DEV Community

Cover image for Day 39: AWS and IAM Basics
Udoh Deborah
Udoh Deborah

Posted on

Day 39: AWS and IAM Basics

#iam #aws #devops #linux

Before now, we have been launching EC2 instances and manually installing apps like Jenkins, Docker, etc. Today, we’re moving to a smarter approach: automation with User Data and also learning IAM basics.

AWS User Data

When launching an EC2 instance, you can provide user data. This is a script that AWS runs automatically when the instance boots for the first time.
• Saves time (no need to SSH and install apps every time).
• Can be used to install apps, configure services, or set up environment variables.
• Accepted formats:
• Shell scripts (#!/bin/bash)
• cloud-init directives (for advanced setups)

Installing Jenkins automatically on a new Ubuntu EC2 instance 

#!/bin/bash
# Update and install dependencies
sudo apt update -y
sudo apt install -y openjdk-11-jdk wget gnupg

# Add Jenkins repo and key
wget -q -O - https://pkg.jenkins.io/debian-stable/jenkins.io.key | sudo apt-key add -
sudo sh -c 'echo deb http://pkg.jenkins.io/debian-stable binary/ > \
    /etc/apt/sources.list.d/jenkins.list'

# Install Jenkins
sudo apt update -y
sudo apt install -y jenkins

# Start Jenkins
sudo systemctl enable jenkins
sudo systemctl start jenkins
Enter fullscreen mode Exit fullscreen mode

Once launched, copy the public IP of the instance and check http://:8080 in your browser → You should see the Jenkins setup page.

IAM (Identity & Access Management) Basics

IAM is AWS’s way of securely controlling who can access what.
• IAM Users → Individual accounts created for humans or applications.
Example: Deborah (developer) with her own username & password.
• IAM Groups → A collection of IAM users.
Example: Developers group where all developers get the same permissions.
• IAM Roles → Temporary credentials assigned to users, applications, or services. Roles are NOT tied to a single user.
Example: An EC2 instance role that allows the instance to access S3 without hardcoding credentials.

Task 1: EC2 + Jenkins via User Data 

1.  Go to AWS Console → EC2 → Launch Instance.


    

  1.  Choose Ubuntu AMI.
    2. 

  2.  In the User Data section, paste the Jenkins installation script (above).
    3. 

  3.  Launch the instance and open port 8080 in the Security Group.
    4. 

  4.  Once running, check → http://<EC2-Public-IP>:8080.
    5. 

  5.  Take screenshot of:
• The User Data script in AWS console.
• Jenkins webpage showing it installed successfully.

    6.
Enter fullscreen mode Exit fullscreen mode

Task 2: IAM Roles & Permissions

Step 1: Create Roles
1. Go to AWS Console → IAM → Roles → Create Role.
2. Choose trusted entity (e.g., AWS service like EC2 or specific user type).
3. Attach relevant policies.
• DevOps-User → EC2, S3, CloudFormation permissions.
• Test-User → Read-only permissions on EC2/S3.
• Admin → AdministratorAccess policy (full access).
4. Name and create the roles.

Step 2: Verify
• Assign roles to EC2 instances or attach them to specific IAM users.
• Check permission boundaries (e.g., Test-User shouldn’t be able to create new instances).

✅ Deliverables for today:
1. Screenshot of EC2 User Data & Jenkins setup page.
2. Explanation of IAM Users, Groups, Roles in your own terms.
3. Screenshots of the three roles created: DevOps-User, Test-User, Admin.

Top comments (0)