SC Product-Basics

Use Case:

Developers need a compliant, quick method to deploy servers Windows and Linux on AWS. They also want the ability to restart the servers. Your security officer wants to give developers this ability but with minimal AWS privileges. You have to create an AWS Service Catalog product to satisfy this use case.


Pre-requisites:

DO NOT use your ROOT user

  1. Create a user called labadmin, give it an an Administrator policy (optional if you have a user with an admin policy)

  2. Login to your AWS Account using the labadmin user (or an admin user)

  3. Use the US East (N. Virginia) region

Note

The fastest way to accomplish this use case is to use infrastructure as code or CloudFormation templates. A template to create the portfolio will be used and it in turn will use an EC2 template. Both are provided for you

Launch a Stack to create a Portfolio with an EC2 product.

Optional:

Steps

  • Right click and Launch the template

  • This CloudFormation template will create the following

  • Service Catalog Portfolio

  • Service Catalog Products

  • Create Service Catalog components using - Sample CloudFormation

  • On the Create stack page, choose next

  • On the stack details page, fill in the parameters and then choose next

  • use the defaults for the stack Parameter

  • On the Configure stack options page choose Next

  • On Review page, choose the check box for I acknowledge that AWS CloudFormation might create IAM resources with custom names.

Choose Create Stack

  • Wait for the status to chage to CREATE_COMPLETE

  • Select the Stack Name SCloftLab

  • Select the Outputs tab

  • Copy the output section

  • Paste into a text document on your computer for reference later in the lab

Deploy a Service Catalog Product - Windows Server

  1. Select the SwitchRoleSCEndUserRole URL and open it in a new tab

  2. Choose Switch Roles

  3. Open the Service Catalog console

  4. Choose Products list and the three vertical dots next to LABEC2

  5. Choose Launch product

  6. Enter EC200windows as a provision product name

  7. Choose Next

  8. Enter the Parameters

    • KeyName - pick one

    • VpcId pick one

    • Size - t2.medium

    • ServerName - xxlabWinServer

    • Imageid - ami-04a0ee204b44cc91a

    • SubnetID pick one

  9. Choose NEXT

  10. On the Tag options page choose Next

  11. On the Notifications page choose NEXT

  12. On the Review page choose LAUNCH This will deploy the Windows Server.

    /Users/nickil/Desktop/AWS Immersion
Day-Bootcamp\_files/sclab006.png

  13. Wait for the Status to be Succeeded you can refresh if you need to

    Congratulations you now have a Windows Server

  14. View your server from the EC2 Console Look for the server with the \‘xxlabWinServer\’ Name


Deploy Linux Server

  1. Return to Service Catalog

  2. Choose Service Catalog From the list of services

  3. Choose Products list and the three doot next to LABEC2

  4. Choose Launch product

  5. Enter EC2001Linux as a provision product name

  6. Choose Next

  7. Enter the Parameters

    • KeyName - pick one

    • VpcId pick one

    • Size - t2.medium

    • ServerName - xxlabLinuxServer

    • Imageid - ami-0323c3dd2da7fb37d

    • SubnetID pick one

  8. Choose NEXT

  9. On the Tag options page choose Next

  10. On the Notifications page choose NEXT

  11. On the Review page choose LAUNCH This will deploy the Windows Server.

  12. Wait for the Status to be Succeeded you can refresh if you need to

    Congratulations you now have a Linux Server

  13. View your server from the EC2 Console Look for the server with the \‘xxlabLinuxServer\’ Name

    Give the user the ability to restart the server from Service Catalog (Service Actions)

  14. Switch Role to the SwitchRoleSCAdmin role

  15. Copy the url for SwitchRoleSCAdmin and use it in a new browser tab

    Copy the URL for SwitchRoleSCAdmin from your text document

  16. Return to Service Catalog

  17. Choose Service actions

  18. Choose Create new action button

  19. Choose AWS-RestartEC2Instance

  20. Choose Next

  21. On the Configure page use defaults , choose Create action

  22. Choose the AWS-RestartEC2Instance choose Associate action

  23. Choose the product LABEC2 choose V1 version, choose Associate action

    Great !! users can now restart their servers by themselves

End-user Restart a server

  1. Switch back to the End-user Role

  2. Choose the role name, choose ServiceCatalogEndUser

  3. Choose Switch Role

  4. Return to Service Catalog

  5. Choose Provisioned product list

  6. Choose a Provisioned Product name

  7. Choose the ACTIONS button, Choose AWS-RestartEC2Instance

  8. Choose RUN ACTION

  9. Switch to the EC2 Console Look for the server restarting

End of Lab Exercises

Thank you for using this lab.