Saturday, April 30, 2016

Amazon AWS - Creating Application Server

Below are the main three tasks involved 

1. Create Security Group for Amazon EC2 Instance 
2. Create an IAM role 
3. Launch EC2 Instance 

When launch an instance, we can add rules to each security group that can control how much load can be accommodated in each instance. Once created these rules can be modified at any time and the changes will take effect immediately. 

This tutorial seems to be doing the below after creating a security group.

1. Allow inbound HTTP access from anywhere
2. Allow inbound SSH traffic from computer’s public IP so that we can connect to the instance.

Below are the tasks we need to do for configuring the access group

1. Decide who needs to have access. For e.g. access can be given entirely to an IP address. We can give a range of IP address if under a firewall. If don’t know the range, can be given as 0.0.0.0/0
2. Login to EC2 console https://console.aws.amazon.com/ec2/
3. In the navigation bar, verify that US West (Oregon) is the selected region.
4. In the navigation pane, click Security Groups, and then click Create Security Group.
5. Enter WebServerSG as the name of the security group, and provide a description.
6. Select your VPC from the list.
7. On the Inbound tab, add the rules as follows:
8. Click Add Rule, and then select SSH from the Type list. Under Source, select Custom IP and enter the public IP address range that you decided on in step 1 in the text box.
9. Click Add Rule, and then select HTTP from the Type list.
10. Click Create. 

The screen looks like below 

Next task is to create an IAM role. The purpose of IAM credentials is that one can effectively manage AWS credentials for running software on the instances. We can create an IAM role and configure it with permissions that the software requires. 

Below are the steps to create the IAM role with Full access 
To create an IAM role with full access to AWS
Open the Identity and Access Management (IAM) console at https://console.aws.amazon.com/iam/.
In the navigation pane, click Roles, and then click Create New Role.
On the Set Role Name page, enter a name for the role, and then click Next Step. Remember this name, as you'll need it when you launch your instance.
On the Select Role page, under AWS Service Roles, select Amazon EC2.
On the Attach Policy page, select the PowerUserAccess policy, and then click Next Step.
Review the role information and then click Create Role.

references:

http://docs.aws.amazon.com/gettingstarted/latest/wah-linux/getting-started-application-server.html
Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)