Open in app

Sign in

Write

Sign in

My AWS Journey

Dee Muthoni
4 min readApr 24, 2024

--

Lesson 1

Today, I decided to venture into the most popular and leading cloud service provider and platform, Amazon AWS.

My first tutorial, I used A Cloud Guru, the path, Introduction to AWS which was a free tier. This path has nine chapters, which cover the most fundamental basics of AWS.

Chapter 1: Introduction to AWS

In this chapter, I got to learn about the over view of AWS. It is the most widely used cloud platform with a 32% client-usage rate followed by Ms Azure at 17%, GCP, and the other cloud platforms.

Chapter 2: Overview of AWS

Here, I got to learn about the history of AWS, from development, to the first launch of AWS cloud back in 2006.

Chapter 3: Security and Identity

In this chapter, first, it was more hands-on. Then I got to learn about AWS services in security, and IAM as follows;

Data Protection

  • Amazon Macie-Discover & Protect your sensitive data.
  • Aws Key management Service — Store & manage encryption keys.
  • AWS cloud HSM — Hardware based key storage
  • AWS Certificate manager — Provision, manage & deploy SSL & Tus Sec Certificates
  • Aws Secrets Manager — Rotate, manage & retrieve secrets.

Infrastructure Protection

  • Aws shield — Denial Of Service Protection.
  • AWS Web Application Firewall — filter malicious website traffic
  • AWS Firewall Manager — Centrally manage firewall rules.

Threat Detection

  • Amazon Guard Duty — Automatically detect threats.
  • Amazon Inspector — Analyze application security.
  • AWS config — Record & evaluation configs of your Aws cloudTrail -Track use activity & API usage.

Identity Management

  • AWS IAM- securely manage access to AWS account services & resources
  • Single Sign-on — Implement loud single sign-on.
  • Amazon Cognito — Manags identity inside applications e.g. users logging in.
  • Aws Directory Service — Implement & manage Microsoft Active Directory.
  • AWS Organizations — Centrally govern & manage Multiple AWS accounts in one place.

Illustrating IAM — Identity & Access Management

  • It manages who can access what in your AWS accounts.
  • It allows one to create users & groups.
  • Allows or Denies Access via policies.
  • IAM main features.
  • Users- users and policies can be added to groups
  • Roles- these allows to delegate access to users and services

Illustration of IAM Roles:

You can run virtual machines which host your website. In your website you have a database running on AWS database service. You can create a role which allows someone to access your database service. Then you can tell your virtual machines to use that role & when they assume that role it grant’s them permission to them & only them to access your database.

AWS Directory Service

  • Managed Microsoft Active Directory. Compatible with other AWS
  • Managed Simple Active Directory
  • AD connector — enables users to login using their preset credentials.

IAM Hands On Lab

This lab involves creating users, giving user permissions and creation groups.

Open the IAM console of the AWS Console in a browser window.

  1. Sign in. Sign in as a root user. Provide username and password when prompted.
  2. Select the Users menu. Navigate to the Users screen. You’ll find it in the IAM dashboard, under the Identity and Access Management (IAM) drop-down menu on the left side of the screen. Click on Users.
  3. Add a user. Click on Add User to navigate to a user detail form. Provide all details, such as the username and access type. In this tutorial, we use the name cli-user, and check the Programmatic access box under Access type. This option gives the user access to AWS development tools, such as the command line interface used later in this tutorial. Click on Next: Permissions to continue.

Adding a tag to the user

4. Set the user/group permissions. Click Attach existing policies directly and then filter the policies by keyword: IAM. For this user, select IAMFullAccess from the list of available policies. The IAMFullAccess policy enables this user to create and manage user permissions in AWS. Later in the tutorial, this user will perform AWS IAM operations.

5. Finish the user setup. For this tutorial, we will skip the tags section of user creation and go to the review page. Check the details of the username, AWS access type and permissions. Then, click Create user.

All users created

Creating groups, you go to the user groups, insert the name of your group, and set permissions to the group.

Giving group permissions

Cloud Security
Aws Iam
Introduction To Aws

--

--

Dee Muthoni

Written by Dee Muthoni

5 Followers

Cyber Security Enthusiast | Ethical Hacker | Tech Researcher | Penetration Tester | Freelancer | Article Writer

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams