pmgoriya journal

Getting Started with AWS Basics

Getting Started with AWS Basics

Pankaj's photo
Pankaj
·

6 min read

Table of contents

AWS

Amazon Web Services is one of the most popular Cloud Provider that has free tier too for students and Cloud enthutiasts for their Handson while learning (Create your free account today to explore more on it).

https://aws.amazon.com/what-is-aws/

IAM

AWS Identity and Access Management (IAM) is a web service that helps you securely control access to AWS resources. With IAM, you can centrally manage permissions that control which AWS resources users can access. You use IAM to control who is authenticated (signed in) and authorized (has permissions) to use resources.

https://aws.amazon.com/iam/#:~:text=With%20AWS%20Identity%20and%20Access,Close

User Data in AWS

  • When you launch an instance in Amazon EC2, you have the option of passing user data to the instance that can be used to perform common automated configuration tasks and even run scripts after the instance starts. You can pass two types of user data to Amazon EC2: shell scripts and cloud-init directives.

  • You can also pass this data into the launch instance wizard as plain text, as a file (this is useful for launching instances using the command line tools), or as base64-encoded text (for API calls).

  • This will save time and manual effort every time you launch an instance and want to install any application on it like Apache, docker, Jenkins, etc.

Task1:

Create an IAM user with the username of your wish and grant EC2 Access. Launch your Linux instance through the IAM user that you created now and install Jenkins and docker on your machine via a single Shell Script.

Sign in to your AWS account using the root user credentials.

In the search bar type IAM and open it.

In the IAM dashboard, click on "Users" in the left-hand navigation pane.

  1. Navigate to AWS IAM:

    • Log in to the AWS Management Console.

    • In the AWS services search bar, type "IAM" and select "IAM" from the results.

      1. Create IAM User:

  • In the IAM dashboard, click on "Users" in the left-hand navigation pane.

  • Click the "Add user" button.

    • Enter a username (replace <YourIAMUsername> with your desired username) and choose access type (programmatic access for CLI/API access, and/or AWS Management Console access).

      • Click "Next: Permissions."

  2. Attach Policies:

    • In the "Set permissions" step, select "Attach existing policies directly."

    • Search for and attach the policy "AmazonEC2FullAccess." This policy grants full access to EC2 resources.

    • Click "Next: Tags" if you want to add tags; otherwise, click "Next: Review."

  1. Review and Create:

    • Review the user details and attached policies.

    • Click "Create user."

    • Note the access key ID and secret access key. You will need these to authenticate the IAM user.

Step 2: Launch Linux Instance and Install Jenkins and Docker:

Launch an EC2 instance as we have done several times earlier.

Connect it via SSH. Create a script eg: newscript.sh

#!/bin/bash

#System update
sudo apt update

#Java installation 
sudo apt install openjdk-17-jre -y 

#Jenkins ----

curl -fsSL https://pkg.jenkins.io/debian/jenkins.io-2023.key | sudo tee \
  /usr/share/keyrings/jenkins-keyring.asc > /dev/null
echo deb [signed-by=/usr/share/keyrings/jenkins-keyring.asc] \
  https://pkg.jenkins.io/debian binary/ | sudo tee \
  /etc/apt/sources.list.d/jenkins.list > /dev/null
sudo apt-get update
sudo apt-get install jenkins -y

#Docker ----
sudo apt install docker -y

Run the script.

Check whether docker and jenkins are installed:

Task2:

In this task you need to prepare a devops team of avengers. Create 3 IAM users of avengers and assign them in devops groups with IAM policy.

Create 3 IAM users of avengers

Create a avengers devops group by clicking on the "User Groups" link in the left-hand menu and clicking on the "Create New Group" button.Enter a name for the group. add the three IAM users to the group by selecting the users.

In the "Attach Policy" step, search for and select the "AmazonEC2FullAccess", "AmazonS3FullAccess", and "AmazonRDSFullAccess" policies.

Click on the "Create Group" button. below Group devops-avengers is created with 3 users.

Task3:

  • Launch EC2 instance with already installed Jenkins on it. Once server shows up in console, hit the IP address in browser and you Jenkins page should be visible.

  • Take screenshot of Userdata and Jenkins page, this will verify the task completion.

  1. Navigate to AWS EC2:

    • Log in to the AWS Management Console.

    • In the AWS services search bar, type "EC2" and select "EC2" from the results.

  2. Launch a New EC2 Instance:

    • Click on "Instances" in the left-hand navigation pane.

    • Click the "Launch Instances" button.

    • Choose an Ubuntu a Linux-based image.

    • Select an instance type, configure instance details, add storage, and configure security groups to allow incoming traffic on port 8080 (for Jenkins) and any other necessary ports.

  3. User Data:

    • In the "Configure Instance Details" step, expand the "Advanced Details" section.

    • In the "User data" field, you can provide a script or commands that will be executed when the instance starts. For Jenkins installation, you can use a script like:

      1. Review and Launch:

        • Continue through the steps, reviewing your configuration.

        • Click "Launch," select an existing key pair or create a new one, and click "Launch Instances."

      2. Access Jenkins Page:

        • Once the instance is running, note its public IP address.

        • In the browser's address bar, enter the public IP address of your EC2 instance followed by ":8080" (e.g., http://<YourInstanceIP>:8080).

Task4:

  • Read more on IAM Roles and explain the IAM Users, Groups and Roles in your own terms.

  • IAM Users: Individual entities (people or services) that interact with AWS resources. Users have security credentials.

  • IAM Groups: Collections of IAM users. Groups make it easier to manage permissions for multiple users.

  • IAM Roles: Intended for AWS services, EC2 instances, or applications that need to interact with AWS resources securely. Roles are assumed by entities, and they don't have static credentials.

  • Create three Roles named: DevOps-User, Test-User and Admin.

Log in to the AWS Management Console and navigate to the IAM dashboard.

Click on "Roles" in the left-hand menu and then click on the "Create role" button.

Choose the appropriate use case for the role. For example, if you want to create a role for an EC2 instance, choose "AWS service" and then "EC2".

Select the appropriate permissions policies for the role. You can choose from existing policies or create a custom policy.

Enter a name for the role and click "Create role".

Repeat the above steps for each role you want to create: DevOps-User, Test-User, and Admin.

Thank you for reading until here. Hope you gained some clarity in the above concepts and tasks. Happy Learning! See you in the next one.

AWSec2DevopsTrainWithShubham#90daysofdevops