AWS:
Amazon Web Services is one of the most popular Cloud Providers that has a free tier for students and Cloud enthusiasts for their Hands-on learning. Read from here.
User Data in AWS:
When you launch an instance in Amazon EC2, you have the option of passing user data to the instance that can be used to perform common automated configuration tasks and even run scripts after the instance starts. You can pass two types of user data to Amazon EC2: shell scripts and cloud-init directives.
You can also pass this data into the launch instance wizard as plain text, as a file (this is useful for launching instances using the command line tools), or as base64-encoded text (for API calls).
This will save time and manual effort every time you launch an instance and want to install any application on it like Apache, docker, Jenkins etc. Get to know IAM more deeply. Click here
Task1:
Launch EC2 instance with already installed Jenkins on it. Once the server shows up in the console, hit the IP address in the browser and your Jenkins page should be visible.
Take a screenshot of the Userdata and Jenkins page, this will verify the task completion.
Log in to the AWS Management Console using your AWS account credentials. Go to the EC2 dashboard. Click on "Launch Instance" to create a new EC2 instance. Select an AMI that includes the operating system and other configurations you prefer.
When launching the instance, scroll down to the "Advanced Details" section, and you'll find a field for entering User data.
#!/bin/bash
sudo apt update
sudo apt install -y openjdk-11-jre
curl -fsSL https://pkg.jenkins.io/debian-stable/jenkins.io-2023.key | sudo gpg --dearmor -o /usr/share/keyrings/jenkins-keyring.gpg
echo deb [signed-by=/usr/share/keyrings/jenkins-keyring.gpg] https://pkg.jenkins.io/debian-stable binary/ | sudo tee /etc/apt/sources.list.d/jenkins.list > /dev/null
sudo apt-get update
sudo apt-get install -y jenkins
sudo systemctl enable jenkins
sudo systemctl start jenkins
sudo systemctl status jenkins
You can then launch the EC2 Instance with User Data
Configure Security Group: Go to the Security Group and click on edit "inbound rules" to allow incoming traffic on port 8080
Copy the public IP from the Instance details section
You can access Jenkins by navigating to your public IP:8080 in a web browser.
Task2:
Read more on IAM Roles and explain the IAM Users, Groups and Roles in your terms.
Create three Roles named: DevOps-User, Test-User and Admin.
IAM Users:
IAM, or Identity and Access Management, secures access to your AWS services and resources. IAM users are entities within your AWS account that represent the people, applications, or services that interact with AWS resources. Each IAM user has its own set of security credentials (username and password or access key) and permissions. IAM users can be created, modified, and deleted as needed.
IAM Groups:
IAM groups are collections of IAM users. Instead of attaching policies directly to individual users, one can create groups, assign policies to the groups, and then add users to the groups.
IAM Roles:
IAM Roles in AWS allow entities to get credentials for a short duration. Unlike IAM users, intended for individual human users, IAM roles are typically used for applications or services needing AWS resources without long-term credentials.
Go to the IAM dashboard, click on Roles on the left side and then click the "Create role" button.
Choose the trusted entity type (e.g., AWS service and then EC2)
Select the permissions policies for the role
Review the role details and give it a name, such as DevOps-User. Click "Create role."
Follow the same steps as above but this time name the role as Test-User and the last role as Admin
