☁️AWS:
Amazon Web Services is one of the most popular Cloud Provider that has free tier too for students and Cloud enthutiasts for their Handson while learning (Create your free account today to explore more on it).
You can read more about it from here
User Data in AWS:
When you launch an instance in Amazon EC2, you have the option of passing user data to the instance that can be used to perform common automated configuration tasks and even run scripts after the instance starts. You can pass two types of user data to Amazon EC2: shell scripts and cloud-init directives.
You can also pass this data into the launch instance wizard as plain text, as a file (this is useful for launching instances using the command line tools), or as base64-encoded text (for API calls).
This will save time and manual effort everytime you launch an instance and want to install any application on it like apache, docker, Jenkins etc.
You can read more about it from here
☁️IAM:
AWS Identity and Access Management (IAM) is a web service that helps you securely control access to AWS resources. With IAM, you can centrally manage permissions that control which AWS resources users can access. You use IAM to control who is authenticated (signed in) and authorized (has permissions) to use resources.
You can read more about itfrom here
☁️Hands-On Practice :
Task 1: Launch EC2 Instance with Pre-installed Jenkins and Verify Accessibility
Step 1: Log in to AWS Console
Log in to your AWS Management Console using your AWS account credentials.
Step 2: Launch EC2 Instance
Go to the EC2 Dashboard.
Click on the "Launch Instance" button to create a new EC2 instance.
Step 3: Choose an Amazon Machine Image (AMI)
Select an AMI in which you want Jenkins to be pre-installed. You may need to create a custom AMI with Jenkins installed if one is not available.
Step 4: Choose an Instance Type
Select the instance type that suits your needs. For Jenkins, a t2.micro instance is often sufficient for small to moderate workloads.
Step 5: Configure Instance Details
In the "Configure Instance Details" section, select the ree tier one and select the key pair which you have created before , if not you can create one by clicking on create keypair
Step 6: Add Storage
Configure the storage size and type for your EC2 instance. Ensure it has enough space for Jenkins and your projects.
Step 7: Add Tags (Optional)
You can add tags to your instance for easier identification.
Step 8: Configure Security Group
Create or select a security group that allows incoming traffic on port 8080 (default Jenkins port) so you can access Jenkins via the web browser.
Step 9: Configure User Data
In the "Configure Instance" step, scroll down to the "Advanced Details" section.
In the "User data" field, paste the script that installs Jenkins and any other necessary configurations.
Here's the script , that installs jenkins , paste this in the user data , or you can create a .sh file and upload it here .
#!/bin/bash
sudo apt-get update
java -version
sudo apt-get install -y default-jre
javac -version
#installing jenkins
curl -fsSL https://pkg.jenkins.io/debian-stable/jenkins.io-2023.key | sudo tee \
/usr/share/keyrings/jenkins-keyring.asc > /dev/null
echo deb [signed-by=/usr/share/keyrings/jenkins-keyring.asc] \
https://pkg.jenkins.io/debian-stable binary/ | sudo tee \
/etc/apt/sources.list.d/jenkins.list > /dev/null
sudo apt update
sudo apt-get install -y jenkins
sudo systemctl start jenkins.service
sudo systemctl enable jenkins
Step 10: Go back to the Network Security and Add the port
Here we go back to the network security and click on edit and scroll down , click on Add rules .
Add port 8080 , as it's the default port on which jenkis runs , Under source type select Anywhere or My IP.
Alternative of Step 10 :
Step 10: Configure Security Group Rules
In the EC2 Dashboard, go to the "Security Groups" section, and edit the security group associated with your EC2 instance.
Add an inbound rule to allow incoming traffic on port 8080.
Step 11: Launch the Instance
Click "Launch Instances" to create the EC2 instance.
Step 12: Wait for Instance to Start
Wait for the instance to be created and initialized. You can monitor the progress in the EC2 Dashboard.
Step 13: Access Jenkins
Once the instance is running, note down its public IP address.
Step 16: Access Jenkins in Browser
Open a web browser and enter the public IP address of your EC2 instance followed by ":8080" (e.g., http://public_ip:8080
) to access the Jenkins web interface.
Step 17: Complete Jenkins Setup
Follow the on-screen instructions to complete the initial setup of Jenkins.
By following these steps, you'll have launched an EC2 instance with Jenkins pre-installed, including the step to configure the user data script for installation, and verified its accessibility through a web browser.
Task 2: Understanding AWS Identity and Access Management (IAM) and Creating Roles
Step 1: Log in to AWS Console
Open your web browser and navigate to the AWS Management Console (https://aws.amazon.com/).
Log in with your AWS account credentials.
Step 2: Access the IAM Dashboard
From the AWS Management Console, click on the "Services" menu and select "IAM" under the "Security, Identity, & Compliance" section.
Step 3: Create the DevOps-User Role
In the IAM Dashboard, click on "Roles" in the left navigation pane.
Click the "Create role" button.
In the "Select type of trusted entity" section, choose "AWS service" as the trusted entity type.
In the "Choose the use case" section, you can either select a predefined use case policy or create a custom policy. Since this is for a DevOps role, you may want to select the "EC2" use case, which allows EC2 instances to assume this role. Click "Next: Permissions" when ready.
In the "Permissions" section:
- Search for and select policies that grant permissions relevant to your DevOps-User role. This may include permissions for managing AWS resources and services required for your DevOps processes.
Provide a meaningful name and description for the role, such as "DevOps-User."
Click "Create role" to create the DevOps-User role.
Step 4: Create the Test-User Role
Follow the same steps as above to create a Test-User role, but this time, customize the name and permissions to align with the needs of your Test-User role.
Step 5: Create the Admin Role
Follow the same steps as above to create an Admin role, but customize the name and permissions to align with the needs of your Admin role. Admin roles typically have more extensive permissions for managing AWS resources.
Step 6: Verify and Review Roles
After creating all three roles, review the list of roles in the IAM Dashboard to ensure that DevOps-User, Test-User, and Admin have been successfully created with their respective permissions.
You have now successfully created three IAM roles: DevOps-User, Test-User, and Admin. Each of these roles can be associated with specific AWS resources or users, allowing fine-grained access control within your AWS environment. Be sure to manage the permissions for each role according to the responsibilities and access requirements of your DevOps, testing, and administrative teams.