sutish pradhan's Blog
Day 39 : AWS and IAM Basicsโ˜

Day 39 : AWS and IAM Basicsโ˜

sutish pradhan's photo
sutish pradhan
ยท

4 min read

Table of contents

๐Ÿ™ Introduction:

In this blog, we will explore AWS and IAM basics, and how they work together to provide a secure and scalable cloud computing environment.

AWS:

Amazon Web Services is one of the most popular Cloud Providers that has a free tier for students and Cloud enthusiasts for their Hands-on learning.

User Data in AWS:

  • When you launch an instance in Amazon EC2, you have the option of passing user data to the instance that can be used to perform common automated configuration tasks and even run scripts after the instance starts. You can pass two types of user data to Amazon EC2: shell scripts and cloud-init directives.

  • You can also pass this data into the launch instance wizard as plain text, as a file (this is useful for launching instances using the command line tools), or as base64-encoded text (for API calls).

  • This will save time and manual effort every time you launch an instance and want to install any application on it like Apache, docker, Jenkins etc.

IAM:

AWS Identity and Access Management (IAM) is a web service that helps you securely control access to AWS resources. With IAM, you can centrally manage permissions that control which AWS resources users can access. You use IAM to control who is authenticated (signed in) and authorized (has permissions) to use resources.

๐Ÿ’ผTask: 1

Launch the EC2 instance with already installed Jenkins on it. Once the server shows up in the console, hit the IP address in the browser and your Jenkins page should be visible.

Take a screenshot of the Userdata and Jenkins page, this will verify the task completion.

Steps :

  • Log in to the AWS Management Console and navigate to the EC2 dashboard.

  • Click on the Launch Instance button to start the process of launching a new EC2 instance.

  • Choose an Amazon Machine Image (AMI)

  • Select an instance type, and configure your instance details (such as the number of instances, network settings, and storage)

  • Go to advanced details, In the user data field enter the script to install Jenkins and its dependencies & click on Launch instance

  • Create a security group that allows inbound traffic on port 8080 for Jenkins

Open your web browser and enter the Public IPv4 address of the instance followed by port number 8080 (e.g., http://<public-ip>:8080)

๐Ÿ’ผTask: 2

Read more on IAM Roles and explain the IAM Users, Groups and Roles in your terms.

IAM (Identity and Access Management) is an AWS service that allows you to manage users, groups, and roles in your AWS environment. These three components work together to provide granular access control and permissions for your AWS resources.

IAM Users: IAM users are individual AWS accounts that you create for the people or applications that require access to your AWS resources. Each user has a unique set of security credentials, including a username and password, access keys, and permissions. You can create, modify, and delete users as needed, and grant them specific permissions to access or manage AWS resources.

IAM Groups: IAM groups are collections of IAM users. You can use groups to simplify permissions management, by assigning permissions to a group instead of individual users. For example, you can create a group for developers and assign permissions to access development resources. When you add a user to the group, they automatically inherit the group's permissions.

IAM Roles: IAM roles are another way to manage access to AWS resources. Roles are similar to users, but they are not associated with a specific person or account. Instead, roles are assumed by trusted entities, such as EC2 instances, Lambda functions, or other AWS services. Roles can have permissions policies attached to them, which define the specific permissions that the role is allowed to use.

Create three Roles named: DevOps-User, Test-User and Admin.

  • Log in to the AWS Management Console and navigate to the IAM dashboard

  • Click on Roles in the left-hand menu and then click on the Create role button

  • Choose the appropriate use case for the role. For example, if you want to create a role for an EC2 instance, choose AWS service and then EC2.

  • Select the appropriate permissions policies for the role. You can choose from existing policies or create a custom policy.

  • For the DevOps-User role, we might choose the AmazonEC2FullAccess policy, Enter a name for the role and click Create role.

  • For the Test-User role, we might choose the AmazonEC2ReadOnlyAccess policy, Enter a name for the role and click Create role.

  • For the Admin role, we might choose the AdministratorAccess policy, Enter a name for the role and click Create role.

Once the roles are created, we can assign them to individual IAM users or groups as needed, and control their access to AWS resources.

๐Ÿ‘‹ Conclusion :

In this blog, we have covered User Data in AWS, IAM, learning how to manage user access and permissions effectively., in the next blog we will cover AWS Advanced Topics.

Thank you for reading!

Contact me on Linkedin

Check out my GitHub for more resources ๐Ÿ“š

#TWS#90daysofdevops
ย