Hands-On AWS: Java SDK + CLI for Cloud Developers

AWS Workshop AWS Fundamentals Hands On Sessions Meetu Maltiar 24th March 2025

About Me I work as Software Engineer Technical Leader @Cisco Systems Bengaluru - I like to invest time on Technologies and Software Craftsmanship - Former Co-organiser – BOJUG (Bangalore Open Java User Group) - I like to participate in and attending conferences and disseminate knowledge - I am passionate about: Cloud Computing, Functional Programming, AI/ML

Getting Started Ensure you have AWS Free Tier account Ensure also that you have AWS cost anomaly detection setup Install Java 17, Maven, AWS CLI Install IDE like Eclipse/Intellj-IDEA Clone repository: git clone https://github.com/meetumaltiar/aws-workshop

Workshop Architecture Review This workshop follows a modular, service-by-service approach: 1. Java SDK v2 for interacting with AWS programmatically 2. AWS CLI for scripting infrastructure 3. Capstone projects for building something functional Have a pattern in place that can help in future coding projects

Modules Covered • S3 • EC2 • Lambda • API Gateway • DynamoDB • SNS • SQS • IAM • CloudWatch • CloudFormation • RDS (with EC2 MySQL Client) • Capstone Project (Full Stack Backend)

Common Setup - AWS CLI + Java + Maven • Java 17 • Maven build with SDK dependencies • AWS CLI con fi gured with aws con fi gure • Code resides in src/main/java/com/aws/workshop • Scripts lives in scripts directory

What is Amazon S3 • Simple Storage Service - launched 2006 • Focused on General Object Storage on Cloud • Big fi les, small fi les, media content, source code, spreadsheets etc • Scalable, Highly Available, Durable, Supports integrations with AWS • Useful in various contexts: • Website Hosting • Database Backups • Data Processing Pipelines

S3: Core Concepts • Buckets: Container of objects we want to store within a certain namespace • Objects: Content that we are storing within a bucket • Access • By URL: http://s3.amazomaws.com/<BUCKET_NAME>/<OBJECT_NAME> • Programatically: We will see in code examples

S3: Storage Classes • Allows to reduce costs, but with reduced features • Examples: Standard, Intelligent, Infrequent Access, Glacier • Each tier has di ff erent pricing, latency, availability • Standard Tier (Hot Data) —> Infrequent Access —> Glacier (Cold Data) • Lifecycle Rules: Automate data movement process

S3: Java Code Basics Create a client using builder pattern: S3Client s3 = S3Client.builder() .region(Region.AP_SOUTH_1) .build() Create a putObjectRequest using builder pattern: PutObjectRequest putObjectRequest = PutObjectRequest.builder() .bucket(bucketName) .key(key) .build(); Actual invocation to put an object in S3: s3.putObject(putObjectRequest, RequestBody.fromFile(new File(filePath)));

S3: AWS CLI Navigate to src/main/resources/awscli/s3operations.cli // --- AWS CLI Commands for S3 Operations --- // 1⃣ Create an S3 Bucket aws s3 mb s3://my-cli-s3-bucket // 2⃣ Upload a File to S3 aws s3 cp file.txt s3://my-cli-s3-bucket/ // 3⃣ List Objects in an S3 Bucket aws s3 ls s3://my-cli-s3-bucket/ // 4⃣ Delete an Object from S3 aws s3 rm s3://my-cli-s3-bucket/file.txt // 5⃣ Delete an S3 Bucket (must be empty before deleting) aws s3 rb s3://my-cli-s3-bucket --force

AWS IAM Identity and Access Management Securely controls access to AWS services and resources Includes Users, Roles, Policies and Groups Critical for security of AWS Infrastructure

