diff --git a/00-dev-environment/README.md b/00-dev-environment/README.md index 296b66c4..569eb202 100644 --- a/00-dev-environment/README.md +++ b/00-dev-environment/README.md @@ -74,7 +74,18 @@ aws sts get-session-token \ / ``` -This will return json containing the temporarily credentials.(**WARNING: special characters in the 'SecretAccessKey' may not work for Windoze machines) +This will return json containing the temporary credentials.(**WARNING: special characters in the 'SecretAccessKey' may not work for Windoze machines) + +**Notice: these are not the SecretAccessKey and SessionToken you provided before. These are brand spanking new to be used specifically for a new programmatic connection** + +```mermaid +sequenceDiagram +You ->> AWS: I need temporary credentials +Note right of AWS: Thinking... Thinking +AWS ->> You: Here are the new credentials... +You ->> AWS: Here's the credentials to get me access +AWS ->> You: Soup for you. You have access!! +``` ```shell "Credentials": { @@ -221,5 +232,5 @@ to complete the training work. In your Cloud9 Editor, perform the following: application in that language - Add the files to your new branch, commit them, and push the branch up to your forked repository -- Create a pull request from your branch to the master branch within your forked +- Create a pull request from your branch to the master branch within YOUR forked repository and merge after reviewing diff --git a/14-Jenkins/README.md b/14-Jenkins/README.md index d9bcef82..09d9f5fb 100644 --- a/14-Jenkins/README.md +++ b/14-Jenkins/README.md @@ -70,6 +70,11 @@ For ease of deployment and scalability, we will provision a Jenkins environment using CloudFormation templates on the AWS platform. In order to do this you will need the following: +Follow these directions instead +``` +https://www.jenkins.io/doc/tutorials/tutorial-for-installing-jenkins-on-AWS/#downloading-and-installing-jenkins +``` + - EC2 Instance (as the Jenkins Server) -- use the Amazon Linux AMI with JDK installed - EIP, for the instance to receive traffic - Subnet, containing the Jenkins master instance @@ -94,6 +99,15 @@ present and you can: - Manage "Credentials" - View "My Views" +#### I had to re-create the RSA key pair (joels-key-pair) in order to login again + +``` + aws cloudformation create-stack --profile temp --stack-name Joels1411 --template-body file://base.yaml --parameters file://base-params.json --capabilities CAPABILITY_NAMED_IAM +{ + "StackId": "arn:aws:cloudformation:us-east-1:324320755747:stack/Joels1411/e8ac7090-cf28-11ed-a8ab-1222a4b30ce5" +} +``` + #### Lab 14.1.2 - Adding Agents As it stands, the Jenkins server can be used to execute jobs. Executing jobs diff --git a/14-Jenkins/base-params.json b/14-Jenkins/base-params.json index 56a56ba5..6c7c49d7 100644 --- a/14-Jenkins/base-params.json +++ b/14-Jenkins/base-params.json @@ -13,7 +13,7 @@ }, { "ParameterKey": "EC2InstanceAmi", - "ParameterValue": "ami-0bce08e823ed38bdd" + "ParameterValue": "/aws/service/ecs/optimized-ami/amazon-linux-2/recommended/image_id" }, { "ParameterKey": "EC2InstanceType", @@ -21,10 +21,10 @@ }, { "ParameterKey": "EC2KeyName", - "ParameterValue": "test-user-key" + "ParameterValue": "joels-key-pair" }, { "ParameterKey": "IAMUserOwnerIp", - "ParameterValue": "XX.XXX.XXX.XXX" + "ParameterValue": "66.110.242.65" } ] \ No newline at end of file diff --git a/14-Jenkins/base.yaml b/14-Jenkins/base.yaml index 5b267390..9286cef9 100644 --- a/14-Jenkins/base.yaml +++ b/14-Jenkins/base.yaml @@ -12,9 +12,9 @@ Parameters: Type: String Description: IAM user that is owner of this CFN stack EC2InstanceAmi: - Type: AWS::EC2::Image::Id + Type: AWS::SSM::Parameter::Value Description: EC2 Instance AMI - Default: ami-014534a11156c1a0d + Default: /aws/service/ecs/optimized-ami/amazon-linux-2/recommended/image_id EC2KeyName: Type: String Description: Name of the EC2 keys used for ssh @@ -84,6 +84,16 @@ Resources: ToPort: 22 IpProtocol: tcp CidrIp: 0.0.0.0/0 + - + FromPort: 80 + ToPort: 80 + IpProtocol: tcp + CidrIp: 0.0.0.0/0 + - + FromPort: 8080 + ToPort: 8080 + IpProtocol: tcp + CidrIp: 0.0.0.0/0 - FromPort: -1 ToPort: -1 @@ -110,6 +120,19 @@ Resources: - Key: stack Value: !Ref "AWS::StackId" + UserData: + # https://www.jenkins.io/doc/tutorials/tutorial-for-installing-jenkins-on-AWS/#downloading-and-installing-jenkins + Fn::Base64: | + #!/bin/bash + yum -y update + yum install -y wget + wget -O /etc/yum.repos.d/jenkins.repo https://pkg.jenkins.io/redhat-stable/jenkins.repo + rpm --import https://pkg.jenkins.io/redhat-stable/jenkins.io.key + yum -y upgrade + amazon-linux-extras install java-openjdk11 -y + yum install -y jenkins + systemctl enable jenkins + systemctl start jenkins MyNetworkAcl: Type: AWS::EC2::NetworkAcl Properties: @@ -168,14 +191,14 @@ Resources: NetworkAclId: !Ref MyNetworkAcl RuleNumber: 202 RuleAction: allow - Protocol: 6 + Protocol: 1 CidrBlock: !Join ['/', ["10.0.0.128", '25' ] ] Icmp: Code: -1 Type: -1 PortRange: - From: - To: + From: 8 + To: -1 MyNetworkEntryMySecondSubnetIngressAllHttp: Type: AWS::EC2::NetworkAclEntry Properties: @@ -187,6 +210,17 @@ Resources: PortRange: From: 80 To: 80 + MyNetworkEntryMySecondSubnetIngressAllJenkins: + Type: AWS::EC2::NetworkAclEntry + Properties: + NetworkAclId: !Ref MyNetworkAcl + RuleNumber: 205 + RuleAction: allow + Protocol: 6 + CidrBlock: !Join ['/', ["10.0.0.128", '25' ] ] + PortRange: + From: 8080 + To: 8080 MyNetworkEntryMySecondSubnetEgressAllTraffic: Type: AWS::EC2::NetworkAclEntry Properties: @@ -197,8 +231,8 @@ Resources: Protocol: -1 CidrBlock: !Join ['/', ["10.0.0.128", '25' ] ] PortRange: - From: - To: + From: 0 + To: 65000 MySecondSubnet: Type: AWS::EC2::Subnet Properties: @@ -250,6 +284,65 @@ Resources: - Key: stack Value: !Ref "AWS::StackId" + # JenkinsArtifactsBucket: + # Type: AWS::S3::Bucket + # Properties: + # BucketName: !Sub "${AWS::StackName}-jenkins-artifacts" + # JenkinsBuildPipeline: + # Type: AWS::CodePipeline::Pipeline + # Properties: + # Name: !Sub "${AWS::StackName}-jenkins-build-pipeline" + # RoleArn: !GetAtt [CodePipelineRole, Arn] + # Stages: + # - Name: Source + # Actions: + # - Name: SourceAction + # ActionTypeId: + # Category: Source + # Owner: ThirdParty + # Provider: GitHub + # Version: '1' + # OutputArtifacts: + # - Name: SourceArtifact + # Configuration: + # Owner: !Ref GitHubOwner + # Repo: !Ref GitHubRepo + # Branch: !Ref GitHubBranch + # OAuthToken: !Ref GitHubOAuthToken + # RunOrder: 1 + # - Name: Build + # Actions: + # - Name: BuildAction + # ActionTypeId: + # Category: Build + # Owner: Custom + # Provider: Jenkins + # Version: '1' + # Configuration: + # ProjectName: !Ref JenkinsProjectName + # Url: !Ref JenkinsUrl + # Username: !Ref JenkinsUsername + # Password: !Ref JenkinsPassword + # InputArtifacts: + # - Name: SourceArtifact + # OutputArtifacts: + # - Name: BuildArtifact + # RunOrder: 1 + # - Name: Deploy + # Actions: + # - Name: DeployAction + # ActionTypeId: + # Category: Deploy + # Owner: AWS + # Provider: S3 + # Version: '1' + # Configuration: + # BucketName: !Ref JenkinsArtifactsBucket + # ObjectKey: !Ref S3ObjectKey + # Extract: true + # InputArtifacts: + # - Name: BuildArtifact + # RunOrder: 1 Outputs: MyVpcOutput: Description: Id of MyVpc