As you can see, when the Toolkit attempted to reconnect to Amazon Web Services as Frank, it was granted these additional privileges and so the AWS Explorer was able to retrieve the bucket names.

However it would be able to access any other services for example EC2 to view instances and AMIs.




There you have it.

In this video, I have shown you how easy it is to install the AWS Toolkit for Eclipse.

Thanks for watching and please feel free to comment on my blog (www.philipstirpe.com) and Facebook page (www.facebook.com/philip.stirpe.tutorials). Perhaps you could suggest more video topics? Most of all, don't forget to subscribe to keep up with my videos as I release them.

Bye for now.





Flash Player








See you soon

Phil Stirpé
"I don't do average!"






How to download and install the AWS Toolkit for Visual Studio

This is another in a series of videos that I am producing for my YouTube channel HowDoYouDoStuff.


In this video, I am going to show you how to download and install the AWS Toolkit for Visual Studio


You can read the transcript below.


HTML 5 Player



Transcript

Hi guys. I'm Phil Stirpe.

In this video, I am going to show you how to download and install the AWS Toolkit for Visual Studio.

The AWS Toolkit is an extension for Visual Studio that makes it easier for developers to develop, debug, and deploy .NET applications using Amazon Web Services.

So the 1st step is to visit this page at http://aws.amazon.com/visualstudio/ and there you’ll find a button that allows you to download the AWS Toolkit.

Okay so that’s downloaded and it took just under a minute.

So here is the installer. An MSI file. Let me go ahead and install and work my way through the wizard.

I’ll accept the license terms.

As you can see the installer is going to install SDKs for a variety of frameworks including .NET 4.5 and Windows RT. It’s also going to install some samples.

I’ll accept the defaults and click Next.

Now I click the Install button.

And after a minute or so the wizard is ready.

Okay let me launch Visual Studio.

As you can see we’ve been offered a short video on using the AWS Toolkit for Visual Studio.

Let me click on the View Menu and select AWS Explorer.

In order for Visual Studio to work with my account, I need to configure it with some account information. As you can see I have the option to add in a user.

Let me click on Add an Account.

In this dialog I’m able to specify the credentials for user. In an earlier video I created an IAM user called Frank who is a member of the Developers group. Let me put Frank’s name in the Display Name box.

What I now need to do is supply credentials. When you create an IAM user account, you are given a once only opportunity to store the credentials.

If I switch to my downloads folder, I’ll be able to open up this credentials file.

He we can see the user’s access key and secret key which I can copy into Visual Studio.

When you create an account with Amazon web services this is known as the route account and has a couple of credentials including an email address for the ID and password. Each route account is also assigned an account number. It is that account number that can be entered here to be associated with this IAM user.

Note that the account number is actually optional in this case.

To locate your account number you have to visit your account in the AWS console and then click on the My Account link.

There is quite a lot of information on this page but the information that we need is this account number here.

There are a number of locations that you can get this number from. For example, if you go into the IAM console, you can find it in the IAM user sign-in URL.

Now that I have the account number I can jump back into Visual Studio and paste it in.

So this is creating an identity in visual studio is associated with an IAM user.

Let me just switchback to the AWS console to show you that user. I created this user in an earlier video.

In fact when recording that video I did forget to add the user called Frank to the Developers group so I’ll do that now.

Back in Visual Studio, these credentials are Frank’s access key and secret key. It makes sense for the Display Name to be the same.

And the account number is the root account to which the IAM user belongs.

As you can see now in visual studio I have access to a variety of services associated with that account.

For example S3. If Franks attempts to access to S3, he gets Access Denied.

Now Frank is a member of a group called Developers that has access to S3. However the developers group doesn’t have access to all of S3.

Let me switch back to the AWS console. If we examine the permissions for the developers group, we will see that it only has permissions for bucket named qa-cookbooks. This is far too granular for Visual Studio to cope with.

So let me create another group. I’m going to call this group S3Developers. My intention here is that this group gets full access to S3.

So if I scroll down this policy template list, I’ll choose S3 Full Access. This is more than I would like but it will allow me to work in Visual Studio.

I’ll click on Continue and then Create Group.

I can then switch to the Users section and then add Frank to this new group.

Now these privileges should be available to Frank immediately.

