Identity Access Management (IAM)
IAM (Identity and Access Management) in AWS is a service that allows you to manage access to AWS resources securely. It enables you to control who can access your resources and what actions they can perform. As a DevOps engineer, you often use IAM to grant specific permissions to users or roles, ensuring the principle of least privilege.
TASK-1:
Create an IAM user with username of your own wish and grant EC2 Access. Launch your Linux instance through the IAM user that you created now and install jenkins and docker on your machine via single Shell Script.
Here’s a step-by-step guide on how to create an IAM user with EC2 access and then use that user to launch an EC2 instance and install Jenkins and Docker via a shell script.
Step 1: Log in to the AWS Management Console. Login as root user and type “IAM” in the search box. Go to the IAM service and click on “Users” in the left menu.
Click on “Create user” and enter a username of your choice.
Select “Attach existing policies directly” and select the policy “AmazonEC2FullAccess” and “EC2InstanceConnect”.
Select Security credentials, click on manage console access and Enable Console Password
IAM User Console sign-in URL, Username and console password.
To launch a Linux instance using your IAM user, follow these steps:
Sign in AWS account as IAM user which we created above.
Go to the EC2 service and click on “Launch instance”. and Create EC2 instance.
After launching the instance lets connect to the server
Install jenkins and docker on your machine via single Shell Script.
#!/bin/bash
sudo apt update
sudo apt install openjdk-8-jdk
curl -fsSL https://pkg.jenkins.io/debian-stable/jenkins.io-2023.key | sudo tee \
/usr/share/keyrings/jenkins-keyring.asc > /dev/null
echo deb [signed-by=/usr/share/keyrings/jenkins-keyring.asc] \
https://pkg.jenkins.io/debian-stable binary/ | sudo tee \
/etc/apt/sources.list.d/jenkins.list > /dev/null
sudo apt update
sudo apt install jenkins
sudo systemctl start jenkins
sudo systemctl status jenkins
sudo apt update
sudo apt install docker.io
sudo systemctl start docker
Now we will give the permission of the shell script to the user. So run the below command.
Make the script executable:
chmod +x install-jenkins-docker.sh
Check docker and jenkins version
Task2:
In this task you need to prepare a devops team of avengers. Create 3 IAM users of avengers and assign them in devops groups with IAM policy.
In the IAM dashboard, click on “Users” and then “Add user.” Create 3 IAM users of avengers. Enter the username for the first IAM user (e.g., “ironman”). Repeat this step to create two more IAM users with the usernames “captain America” and “thor”.
Create a avengers devops group by clicking on the “User Groups” link in the left-hand menu and clicking on the “Create New Group” button.
Enter a name for the group. add the three IAM users to the group by selecting the users.
In the “Attach Policy” step, search for and select the “AmazonS3FullAccess”, and “AmazonRDSFullAccess” policies.
Happy Learning
Sudheer Baraker