Introduction:
Welcome back to Day 3 of the "7 Days of AWS Challenge"! Today, we're on a mission to simplify the AWS landscape for beginners. We'll delve into creating private S3 buckets, configuring AWSCLI on Ubuntu, and laying the groundwork for IAM (Identity and Access Management). Let's embark on this journey together!
Securing Your Data: Private S3 Buckets in AWS
Creating a Private S3 Bucket:
Access AWS Console: Log in to AWS and navigate to the S3 service.
Bucket Creation: Click "Create Bucket" and follow the prompts, ensuring the bucket is private.
Policy Adjustment: Modify the bucket policy to allow your IAM user access while keeping it private.
Ensuring the security of your S3 bucket is paramount. Follow these simple steps to keep your data safe and accessible only to authorized users.
Command-Line Basics: Configuring AWSCLI on Ubuntu
Setting Up AWSCLI:
Installation: Open your terminal on Ubuntu and run the provided commands.
sudo apt update curl "https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip" -o "awscliv2.zip" sudo apt install unzip unzip awscliv2.zip sudo ./aws/install --bin-dir /usr/local/bin --install-dir /usr/local/aws-cli --updateConfiguration: Execute
aws configureand input your AWS access key, secret key, default region, and output format.
Now, you're equipped to harness the power of AWSCLI directly from your Ubuntu terminal. Simple, right?
Commanding the Cloud: Creating an EC2 Instance with AWSCLI
Crafting an EC2 Instance:
Command Execution: Use the provided commands to create an EC2 instance. Specify AMI, instance type, and key pair.
aws ec2 create-key-pair --key-name MyKeyPairaws ec2 authorize-security-group-ingress --group-id=<security-group-id> --protocol=tcp --port=443 --cidr=0.0.0.0/0 aws ec2 authorize-security-group-ingress --group-id=<security-group-id> --protocol=tcp --port=22 --cidr=0.0.0.0/0 aws ec2 authorize-security-group-ingress --group-id=<security-group-id> --protocol=tcp --paws ec2 run-instances --image-id=ami-0fc5d935ebf8bc3bc --instance-type=t2.micro --region=uVerification: Confirm the instance creation with
aws ec2 describe-instances.
With just a few commands, you've spawned a virtual server, showcasing the magic of AWSCLI.
IAM Basics: Tailoring Access for Your Team
Scenario: Configuring IAM for Alex at GlobalTech Inc.
Configuring IAM for Alex's AWS Access:
Understanding IAM Basics: Recap the essence of IAM, AWS's access management service.
Accessing IAM Console: Head to the AWS Management Console and locate the IAM service.
Creating a New IAM User - Alex: Begin by creating a new IAM user for Alex, specifying programmatic access for AWS CLI usage.
Assigning IAM Policies: Create custom policies to grant access to EC2 instances and S3 bucket creation.
Granting Access to View EC2 Instances
Creating an EC2 Monitoring Policy: Craft a policy allowing ec2:DescribeInstances action and attach it to Alex's IAM user.
{
"Version":"2012-10-17",
"Statement":[
{
"Effect":"Allow",
"Action":"ec2:DescribeInstances",
"Resource":"*"
}
]
}
Granting Access to Create S3 Buckets
Designing an S3 Bucket Creation Policy: Develop a policy granting s3:CreateBucket action and attach it to Alex's IAM user.
{
"Version":"2012-10-17",
"Statement":[
{
"Effect":"Allow",
"Action":"s3:CreateBucket",
"Resource":"*"
}
]
}
Testing Alex's Access
Verification for Peace of Mind: Ensure Alex has received the necessary IAM user credentials.
AWS CLI Check: Let Alex use AWS CLI with the configured credentials to run
aws ec2 describe-instancesandaws s3 mb s3://new-project-bucket. Success confirms Alex's ability to view EC2 instances and create S3 buckets.
Conclusion:
Congratulations on completing Day 3 of the "7 Days of AWS Challenge"! Today's journey introduced you to private S3 buckets, AWSCLI on Ubuntu, and IAM basics in a beginner-friendly manner.
Stay tuned for Day 4, where we'll continue exploring more AWS wonders, making your cloud journey enjoyable and educational!
Happy Learning🚀