AWS IAM: Java API Create IamClient by providing region: IamClient iam = IamClient.builder().region(Region.AWS_GLOBAL).build(); Create User using builder pattern: CreateUserRequest createUserRequest = CreateUserRequest.builder().userName(userName).build(); iam.createUser(createUserRequest); Attach ReadOnlyAccess Policy: AttachUserPolicyRequest attachPolicyRequest = AttachUserPolicyRequest.builder() .userName(userName) .policyArn("arn:aws:iam::aws:policy/ReadOnlyAccess") .build();

AWS IAM: AWS CLI # 1⃣ Create an IAM Role with Trust Policy aws iam create-role --role-name my-lambda-role --assume-role-policy-document file://lambda-trust-policy.json # 2⃣ Attach a Managed Policy to Role (e.g., AWSLambdaBasicExecutionRole) aws iam attach-role-policy --role-name my-lambda-role --policy-arn arn:aws:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole # 3⃣ Attach an Inline Policy to Role (e.g., DynamoDB access) aws iam put-role-policy --role-name my-lambda-role --policy-name DynamoDBPutItemPolicy --policy-document file://dynamodb-putitem-policy.json # 4⃣ Get Role Details aws iam get-role --role-name my-lambda-role # 5⃣ List Attached Policies aws iam list-attached-role-policies --role-name my-lambda-role # 6⃣ List Inline Policies aws iam list-role-policies --role-name my-lambda-role

AWS EC2 EC2 are like virtual server on Cloud Key components: AMI, Instance Type, Security Group, key-Pair AMI (Amazon Machine Image) - Think of it as a blueprint for your instance - De fi nes OS, pre-installed software, volume storage and boot con fi g Instance Type: De fi nes hardware specs (CPU, RAM, Networking capacity) - Categorised by use-case: t2.micro/t3.micro (free tier eligible), c5.large (compute optimised), r5.large (memory optimised) - selecting right instance type is key for cost and performance needs

AWS EC2: Continued Security Group - Acts like a virtual fi rewall for your instance - control inbound and outbound tra ffi c to EC2 - Rules are based on - Port (22 for SSH, 80 for HTTP, 3306 for MySQL) - Protocol (TCP/UDP) Source IP range (eg 0.0.0.0/0 means public access) Key-Pair - A public-private key is used to SSH in your instance - AWS stores public key and we download the private key (.pem fi le) - Without key we cannot SSH to instance after creation

AWS EC2: Java API Build Ec2Client, provide region: Ec2Client ec2 = Ec2Client.builder().region(Region.AP_SOUTH_1).build(); Make RunInstancesRequest: RunInstancesRequest runRequest = RunInstancesRequest.builder() .imageId("ami-0c768662cc797cd75") // ✅ Amazon Linux 2 (Mumbai) .instanceType(InstanceType.T2_MICRO) .maxCount(1) .minCount(1) .keyName("my-key") // ✅ Replace with your real key pair .securityGroupIds("sg-my-security-group") Make RunInstances call: RunInstancesResponse response = ec2.runInstances(runRequest);

AWS EC2: CLI # ----------------------------------------- # EC2 Operations via AWS CLI # ----------------------------------------- # 1⃣ Launch an EC2 Instance (Amazon Linux 2 – Free Tier Eligible) aws ec2 run-instances --image-id ami-0c768662cc797cd75 --instance-type t2.micro --key-name my-key --security-group-ids sg-06b8961f9dd1435fe --region ap-south-1 # 2⃣ List All EC2 Instances aws ec2 describe-instances --query "Reservations[*].Instances[*].[InstanceId,State.Name,InstanceType,PublicIpAddress]" --output table --region ap-south-1 # 3⃣ Stop an EC2 Instance aws ec2 stop-instances --instance-ids i-xxxxxxxxxxxxxxxxx --region ap-south-1 # 4⃣ Terminate an EC2 Instance aws ec2 terminate-instances --instance-ids i-xxxxxxxxxxxxxxxxx --region ap-south-1

AWS API Gateway Create RESTful API that triggers Lambdas Support custom domains, authentication, rate limits Works seamlessly with Lambda (AWS_PROXY) CLI Script: - create-rest-api, create-resource, put-method, put-integration - Adds permission and deploys

