MultiCloud Classroom notes 02/Oct/2024

Managing Users in AWS/Azure

  • Overview
    Preview
  • AWS Can be accessed using
    • browser (Console) Refer Here for the url
    • CLI (Programmatic Access)
    • SDK (Python, Dotnet, Java ..) (Programmatic Access)
  • Azure can be acecss using

AWS Account

  • For our learning purposes, we create a free tier accounts, Enterprises create accounts and manage them under AWS Organizations.
  • Every AWS Account will have a unique account id and an account alias can be created
  • Users:
    • Root User:
      • This is the user who has created the account and will have super admin permissions.
      • They can directly login using their credentials in AWS Console
        Preview
    • IAM Users:
      • They generally represent AWS Users and they should have less privileges according to their roles.
      • They login by providing account id or alias
        Preview

AWS – Identity And Access Management (IAM)

  • IAM is a service of AWS which is used for user management and acess Management
    Preview

Activity 1: Create a user without any policy and access aws

  • Login as a root user into your AWS Account
  • Navigate to IAM
    Preview
  • Ensure you have noted (Account Id/Alias) and perform the following steps
    Preview
    Preview
    Preview
    Preview
    Preview
    Preview
  • Now navigate to AWS console via the url in a different browser & Enter credentials
    Preview
  • Now navigate to any service (ec2)
    Preview

Introducing IAM Policies

  • AWS IAM Policy provides access to resources
  • AWS has lot of predefined IAM Policies (Managed Policies) and also gives us the option to create custom policies
  • Refer Here for docs

Activity 2:

  • User2 is hired as AWS Admin, find a suitable policy
    Preview
    Preview
    Preview
    Preview
    Preview
    Preview
    Preview
  • User 1 is hired as developer, he needs permission only on s3 buckets
    Preview
    Preview
    Preview

Exercise

  • Remove the policies for two users
  • Now create a dev group and admin group
  • dev group give S3 Full Access and admin group give Administrator access
  • Add user1 to dev and user2 to admin group
  • Verify the access which user1 and user 2 have recieved

Published
Categorized as Uncategorized Tagged

By continuous learner

devops & cloud enthusiastic learner

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Please turn AdBlock off
Social Media Icons Powered by Acurax Web Design Company

Discover more from Direct DevOps from Quality Thought

Subscribe now to keep reading and get access to the full archive.

Continue reading

Visit Us On FacebookVisit Us On LinkedinVisit Us On Youtube