Daily Goals – Ch. 2 Identity & Access Management (IAM) Challenge Lab 2 “Implement Identity and Access Management”; Challenge Lab 3 “Implement Security by Using an IAM role”

Challenge Lab 2:

I am a solutions architect responsible for an Amazon Web Services (AWS) environment. I need to create an Amazon Simple Storage Service (Amazon S3) bucket that will contain assets for a website that I will be hosting. The website must be accessible to a group of web administrators. First, I will create an Amazon S3 bucket to store the assets, and then I will create a user account for the web administrator. Next, I will create an Identity and Access Management (IAM) policy that provides full control of the bucket, and then I will create a new group. Finally, I will assign the IAM policy to the group, and then I will add the web administrator to the group.

1. Created an Amazon S3 bucket.
2. Created a user.
3. Created a policy that provides full control of the S3 bucket.
4. Created a group.
5. Added a user to a group.

Challenge Lab 3:

I am a solutions architect responsible for an Amazon Web Services (AWS) environment. I need to create an Identity and Access Management (IAM) role that I will use to access an Amazon Simple Storage Service (Amazon S3) bucket from an Elastic Compute Cloud (EC2) instance. First, I will create an Amazon S3 bucket to store objects, and then I will create a role to provide access to the bucket from an EC2 instance. Next, I will create an IAM policy that provides full control of the bucket, and then I will assign the policy to the role. Finally, I will create a new EC2 instance that will use the role, and then I will sign in to the EC2 instance and test the role.

1. Created an S3 bucket and uploaded two objects.
2. Created an IAM policy that provides permissions to the S3 bucket.
3. Created an IAM role and assigned the policy to the role.
4. Launched a new EC2 instance that has the IAM role attached.
5. Tested access to the S3 bucket from the EC2 instance.