AWS Assignment - 1
AWS Assignment - 1
edu)
Goto EC2 – launch instance – instance name (test) – instance type t2.micro – creating
new key pair (test) – default vpc/subnet/enable – selecting default security groups –
storage 8 gib (gp3) – launch instance.
Now click on instance id - connect - connect - checking whether it is connecting or not -
If not then go the security - click on secuirty group - edit inbound rules - ssh - custom
ipv4 - save - it will work now .
Open mobaxterm - click on session - Then ssh - remote hosts(public ip) - advance ssh
setting - click on prv key - add .pem file which was download when launching ec2
instance - click ok - If ask login as then enter your username ec2-user - done.
Note - sometime it not work then check vpc - subnet - routes tables and internet
gateways all all should be internally connected to each other then only the server will
connected.
For putty - convert the pem file into ppk - open puttygen - click on load - select .pem file
- click save pvt key - save as .ppk file - open putty - launch putty - In host name - add
public ip - ensure that port is 22 and connection type is SSH - That's it! successfully
created an EC2 Ubuntu instance and connected to it using both MobaXterm and PuTTY
2. L2-LogintoAWSConsoleandCreateIAMUser,Role,andGroup ?
For creating IAM user - go to the user session - create user - add name - I want to create
an IAM user - custom password - next - we can add this user in direct to groups - by
creating new group / existing ones - also we can attach policies to him - ok
Role - Iam role is a kind of temporary access which is provided to the service, Iam role is
a specific permission or credentials given to specific period of time. Iam role - roles -
create roles - roles is for 12 hr maximum.
User groups - create groups - group name (devops) -add user to group - adding new-user/new-
user1 - attach permission policy - created user groups .
3. L3-LaunchAWSEC2UbuntuInstanceandconfiguretheSecurityGroup-
InboundRule:8080.JustifytheusageofInboundRules ?
Go to EC2 – launch instance – instance name (test) – instance type t2.micro – creating
new key pair (test) – default vpc/subnet/enable – selecting default security groups –
storage 8 gib (gp3) – launch instance.
Now click on instance id - connect - connect - checking whether it is connecting or not -
If not then go the security - click on secuirty group - edit inbound rules - ssh - custom
ipv4 - save - it will work now .
Justification of Inbound rules : Inbound Rules in AWS security groups are critical for
controlling the traffic that is allowed into your EC2 instances. Here’s why they are important
Security Control:
Inbound rules define who can access your instances and which protocols and ports are open.
This limits exposure to potential threats.
Granular Access:
You can specify rules based on IP addresses or CIDR blocks, allowing specific users
or services access while blocking others.
Protocol Specification:
By defining rules for specific protocols (e.g., TCP, UDP) and ports, you can ensure that
only required services are accessible. For example, allowing port 8080 is common for web
applications or APIs running on that port.
You can implement the principle of least privilege by only allowing traffic that is necessary
for the application or service running on the instance, thereby minimizing potential attack
vectors.
Easy Modification:
Security group rules can be updated quickly in response to changes in your application
requirements or security policies without needing to stop or restart the instance.
Open your terminal (or MobaXterm/PuTTY) and connect to your instance using
SSH. Use the following command, replacing <your-key.pem> with your key
file and <your-instance-public-dns> with your instance's public DNS:
ssh -i <your-key.pem> ubuntu@<your-instance-public-dns>
Update default packages : sudo apt update / sudo apt update -y
Install JDK ( Java development kit) : sudo apt install openjdk-11-jdk -y for validate jdk
version java -version.
Install Maven : sudo apt install maven -y and mnv --version.
Install Git : sudo apt install git -y / git --version.
Go to EC2 – launch instance – instance name (test) – instance type t2.micro – creating
new key pair (test) – default vpc/subnet/enable – selecting default security groups –
storage 8 gib (gp3) – launch instance.
Now open cmd and type ssh -i /path/to/<key-pair-name>.pem ubuntu@<public-dns>
replace key pair nad public dns in it with actual ones - Now install java on local
machine - Download and install tomcat - extract the downloaded file - start tomcat -
now configure security group tp allow traffic - type custom TCP - protocol TCP - port
range :8080 - source anywhere 0.0.0.0/0
Acess tomcat in web browser then go to http://<public-dns>:8080
You will see tomcat welcome pages.
6. L6-CreateS3Bucketandaddfoldersandfiles ?
1. Log in to AWS Management Console: Go to the S3 service.
2. Create Bucket:
Click on “Create bucket.”
Bucket name: Enter a unique name (must be globally unique).
Region: Choose the AWS region where you want to create the bucket.
Block Public Access settings for this bucket: Choose whether you want to block public
access (recommended for most cases).
Click on “Create bucket” at the bottom.
1. Open the Folder: Navigate into the folder where you want to upload files (if applicable).
2. Upload Files:
Click on the “Upload” button.
Drag and drop files or click “Add files” to select files from your local machine.
You can also add folders by clicking on “Add folder.”
After adding files/folders, click on “Upload” to start the upload process.
Check Your Files: Once the upload is complete, you should see your files listed in the S3 bucket
or folder.
If you need to set specific permissions for files or folders, select the item, go to the
“Permissions” tab, and adjust settings as needed.