{"id":2168,"date":"2019-08-22T09:40:15","date_gmt":"2019-08-22T09:40:15","guid":{"rendered":"https:\/\/www.testpreptraining.com\/tutorial\/?page_id=2168"},"modified":"2022-03-04T07:36:20","modified_gmt":"2022-03-04T07:36:20","slug":"opsworks-security","status":"publish","type":"page","link":"https:\/\/www.testpreptraining.ai\/tutorial\/aws-devops-engineer\/opsworks-security\/","title":{"rendered":"OpsWorks Security"},"content":{"rendered":"\n<p>In this, we will learn the basics of OpsWorks Security.<\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>IAM lists credentials to access resources. <\/li><li>OpsWorks Stacks integrates with IAM <\/li><li>IAM can control <ul><li>How\nusers can interact with OpsWorks Stacks.<\/li><\/ul><ul><li>How\nOpsWorks Stacks can act on your behalf to access stack resources like EC2 or S3\n<\/li><\/ul><ul><li>How\nunder OpsWorks Stacks can access other AWS resources <\/li><\/ul><ul><li>Managing\nuser-based SSH keys <\/li><\/ul><ul><li>How\nto use SSH or RDP to connect to instances. <\/li><\/ul><ul><li>updating\ninstances&#8217; operating system <\/li><\/ul><ul><li>configure\nEC2 security groups to control network traffic to and from instances. <\/li><\/ul><ul><li>specify\ncustom security groups <\/li><\/ul><\/li><\/ul>\n\n\n\n<h4 class=\"wp-block-heading\"><strong>User Permissions<\/strong><\/h4>\n\n\n\n<ul class=\"wp-block-list\"><li>Attach IAM AWSOpsWorksFullAccess policy to every\nIAM user, to handle OpsWorks Stacks permissions<ul><li>But,\nit will allow user to perform every OpsWorks Stacks action on every stack. <\/li><\/ul><ul><li>Hence,\nrestrict OpsWorks Stacks users to a specified actions or resources. <\/li><\/ul><\/li><li>Control AWS OpsWorks Stacks user permissions by <\/li><li>using the AWS OpsWorks Stacks Permissions page <\/li><li>by attaching an appropriate IAM policy. <\/li><li>Using the Permissions page, to control <ul><li>Who\ncan access each stack.<\/li><\/ul><ul><li>Which\nactions each user is allowed to perform on each stack.<\/li><\/ul><ul><li>Who\ncan manage each stack.<\/li><\/ul><ul><li>Who\nhas user-level SSH access and sudo privileges (Linux) or RDP access and\nadministrator privileges (Windows) on each stack&#8217;s Amazon EC2 instances. <\/li><\/ul><\/li><\/ul>\n\n\n\n<h6 class=\"wp-block-heading\">Sample for managing user permissions assuming an administrative user. <\/h6>\n\n\n\n<ul class=\"wp-block-list\"><li>Use IAM console to attach AWSOpsWorksFullAccess policies to administrative users. <\/li><li>Create an IAM user for each nonadministrative user with a policy that grants no AWS OpsWorks Stacks permissions. <\/li><li>If a user requires access only to AWS OpsWorks Stacks, you might not need to attach a policy at all. You can instead manage their permissions with the AWS OpsWorks Stacks Permissions page. <\/li><li>Use the AWS OpsWorks Stacks Users page to import the nonadministrative users into AWS OpsWorks Stacks. <\/li><li>For each stack, use the stack&#8217;s Permissions page to assign a permission level to each user. <\/li><li>As needed, customize users&#8217; permission levels by attaching an appropriately configured IAM policy. <\/li><\/ul>\n\n\n\n<h4 class=\"wp-block-heading\"><strong>Regular AWS OpsWorks Stacks Users<\/strong><\/h4>\n\n\n\n<ul class=\"wp-block-list\"><li>Regular users don&#8217;t require an attached policy. <\/li><li>Use OpsWorks Stacks Permissions page to assign\npermissions levels to regular users on a stack-by-stack basis. <ul><li>Show\npermissions to view the stack, but not perform any operations. <\/li><\/ul><ul><li>Deploy\npermissions allow users to deploy and update apps. <\/li><\/ul><ul><li>Manage\npermissions allow users to perform stack management like