This is #90DaysofDevops challenge under the guidance of Shubham Londhe sir.
Introduction:
As you progress in your AWS journey, it's time to explore automation and access management. Today, we delve into the basics of Amazon Web Services (AWS) and Identity and Access Management (IAM). Let's streamline your EC2 instance deployments and understand how IAM enhances security and access control.
AWS Basics:
Amazon Web Services (AWS) offers a versatile cloud computing platform. Whether you're a student or a cloud enthusiast, AWS provides a free tier for hands-on learning experiences. Creating your free account opens up a world of possibilities for experimentation and learning.
User Data in AWS:
When launching an instance in Amazon EC2, you can pass user data to automate configuration tasks and execute scripts post-instance startup. This feature saves time and effort by automating common setup procedures like installing Apache, Docker, Jenkins, and more. You can pass user data as shell scripts, cloud-init directives, plain text, file attachments, or base64-encoded text, making it flexible for various deployment scenarios.
IAM Basics:
AWS Identity and Access Management (IAM) is a crucial component for managing access to AWS resources securely. With IAM, you can centrally control permissions, determining which users can access specific AWS resources. IAM authenticates and authorizes users, ensuring only authorized individuals can interact with your AWS infrastructure.
Task 1: Launching EC2 Instance with Jenkins Pre-Installed
Log in to AWS Console:
Visit the AWS Management Console at AWS-Console-link.
Enter your credentials to log in.
Access the EC2 Dashboard:
From the AWS Management Console, navigate to the "Services" menu and select "EC2" under the "Compute" section.
Launch an EC2 Instance:
Click on the "Instances" link in the EC2 Dashboard.
Hit the "Launch Instance" button to initiate the instance creation wizard.
Choose an Amazon Machine Image (AMI):
Select an appropriate AMI, such as Amazon Linux, Ubuntu, or another OS that supports Jenkins.
Select an Instance Type:
Choose the instance type based on your requirements. For instance, the t2.micro instance type is available in the free tier.
Configure Instance Details:
In the "Advanced Details" section, find the "User Data" field.
Input a script to install Jenkins during instance initialization. For example:
#!/bin/bash # Update the package repositories and installed packages sudo yum update -y # Install Java Development Kit (JDK) 11 sudo yum install -y java-11-amazon-corretto-devel # Add the Jenkins repository to yum sudo wget -O /etc/yum.repos.d/jenkins.repo http://pkg.jenkins-ci.org/redhat/jenkins.repo # Import the Jenkins repository GPG key sudo rpm --import https://pkg.jenkins.io/redhat-stable/jenkins.io-2023.key # Install Jenkins sudo yum install -y jenkins # Start Jenkins service and enable it to start on boot sudo systemctl enable jenkins sudo systemctl start jenkins
Add Storage, Tags, and Configure Security Group:
Proceed through the wizard to add storage, apply tags for identification, and configure security groups to control inbound and outbound traffic.
Review and Launch the Instance:
Review the configured settings and hit the "Launch" button.
Choose an existing key pair or create a new one to securely access the instance.
Access Jenkins:
Once the instance is running, note down its public IP address.
Ensure that port 8080 is open in the EC2 instance security group to run Jenkins.
Open a web browser and navigate to
http://<instance-ip>:8080to access the Jenkins dashboard.
Capture Screenshots for Verification:
Take screenshots of the AWS Management Console showing the configured EC2 instance and the Jenkins homepage to verify task completion.
Task 2: Understanding IAM Roles and Implementing User Groups
Understanding IAM Roles, Users, and Groups: IAM (Identity and Access Management) Roles define sets of permissions for users or services to access AWS resources. IAM Users are individuals with unique credentials for accessing AWS services, while IAM Groups are collections of users with similar access needs.
IAM Roles in Practical Terms: IAM Roles act like "keys" that grant access to specific AWS resources. Users are the individuals holding these keys, and Groups are like folders containing users with similar access needs.
Creating IAM Roles - Practical Steps:
Go to the IAM dashboard in the AWS Management Console.
Navigate to Roles and click on "Create Role."
Name the roles: DevOps-User, Test-User, and Admin.
Assign appropriate permissions to each role based on their respective responsibilities.
Review and create the roles.
Conclusion
By following these detailed steps, you can effectively launch EC2 instances with Jenkins pre-installed and configure IAM roles and groups for streamlined access management in your AWS environment.