So if I switch back to Visual Studio and then refresh the AWS Explorer, you will see that all of the buckets are now listed.

Although it’s ideal to have specific policies for particular users or groups, the AWS Toolkit isn’t that granular.

So if you want to be able to access S3 from within the AWS Explorer, you’re going to have to use a user account that has privileges for the whole S3 service rather than individual buckets.

If you weren’t using Explorer and were simply writing code, you could come up with a better, more restrictive set of privileges.

Before I go let’s just take a look at some of these other services.

This isn’t an exhaustive list of all the services available in Amazon Web Services. Rather these are considered the usual suspects. In other words, services that you are more likely to want to work with from within Visual Studio.

You would want to be able to see the buckets, AMIs and EC2 instances.


There you have it.

In this video, I have shown you how easy it is to download and install the AWS Toolkit for Visual Studio.

I’ll also be producing a video shown you how to download and install the AWS Toolkit for Eclipse.

Thanks for watching and please feel free to comment on my blog (www.philipstirpe.com) and Facebook page (www.facebook.com/philip.stirpe.tutorials). Perhaps you could suggest more video topics? Most of all, don't forget to subscribe to keep up with my videos as I release them.

Bye for now.





Flash Player








See you soon

Phil Stirpé
"I don't do average!"






Saturday, 17 May 2014

How to create an IAM group and users for Amazon Web Services - AWS Developers

This is another in a series of videos that I am producing for my YouTube channel HowDoYouDoStuff.


In this video, I am going to show you how to create an IAM group and users for Amazon Web Services - AWS Developers


You can read the transcript below.


HTML 5 Player



Transcript

Hi guys. I'm Phil Stirpe.

In this video, I am going to show you how to create an IAM group and users for Amazon Web Services - AWS Developers.

Now have shown how to create an IAM user before in an earlier demo, but I want to focus on creating a user for development purposes.

Because there are a couple of things we need to bear in mind.

And it is IAM users we want to be using rather than the root account.

The last thing we should be doing is using the root account any kind of development. Given the trail you’re going to leave behind.

Let me connect to the IAM service in the AWS console.

As you can see I’ve already got a number of groups and users.

If you imagine we had a group of developers who are about to start work on an application, we’d be adding them in in here.

But the last thing we want to be doing is assigning them individual privileges and that’s why we have groups.

Some going to start with a group. I’m going to create a group called Developers.

As I’ve already suggested, you don’t want to be giving permissions to individual users because that is simply not going to scale.

As new users arrive you’d have to assign them permissions too.

So it makes sense to assign the privileges to a group and then place users into that group as required.

Another important consideration is that you apply the principle of least privilege.

Now when this dialog pops up, it’s expecting me to specify the permissions for my new group.

The developers don’t need full administrative access to the entire AWS cloud. In fact the team I have in mind will just require read and write access to S3. In particular one bucket.

So rather than select one of these set pieces which will grant a wide range of privileges, I’m going to select policy generator.

I can select the desired service, in this case S3. As for actions, I’m going to allow all actions.

Now rather than granting all access to S3 to my group, I just want to restrict it to one specific bucket.

Let me paste in an ARN that I have here to bucket called qa-cookbooks.

In the ARN I have not needed to mention the region which is optional because bucket names are globally unique.

Nor am I had to mention the account number associated with my root account. This is also because bucket names are globally unique.

If I click Add Statement now and then continue, we can see the resulting policy document that is being granted to the group called Developers.

So I’ll go ahead and create the group. There we have it.

I now have a group that has just the privileges that needs and so now I can create some users.

In fact for this demo I’m just going to create one user.

So I’m going to create a user and call that user Frank.

Another important thing here is that we generate an access key for this user. This check box is selected by default, and we do need it selected.

We would need access keys for users who come in via the AWS console but for developers we do because they quite often need to use these keys in the scripts that they write.

So I have made sure that box is checked and I click the Create button.

Now what we need to focus on here is the text in bold. This is the last time that will be able to download these credentials.

There are actually 2 keys. The access key and secret key. I’ll click here to reveal them.

In future will be able to view the access key in the AWS console but this is the last time that we’ll be able to access the secret key.

We need to download these credentials now.

So I’ll click the Download Credentials button and go ahead and open the downloaded file.

