cloud9-cmd¶
spin-up-a-cloud9-instance-in-your-region¶
disable aws credential management¶
aws cloud9 update-environment --environment-id $C9_PID --managed-credentials-action DISABLE
rm -vf ${HOME}/.aws/credentials
get subnet id and vpc id from cloud9 instance¶
# get cloud9 vpc
C9_INST_ID=$(curl http://169.254.169.254/1.0/meta-data/instance-id 2>/dev/null)
C9_VPC_ID=$(aws ec2 describe-instances \
--instance-ids ${C9_INST_ID} \
--query 'Reservations[0].Instances[0].VpcId' --output text)
# get public subnet for external alb
C9_SUBNETS_ID=$(aws ec2 describe-subnets \
--filter "Name=vpc-id,Values=${C9_VPC_ID}" \
--query 'Subnets[?MapPublicIpOnLaunch==`true`].SubnetId' \
--output text)
# get default security group
C9_DEFAULT_SG_ID=$(aws ec2 describe-security-groups \
--filter Name=vpc-id,Values=${C9_VPC_ID} \
--query "SecurityGroups[?GroupName == 'default'].GroupId" \
--output text)
share-cloud9-with-other-users-¶
C9_PID=
AWS_ACCOUNT_ARN=
aws cloud9 create-environment-membership \
--environment-id ${C9_PID} \
--user-arn ${AWS_ACCOUNT_ARN} \
--permissions read-write
spin-up cloud9 in China region¶
error message when use username in membership¶
Value 'arn:aws:sts:::user/panlm' at 'userArn' failed to satisfy constraint: Member must satisfy regular expression pattern: ^arn:(aws|aws-cn|aws-us-gov|aws-iso|aws-iso-b):(iam|sts)::\d+:(root|(user\/[\w+=/:,.@-]{1,64}|federated-user\/[\w+=/:,.@-]{2,32}|assumed-role\/[\w+=:,.@-]{1,64}\/[\w+=,.@-]{1,64}))$
get tags¶
C9_INST_ID=$(curl 169.254.169.254/latest/meta-data/instance-id)
aws ec2 describe-instances --instance-ids $C9_INST_ID --query 'Reservations[].Instances[].Tags[?Key==`aws:cloud9:environment`].Value' --output text
old¶
OWNER_ARN=$(aws sts get-caller-identity --query 'Arn' --output text)
ENV_ID=$(aws cloud9 create-environment-ec2 \
--name ${STACK_NAME} \
--instance-type t3.small \
--subnet-id ${PublicSubnet1ID} \
--automatic-stop-time-minutes 10080 \
--owner-arn ${OWNER_ARN} \
--query 'environmentId' --output text )
(C9_URL=https://${AWS_REGION}.console.aws.amazon.com/cloud9/ide/${ENV_ID}
echo "open cloud9 url:"
echo "${C9_URL}")
DEFAULT_VPC=$(aws ec2 describe-vpcs --filter Name=is-default,Values=true --query 'Vpcs[0].VpcId' --output text)
if [[ ! -z ${DEFAULT_VPC} ]]; then
FIRST_SUBNET=$(aws ec2 describe-subnets \
--filters "Name=vpc-id,Values=${DEFAULT_VPC}" \
--query "Subnets[0].SubnetId" \
--output text)
aws cloud9 create-environment-ec2 \
--name cloud9-$RANDOM \
--instance-type t3.small \
--subnet-id ${FIRST_SUBNET} \
--automatic-stop-time-minutes 10080 \
--owner-arn arn:aws:iam::123456789012:role/adminrole \
fi
An error occurred (ValidationException) when calling the CreateEnvironmentEC2 operation: 1 validation error detected: Value 'arn:aws:iam::861xxxxxx173:role/adminrole' at 'ownerArn' failed to satisfy constraint: Member must satisfy regular expression pattern: ^arn:(aws|aws-cn|aws-us-gov|aws-iso|aws-iso-b):(iam|sts)::\d+:(root|(user\/[\w+=/:,.@-]{1,64}|federated-user\/[\w+=/:,.@-]{2,32}|assumed-role\/[\w+=:,.@-]{1,64}\/[\w+=,.@-]{1,64}))$
Turn off AWS managed temporary credentials¶
If you turn off AWS managed temporary credentials, by default the environment cannot access any AWS services, regardless of the AWS entity who makes the request. If you can’t or don’t want to turn on AWS managed temporary credentials for an environment, but you still need the environment to access AWS services, consider the following alternatives:
- Attach an instance profile to the Amazon EC2 instance that connects to the environment. For instructions, see Create and Use an Instance Profile to Manage Temporary Credentials.
- Store your permanent AWS access credentials in the environment, for example, by setting special environment variables or by running the
aws configurecommand. For instructions, see Create and store permanent access credentials in an Environment.
cloud9 will be retire¶
- news: link
- alternative: ../../cloud9/vscode