Day 39: AWS and IAM Fundamentals????

Day 39: AWS and IAM Fundamentals????

AWS:

Amazon Web Services is one of the most popular Cloud Providers that has a free tier too for students and Cloud enthusiasts for their Hands-on while learning

User Data in AWS:

  • When you launch an instance in Amazon EC2, you have the option of passing user data to the instance that can be used to perform common automated configuration tasks and even run scripts after the instance starts. You can pass two types of user data to Amazon EC2: shell scripts and cloud-init directives.
  • You can also pass this data into the launch instance wizard as plain text, as a file (this is useful for launching instances using the command line tools), or as base64-encoded text (for API calls).
  • This will save time and manual effort every time you launch an instance and want to install any application on it like Apache, docker, Jenkins, etc.

IAM:

AWS Identity and Access Management (IAM) is a web service that helps you securely control access to AWS resources. With IAM, you can centrally manage permissions that control which AWS resources users can access. You use IAM to control who is authenticated (signed in) and authorized (has permissions) to use resources.

Task1:

Launch the EC2 instance with already installed Jenkins on it. Once the server shows up in the console, hit the IP address in the browser and your Jenkins page should be visible.

Take a screenshot of the Userdata and Jenkins page, this will verify the task completion.


  • Go to the EC2 dashboard after logging into the Amazon Management Console.
  • To begin the process of launching a new EC2 instance, click the "Launch Instance" button.
  • Choose a machine image from Amazon (AMI)

No alt text provided for this image

  • Choose an instance type, then build up the instance's specifics (such as the number of instances, network settings, and storage)

No alt text provided for this image

  • Go to advanced details and Enter the following script to install Jenkins and its dependencies into the user data box.

No alt text provided for this image

  • Create a security group that permits inbound traffic to Jenkins on port 8080.

No alt text provided for this image

  • Copy public-IP address

No alt text provided for this image

Open a web browser and type https://<public-ip>:8080 to access the instance's IP address and port number. You will then be sent to the Jenkins login page.

No alt text provided for this image

Task2:

Read more on IAM Roles and explain the IAM users, groups, and roles in your own terms.

Users, groups, and roles may all be managed in your Amazon environment using the IAM (Identity and Access Management) service provided by AWS. These three elements work together to give your AWS resources fine-grained access control and permissions.

Users of IAM: For the individuals or programs who need access to your AWS resources, you can create individual AWS accounts called IAM users. User names, passwords, access keys, and permissions are all specific to each user, who also has their own set of security credentials. Users can be created, modified, and deleted as necessary, and you can give them particular permissions to utilize or administer AWS resources.


IAM Groups: Groups of IAM users make up IAM. By giving permissions to a group rather than to specific users, you can use groups to streamline permissions management. You could, for instance, make a group just for developers and give them access to certain resources. The group's permissions are automatically passed on to new members when you add them.

IAM Roles: IAM roles offer an additional method for controlling access to Amazon resources. Users and roles are similar, however, users are linked to a specific person or account, whereas roles are not. Instead, trusted entities like EC2 instances, Lambda functions, or other AWS services take on the duties. Permissions policies, which specify the particular permissions that a role is permitted to utilize, can be added to roles.


Create three roles named: DevOps-User, Test-User, and Admin.

  • Go to the IAM dashboard after logging into the Amazon Management Console.
  • The "Create role" button may be found after selecting "Roles" from the left-hand menu.

No alt text provided for this image

  • Choose the role-appropriate use case. For instance, select "AWS service" and then "EC2" if you wish to create a role for an EC2 instance.

No alt text provided for this image

Choose the right permissions and regulations for the role. Choose from pre-existing policies or design your own.

No alt text provided for this image

  • Click "Create role" after entering a name for it.

No alt text provided for this image

  • For each role, you want to create—DevOps-User, Test-User, and Admin—repeat the aforementioned procedures.
  • Build the Test-User role.

No alt text provided for this image

  • Create an Admin role

No alt text provided for this image

You may regulate who has access to which Amazon resources after the roles have been created and can allocate them to specific IAM users or groups as necessary.


I appreciate your reading.???

要查看或添加评论,请登录

Vinay Kumar的更多文章

  • DevOps Project - 4 ????

    DevOps Project - 4 ????

    Project Description The project aims to deploy a web application using Docker Swarm, a container orchestration tool…

    7 条评论
  • DevOps Project 3 ????

    DevOps Project 3 ????

    Project Description The project involves hosting a static website using an AWS S3 bucket. Amazon S3 is an object…

    3 条评论
  • DevOps Project -2 ????

    DevOps Project -2 ????

    Project Description The project is about automating the deployment process of a web application using Jenkins and its…

  • Day 80: DevOps Project 1 ????

    Day 80: DevOps Project 1 ????

    Project Description The project aims to automate the building, testing, and deployment process of a web application…

    2 条评论
  • Day 73 - Setup Grafana on AWS EC2 Instance ????

    Day 73 - Setup Grafana on AWS EC2 Instance ????

    Task: Set up grafana in your local environment on AWS EC2. Go to the AWS console and Launch an EC2 instance To enable…

  • Day 72 - Grafana ????

    Day 72 - Grafana ????

    What is Grafana? No matter where your metrics are kept, Grafana is an open-source data visualization and monitoring…

    4 条评论
  • Day71 - Terraform Interview Questions ????

    Day71 - Terraform Interview Questions ????

    1. What is Terraform and how it is different from other IaaC tools? HashiCorp's Terraform is an Infrastructure as Code…

  • Day 70 - Terraform Modules ????

    Day 70 - Terraform Modules ????

    Modules are containers for multiple resources that are used together. A module consists of a collection of .

    4 条评论
  • Day 69 - Meta-Arguments in Terraform ???

    Day 69 - Meta-Arguments in Terraform ???

    When you define a resource block in Terraform, by default, this specifies one resource that will be created. To manage…

    4 条评论
  • Day 65 - Terraform Resources ????

    Day 65 - Terraform Resources ????

    Understanding Terraform Resources A resource in Terraform represents a component of your infrastructure, such as a…

    2 条评论

社区洞察

其他会员也浏览了