You can see the username here and also the associated access key and secret key.

Developers will need these credentials in order to write scripts or indeed to configure Visual Studio or Eclipse to use the AWS Toolkit which will allow them to connect to Amazon Web Services on their behalf.

So now that I’ve downloaded the credentials file, I can close the Create User window.

There you have it.

In this video, I have shown you how easy it is to create an IAM group and users for Amazon Web Services - AWS Developers.

In later videos I’ll show you how to use access keys and secret keys within Visual Studio and Eclipse to configure the AWS Toolkit to help perform development tasks.

Thanks for watching and please feel free to comment on my blog (www.philipstirpe.com) and Facebook page (www.facebook.com/philip.stirpe.tutorials). Perhaps you could suggest more video topics? Most of all, don't forget to subscribe to keep up with my videos as I release them.

Bye for now.





Flash Player








See you soon

Phil Stirpé
"I don't do average!"






Monday, 14 April 2014

Log into the AWS console with an IAM user

This is another in a series of videos that I am producing for my YouTube channel HowDoYouDoStuff.


In this video, I am going to show you how to log into the AWS console with an IAM user


You can read the transcript below.


HTML 5 Player



Transcript

How do you log into the AWS console with an IAM user?

Hi guys. I'm Phil Stirpe.

In this video, I am going to show you how to log into the AWS console with an IAM user.

When you 1st create an account with Amazon web services you have a single master account.

This account is associated with an email address and credit card number for billing purposes. Most importantly, it has full access to your AWS cloud. That is to say full access to every AWS service available in the AWS cloud.

Clearly that is a very powerful user account. In fact you should make very little use of it.

If you consider that a typical organisation that uses Amazon web services might employ tens or hundreds of developers, testers, database administrators and other admins, they can’t all use a single account.

The solution is to use the Identity and Access Management or IAM service to create users and groups to better manage your cloud.

In this video I want to show you how to create a user and then access the AWS console using that user account.

So the 1st thing I need to do is log into the AWS console with my root or master account.

This involves me entering the email address associated with the account and password.

Furthermore I have enabled my master account for multifactor authentication – MFA. This isn’t required but is considered best practice. You can either get an app for your smartphone or alternatively you can purchase gemalto token from Amazon and associate it with your account.

In this case I’m using a token which gives me a unique code to enter into the 2nd screen.

Now that I’m logged in I can switch to the IAM console in order to create a user account. If I click on the Users link I can create a new user. Let me create a user named George. Note that I’m offered the option to generate an access key. I’m not going to select that and I’ll explain why in a moment.

You need to decide when you create a user what type of credential you want to use to prove identity. For example you might be creating a user account to be used by an application. In that case you might choose an access key.

As this user is intended for a person to connect to the AWS console, I’m going to define a password. Note that you can also specify MFA for user accounts too. This is also considered best practice.

Now that created a user account and specify the password it’s time to show you how to login.

IAM users cannot use the same URL to connect to the AWS console. That is intended for master accounts. Instead the URL should reflect the master account with which the IAM user account is associated.

You can locate the desired URL in the lower left-hand corner of the IAM console. As you can see, it includes the account number associated with your master account. This URL can be issued to your users in the form of a desktop shortcut for example.

Watch what happens when I navigate to this URL in a new window. As you can see, the login window is different. This time the account number is displayed and there are additional fields for the username and password.

Let me login as George.

You can now see that I’m authenticated as George in the AWS console. But what about privileges?

Let me try and launch an EC2 instance.

As you can see I’m not authorised to perform this operation. In fact if you look back at the EC2 Dashboard, there are many things that I am not authorised to do. By default IAM users have no privileges. Privileges must be assigned to IAM users or groups that IAM users are members of.

That will be the subject of a later video.

There you have it.

In this video, I have shown you how easy it is to log into the AWS console with an IAM user.

Thanks for watching and please feel free to comment on my blog (www.philipstirpe.com) and Facebook page (www.facebook.com/philip.stirpe.tutorials). Perhaps you could suggest more video topics? Most of all, don't forget to subscribe to keep up with my videos as I release them.

Bye for now.






Flash Player








See you soon

Phil Stirpé
"I don't do average!"






Monday, 7 April 2014

Use an IAM role to authorise code executing in EC2 instances

This is another in a series of videos that I am producing for my YouTube channel HowDoYouDoStuff.


