589f74a8-600d-4594-9196-89cd9ab980dd

1.AWS Account Creation: STEPS: 1. Sign up using your email address 2. Verify your email address 3. Create your password 4. Add your contact information 5. Add a payment method 6. Verify your phone number 7. Choose an AWS Support plan 8. Wait for account activation 1. Create an IAM group called as ‘ S3-Admins ’ with ‘ AmazonS3FullAccess ’ Steps: 1.Sign in to the AWS Management Console. 2.Navigate to the IAM (Identity and Access Management) service. 3.In the left-hand menu, select User Groups. 4.Click Create Group. 5.Under Group Name, enter S3-Admins. 6.In the Attach permissions policies section, search for AmazonS3FullAccess. 7.Check the box next to the AmazonS3FullAccess policy. 8.Click Create Group to finalize the creation. 2. Create an IAM user called as ‘ S3Admin1 ’ and add it to the ‘ S3-Admins ’ group. Steps: 1.Sign in to the AWS Management Console. 2.Navigate to the IAM (Identity and Access Management) service. 3.In the left-hand menu, click on Users. 4.Click the Add user button. 5.In the User name field, enter S3Admin1. 6.Under Select AWS credential type, check the box for Password - AWS Management Console access if you want to give console access, or Access key - Programmatic access for API/CLI access, or both depending on your use case. 1.Password: Create an auto-generated or custom password. 2.Access key: This will create access keys for programmatic access. 7.Click Next: Permissions. 8.On the Set permissions page, choose Add user to group. 9.In the list of groups, check the box next to S3-Admins. 10.Click Next: Tags if you'd like to add optional tags, then click Next: Review. 11.Review the settings and click Create user. 3. Attach an IAM custom policy to the ‘ S3-Admins ’ group which should deny to delete objects. Steps1: 1.Sign in to the AWS Management Console. 2.Navigate to the IAM (Identity and Access Management) service. 3.In the left-hand menu, click on Policies. 4.Click Create policy. 5.Switch to the JSON tab. 6.Copy and paste the custom policy JSON (provided above) into the editor. 7.Click Next: Tags (optional), and then Next: Review. 8.On the Review policy page, enter a Name (e.g., DenyS3ObjectDeletion). 9.Click Create policy. Step 2: Attach the Custom Policy to the S3-Admins Group 1.After the policy is created, go to the Groups section. 2.Click on the S3-Admins group. 3.Under the Permissions tab, click Add permissions. 4.Select Attach policies. 5.Search for the custom policy you created (e.g., DenyS3ObjectDeletion). 6.Select the checkbox next to the policy and click Attach policy. 4. Create an Inline policy for an IAM user and set some permission boundary for that user. Steps: 1. Sign in to the AWS Management Console 2. Navigate to the IAM service 3. Select the ‘ Users ’ option 4. Choose the IAM user for whom you want to create the inline policy 5. Go to the ‘ Permissions ’ tab and click ‘ Add inline policy ’ 6. Define the permissions using the JSON editor or visual editor 7. Review and create the inline policy 8. Set a permission boundary by attaching a policy that defines the maximum permissions 5.Create an IAM role with ‘ AmazonS3FullAccess ’ and attach the role to an EC2 instance. Steps: 1. Sign in to the AWS Management Console 2. Navigate to the IAM service 3. Select the ‘ Roles ’ option 4. Click ‘ Create role ’ and choose ‘ EC2 ’ as the trusted entity 5. Attach the ‘ AmazonS3FullAccess ’ policy 6. Review and create the role 7. Go to the EC2 Dashboard and select your EC2 instance 8. Attach the IAM role to the EC2 instance by selecting 'Actions' > 'Security' > 'Modify IAM role'. 6.Activate MFA for an IAM user and Set some Password Policies such as 1 uppercase, 1 lowercase etc Steps: 1. Sign in to the AWS Management Console 2. Navigate to the IAM service 3. Select the ‘ Users ’ option 4. Choose the IAM user and go to the ‘ Security credentials ’ tab 5. Click ‘ Manage MFA ’ and follow the steps to activate MFA 6. Navigate to the ‘ Account settings ’ in IAM 7. Set password policy: enable options like 1 uppercase, 1 lowercase, and other complexity requirements 8. Save the password policy changes 1.Create a S3 Bucket and create a folder in the bucket and upload a file in the folder. Steps: 1. Sign in to the AWS Management Console 2. Navigate to the S3 service 3. Click ‘ Create bucket ’ and configure bucket settings 4. Name the bucket and complete the creation process 5. Open the newly created bucket 6. Click ‘ Create folder ’ and name the folder 7. Open the folder 8. Click ‘ Upload ’ to upload a file into the folder 2.Disable "Block Public Access" for the bucket and enable public read access for a file. S teps: 1. Sign in to the AWS Management Console 2. Navigate to the S3 service 3. Open the bucket where you want to disable "Block Public Access" 4. Click on the "Permissions" tab 5. Disable "Block all public access" and confirm the changes 6. Navigate to the file you want to enable public access for 7. Click on the file and go to the "Permissions" tab 8. Edit the ACL and enable "Public Read Access" for the file. 3.Create a bucket policy which should deny to read objects under a folder of a bucket. Steps: 1. Sign in to the AWS Management Console 2. Navigate to the S3 service 3. Open the bucket where you want to create the policy 4. Go to the "Permissions" tab 5. Scroll down to the "Bucket Policy" section and click "Edit" 6. Create a policy that denies read access to the specific folder 7. Paste the JSON policy into the editor (customizing it for your folder) 8. Save the bucket policy changes 4.Enable versioning objects for a bucket and upload