#90daysofdevopschallenge

#day39

User Data in AWS:

When you launch an instance in Amazon EC2, you can pass user data to the instance that can be used to perform common automated configuration tasks and even run scripts after the instance starts. You can pass two types of user data to Amazon EC2: shell scripts and cloud-init directives.

You can also pass this data into the launch instance wizard as plain text, as a file (this is useful for launching instances using the command line tools), or as base64-encoded text (for API calls).

This will save time and manual effort every time you launch an instance and want to install any application like Apache, docker, Jenkins, etc.

❄Tasks:

Task 1:

Launch the EC2 instance with Jenkins already installed on it. Once the server shows up in the console, hit the IP address in the browser and your Jenkins page should be visible. Take a screenshot of the Userdata and Jenkins page, this will verify the task completion.

Step 1: Log in to AWS by using the root user or IAM user. (if you have permission to create EC2-instance as an IAM user)

Step 2: Go on EC2 Instances. Click on "Launch Instances".

Step 3: Give the name of the Instance. Select AMI Image to create an instance. Provide key and then go on Advanced section at the end. Write script to install Jenkins in User data.

At the end click on Launch Instances.

Step 4: Edit the Security Group and add one more security group for access port 8080.

Step 5: Access Jenkins GUI by using the Public IP of the EC2 Instance.

Task 2:

Read more on IAM Roles and explain the IAM Users, Groups, and Roles in your terms. Create three Roles named: DevOps-User, Test-User, and Admin.

IAM Users:

IAM Users are personal AWS accounts created for the people who require access to your AWS resources. By Creating IAM users you have control over the cluster or people like you can define the permission of each person. Each person has a unique set of security credentials, including a username and password, access keys, and permissions to access resources.

You can create 5000 users in one Account. At one time you can create 10 users.

IAM Groups:

The Collections of IAM Users are called IAM Groups.

Let's take an example, In your organization or your project total of 30 people are there of which 15 users have admin permission, 7 users have developer permission and the rest users have some other permission. Now you want to edit admin permission so what you did go one by one and change 15 people's permission or create one group change permission of group that is automatically reflected on all admin user accounts.

In such cases, we create IAM groups.

IAM Roles:

IAM roles are another way to manage access to AWS resources. Roles are similar to users, but they are not associated with a specific person or account. Instead, roles are assumed by trusted entities, such as EC2 instances, Lambda functions, or other AWS services. Roles can have permissions policies attached to them, which define the specific permissions that the role is allowed to use.

Create Roles:

Step 1: For creating roles go to the dashboard, click on IAM then go to the roles section.

Step 2: Create Roles for Admins, DevOps, and Test-user.

Follow the same process to Create a Role for Test-User and Admin. You can attach policies according to requirements.

Congratulations !! Successfully Added All three Roles.

In the Next Article, we will deep dive into AWS EC2 Automation......

Thank you for giving your precious time to read this blog/article and if any suggestions or improvements are required on my blogs feel free to connect on LinkedIn Unnati Gupta. Happy Learning !!!