In this video, I am going to show you how to use an IAM role to authorise code executing in EC2 instances


You can read the transcript below.


HTML 5 Player



Transcript

Hi guys. I’m Phil Stirpe.

In this video, I am going to show you how easy it is to use an IAM role to authorise code executing in EC2 instances.

If you have any EC2 instances running in the AWS cloud, it is highly likely that any code running in them will need access to various AWS services from time to time.

For example you might have an application that must read or write files to or from S3. For that they will need authorisation.

In order to authorise an application or person to access an AWS service, you should 1st create an IAM user account and then assign it a security policy. The problem comes when you need to pass the credentials from an application to the relevant service.

A common mistake is to hardcode these credentials into the application. As you can see, that is what I have done with this user data script. Although this script executes perfectly well (in fact you may have seen it executed in an earlier video) it isn’t secure.

For a start, you may inadvertently disclose the credentials by creating a video demo like this one and showing it on YouTube. More likely you might store your code in a repository such as Git not realising it contained your credentials. The solution is to use IAM roles.

IAM roles are not groups of users. Rather they are entities to which you can assign security policies, and that applications or instances can assume.

Let me show you this other user data script which I wish to pass to an instance. As you can see it does not contain any credentials unlike the other script. Unless the code executes in a context that has permission to access buckets in S3, it will fail. That’s where IAM roles come in.

If I connect to the IAM dashboard, you will see that I have created a role called BootstrapRole. As you can see, I have assigned this role an off-the-shelf security policy which grants it read only access to S3. Any instance that I assign this role to will have the same permissions.

So let’s see that role in action. As with my previous video I’m going to launch an EC2 instance and pass it a user data script.

I am choosing Windows as my script is a Powershell script. I’ll select an m1.medium and then click Configure Instance Details. From there I can expand Advanced Details and then select the file to upload as user data.

I’ll select the script that does not contain credentials and so before I launch I need to select an IAM role to assign to the instance. Any code running in this instance will have whatever privileges are granted in the security policy assigned to that role.

Let me review and launch. Once I’ve selected my key pair the instance will launch.

I will now need to wait a few minutes for the instance to launch and the scripts to execute.

[15 minutes later …]

The instance has now had time to launch and run the bootstrap script. In addition, because this is a Windows server we needed to leave time for the Administrator password to be generated. This is only necessary when you initially launch an instance. It is not required when starting an instance following a shut down.

Let me try connect to the server. I need to pick my key file in order to decrypt the administrator password.

Now that I have the password, I’m going to download the remote desktop file.

I’ll click on that file to open a remote desktop connection and then enter the password that I retrieved earlier.

Once I connect to the server, I’m looking for evidence my user data script executed. That script should have downloaded installers from S3 for Chef Solo which was then going to use a cookbook to install tools such as Notepad++.

As you can see I’ve a number of folders such as chef and opscode. There are also 2 text files. These were created by my script which also installed Chef Solo. The installer for Chef Solo was downloaded from an S3 bucket. Proving that the script had access to S3 due to the instance being assigned an appropriate IAM role.

There you have it.

In this video, I have shown you how easy it is to use an IAM role to authorise code executing in EC2 instances.

Thanks for watching and please feel free to comment on my blog (www.philipstirpe.com) and Facebook page (www.facebook.com/philip.stirpe.tutorials). Perhaps you could suggest more video topics? Most of all, don’t forget to subscribe to keep up with my videos as I release them.

Bye for now.





Flash Player








See you soon

Phil Stirpé
"I don't do average!"






Bootstrap EC2 instances with userdata from the AWS Console

This is another in a series of videos that I am producing for my YouTube channel HowDoYouDoStuff.


In this video, I am going to show you how to bootstrap EC2 instances with userdata from the AWS Console.


You can read the transcript below.


HTML 5 Player



Transcript

Hi guys. I'm Phil Stirpe.

In this video, I am going to show you how easy it is to bootstrap EC2 instances with user-data from the AWS Console.

Bootstrapping is an important aspect of provisioning instances in the cloud.

If you want to implement a truly elastic set of assets allowing you to bring up or discard servers at a moment’s notice, you need to be able to configure an instance at start-up.

