Scribd
Upload
258 views

Projects Cloud Computing 1

1. The document provides instructions to complete identity and access management tasks in AWS, including creating an Administrators group and user, customizing the sign-in link, setting a password policy, creating an EC2 role, launching an instance with that role, and attaching policies to allow and deny access to an S3 bucket. 2. The tasks are to be performed by the root user and administrator user, creating resources like IAM roles, users, and groups, an EC2 instance, and attaching policies to control access to S3. 3. Screenshots should be included for each step, showing the configurations and access attempts to the S3 bucket before and after attaching a deny policy.

Uploaded by

19CSE045 Sivasankaranarayanan D
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
258 views

Projects Cloud Computing 1

1. The document provides instructions to complete identity and access management tasks in AWS, including creating an Administrators group and user, customizing the sign-in link, setting a password policy, creating an EC2 role, launching an instance with that role, and attaching policies to allow and deny access to an S3 bucket. 2. The tasks are to be performed by the root user and administrator user, creating resources like IAM roles, users, and groups, an EC2 instance, and attaching policies to control access to S3. 3. Screenshots should be included for each step, showing the configurations and access attempts to the S3 bucket before and after attaching a deny policy.

Uploaded by

19CSE045 Sivasankaranarayanan D
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 9

Applied Cloud Computing - DIY Project 1

You are advised to complete the following tasks related to Identity and Access Management of any
cloud services (e.g. AWS). Perform the following procedures as listed below:

1. Login as root user and create IAM group called Administrators. Attach the managed policy
<policy name>, to the administrator group.
2. Customize a sign-in link, and write down the new link name in full.
3. Create a password policy for your account.
4. While logged in as the root user, create a new IAM user called Administrator.
5. Add the new user created above to the Administrators group.
6. On the details page for the administrator user, create a password.
7. Log out as the root user.
8. Use the customized sign-in link to sign in as Administrator.
9. While signed in as Administrator, create an Amazon EC2-type role named TestClient.
10. Attach the managed policy, <ReadOnlyAccess> to the TestClient.
11. Launch an Amazon Linux EC2 instance with the new role attached.
12. SSH into the new instance, and use the CLI to list the contents of an Amazon S3 bucket.
13. Now, add a policy to your IAM Administrator user with a conflicting permission. Use the policy
generator to create a new policy. Create the policy with effect: Deny; AWS Service: Amazon
S3;Actions:*; and ARN:*.
14. Attach the new policy to the Administrators group.
15. Use the CLI to attempt to list the contents of an Amazon S3 bucket. The policy that allows access
and the policy that denies access should resolve to deny access.

Perform each steps using your cloud account login and take screen shots for each steps. Your
answer document should comprise of steps, explanations/commands/codes and screen shots.
Step 1 - Root User Login
Step 2 - Created Administrators Group with AdministratorAccess Permission

Step 3 - Customized Sign In URL


Step 4 - Customized Password Policy
Step 5 - Created Administrator User

Step 6 - Logged into Administrator Account


Step 7 - Create TestClient Role with ReadOnlyAccess

{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Principal": {
"Service": "ec2.amazonaws.com"
},
"Action": "sts:AssumeRole"
}
]
}

Step 8 - Created Amazon Linux 2 with TestClient IAM instance profile


Step 9 - Uploaded Files to s3 Bucket
Step 10 - SSH into the bucket

Step 11 - List the Files in the Bucket


Step 12 - Denying the Access in the IAM

"Version": "2012-10-17",

"Statement": [

"Effect": "Deny",

"Principal": {

"Service": "ec2.amazonaws.com"

},

"Action": "sts:AssumeRole"

Step 13 – After Denying the ReadOnlyAccess

You might also like