objects with multiple versions of it. Steps: 1. Sign in to the AWS Management Console 2. Navigate to the S3 service 3. Open the bucket where you want to enable versioning 4. Go to the "Properties" tab 5. Click "Edit" under the "Bucket Versioning" section and enable versioning 6. Navigate to the bucket's contents 7. Upload an object (file) 8. Upload the same object again to create multiple versions of it 5.Host a static webpage in a bucket itself by using static website hosting feature of it. Steps: 1. Sign in to the AWS Management Console 2. Navigate to the S3 service 3. Open the bucket where you want to host the static website 4. Go to the "Properties" tab 5. Click "Edit" under the "Static website hosting" section 6. Enable static website hosting and provide the index and error document (e.g., index.html, error.html) 7. Upload your static website files (HTML, CSS, JS) to the bucket 8. Copy the provided endpoint URL to access your hosted static webpage 6.Enable a lifecycle management rule between various storage classes for a S3 bucket. Steps: 1. Sign in to the AWS Management Console 2. Navigate to the S3 service 3. Open the bucket where you want to enable lifecycle management 4. Go to the "Management" tab 5. Click "Create lifecycle rule" 6. Name the rule and select the scope (e.g., entire bucket or specific prefix/folder) 7. Set transitions between storage classes (e.g., from Standard to Glacier after 30 days) 8. Review the rule and click "Create rule" to apply it 1.Create a Windows EC2 instance with t2.micro Instance and show the remote connection of that EC2 Instance. Steps: 1. Sign in to the AWS Management Console 2. Navigate to the EC2 service 3. Click "Launch Instance" 4. Choose a Windows AMI (Amazon Machine Image) 5. Select the t2.micro instance type 6. Configure instance details and click "Review and Launch" 7. Create or select an existing key pair, then launch the instance 8. After the instance is running, click "Connect," download the RDP file, and use it to establish a remote connection to the instance using the key pair's password. 2.Create an EBS volume of 5 GB and attach to a windows EC2 instance and make partition of that EBS volume. Steps: 1. Sign in to the AWS Management Console 2. Navigate to the EC2 service 3. Click "Launch Instance" 4. Choose a Windows AMI (Amazon Machine Image) 5. Select the t2.micro instance type 6. Configure instance details and click "Review and Launch" 7. Create or select an existing key pair, then launch the instance 8. After the instance is running, click "Connect," download the RDP file, and use it to establish a remote connection to the instance using the key pair's password. 3.Create some files and folders into 5 GB EBS volume of the previous exercise and take a snapshot of that EBS volume. Steps: 1. Sign in to the AWS Management Console 2. Navigate to the EC2 service 3. Select the running Windows EC2 instance from the previous exercise 4. Attach a 5 GB EBS volume by going to the "Elastic Block Store" > "Volumes" and clicking "Create Volume" 5. Choose 5 GB, the same Availability Zone as your instance, and attach the volume to the instance 6. Connect to the instance via Remote Desktop 7. Initialize and format the new volume in Windows, then create some files and folders 8. In the AWS Console, go to "Elastic Block Store" > "Volumes," select the volume, click "Actions" > "Create Snapshot" to take a snapshot of the EBS volume 4.Create a Linux EC2 instance with t2.micro Instance and show the remote connection of that EC2 Instance. Steps: 1. Sign in to the AWS Management Console 2. Navigate to the EC2 service 3. Click "Launch Instance" 4. Choose a Linux AMI (Amazon Machine Image), such as Amazon Linux 2 5. Select the t2.micro instance type 6. Configure instance details and click "Review and Launch" 7. Create or select an existing key pair, then launch the instance 8. After the instance is running, click "Connect," and use SSH with the provided connection details and key pair to remotely connect to the instance 5.Install, Start and Enable the httpd webservice in that Linux EC2 Instance, then host a static website in EC2. Steps: 1. Connect to your Linux EC2 instance using SSH 2. Update the package manager by running: sudo yum update -y (for Amazon Linux) 3. Install the httpd web service by running: sudo yum install httpd -y 4. Start the httpd service by running: sudo system ctl start httpd 5. Enable the httpd service to start on boot by running: sudo system ctl enable httpd 6. Navigate to the web root directory: cd /var/www/html 7. Create or upload your static website files (e.g., index.html) to this directory 8. Open your web browser and enter the public IP address of the EC2 instance to view your hosted static website. 6.Create Image(MyAMI) of the linux Webserver(from the previous exercise) and launch new EC2 instance from the created Image(MyAMI). Steps: 1. Sign in to the AWS Management Console 2. Navigate to the EC2 service 3. Select the running Linux EC2 instance (the web server from the previous exercise) 4. Click on "Actions," then select "Image and templates," and choose "Create image" 5. Enter a name for the image (e.g., MyAMI) and configure any additional settings, then click "Create image" 6. Wait for the image creation process to complete (you can check under "AMIs" in the EC2 dashboard) 7. Once the image is ready, click "Launch instance" from the MyAMI image details 8. Configure the instance settings as needed and click "Launch" to start a new EC2 instance from the created image. 1.Create a vpc with multiple subnets(atleast 1 subnet in each zone)