This might involve installing some software at initial boot or configuring the machine to behave in a desired manner.

To bootstrap an EC2 instance in Amazon web services, you need to pass it user data at launch time.

User data can be up to 16 kB of data and typically takes the form of a script.

When you launch an EC2 instance it will be based upon an Amazon Machine Image or AMI.

These are typically LINUX or Windows server images. Although you can create any custom type that you wish.

If you choose an off-the-shelf AMI created by Amazon, it will contain one of 2 services. Cloud-Init for LINUX or EC2-Config for Windows.

These services run during the initial boot and check for any user data that you may have passed to the instance.

If your user data can be parsed as a valid script then it will be executed. If not it is ignored.

This is an example of a script we might pass to a Linux machine. It is a bash script that we could pass as user data. It would execute as the server was loading.

This is an example power shell script that we might pass to Windows server to bootstrap that.

Let’s look at the mechanics for passing user data to a launching instance.

I’m going to launch a Windows server as I have a useful power shell script that I can use here.

Rather than launch a micro, I’m going to choose a general-purpose m1.medium as my instance type.

I am now going to click on the Configure Instance Details button. There are a number of options that I can select here but the only one that I want is user data which is buried down in Advanced Details.

Now it is in this box that I can enter my script. Be it a power shell script or a bash script. But rather than enter it directly, I could choose it from a file.

So let me just click this button and then select this file and click Open.

Now you can’t actually see the contents of the script here, so I’ll just open it up in Notepad++ for you to take a look at.

This script downloads a number of files from an S3 bucket including a Chef Solo installer, installers for the likes of Notepad++ and a cookbook.

Once it has downloaded these assets and installed Chef Solo, it leaves Chef Solo to perform the rest of the installation.

So I will now click Review and Launch. I am happy with all of the details so I can go ahead and click on Launch and select my key pair.

Now this will take a couple of minutes to boot and then allow the user data script chance to run, so I will wait for a couple of minutes before trying to connect to the server.

[15 minutes later….]

Okay I have left it 15 minutes or so to give Chef Solo time to install all of the assets. Furthermore, when launching Windows servers for the 1st time you need to wait several minutes in order for the administrator password to be generated.

So I click the Connect button and then attempt to retrieve password. That’s fine. If the administrator password hadn’t been generated yet, I would have received a warning telling me that the password wasn’t ready yet.

I now need to pick the key file that I used when launching the server. This will allow me to decrypt the administrator password.

I need this password in order to connect to the remote server. So I will copy the password and then download the remote desktop file which I can use to connect to the server.

If I click on the Remote Desktop file, a dialog appears prompting me for the Administrator password. So I will enter the password that I copied earlier.

When I connect to this remote machine, I am expecting to see all of the assets that have been downloaded from S3 and that the installers have executed.

If I open up Windows Explorer, you will see that the root of C: contains some non-standard folders. For example a folder named Chef and a folder named opscode. There are also a couple of files that were generated by my script.

We can see that my script downloaded a number of assets and placed them in a folder called Chef. It then installed Chef Solo.

As my script was running, it was writing to this bootstrap file.

So this proves that my power shell script passed as user data was parsed by EC2-Config and executed at the launch of the server.

There is one last thing I would like to show you. Perhaps you would like to bootstrap your server but power shell scripts or bash scripts are not appropriate.

Perhaps you would like to implement some kind of business logic. For example, when this server launches I wanted to act as a video encoder or perhaps even an image thumbnailer.

In this situation I simply need to pass the server a code such as the number 1 or 2. Perhaps I might pass the words “video encoder” or “image thumbnailer” instead?

Then within the instance I may have a service of my own running which could look for this URL: http://169.254.169.254/latest/user-data

This URL is consistent for all instances.

You could use this URL to access user data passed into the launching instance and then act accordingly.

There you have it.

In this video, I have shown you how easy it is to bootstrap EC2 instances with user-data from the AWS Console.

Thanks for watching and please feel free to comment on my blog (www.philipstirpe.com) and Facebook page (www.facebook.com/philip.stirpe.tutorials). Perhaps you could suggest more video topics? Most of all, don't forget to subscribe to keep up with my videos as I release them.

Bye for now.



Flash Player








See you soon

Phil Stirpé
"I don't do average!"






