Smriti's blog

Day 38 - Getting Started with AWS Basics

Smriti Sharma's photo
Smriti Sharma
·

7 min read

Day 38 - Getting Started with AWS Basics

Table of contents

What is AWS?

AWS stands for Amazon Web Services. AWS is a cloud computing platform offered by Amazon. It provides a wide range of cloud services that help businesses and individuals build and deploy various types of applications and services in a flexible, scalable, and cost-effective manner.

Advantages of AWS

  1. AWS provides a user-friendly programming model, architecture, database as well as operating system that has been already known to employers.

  2. AWS is a very cost-effective service. There is no such thing as long-term commitments for anything you would like to purchase.

  3. It offers billing and management for the centralized sector, hybrid computing, and fast installation or removal of your application in any location with few clicks.

  4. There is no need to pay extra money on running data servers by AWS.

  5. AWS offers a total ownership cost at very reasonable rates in comparison to other private cloud servers.

Disadvantages of AWS

  1. AWS has supportive paid packages for intensive or immediate response. Thus, users might need to pay extra money for that.

  2. There might be some cloud computing problems in AWS especially when you move to a cloud Server such as backup protection, downtime, and some limited control.

  3. From region to region, AWS sets some default limitations on resources such as volumes, images, or snapshots.

  4. If there is a sudden change in your hardware system, the application on the cloud might not offer great performance.

What are Regions?

A region is a geographic area that is served by a specific set of AWS infrastructure.

Each region has multiple Availability Zones, which are isolated from each other by distance and independent power and cooling. This helps to ensure that your applications are highly available even if there is a problem with one Availability Zone.

Each region is identified by a two-letter code, such as us-east-1 for the US East (N. Virginia) region.

AWS also offers several Local Zones, which are smaller, more focused deployments of infrastructure that are designed to be closer to end users.

What are Availability Zones(AZs)?

An Availability Zone is an isolated data center within an AWS region that is designed to provide high availability and fault tolerance for applications and services.

High Availability: High availability refers to the ability of a system or application to remain operational and accessible for an extended period, typically measured in terms of uptime.

Fault Tolerance: Fault tolerance refers to the ability of a system or application to continue functioning properly, or at a degraded level, even in the presence of faults or failures.

In other words, an Availability Zone (AZ) is a distinct location within a region that is isolated from other AZs by distance and independent power and cooling. This helps to ensure that your applications are highly available even if there is a problem with one AZ.

NOTE : As per the latest update, A region should have a minimum of 3 AZs and a maximum of 6 AZs.

Previewing Image attachment

Previewing Image attachment

Previewing Image attachment

Services in AWS for a DevOps Engineer

As of October 2023, there are over 200 AWS services available. In those 200+ services, a few services that you may use as a DevOps Engineer are:

  1. Compute: EC2, ECS, Lambda, Fargate, EKS.

  2. Storage: S3, RDS, DynamoDB, ElastiCache.

  3. Networking: VPC, Route53, CloudFront.

  4. Security: IAM, KMS, Secrets Manager.

  5. DevOps: CodeBuild, Code Pipeline, CodeCommit, CodeDeploy.

  6. Logging & Monitoring: CloudWatch, OpenSearch, CloudTrail.

In the upcoming blogs, I will discuss in depth the above services. For today, let me discuss the most important service: Security (IAM).

What is IAM?

IAM is the abbreviation of Identity and Access Management. It provides centralized control and management of user access to AWS resources.

IAM enables you to securely manage user identities, permissions, and authentication for your AWS environment.

IAM allows you to create and manage AWS user accounts, groups, and roles, and assign permissions to control access to various AWS resources and services.

With IAM, you can define fine-grained access policies that specify which actions users or roles can perform on specific resources.

Create an IAM user

In this, we will create an IAM user and will grant EC2 Access. We will be launching our Linux instance through the IAM user that we will create now and will install Jenkins and docker on our machine via a single Shell Script.

