Anand Raval
Day 39 : AWS and IAM Basics☁

Day 39 : AWS and IAM Basics☁

Anand Raval's photo
Anand Raval
·

4 min read

Table of contents

AWS

By this time you have created multiple EC2 instances, and post installation manually installed applications like Jenkins, docker etc. Now let's switch to little automation part. Sounds interesting??🤯

AWS:

Amazon Web Services is one of the most popular Cloud Provider that has free tier too for students and Cloud enthutiasts for their Handson while learning (Create your free account today to explore more on it).

Read from here

User Data in AWS:

  • When you launch an instance in Amazon EC2, you have the option of passing user data to the instance that can be used to perform common automated configuration tasks and even run scripts after the instance starts. You can pass two types of user data to Amazon EC2: shell scripts and cloud-init directives.

  • You can also pass this data into the launch instance wizard as plain text, as a file (this is useful for launching instances using the command line tools), or as base64-encoded text (for API calls).

  • This will save time and manual effort everytime you launch an instance and want to install any application on it like apache, docker, Jenkins etc

Read more from here

IAM:

AWS Identity and Access Management (IAM) is a web service that helps you securely control access to AWS resources. With IAM, you can centrally manage permissions that control which AWS resources users can access. You use IAM to control who is authenticated (signed in) and authorized (has permissions) to use resources. Read from here

What is IAM Roles and explain the IAM Users, Groups and Roles ?

IAM Roles are a feature of AWS Identity and Access Management (IAM) that allow you to delegate access to users or services without sharing long-term credentials. Roles are used to grant permissions to entities you trust, such as AWS services, users from other AWS accounts, or users authenticated through an identity provider.

IAM Users

IAM Users are individuals or services that need access to AWS resources. Each user has a unique identity and can be assigned specific permissions. Users can have their own credentials, such as passwords or access keys, to interact with AWS services.

IAM Groups

IAM Groups are collections of IAM users. You can use groups to manage permissions for multiple users at once. For example, you might create a group for developers and assign permissions that all developers need. When you add a user to the group, they inherit the permissions assigned to the group.

IAM Roles

IAM Roles are similar to users in that they are identities with permissions policies that determine what the identity can and cannot do in AWS. However, instead of being uniquely associated with one person, a role is intended to be assumable by anyone who needs it. Roles do not have long-term credentials (passwords or access keys) associated with them. Instead, when you assume a role, it provides temporary security credentials for the role session. Roles are often used to grant permissions to AWS services or to allow users from other AWS accounts to access your resources.

Task1:

  • Launch EC2 instance with already installed Jenkins on it. Once server shows up in console, hit the IP address in browser and you Jenkins page should be visible.

  • Take screenshot of Userdata and Jenkins page, this will verify the task completion.

Task2:

  • Read more on IAM Roles and explain the IAM Users, Groups and Roles in your own terms.

  • Create three Roles named: DevOps-User, Test-User and Admin.

Let’s begin with Task 1

  1. Login to AWS Console and open EC2.

  2. Launch an instance with the following details:

    • Name: userdata-instance

    • OS: Ubuntu

    • Instance Type: t2.micro (Free tier)

    • Key Pair: Select or create a key pair(Example:-userdata-instance) then Allow HTTPS and HTTP traffic from the Internet in Network Settings.

  3. Expand the Advanced Details tab and enter the following script in the User Data box:

#!/bin/bash
sudo apt-get update -y
sudo apt install openjdk-11-jre -y
curl -fsSL https://pkg.jenkins.io/debian-stable/jenkins.io-2023.key | sudo tee /usr/share/keyrings/jenkins-keyring.asc > /dev/null
echo deb [signed-by=/usr/share/keyrings/jenkins-keyring.asc] https://pkg.jenkins.io/debian-stable binary/ | sudo tee /etc/apt/sources.list.d/jenkins.list > /dev/null
sudo apt-get update
sudo apt-get install jenkins -y
sudo systemctl enable jenkins
sudo systemctl start jenkins

  1. Now Launch the instance

  2. Open port 8080 and Select My-ip in the inbound rules of the security group.

  3. Open the Jenkins UI in the browser using <Public_IP:8080>.

Let’s begin with Task 2

Create IAM Roles

  1. Go to AWS Management Console

  2. Search IAM and click on the left side located Roles.

  3. Click on Create Role.

  4. Select AWS Service

  5. Choose EC2.

  6. Select permission AmazonEC2FullAccess creation and management.

  7. Name the role User and create it.

    Thankyou For Reading !!!!!!

#90daysofdevopsTrainWithShubhamAWSIAMDevops