adding layers or\ninstances, use the Permissions page to set user permissions, and enable their\nown SSH\/RDP and sudo\/admin privileges. <\/li><\/ul><ul><li>Deny\npermissions deny access to the stack. <\/li><\/ul><\/li><\/ul>\n\n\n\n<h6 class=\"wp-block-heading\"><strong>To create the IAM User<\/strong>:<\/h6>\n\n\n\n<ul class=\"wp-block-list\"><li>Access the IAM console at <a rel=\"noreferrer noopener\" href=\"https:\/\/console.aws.amazon.com\/iam\/\" target=\"_blank\">https:\/\/console.aws.amazon.com\/iam\/<\/a><\/li><li>Select Users in navigation pane, and then click Add user. <\/li><li>Type a user name. In Select AWS access type area, select Programmatic access, and then choose Next: Permissions. <\/li><li>On the Set permissions page, choose Attach existing policies directly. <\/li><li>Enter OpsWorks in the Policy type filter box to display the AWS OpsWorks policies<\/li><li>Select AWSOpsWorksFullAccess, and then choose Next: review. <\/li><\/ul>\n\n\n\n<figure class=\"wp-block-image\"><img loading=\"lazy\" decoding=\"async\" width=\"624\" height=\"135\" src=\"https:\/\/www.testpreptraining.ai\/tutorial\/wp-content\/uploads\/2019\/08\/image-149.png\" alt=\"OpsWorks Security\" class=\"wp-image-2169\"\/><\/figure>\n\n\n\n<h4 class=\"wp-block-heading\"><strong>Security Updates<\/strong><\/h4>\n\n\n\n<p>To update online instances.<\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>Create and start new instances. Then delete the\ncurrent instances. <\/li><li>On Linux-based instances in Chef 11.10 or older\nstacks, run the Update Dependencies stack command<\/li><\/ul>\n\n\n\n<h4 class=\"wp-block-heading\"><strong>Security Groups<\/strong><\/h4>\n\n\n\n<ul class=\"wp-block-list\"><li>Every EC2 instance has one or more associated\nsecurity groups <\/li><li>Security groups govern instance&#8217;s network\ntraffic, like firewall. <\/li><li>A security group has one or more rules, for traffic\nand includes<ul><li>The\ntype of allowed traffic, such as SSH or HTTP<\/li><\/ul><ul><li>The\ntraffic&#8217;s protocol, such as TCP or UDP<\/li><\/ul><ul><li>The\nIP address range that the traffic can originate from<\/li><\/ul><ul><li>The\ntraffic&#8217;s allowed port range<\/li><\/ul><\/li><li>Two types of rules:<\/li><li>Inbound rules govern inbound network traffic.<\/li><li>Outbound rules govern outbound network traffic.<\/li><\/ul>\n","protected":false},"excerpt":{"rendered":"<p>In this, we will learn the basics of OpsWorks Security. IAM lists credentials to access resources. OpsWorks Stacks integrates with IAM IAM can control How users can interact with OpsWorks Stacks. How OpsWorks Stacks can act on your behalf to access stack resources like EC2 or S3 How under OpsWorks Stacks can access other AWS&#8230;<\/p>\n","protected":false},"author":1,"featured_media":0,"parent":2084,"menu_order":21,"comment_status":"closed","ping_status":"closed","template":"","meta":{"_acf_changed":false,"footnotes":""},"categories":[2],"tags":[7,372,380,396],"class_list":["post-2168","page","type-page","status-publish","hentry","category-amazon-aws","tag-aws","tag-devops","tag-devops-engineer","tag-opsworks-security"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v22.1 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>OpsWorks Security - Testprep Training Tutorials<\/title>\n<meta name=\"description\" content=\"Enhance your knowledge level by learning about the basics of OpsWorks Security for AWS Certification Exam Preparation Now!\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.testpreptraining.ai\/tutorial\/aws-devops-engineer\/opsworks-security\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"OpsWorks Security - Testprep Training Tutorials\" \/>\n<meta property=\"og:description\" content=\"Enhance your knowledge level by learning about the basics of OpsWorks Security for AWS Certification Exam Preparation Now!