Table of contents
- <mark>AWS:</mark>
- <mark>AWS dashboard:</mark>
- <mark>IAM:</mark>
- <mark>When you are authorized to access AWS resources:</mark>
- <mark>When you sign-in as an IAM user:</mark>
- <mark>Task1:</mark>
- <mark>Create an IAM user with username of your own wish and grant EC2 Access. Launch your Linux instance through the IAM user that you created now and install jenkins and docker on your machine via single Shell Script.</mark>
- <mark>Launched EC2 instance and written script to install docker and jenkins under same script.</mark>
- <mark>Task2:</mark>
- <mark>In this task you need to prepare a devops team of avengers. Create 3 IAM users of avengers and assign them in devops groups with IAM policy.</mark>
AWS:
Amazon Web Services is one of the most popular Cloud Provider that has free tier too for students and Cloud enthutiasts for their Handson while learning
Amazon Web Services (AWS) is the world's most comprehensive and broadly adopted cloud, offering over 200 fully featured services from data centers globally.
AWS has been spreading its services around the world since its inception, and it has around a million dynamic clients, currently. The global infrastructure of AWS is broadening so that the clients or end-users are now capable of receiving higher throughput and lower latency. AWS is making sure that data remains in the user-specified region. It has been always ready to create infrastructure for its clients in such a way that they can fulfill their global requirements.
Each AWS region comprises remote, multiple locations known as availability zones. These AWS regions and the availability zones are spread in high quantities across the world in multiple locations.
AWS has 42 availability zones within 16 geographical locations across the globe.
AWS dashboard:
IAM:
AWS Identity and Access Management (IAM) is a web service that helps you securely control access to AWS resources. With IAM, you can centrally manage permissions that control which AWS resources users can access. You use IAM to control who is authenticated (signed in) and authorized (has permissions) to use resources.
When you are authorized to access AWS resources:
Authentication is how you sign in to AWS using your identity credentials. You must be authenticated (signed in to AWS) as the AWS account root user, as an IAM user, or by assuming an IAM role.
You can sign in to AWS as a federated identity by using credentials provided through an identity source. AWS IAM Identity Center (successor to AWS Single Sign-On) (IAM Identity Center) users, your company's single sign-on authentication, and your Google or Facebook credentials are examples of federated identities. When you sign in as a federated identity, your administrator previously set up identity federation using IAM roles. When you access AWS by using federation, you are indirectly assuming a role.
Depending on the type of user you are, you can sign in to the AWS Management Console or the AWS access portal. For more information about signing in to AWS, see How to sign in to your AWS account in the AWS Sign-In User Guide.
If you access AWS programmatically, AWS provides a software development kit (SDK) and a command line interface (CLI) to cryptographically sign your requests using your credentials. If you don't use AWS tools, you must sign requests yourself. For more information about using the recommended method to sign requests yourself, see Signature Version 4 signing process in the AWS General Reference.
Regardless of the authentication method that you use, you might be required to provide additional security information. For example, AWS recommends that you use multi-factor authentication (MFA) to increase the security of your account. To learn more, see Multi-factor authentication in the AWS IAM Identity Center (successor to AWS Single Sign-On) User Guide and Using multi-factor authentication (MFA) in AWS in the IAM User Guide.
When you sign-in as an IAM user:
An IAM user is an identity within your AWS account that has specific permissions for a single person or application. Where possible, we recommend relying on temporary credentials instead of creating IAM users who have long-term credentials such as passwords and access keys. However, if you have specific use cases that require long-term credentials with IAM users, we recommend that you rotate access keys. For more information, see Rotate access keys regularly for use cases that require long-term credentials in the IAM User Guide.
An IAM group is an identity that specifies a collection of IAM users. You can't sign in as a group. You can use groups to specify permissions for multiple users at a time. Groups make permissions easier to manage for large sets of users. For example, you could have a group named IAMAdmins and give that group permissions to administer IAM resources.
Users are different from roles. A user is uniquely associated with one person or application, but a role is intended to be assumable by anyone who needs it. Users have permanent long-term credentials, but roles provide temporary credentials.
Task1:
Create an IAM user with username of your own wish and grant EC2 Access. Launch your Linux instance through the IAM user that you created now and install jenkins and docker on your machine via single Shell Script.
Attached following policies to the user.
Launched EC2 instance and written script to install docker and jenkins under same script.
Provided read, write and execute persmissions.
chmod 777 jen_dock.sh
Run this script --./jen_dock.sh and here is the setup for Jenkins and Docker.
Access public ip and verify if Jenkins is running as expected with port 8080.
Task2:
In this task you need to prepare a devops team of avengers. Create 3 IAM users of avengers and assign them in devops groups with IAM policy.
Post your progress on Linkedin. Till then Happy Learning :)
1.Login to AWS console and search for IAM service.
2.Add user- ->provide username-->provide access to the user by attaching policies as per requirement.
Follow same steps as above and create 2 more users and add all the 3 users to the group devops_avengers.
Created group devops_avengers to add these three users in one group.
User groups let you specify permissions for multiple users, which can make it easier to manage the permissions for those users.
permissions:
Added all the users under devops_avengers group:
Conclusion:Created IAM user with EC2 full access,launched EC2 instance and written jenkins script,provided read/write/execute access and got script run verified with public ip and port number.
Created three users and added to under one group so that if any access has to be provided no need to give it individually,we can provide to whole group at a time..!!!
Thank you for reading!! Hope you find this helpful.
#day38#90daysofdevops#devopscommunity#
Always open for suggestions..!!