Step 1: Login to your AWS Console as a root user.

Step 2: Search for IAM in the search bar. The IAM dashboard like the below one appears:

Step 3: In the left corner, you can see Access Management. Go to Users.

Step 4: Click on Create User.

Step 5: Specify user details

  • Provide the username you want.

  • Select the checkbox for “Provide user access to the AWS Management Console — optional”.

  • Select “I want to create an IAM user”

Step 6: Click on Next.

Step 7: Set permissions

  • Select “Attach policies directly” in the Permission Options.

  • In the Permission Policies search bar, search for EC2 and select “AmazonEC2FullAccess”.

Step 8: Click on Next.

Step 9: Review and create.
Review the details and click on “Create User”.

Step 10: Retrieve the password.
You can view and download the user’s password below or email the user’s instructions for signing in to the AWS Management Console. This is the only time you can view and download this password.

Make it a point to download the .csv file, if you are not accessing the AWS through IAM user immediately.

Step 11: Click on Return to User’s list. You will see the below page:

Step 12: Let’s log in to AWS as an IAM user. Open in any other browser.
Account ID will be the 12-digit number we had in the console sign-in URL.

Step 13: Now sign in as an IAM user using the username and password that you have downloaded as a .csv file.

Step 14: You will be asked to reset the password. Go ahead and change the password using the details you have.

Step 15: Once you are in the AWS console, launch an EC2 instance.

Step 16: Connect to the instance.
Note: You can’t connect to the instance using “EC2 Instance Connect” as you have not given the user access to ec2:InstanceConnect. So log in using ssh.

Step 17: Let’s install docker and Jenkins in this instance using a shell script. Create a file named "install.sh".

#!/bin/bash
sudo apt update
sudo apt install openjdk-11-jre -y
curl -fsSL https://pkg.jenkins.io/debian-stable/jenkins.io-2023.key | sudo tee \
  /usr/share/keyrings/jenkins-keyring.asc > /dev/null
echo deb [signed-by=/usr/share/keyrings/jenkins-keyring.asc] \
  https://pkg.jenkins.io/debian-stable binary/ | sudo tee \
  /etc/apt/sources.list.d/jenkins.list > /dev/null
sudo apt-get update
sudo apt-get install jenkins -y
sudo systemctl enable jenkins
sudo systemctl start jenkins
sudo apt-get update
sudo apt-get install docker.io -y
sudo systemctl start docker

Step 18: Give execute permission to install.sh.

Step 19: Run the install.sh script.

Step 20: Verify if Jenkins and Docker were installed successfully.

sudo systemctl status jenkins
sudo systemctl status docker

The status of both Docker and Jenkins is Active(Running), which means the installation was successful.

Step 21: Let’s open port 8080 for Jenkins to access this instance.

Step 22: Now go to your browser, open PublicIP:8080 and you must be able to see the Unlock Jenkins page.

Conclusion

In conclusion, Amazon Web Services (AWS) stands as a leading and versatile cloud computing platform, offering a vast array of services and solutions for businesses.

With its scalability, reliability, and extensive global infrastructure, AWS provides organizations with the tools needed to innovate, deploy, and manage applications efficiently in the cloud. Its widespread adoption across industries underscores its significance as a key player in the evolution of modern computing.

Identity and Access Management (IAM) is a service that ensures secure and controlled access to AWS resources. By enabling organizations to manage user identities, permissions, and authentication, IAM enhances overall security and compliance, allowing businesses to confidently leverage the full potential of AWS while maintaining a robust access management framework.

In this blog, we have see how to create an IAM user and give access.

Hope you find it helpful🤞 So I encourage you to try this on your own and let me know in the comment section👇 about your learning experience.✨

👆The information presented above is based on my interpretation. Suggestions are always welcome.😊

~Smriti Sharma✌

DevopsTrainWithShubham#shubhamLondheAWSIAM#90daysofdevops