Scribd
Upload
3 views

DIY

The document outlines a DIY project for applied cloud computing involving the creation and management of IAM users and groups in AWS. It includes steps for creating an Administrators group, customizing a sign-in link, establishing a password policy, and creating an IAM user with specific permissions. Additionally, it details the process of launching an EC2 instance and testing IAM policies with conflicting permissions.

Uploaded by

Uttam
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
3 views

DIY

The document outlines a DIY project for applied cloud computing involving the creation and management of IAM users and groups in AWS. It includes steps for creating an Administrators group, customizing a sign-in link, establishing a password policy, and creating an IAM user with specific permissions. Additionally, it details the process of launching an EC2 instance and testing IAM policies with conflicting permissions.

Uploaded by

Uttam
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 6

Applied Cloud Computing - DIY Project 1

1. Login as root user and create IAM group called Administrators. Attach the managed policy
<policy name>, to the administrator group.

Step 1: Log in as the Root User

Open the AWS Management Console.

Log in using the root credentials for your AWS account.

Step 2: Create the IAM Group

Step 3: Attach a Managed Policy

Attach a managed policy (e.g., AdministratorAccess) to the Administrators group. Replace <policy-
name> with the actual policy you want to attach:
2. Customize a sign-in link, and write down the new link name in full.

1. Log in to AWS Management Console


Log in as the root user or an IAM user with administrative privileges.

2. Navigate to the IAM Dashboard

o In the AWS Console, go to the IAM Service.

o Click on Account Settings in the left sidebar.

3. Customize the Sign-In Alias

o Under AWS Account Settings, look for the section labeled Account Alias.

o Click Create alias (or Edit if an alias already exists).

o Enter your desired alias (e.g., mycompany or teamxyz).

The alias must be unique within AWS.


4. Save the Changes
Click Save changes to apply the alias.

3. Create a password policy for your account.


1. Log in to AWS Management Console Log in as the root user or an IAM user with
administrative privileges.
2. Go to the IAM Dashboard
 Navigate to the IAM service in the AWS Console.
 In the left-hand menu, select Account settings.
3.Edit the Password Policy
 Locate the Password policy section.
 Click Edit.
4.Configure the Password Policy Set the desired password requirements, such as:
 Minimum password length (e.g., 8-12 characters).
 Require at least one uppercase letter.
 Require at least one lowercase letter.
 Require at least one number.
 Require at least one non-alphanumeric character (e.g., !, @).
 Allow IAM users to change their password.
 Optionally, enforce password expiration and prevent password reuse.
5.Save Changes Click Save changes to enforce the policy.

4. While logged in as the root user, create a new IAM user called Administrator.

1. Log in to AWS as the Root User Access the AWS Management Console using your root credentials.

2. Navigate to IAM

 In the AWS Console, search for IAM in the services menu and click on it.

3. Create a New User

 In the IAM Dashboard, click Users from the left menu.

 Click the Add users button.

4.Configure the User Details

 User name: Enter Administrator.

 Access type:

o Choose AWS Management Console access if the user needs console access.

o Create an auto-generated or custom password.

o Optionally, require the user to reset the password at the next sign-in.

5.Set Permissions
 Attach existing policies directly:

o Select the AdministratorAccess managed policy.

 Alternatively, add the user to the Administrators group if it already exists and has the
appropriate permissions.

6. Review and Create

 Review the configuration and click Create user.

 Save or download the credentials if programmatic access was enabled.

5. Add the new user created above to the Administrators group.

1.Log in as the Root User


Access the AWS Management Console using your root credentials.

2.Navigate to IAM

 In the AWS Console, search for IAM in the services menu and click on it.

3. Locate the User

 In the IAM Dashboard, click Users in the left-hand menu.

 Find the user named Administrator and click on it.

4. Add the User to a Group

 In the user’s details page, click on the Groups tab.

 Click Add to groups.

 Select the group Administrators and click Add to group.

6. On the details page for the administrator user, create a password.

1. Log in as the Root User

 Access the AWS Management Console using your root credentials.

2. Navigate to the IAM Dashboard

 Go to the IAM service.

3. Locate the Administrator User

 In the IAM Dashboard, select Users from the left menu.

 Find the user named Administrator and click on it to open the details page.
4. Set the Console Password

 On the user details page, click the Security credentials tab.

 Under Console password, click Create password.

 Choose one of the following:

o Autogenerated password: AWS generates a random password.

o Custom password: Enter your own password (e.g., YourSecurePassword123!).

5.Save Changes

 Click Apply to save the new password.

6.Communicate Login Details

 Provide the custom sign-in link and the newly created password to the user.

7. Log out as the root user.

1.Access the Account Menu

 In the upper-right corner of the AWS Management Console, click on your account name or email
address.

2. Select Sign Out

 In the dropdown menu, click Sign out.

3.Confirm You Are Logged Out

 The browser will redirect to the AWS login page, confirming you are logged out.

8. Use the customized sign-in link to sign in as Administrator.


9. While signed in as Administrator, create an Amazon EC2-type role named TestClient.
10. Attach the managed policy, <ReadOnlyAccess> to the TestClient.
11. Launch an Amazon Linux EC2 instance with the new role attached.
12. SSH into the new instance, and use the CLI to list the contents of an Amazon S3 bucket.
13. Now, add a policy to your IAM Administrator user with a conflicting permission. Use the policy
generator to create a new policy. Create the policy with effect: Deny;AWS Service:Amazon
S3;Actions:*; and ARN:*.
14. Attach the new policy to the Administrators group.
15. Use the CLI to attempt to list he contents of an Amazon S3 bucket. The policy that allows access
and the policy that denies access should resolve to deny access.

Perform each steps using your cloud account login and take screen shots for each steps. Your
answer document should comprise of steps, explanations/commands/codes and screen shots.

You might also like