AWS Lambda Serverless function hosting Triggered by events (API, S3, SQS, etc) Pay only by runtime duration Stateless and ephemeral

AWS Lambda Java API public class LambdaHandler implements RequestHandler<APIGatewayProxyRequestEvent, APIGatewayProxyResponseEvent> { @Override public APIGatewayProxyResponseEvent handleRequest(APIGatewayProxyRequestEvent request, Context context) { context.getLogger().log("LambdaHandler invoked"); APIGatewayProxyResponseEvent response = new APIGatewayProxyResponseEvent(); response.setStatusCode(200); response.setBody("{ "message": "👋 Hello from Java Lambda!" }"); return response; } } Implements RequestHandler, takes API Gateway event and returns JSON response

AWS CloudFormation Infrastructure as code (IaC) Write cloud formation templates and call aws cloud formation: create-stack, delete-stack, describe-stacks Declarative YAML/JSON template AWSTemplateFormatVersion: '2010-09-09' Description: Basic CloudFormation Template - S3 + EC2 Parameters: KeyName: Description: EC2 Key Pair to SSH Type: AWS::EC2::KeyPair::KeyName Resources: MyS3Bucket: Type: AWS::S3::Bucket Properties: BucketName: !Sub "workshop-demo-bucket-${AWS::AccountId}" Automates creation of AWS resources aws cloudformation create-stack --stack-name "$STACK_NAME" --template-body "file://$TEMPLATE_PATH" --parameters ParameterKey=KeyName,ParameterValue="$KEY_NAME" --capabilities CAPABILITY_NAMED_IAM --region "$REGION"

AWS DynamoDB NoSQL key value and document oriented database Fast scalable, managed and server-less Free Tier: 25 GB + 200M requests/month JAVA API: Use DynamoDBClient for create, put, delete operations. Works with table-name and primary-key CreateTableRequest request = CreateTableRequest.builder() .tableName(TABLE_NAME) .keySchema(KeySchemaElement.builder() .attributeName("studentId") .keyType(KeyType.HASH).build()) .attributeDefinitions(AttributeDefinition.builder() .attributeName("studentId") .attributeType(ScalarAttributeType.S).build()) .provisionedThroughput(ProvisionedThroughput.builder() .readCapacityUnits(5L) .writeCapacityUnits(5L) .build()) .build();

AWS DynamoDB CLI REGION="ap-south-1" TABLE_NAME="Students" echo "🔧 Creating DynamoDB table '$TABLE_NAME'..." aws dynamodb create-table --table-name $TABLE_NAME --attribute-definitions AttributeName=studentId,AttributeType=S --key-schema AttributeName=studentId,KeyType=HASH --provisioned-throughput ReadCapacityUnits=5,WriteCapacityUnits=5 --region $REGION || true echo "⏳ Waiting for table '$TABLE_NAME' to become ACTIVE..." aws dynamodb wait table-exists --table-name $TABLE_NAME --region $REGION echo "✅ Table '$TABLE_NAME' is now ACTIVE." echo "📥 Inserting item into '$TABLE_NAME'..." aws dynamodb put-item --table-name $TABLE_NAME --item '{"studentId": {"S": "101"}, "name": {"S": "Meetu"}, "email": {"S": "meetu@example.com"}}' --region $REGION

AWS SQS Queue based asynchronous messaging Pull model - consumers polls messages Used for decoupling micro-services and job processing SQS also has de-duplication queue settings to manage fail scenarios

AWS SQS Java API Create SQS client: SqsClient sqsClient = SqsClient.builder().region(Region.AP_SOUTH_1).build(); Create Create SQS Request: // 1⃣ Create Queue CreateQueueRequest createQueueRequest = CreateQueueRequest.builder() .queueName(queueName) .build(); String queueUrl = sqsClient.createQueue(createQueueRequest).queueUrl(); // 2⃣ Send Message SendMessageRequest sendRequest = SendMessageRequest.builder() .queueUrl(queueUrl) .messageBody("Hello from SQS via Java!") .build(); sqsClient.sendMessage(sendRequest);