\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.testpreptraining.ai\/tutorial\/aws-devops-engineer\/opsworks-security\/\" \/>\n<meta property=\"og:site_name\" content=\"Testprep Training Tutorials\" \/>\n<meta property=\"article:modified_time\" content=\"2022-03-04T07:36:20+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.testpreptraining.com\/tutorial\/wp-content\/uploads\/2019\/08\/image-149.png\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data1\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.testpreptraining.ai\/tutorial\/aws-devops-engineer\/opsworks-security\/\",\"url\":\"https:\/\/www.testpreptraining.ai\/tutorial\/aws-devops-engineer\/opsworks-security\/\",\"name\":\"OpsWorks Security - Testprep Training Tutorials\",\"isPartOf\":{\"@id\":\"https:\/\/www.testpreptraining.ai\/tutorial\/#website\"},\"datePublished\":\"2019-08-22T09:40:15+00:00\",\"dateModified\":\"2022-03-04T07:36:20+00:00\",\"description\":\"Enhance your knowledge level by learning about the basics of OpsWorks Security for AWS Certification Exam Preparation Now!\",\"breadcrumb\":{\"@id\":\"https:\/\/www.testpreptraining.ai\/tutorial\/aws-devops-engineer\/opsworks-security\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.testpreptraining.ai\/tutorial\/aws-devops-engineer\/opsworks-security\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.testpreptraining.ai\/tutorial\/aws-devops-engineer\/opsworks-security\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.testpreptraining.ai\/tutorial\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"AWS Certified DevOps Engineer Professional\",\"item\":\"https:\/\/www.testpreptraining.ai\/tutorial\/aws-devops-engineer\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"OpsWorks Security\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.testpreptraining.ai\/tutorial\/#website\",\"url\":\"https:\/\/www.testpreptraining.ai\/tutorial\/\",\"name\":\"Testprep Training Tutorials\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\/\/www.testpreptraining.ai\/tutorial\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.testpreptraining.ai\/tutorial\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.testpreptraining.ai\/tutorial\/#organization\",\"name\":\"Testprep Training\",\"url\":\"https:\/\/www.testpreptraining.ai\/tutorial\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.testpreptraining.ai\/tutorial\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.testpreptraining.com\/tutorial\/wp-content\/uploads\/2020\/07\/tpt-logo-6.png\",\"contentUrl\":\"https:\/\/www.testpreptraining.com\/tutorial\/wp-content\/uploads\/2020\/07\/tpt-logo-6.png\",\"width\":583,\"height\":153,\"caption\":\"Testprep Training\"},\"image\":{\"@id\":\"https:\/\/www.testpreptraining.ai\/tutorial\/#\/schema\/logo\/image\/\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"OpsWorks Security - Testprep Training Tutorials","description":"Enhance your knowledge level by learning about the basics of OpsWorks Security for AWS Certification Exam Preparation Now!","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.testpreptraining.ai\/tutorial\/aws-devops-engineer\/opsworks-security\/","og_locale":"en_US","og_type":"article","og_title":"OpsWorks Security - Testprep Training Tutorials","og_description":"Enhance your knowledge level by learning about the basics of OpsWorks Security for AWS Certification Exam Preparation Now!","og_url":"https:\/\/www.testpreptraining.ai\/tutorial\/aws-devops-engineer\/opsworks-security\/","og_site_name":"Testprep Training