Configure Users, Roles & Secure Access Control

After completing monitoring, log analysis, and performance optimization, CartForge is running smoothly in production.

The team is growing.
More developers need server access.
Multiple people now handle deployments and maintenance.

One day, the manager notices a serious risk.

• Shared login credentials are being used

• Too many users have full admin access

• No clear separation of responsibilities

• Difficult to track who changed what

The manager calls the Junior DevOps Engineer and explains:

 “Our infrastructure is stable, but access management is becoming risky.”

He continues:

 “Too many people have unnecessary permissions, and some accounts are being shared.”

 “If one mistake happens, it could impact the entire server.”

The Junior DevOps Engineer gathers the team and explains:

 “Now we move from system management to secure access management.”

 “We’ll assign the right access to the right people—nothing more, nothing less.”

1. What is AWS and Why AWS

2. Cloud Service and Deployment method

3. What is IAM in AWS

4. Different between policy and roles

5. Define user group

Go to AWS Console(Search: IAM)

Create Group(Go to: User Groups → Create group)

Attach Policies:

 Select:

(AdministratorAccess (for learning))

Create User (Go to: Users → Create user)

Set Permissions

Select:Add user , to groupChoose: DevOps-Tea , Click Next →

Get Login Access

 After creation:

• Download credentials

• Set password

Now lets enable MFA for your cartforget user

Go inside your user >>Security Credentials >> click on assi

And here you can see its added

To validate the permission lets login in to your server

Now try to login in to the user that your created

Now its will ask your for one code that is coz of MFA

Set the password and continue

And your are login into your cartforge account

Create Custom Policy

 Go to AWS ConsoleSearch: IAM

Policies → Create Policy

 Use JSON

Click Next 

Name:CartForge-ReadOnly-Policy

 Create Policy

Lets create a role and for our Cartforge server to access the EC2

Go to: Roles → Create Role

Select:

• AWS Service

• Use case → EC2

Attach Policy:

 Select:CartForge-ReadOnly-Policy

 Name:CartForge-EC2-Role

 Create Role

Great job!

• Configured users and roles with secure access control to ensure proper system management
• Validated permissions to allow only authorized access, strengthening CartForge’s overall security​

1. What is EC2

2. Components of EC2

3. What is SSH

4. Explore the frequently used Port no

5. What is s3 and its Storage Classes