Friday, 14 February 2014

Download and install MobaXterm to connect to Amazon Linux EC2 instances via SSH

This is another in a series of videos that I am producing for my YouTube channel HowDoYouDoStuff.


In this video, I am going to show you how to download and install MobaXterm to connect to Amazon Linux EC2 instances via SSH


You can read the transcript below.


HTML 5 Player



Transcript

Hi guys. I'm Phil Stirpe.

In this video, I am going to show you how easy it is to download and install MobaXterm to connect to Amazon Linux EC2 instances via SSH.

Until recently whenever I've wanted to connect to EC2 instances running LINUX I have usually used putty.

But then a colleague told me about MobaXterm which seems a much better tool.

Here I have to EC2 instances running LINUX in Amazon Web services and I want to connect to them using MobaXterm.

So I'll jump into Google and search for MobaXterm.

As you can see there are a number of links but I will just go for Download.

There are a number of options I can choose, all versions 6.6. I'll select the installer which is going to give me an MSI.

Now that actually took about 3 minutes to download but I cut a lot of that out to keep the video short.

So here is the downloaded MSI and if I run that to install and just accept the defaults. i.e. Accept the license agreement and choose the default folder.

That's it. Quick as you like. Installed.

Let me just add that to my Taskbar.

Okay, let's run the tool.

There is MobaXterm and there is a lot of things it can do for us.

Notice it remembered a number of previous sessions. The reason they are appearing is because prior to recording this video I did actually have the tool installed and I had used it to connect to several of my instances. I just hadn't deleted the history.

So let me try connecting to one of my instances and as you can see I have 2.

Now this is one of the advantages of using this tool rather than putty. That is, it allows me to have more than one instance open simultaneously.

I'll bring back the window and start a new session.

As you can see there are a lot of things that we can do here. For example we can use RDP session to connect to a Windows server. But I'll click SSH so that I can connect to a Linux server.

So I'll enter the IP address of my 1st instance and the user name is going to be ec2-user because that is the default route account for an Amazon Linux server.

And then the private key is this key file that I associated with the server when I launched it.

Now I can connect.

And we are in.

Let me try another.

It is warning me that I can't save any more sessions. That's fine I had a lot saved from before.

I'll just click on the SSH button again. Let me pick the other IP address and pop that in there.

Once again the username is ec2-user and I'll go and find the key that I used to launch the instance.

I'll click Open then OK and now it's connected to that server.

Really useful. Really simple.

The 1st time I used this tool incidentally was an exercise where I tried to link two servers, each in a different Amazon region and create a VPN connection. Perhaps I'll do that in a later video.

There you go.

In this video, I have shown you how easy it is to download and install MobaXterm to connect to Amazon Linux EC2 instances via SSH.

Thanks for watching and please feel free to comment on my blog (www.philipstirpe.com) and Facebook page (www.facebook.com/philip.stirpe.tutorials). Perhaps you could suggest more video topics? Most of all, don't forget to subscribe to keep up with my videos as I release them.

Bye for now.



Flash Player








See you soon

Phil Stirpé
"I don't do average!"






Wednesday, 5 February 2014

Download and install Apache Tomcat

This is another in a series of videos that I am producing for my YouTube channel HowDoYouDoStuff.


In this video, I am going to show you how to download and install Apache Tomcat


You can read the transcript below.


HTML 5 Player



Transcript

Hi guys. I'm Phil Stirpe.

In this video, I am going to show you how easy it is to download and install Apache Tomcat.

In an earlier video, I showed you how to write a simple program in Eclipse.

Well if we are going to develop Java web applications, then we really should consider installing a container such as Apache Tomcat to host our application.

I'll start by jumping into my browser and searching for "apache tomcat download".

That results in plenty of hits, and the one I'll take is this one for tomcat.apache.org.

New versions of Tomcat are released from time to time.

I actually recorded the screen for this demo quite some time ago which is why the latest version is showing up as 7. In fact, the latest version available today is version 8(beta).

So I'll click on the link for version 7 and then scroll down the page to locate the various downloadable pages.

I'll be using it on a 64bit Windows machine so I'll choose the Windows Installer option. Alternatively, I could have selected a zip file instead.

When prompted, I'll place the installer in my Java Demo folder. It just takes a couple of seconds.

