Day 3 (S3, IAM, AWS CLI)

Sakshi MaluskarSakshi Maluskar
3 min read

Title: A Guide to Securing AWS Resources with S3, IAM, and AWS CLI

Introduction
As organizations move to cloud infrastructures, securing cloud resources and managing access is essential. In this guide, we’ll explore configuring a private S3 bucket, setting up AWS CLI, launching EC2 instances through CLI, and configuring IAM for new team members.

1. What is Amazon S3?

Amazon S3 (Simple Storage Service) is AWS's scalable storage solution, useful for storing and retrieving data across the web. Common uses include backup, content distribution, and static website hosting.

Task 1: Making a Private S3 Bucket
To create a secure S3 bucket:

  • Make a private bucket and adjust policies to access contents without making it public. This approach allows secure access control and supports compliance needs.

2. What is IAM in AWS?

IAM (Identity and Access Management) allows secure access control over AWS resources, managing users, groups, and permissions.

Key Components:

  • Users: Represent individual identities.

  • Groups: Collections of users for simplified management.

  • Roles: Assign temporary permissions.

  • Policies: Define permissions for AWS resources.

3. What is AWS CLI?

The AWS CLI is a command-line tool for managing AWS resources directly from the terminal, ideal for streamlining tasks like instance launches, data uploads, and configurations.

Practical Implementation of S3, IAM, and AWS CLI

Step 1: Setting Up a Private S3 Bucket

  • Create the bucket: Make sure it's private by default.

  • Policy Adjustment: Update bucket policies to allow secure access without making it public. This enhances security for critical data.

Step 2: Configure AWS CLI on Ubuntu

  • Install AWS CLI: Use sudo apt install awscli.

  • Configure CLI: Run aws configure and input the Access Key ID, Secret Access Key, region, and output format.

Step 3: Launch an EC2 Instance with AWS CLI

  • Command to create an instance: Use aws ec2 run-instances with necessary parameters.

  • Confirm Instance: Use aws ec2 describe-instances to confirm launch status.

Step 4: Setting Up IAM for a New Team Member

Scenario: New hire Alex needs specific permissions:

  • View EC2 Instances: Alex should monitor but not modify instances.

  • Create S3 Buckets: Alex must be able to create storage spaces.

Steps:

  1. Create IAM User for Alex:

    • In the IAM console, add a user named “Alex” with programmatic and console access.

  2. Assign Permissions:

    • Use an EC2 Read-Only policy for instance monitoring.

    • Grant permissions for S3 bucket creation by attaching an appropriate policy.

  3. Test Alex’s Access:

    • Confirm access through Alex’s account to verify permissions.

Conclusion

By implementing private S3 storage, IAM configurations, and AWS CLI commands, we ensure secure and efficient AWS resource management. Through clear permissions and secure setups, these steps enhance operational control over AWS resources.

0
Subscribe to my newsletter

Read articles from Sakshi Maluskar directly inside your inbox. Subscribe to the newsletter, and don't miss out.

#AWSwithTWS #7DaysOfAWS

Written by

Sakshi Maluskar
Sakshi Maluskar