Day 39: AWS and IAM Fundamentals????

AWS:

Amazon Web Services is one of the most popular Cloud Providers that has a free tier too for students and Cloud enthusiasts for their Hands-on while learning

User Data in AWS:

• When you launch an instance in Amazon EC2, you have the option of passing user data to the instance that can be used to perform common automated configuration tasks and even run scripts after the instance starts. You can pass two types of user data to Amazon EC2: shell scripts and cloud-init directives.
• You can also pass this data into the launch instance wizard as plain text, as a file (this is useful for launching instances using the command line tools), or as base64-encoded text (for API calls).
• This will save time and manual effort every time you launch an instance and want to install any application on it like Apache, docker, Jenkins, etc.

IAM:

AWS Identity and Access Management (IAM) is a web service that helps you securely control access to AWS resources. With IAM, you can centrally manage permissions that control which AWS resources users can access. You use IAM to control who is authenticated (signed in) and authorized (has permissions) to use resources.

Task1:

Launch the EC2 instance with already installed Jenkins on it. Once the server shows up in the console, hit the IP address in the browser and your Jenkins page should be visible.

Take a screenshot of the Userdata and Jenkins page, this will verify the task completion.

• Go to the EC2 dashboard after logging into the Amazon Management Console.
• To begin the process of launching a new EC2 instance, click the "Launch Instance" button.
• Choose a machine image from Amazon (AMI)

• Choose an instance type, then build up the instance's specifics (such as the number of instances, network settings, and storage)

• Go to advanced details and Enter the following script to install Jenkins and its dependencies into the user data box.

• Create a security group that permits inbound traffic to Jenkins on port 8080.

• Copy public-IP address

Open a web browser and type https://<public-ip>:8080 to access the instance's IP address and port number. You will then be sent to the Jenkins login page.

Task2:

Read more on IAM Roles and explain the IAM users, groups, and roles in your own terms.

Users, groups, and roles may all be managed in your Amazon environment using the IAM (Identity and Access Management) service provided by AWS. These three elements work together to give your AWS resources fine-grained access control and permissions.

Users of IAM: For the individuals or programs who need access to your AWS resources, you can create individual AWS accounts called IAM users. User names, passwords, access keys, and permissions are all specific to each user, who also has their own set of security credentials. Users can be created, modified, and deleted as necessary, and you can give them particular permissions to utilize or administer AWS resources.

IAM Groups: Groups of IAM users make up IAM. By giving permissions to a group rather than to specific users, you can use groups to streamline permissions management. You could, for instance, make a group just for developers and give them access to certain resources. The group's permissions are automatically passed on to new members when you add them.

IAM Roles: IAM roles offer an additional method for controlling access to Amazon resources. Users and roles are similar, however, users are linked to a specific person or account, whereas roles are not. Instead, trusted entities like EC2 instances, Lambda functions, or other AWS services take on the duties. Permissions policies, which specify the particular permissions that a role is permitted to utilize, can be added to roles.

Create three roles named: DevOps-User, Test-User, and Admin.

• Go to the IAM dashboard after logging into the Amazon Management Console.
• The "Create role" button may be found after selecting "Roles" from the left-hand menu.

• Choose the role-appropriate use case. For instance, select "AWS service" and then "EC2" if you wish to create a role for an EC2 instance.

Choose the right permissions and regulations for the role. Choose from pre-existing policies or design your own.

• Click "Create role" after entering a name for it.

• For each role, you want to create—DevOps-User, Test-User, and Admin—repeat the aforementioned procedures.
• Build the Test-User role.

• Create an Admin role

You may regulate who has access to which Amazon resources after the roles have been created and can allocate them to specific IAM users or groups as necessary.

I appreciate your reading.???