Tutorials","article_modified_time":"2022-03-04T07:36:20+00:00","og_image":[{"url":"https:\/\/www.testpreptraining.com\/tutorial\/wp-content\/uploads\/2019\/08\/image-149.png"}],"twitter_card":"summary_large_image","twitter_misc":{"Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/www.testpreptraining.ai\/tutorial\/aws-devops-engineer\/opsworks-security\/","url":"https:\/\/www.testpreptraining.ai\/tutorial\/aws-devops-engineer\/opsworks-security\/","name":"OpsWorks Security - Testprep Training Tutorials","isPartOf":{"@id":"https:\/\/www.testpreptraining.ai\/tutorial\/#website"},"datePublished":"2019-08-22T09:40:15+00:00","dateModified":"2022-03-04T07:36:20+00:00","description":"Enhance your knowledge level by learning about the basics of OpsWorks Security for AWS Certification Exam Preparation Now!","breadcrumb":{"@id":"https:\/\/www.testpreptraining.ai\/tutorial\/aws-devops-engineer\/opsworks-security\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.testpreptraining.ai\/tutorial\/aws-devops-engineer\/opsworks-security\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/www.testpreptraining.ai\/tutorial\/aws-devops-engineer\/opsworks-security\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.testpreptraining.ai\/tutorial\/"},{"@type":"ListItem","position":2,"name":"AWS Certified DevOps Engineer Professional","item":"https:\/\/www.testpreptraining.ai\/tutorial\/aws-devops-engineer\/"},{"@type":"ListItem","position":3,"name":"OpsWorks Security"}]},{"@type":"WebSite","@id":"https:\/\/www.testpreptraining.ai\/tutorial\/#website","url":"https:\/\/www.testpreptraining.ai\/tutorial\/","name":"Testprep Training Tutorials","description":"","publisher":{"@id":"https:\/\/www.testpreptraining.ai\/tutorial\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.testpreptraining.ai\/tutorial\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.testpreptraining.ai\/tutorial\/#organization","name":"Testprep Training","url":"https:\/\/www.testpreptraining.ai\/tutorial\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.testpreptraining.ai\/tutorial\/#\/schema\/logo\/image\/","url":"https:\/\/www.testpreptraining.com\/tutorial\/wp-content\/uploads\/2020\/07\/tpt-logo-6.png","contentUrl":"https:\/\/www.testpreptraining.com\/tutorial\/wp-content\/uploads\/2020\/07\/tpt-logo-6.png","width":583,"height":153,"caption":"Testprep Training"},"image":{"@id":"https:\/\/www.testpreptraining.ai\/tutorial\/#\/schema\/logo\/image\/"}}]}},"_links":{"self":[{"href":"https:\/\/www.testpreptraining.ai\/tutorial\/wp-json\/wp\/v2\/pages\/2168","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.testpreptraining.ai\/tutorial\/wp-json\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/www.testpreptraining.ai\/tutorial\/wp-json\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/www.testpreptraining.ai\/tutorial\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.testpreptraining.ai\/tutorial\/wp-json\/wp\/v2\/comments?post=2168"}],"version-history":[{"count":3,"href":"https:\/\/www.testpreptraining.ai\/tutorial\/wp-json\/wp\/v2\/pages\/2168\/revisions"}],"predecessor-version":[{"id":51948,"href":"https:\/\/www.testpreptraining.ai\/tutorial\/wp-json\/wp\/v2\/pages\/2168\/revisions\/51948"}],"up":[{"embeddable":true,"href":"https:\/\/www.testpreptraining.ai\/tutorial\/wp-json\/wp\/v2\/pages\/2084"}],"wp:attachment":[{"href":"https:\/\/www.testpreptraining.ai\/tutorial\/wp-json\/wp\/v2\/media?parent=2168"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.testpreptraining.ai\/tutorial\/wp-json\/wp\/v2\/categories?post=2168"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.testpreptraining.ai\/tutorial\/wp-json\/wp\/v2\/tags?post=2168"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}