Before now, we have been launching EC2 instances and manually installing apps like Jenkins, Docker, etc. Today, we’re moving to a smarter approach: automation with User Data and also learning IAM basics.
AWS User Data
When launching an EC2 instance, you can provide user data. This is a script that AWS runs automatically when the instance boots for the first time.
• Saves time (no need to SSH and install apps every time).
• Can be used to install apps, configure services, or set up environment variables.
• Accepted formats:
• Shell scripts (#!/bin/bash)
• cloud-init directives (for advanced setups)
Installing Jenkins automatically on a new Ubuntu EC2 instance
#!/bin/bash
# Update and install dependencies
sudo apt update -y
sudo apt install -y openjdk-11-jdk wget gnupg
# Add Jenkins repo and key
wget -q -O - https://pkg.jenkins.io/debian-stable/jenkins.io.key | sudo apt-key add -
sudo sh -c 'echo deb http://pkg.jenkins.io/debian-stable binary/ > \
/etc/apt/sources.list.d/jenkins.list'
# Install Jenkins
sudo apt update -y
sudo apt install -y jenkins
# Start Jenkins
sudo systemctl enable jenkins
sudo systemctl start jenkins
Once launched, copy the public IP of the instance and check http://:8080 in your browser → You should see the Jenkins setup page.
IAM (Identity & Access Management) Basics
IAM is AWS’s way of securely controlling who can access what.
• IAM Users → Individual accounts created for humans or applications.
Example: Deborah (developer) with her own username & password.
• IAM Groups → A collection of IAM users.
Example: Developers group where all developers get the same permissions.
• IAM Roles → Temporary credentials assigned to users, applications, or services. Roles are NOT tied to a single user.
Example: An EC2 instance role that allows the instance to access S3 without hardcoding credentials.
Task 1: EC2 + Jenkins via User Data
1. Go to AWS Console → EC2 → Launch Instance.
- Choose Ubuntu AMI.
- In the User Data section, paste the Jenkins installation script (above).
- Launch the instance and open port 8080 in the Security Group.
- Once running, check → http://<EC2-Public-IP>:8080.
- Take screenshot of:
• The User Data script in AWS console.
• Jenkins webpage showing it installed successfully.
Task 2: IAM Roles & Permissions
Step 1: Create Roles
1. Go to AWS Console → IAM → Roles → Create Role.
2. Choose trusted entity (e.g., AWS service like EC2 or specific user type).
3. Attach relevant policies.
• DevOps-User → EC2, S3, CloudFormation permissions.
• Test-User → Read-only permissions on EC2/S3.
• Admin → AdministratorAccess policy (full access).
4. Name and create the roles.
Step 2: Verify
• Assign roles to EC2 instances or attach them to specific IAM users.
• Check permission boundaries (e.g., Test-User shouldn’t be able to create new instances).
✅ Deliverables for today:
1. Screenshot of EC2 User Data & Jenkins setup page.
2. Explanation of IAM Users, Groups, Roles in your own terms.
3. Screenshots of the three roles created: DevOps-User, Test-User, Admin.
Top comments (0)