If, I switch into the Java Demo folder, you will see the installer file.

Before I run the installer, I am just going to create a folder in the root of C: named ApacheGroup.

This isn't necessary but over time I am likely to install a number of tools produced by Apache such as Maven and possibly even other versions of Tomcat. By creating a folder like this, it will be easier for me to manage them.

OK. Now that I have created my ApacheGroup folder, I can head back over to the Java Demo folder to run the installer. Before I do, I will just copy the file name from the installer as that will do nicely for an installation folder name.

As soon as I run the installer, I am asked to accept the licence terms.

On the Components page, I'll select all of the bits and then click the Next button.

The Configuration screen allows me to update the various port numbers. If I wanted to, I could change the port for HTTP from 8080 which is the norm. I'll leave that as it is.

I could also specify a user name and password to secure Tomcat which is a good idea but for now, I will leave these fields empty.

When you install Tomcat, it is presumed that you have already installed the Java runtime and so the next screen prompts you confirm its location. As I installed Java to its default location, this path is correct.

Now it's time to specify where to install Tomcat.

If you recall, I created a folder named ApacheGroup earlier and that is where I would like to install to.

So I'll browse to the ApacheGroup folder and then create a new folder within it.

I can paste in the name that I copied from the installer earlier as my target folder name and then go ahead with the installation.

Before long, I receive a warning that the Tomcat service is unable to start. I'll ignore that warning for now as I'll be able to start it manually later.

Once the installation is complete, I have the option for it to launch when I click the Finish button. I am going to decline. I am also going to uncheck the Readme box before clicking Finish.

If I open up the installation folder, you can see the various files and folders that comprise Tomcat.

Let me look in the bin folder.

There are several files in here but the two that interest me are a pair of batch files named startup.bat and shutdown.bat.

These batch files enable me to start and stop the Tomcat service when required.

I'd like to run these batch files from the Command Prompt so I will just make a note of the current path, launch the Command Prompt, type "cd" and then finally paste the folder path.

If I type "startup" from the Command Prompt, a separate window opens and we can see various status messages indicating that Tomcat is launching.

By the way, the eagle eyed amongst you might spot mention of applications such as webAppCH02.war being deployed. This is because, I actually copied some of my exported java projects into Tomcat's wepapps folder following the install but have edited that segment from the video. It has nothing to do with the current demo.

Well the server appears to be running but we need some form of test to make sure.

So I'll jump into a browser and try navigating to http://localhost:8080.

And there you will see Tomcat's landing page.

This proves that Tomcat is indeed running on the local machine and listening on port 8080.

Now let's see what happens if I switch back to the Command Prompt and run the shutdown batch file.

When I return to the browser and refresh the page, I receive a warning telling me that it was unable to connect.

Clearly, it is not enough to have Tomcat installed. I will need to install some web applications on this server for it to be of use.

That will be the subject of future videos.

There you have it.

In this video, I have shown you how easy it is to download and install Apache Tomcat.

Thanks for watching and please feel free to comment on my blog (www.philipstirpe.com) and Facebook page (www.facebook.com/philip.stirpe/tutorials). Perhaps you could suggest more video topics? Most of all, don't forget to subscribe to keep up with my videos as I release them.

Bye for now.








Flash Player








See you soon

Phil Stirpé
"I don't do average!"






Tuesday, 4 February 2014

Write a simple JAVA program in eclipse

This is another in a series of videos that I am producing for my YouTube channel HowDoYouDoStuff.


In this video, I am going to show you how to write a simple JAVA program in eclipse


You can read the transcript below.


HTML 5 Player



Transcript

Hi guys. I'm Phil Stirpe.

In this video, I am going to show you how easy it is to write a simple JAVA program in eclipse.

In an earlier video, I showed you how to write a simple program in notepad and then compile it using javac. I then recorded a video showing how to install eclipse.

Well now it's time to pull those things together.

Using an integrated development environment - IDE such as Eclipse is far preferable to trying to develop using notepad and the javac compiler.

So here is Eclipse. Before I get started, I'll just rearrange the windows to suit.

To start with, I'll drag the outline window down to sit below the Project Explorer.

And then the Task list window to sit at the bottom with the other windows.

There is no 'right way' to lay out your windows. It's a matter of preference.

