DevOps_journey

Day -39 AWS and I AM - Basic

Nikhil Raut's photo
Nikhil Raut
ยท

4 min read

Day -39 AWS and I AM - Basic

Table of contents

AWS:

Amazon Web Services is one of the most popular Cloud Providers that has a free tier for students and Cloud enthusiasts for their Hands-on while learning (Create your free account today to explore more on it). Read from here

User Data in AWS:

  • When you launch an instance in Amazon EC2, you have the option of passing user data to the instance that can be used to perform common automated configuration tasks and even run scripts after the instance starts. You can pass two types of user data to Amazon EC2: shell scripts and cloud-init directives.

  • You can also pass this data into the launch instance wizard as plain text, as a file (this is useful for launching instances using the command line tools), or as base64-encoded text (for API calls).

  • This will save time and manual effort every time you launch an instance and want to install any application on it like Apache, docker, Jenkins etc. Read more here

IAM:

AWS Identity and Access Management (IAM) is a web service that helps you securely control access to AWS resources. With IAM, you can centrally manage permissions that control which AWS resources users can access. You use IAM to control who is authenticated (signed in) and authorized (has permissions) to use resources. Read from here

Task1:

  • Launch the EC2 instance with already installed Jenkins on it. Once the server shows up in the console, hit the IP address in the browser and your Jenkins page should be visible.

  • Take a screenshot of the Userdata and Jenkins page, this will verify the task completion.

Log in to the AWS Management Console and navigate to the EC2 dashboard.

Click on the "Launch Instance" button to start the process of launching a new EC2 instance.

Choose an Amazon Machine Image (AMI)

Go to the EC2 service and click on "Launch instance". Choose a Linux AMI.

After launching the instance let's connect to the server

Install Jenkins and docker on your machine via single Shell Script. as we have done in before blog.

#!/bin/bash
sudo apt update
sudo apt install openjdk-8-jdk
curl -fsSL https://pkg.jenkins.io/debian-stable/jenkins.io-2023.key | sudo tee \
    /usr/share/keyrings/jenkins-keyring.asc > /dev/null
echo deb [signed-by=/usr/share/keyrings/jenkins-keyring.asc] \
    https://pkg.jenkins.io/debian-stable binary/ | sudo tee \
    /etc/apt/sources.list.d/jenkins.list > /dev/null
sudo apt update 
sudo apt install jenkins -y
sudo systemctl start jenkins
sudo systemctl status jenkins
sudo apt update -y
sudo apt install docker.io
sudo systemctl start docker

Jenkins is running. Now let us access the portal for the same.

Task2:

  • Read more on IAM Roles and explain the IAM Users, Groups, and Roles in your terms.

  • Create three Roles named: DevOps-User, Test-User, and Admin.

IAM (Identity and Access Management) in AWS is like a tool that helps you control who can do what in your AWS stuff.

  1. IAM Users: These are separate accounts for people or programs that need to use your AWS stuff. You can create, change, or delete these accounts, and give them special permissions to do certain things with AWS.

  2. IAM Groups: Think of these as bunches of IAM users. Instead of giving permissions to each person or program, you put them in a group, and the group gets the permissions. For example, you can make a "developer" group and give it permission to use development stuff. When you add someone to the group, they can do what the group can do.

  3. IAM Roles: These are like special permissions that can be used by different things, not just people. Things like servers, programs, or other AWS services can use these roles to do certain tasks. You can decide what each role is allowed to do by setting up permissions for them.

2)Create three Roles named: DevOps-User, Test-User, and Admin.

Log in to the AWS Management Console and navigate to the IAM dashboard.

Click on "Roles" in the left-hand menu and then click on the "Create role" button

Choose the appropriate use case for the role. For example, if you want to create a role for an EC2 instance, choose "AWS service" and then "EC2".

Select the appropriate permissions policies for the role. You can choose from existing policies or create a custom policy.

Repeat the above steps for each role you want to create: DevOps-User, Test-User, and Admin.

Once the roles are created, you can assign them to individual IAM users or groups as needed, and control their access to AWS resources.

Did you find this article valuable?

Support DevOps_journey by becoming a sponsor. Any amount is appreciated!

TrainWithShubhamAWSCloudIAMDevops
ย