AWS SQS CLI # SQS CLI Commands for MyJavaQueue # 1⃣ Create Queue aws sqs create-queue --queue-name MyJavaQueue --region ap-south-1 # 2⃣ Get Queue URL aws sqs get-queue-url --queue-name MyJavaQueue --region ap-south-1 # 3⃣ Send Message (replace <queue-url>) aws sqs send-message --queue-url <queue-url> --message-body "Hello from AWS CLI to SQS!" --region ap-south-1 # 4⃣ Receive Message aws sqs receive-message --queue-url <queue-url> --region ap-south-1 # 5⃣ Delete Message (replace <receipt-handle>) aws sqs delete-message --queue-url <queue-url> --receipt-handle <receipt-handle> --region ap-south-1

AWS SNS Pub/Sub messaging service Push based delivery to email, SMS, Lambda, HTTP Ideal for alerts, noti fi cations, fan-out scenarios Java code API: Create SNS client SnsClient sns = SnsClient.builder().region(Region.AP_SOUTH_1).build(); Create Topic request: CreateTopicRequest createRequest = CreateTopicRequest.builder().name(topicName).build(); Publish Message: // 2⃣ Publish Message PublishRequest pubRequest = PublishRequest.builder() .topicArn(topicArn) .message("Hello from AWS Java SNS!") .build(); sns.publish(pubRequest);

AWS SNS Script # 1⃣ Create SNS Topic echo "🔧 Creating SNS topic '$TOPIC_NAME'..." TOPIC_ARN=$(aws sns create-topic --name $TOPIC_NAME --region $REGION --query "TopicArn" --output text) echo "✅ Topic created: $TOPIC_ARN" # 2⃣ Publish initial message echo "📨 Publishing welcome message to SNS..." aws sns publish --topic-arn $TOPIC_ARN --message "Hello from AWS CLI SNS Script!" --region $REGION echo "✅ Message published to $TOPIC_NAME." # 3⃣ Subscribe email echo "🔔 Subscribing email: $EMAIL" aws sns subscribe --topic-arn $TOPIC_ARN --protocol email --notification-endpoint "$EMAIL" --region $REGION echo "📬 Confirmation email sent to $EMAIL. Please confirm from your inbox." # 4⃣ List all topics echo "📋 Listing all topics:" aws sns list-topics --region $REGION

RDS + EC2 MySQL Client Amazon RDS is relational database systems on AWS RDS has support for PostGres, MySQL and is well managed Backup, patching, replication are handled by RDS CLI scripts: - rds-script.sh for launching MySQL instance with VPC security group - rds_ec2_testsetup.sh: Launch EC2, install MySQL, connect to RDS

Capstone Project: Student Submission Portal Stack Includes: • Lambda (Java) • API Gateway (POST /submit) • DynamoDB (store submission) • SNS (notify admin) Java Code Walkthrough •StudentSubmissionHandler.java: Reads request → saves to DB → sends SNS Structure src/ └── main/java/com/aws/workshop/capstone/ ├── StudentSubmissionHandler.java ├── model/ └── service/

Capstone Project Cleanup Scripts: •cleanup_all.sh: Tears down all major resources •cleanup_rds_ec2.sh: Deletes RDS + EC2 setup Tips: •Con fi rm SNS and DynamoDB deletions •Check S3 buckets and CloudWatch logs if needed

Next Steps & Learn More • Explore CloudTrail, VPC, EKS, EventBridge • Try Terraform + AWS • Dive in serverless best practices

Hands-On AWS: Java SDK + CLI for Cloud Developers

More Related Content

Similar to Hands-On AWS: Java SDK + CLI for Cloud Developers

More from Meetu Maltiar

Recently uploaded

Hands-On AWS: Java SDK + CLI for Cloud Developers