Difference between revisions of "OPS345 Lab 1"

From CDOT Wiki
Jump to: navigation, search
Line 2: Line 2:
  
 
''' The current schedule for OPS345 is here: [[OPS335_Weekly_Schedule]]
 
''' The current schedule for OPS345 is here: [[OPS335_Weekly_Schedule]]
 +
 +
= AWS Console =
  
 
https://aws.amazon.com/education/awseducate/
 
https://aws.amazon.com/education/awseducate/

Revision as of 00:32, 28 July 2021

THIS PAGE IS A DRAFT, NOT A REAL COURSE PAGE

The current schedule for OPS345 is here: OPS335_Weekly_Schedule

AWS Console

https://aws.amazon.com/education/awseducate/ click "AWS Account", then "AWS Edicate Starter Account", then "AWS Console"

AWS cost monitoring

  • Students are responsible for their AWS usage, including paying for it
  • No AWS alerts on AWS educate account
  • For those not using AWS educate: Amazon CloudWatch billing alarms
  • Always keep cost in the back of your mind when doing /anything/ on AWS

Basic security on a public-facing server

  • A good AWS password, not used anywhere else
  • Remove default usernames
  • Whenever possible: don't use passwords at all, use SSH keys for logging in
  • root is never allowed to log in remotely
  • How to use sudo and how to configure it
  • ssh keys, same as OPS245
  • How to organise your SSH keys and not lose them

AWS networking

  • Default dynamic public IP
  • Default static private network/IP
  • Reserving a static public IP under "Elastic IPs", cost of doing that

First AWS VM

  • Deploy a pre-built SuSE VM ("Instance") suse-sles-15-sp2-v20201211-hvm-ssd-x86_64
    • Instance type t2.micro - sort of almost free
  • Differences between SuSE and CentOS
  • Explore the VM:
    • connect with user ec2-user, ssh key
    • no yum, use zypper
    • systemctl
    • passwd, shadow, group files
    • netstat -atnup
    • Create senecaid-admin user, no password, add to wheel group, modify /etc/sudoers
    • Confirm can log in as senecaid-user and successfully sudo su
    • Delete ec2-user