Table of contents
Day 38 of #90daysofdevops
IAM: AWS Identity and Access Management (IAM) is a web service that helps you securely control access to AWS resources. With IAM, you can centrally manage permissions that control which AWS resources users can access. You use IAM to control who is authenticated (signed in) and authorized (has permissions) to use resources.
Tasks
Task 1
Create an IAM user with username of your own wish and grant EC2 Access. Launch your Linux instance through the IAM user that you created now and install jenkins and docker on your machine via single Shell Script.
Task 2
In this task you need to prepare a devops team of avengers. Create 3 IAM users of avengers and assign them in devops groups with IAM policy.
Solutions
Task 1 Solution
Step 1: Specify user details.
To begin with, Log in to your AWS account and search IAM.
Secondly, click on "Users" from the left panel.
Then click on the "Create User" button.
- Then enter the user name and check(tick) the option given just below it.
- After that click on "I want to create an IAM user" and choose the password method. Then click on "Next".
Step 2: Set permission
Here, click on "Attach policy directly" and search for "EC2FullPermission". Then select it.
Click on "Next".
Step 3: Review and Create
- Review the details and click on "Create user".
Step 4: Retrieve password
- You can download the credentials of the IAM user by clicking on the download button.
The IAM user has been successfully created.
Step 5: Log out and Log in
- Log out from your root account and Log in to the IAM user account.
Step 6: Launch EC2
- Search for EC2 and click on launch instance.
- Next, fill up the form and at the end in the "Advanced Details" section enter user data.
Enter data as given below for installing httpd, jenkins, java, and docker.
sudo yum update -y sudo yum install httpd -y sudo systemctl start httpd sudo systemctl enable httpd cd /var/www/html/ sudo touch index.html sudo chmod 666 index.html sudo echo '<div style="text-align:center;font-family:arial;"><h1>New instance created by Neel - Your DevOps Guy</h1></div>' > index.html sudo amazon-linux-extras install java-openjdk11 -y sudo wget -O /etc/yum.repos.d/jenkins.repo \ https://pkg.jenkins.io/redhat-stable/jenkins.repo sudo rpm --import https://pkg.jenkins.io/redhat-stable/jenkins.io-2023.key sudo yum update -y sudo yum install jenkins -y sudo systemctl enable jenkins sudo systemctl start jenkins sudo yum install docker -y sudo systemctl enable docker sudo systemctl start docker
After this, make sure to add the inbound rule for port 8080 in your security group.
- After clicking on the "Launch Instance", the instance will be created with mentioned tools installed.
Task 2 Solution
Step 1: Create a User and a Group
- Create a new user same as mentioned in the above task.
In the next step, click on "Create group".
Enter the name of the group, attach the policy and click on "Create user group".
Next, click on create user.
Do the same with the 3rd user, however at this time you need to just select the group in permission policy step.
Step 2: Add a user in the group.
click on user groups from the left panel and select the "Avengers" group
Then click on Add user button.
Select the user and click on add user button.
After this step all three users are added to the group. You can also create group first and after that you can add user at once with the last step.
Thank you.