The world of cloud computing can seem vast and complex, but like any great journey, it begins with a single step. For those of us exploring Amazon Web Services (AWS), the path to mastery is built on hands-on experience. This article shares my recent practical explorations of some of the most essential AWS services: Identity and Access Management (IAM), Elastic Compute Cloud (EC2), and Elastic Block Store (EBS)..

Securing the Gates with AWS Identity and Access Management (IAM)

Before you can build in the cloud, you must first secure it. This is where IAM comes in. It is the backbone of security on AWS, allowing you to manage users and control access to your resources.

My first step was to move away from using the root account for daily tasks and instead create a new IAM user with specific permissions. As you can see below, I have a "testuser" and another user, demonstrating the ability to create and manage distinct identities within my AWS account. This is a critical best practice for ensuring a secure and auditable cloud environment.

Launching and Connecting to a Virtual Server with EC2

With a secure user in place, it was time to spin up a virtual server using Amazon's EC2 service. EC2 provides scalable computing capacity in the cloud, and it's often the first service that developers and system administrators interact with.

Configuring the AWS CLI

To work with AWS services programmatically, I configured the AWS Command Line Interface (CLI). By running aws configure, I was able to set up my access keys, which link my local machine to my IAM user, allowing me to manage AWS resources directly from the terminal. The aws s3 ls command in the screenshot below is a simple test to confirm that my credentials are set up correctly and that I can communicate with the AWS API.

Launching and Accessing the Instance

I launched a new EC2 instance and then dove into a crucial aspect of managing a virtual server: security groups. These act as a virtual firewall, controlling inbound and outbound traffic. I configured the security group to allow SSH (port 22) and HTTP (port 80) traffic. This is what allowed me to securely connect to my instance and to host a web server that is accessible to the outside world.

Installing a Web Server

Once connected to my Ubuntu-based EC2 instance, I installed the NGINX web server using sudo apt install nginx. This is a common real-world task, and the screenshot below shows the successful installation process.

And here is the result: a live "Welcome to nginx!" page, served from my EC2 instance and accessible via its public IP address.

Persistent Storage with Elastic Block Store (EBS)

EC2 instances are powerful, but what about data that needs to persist beyond the life of a single instance? That's where EBS comes in. EBS provides persistent block storage volumes for use with EC2 instances.

Creating and Attaching an EBS Volume

I provisioned a new 3 GB EBS volume, as seen in the AWS Management Console.

I then attached this volume to my running EC2 instance. The lsblk and df -h commands in the terminal output below show the initial state of the instance's storage and then the newly attached volume (xvdb).

Working with the Attached Volume

Once attached, the volume is just a raw block device. To make it usable, you need to create a file system on it and then mount it. After performing these steps, I was able to create a directory and a file on the new volume, demonstrating that it was ready to store persistent application data.

Managing S3 Buckets

Amazon S3 (Simple Storage Service) is an object storage service that offers industry-leading scalability, data availability, security, and performance. I practiced listing my S3 buckets from the command line, which is a common task for managing your storage resources.

Conclusion

This hands-on journey through IAM, EC2, and EBS has solidified my understanding of these core AWS services. From securing my account to launching a web server and managing persistent data, these practical exercises have been invaluable. The cloud is all about doing, and I'm excited to continue building on this foundation.