I find that this layout gives me more space to work with.

I have already selected a workspace. In other words, I chose a working directory when I launched eclipse.

Let me show it to you. It's here on the Desktop in a folder named Java Demo.

So any project that I create will be created in this folder.

I'll switch back into Eclipse so that I can create a project.

If I click on File / New menu, you will see that I can create a variety of project types.

Alternatively, I can right-click in the project explorer to receive the same options.

I'll choose a straight forward Project option.

In the New Project wizard, I'll select Java Project and then click Next.

I'll give the project the name of TestProject and then confirm that the target execution environment is of JavaSE-1.7.

I don't need to worry about these other options for this demo so I'll click Next.

New projects contain a src folder where source (code) files will be stored.

You can add more if you wish but I am happy to go with the defaults. So I'll click Finish.

As I am creating a Java project, Eclipse now offers to use an appropriate perspective. A perspective is essentially a set of predefined views, layouts and menu structures appropriate to a particular use case.

By agreeing to use the predefined Java perspective, you are telling Eclipse to present you with only those features that are useful to a Java developer. If you were working on a Maven project, then you might choose a different perspective.

As you can see, the Java perspective placed the Outline window and Task List on the right of the screen, so I'll just put them back where I prefer them.

OK, I am ready to start. And I can start by expanding the project node in the Project Explorer.

As you can see, in addition to the src folder, there is also a folder containing the JavaSE-1.7 library as that is the environment that I selected earlier.

Actually, these are quick links. In other words, the project is referencing the libraries that I require rather than copying them into my project.

Right then. It is time to create my class. So I can right-click on the src folder and select New / Class from the menu.

When creating classes in Java, you are advised to group them together into Packages. Packages are simply a mechanic to help you identify and locate related classes.

I'll define a package named demo.classes and then name my class HiGuys.

The New Java Class dialog has a number of useful features.

For example, it can add a main method to your class if you wish.

Not all classes need a main method. For example, servlets in a web application don't need them as they are instantiated in response to inbound requests.

However, as I want to execute my code from the command line, my class will require a main method.

It is worth mentioning at this point that of course classes can inherit from others and by default, Eclipse has your new classes inherit from the object class which can be found in the java.lang package.

If you want your class to inherit from another class, you need simply enter its name in here.

Right then. I'll click the Finish button which results in Eclipse creating my class file.

As you can see, it has written a class named HiGuys and placed a method named main within it.

All I want to do in this program is output a simple line of text to the console.

For that I will need to call the System.out.println method.

So i'll go ahead and type that in.

Now then. Before I proceed, them me show you a useful feature called Code Templates.

These are predefined snippets of code that have an associated shortcut.

So let me remove that line and then type in sysout followed by the Ctrl and Space keys.

Eclipse replaces my shortcut with the associated code.

Very nice.

There are many of these Code Templates defined and in fact, you can even create your own.

Now there's a great subject for a video. I'll put that on the list.

If you watched my earlier video, you will know that I have never written a Hello World app. Despite it being a tradition. Instead, I am going to output the message "Hi Guys!".

Once you have written your code, you are bound to want to test it.

Well, I'll do that now.

I'll save my code file first and then right-click anywhere in the code window.

In the context menu, I can click Run As and then select Java Application.

This causes Eclipse to compile the code and then run it with any output being displayed in the Console window.

That is to say, the Console window in Eclipse and not the Command Prompt where you might typically run a Console application.

As you can see, my output of Hi Guys! has been echoed to the Console.

Now a question to consider here is, did Eclipse actually compile my code and generate a class file which it in turn executed or did it interpret my code in some way?

Well if I switch into File Explorer and take a look at my project folder, I can find the source file ok.

And if I navigate to /bin/classes/demo I will also find my class file. That proves that my class was indeed compiled prior to execution.

There you have it.

In this video, I have shown you how easy it is to write a simple JAVA program in eclipse.

Thanks for watching and please feel free to comment on my blog (www.philipstirpe.com) and Facebook page (www.facebook.com/philip.stirpe.tutorials). Perhaps you could suggest more video topics? Most of all, don't forget to subscribe to keep up with my videos as I release them.

Bye for now.



Flash Player








See you soon

Phil Stirpé
"I don't do average!"