Welcome to our AWS Certified Solutions Architect Professional tutorial series where we guide you through the intricacies of AWS cloud computing. In this tutorial, we will walk you through a comprehensive hands-on lab, covering essential tasks like downloading AWS CloudFormation templates, creating key pairs, setting up AWS Service Catalog portfolios and products, applying constraints, and managing permissions. We’d like to express our gratitude to the official AWS documentation, which has been instrumental in producing this educational content. While we strive to keep the resources we use eligible for the free tier, please remember that it’s your responsibility to minimize any potential charges by deleting chargeable resources after each session.
Setting the Stage
Our hands-on lab journey begins with the goal of creating a cloud development environment based on an AWS CloudFormation template. This environment, named the “Linux Desktop,” serves as a cloud development workspace running on Amazon Linux. Our tasks will include adding this product to a portfolio, applying constraints to limit instance sizes, and setting up permissions for AWS Service Catalog end users. Finally, we will test the end user experience and ensure that all resources are properly cleaned up.
Prerequisites
Before diving into the lab, it’s important to note that this tutorial assumes you have a basic understanding of AWS Service Catalog concepts and have set up a free-tier-eligible AWS account with a user having sufficient permissions. If you haven’t set up an admin user yet, please check out our video on “Creating an Admin User” to get started.
Hands-On Lab Walkthrough
Now, let’s embark on our hands-on lab adventure:
Step 1: Creating a Key Pair
- Open the Amazon EC2 console.
- Under “Network and Security” in the navigation pane, choose “Key Pairs.”
- Create a new key pair (e.g., “NorthVirginiaKeyPair”) and save the private key file.
Step 2: Creating a Portfolio
- Open the AWS Service Catalog console.
- Under “Portfolios,” create a portfolio (e.g., “Engineering Tools”).
Step 3: Creating a Product
- In the AWS Service Catalog console, navigate to “Products.”
- Upload a new product, specifying the product details and an Amazon S3 template URL.
- Provide version details (e.g., “v1.0”) and create the product.
Step 4: Adding the Product to the Portfolio
- Select the product you created.
- Add this product to the “Engineering Tools” portfolio.
Step 5: Applying Template Constraints
- Within the portfolio details, select “Engineering Tools.”
- Under the “Constraints” tab, create a template constraint to limit instance sizes (e.g., for small instances).
Step 6: Creating a Launch Constraint
- To add a launch constraint, create a policy and a role in the IAM console.
- Associate the IAM role as a launch constraint for the product.
Step 7: Granting Permissions
- Create an IAM group for end users and assign permissions to the AWS Service Catalog.
- Add a user to the group with AWS Management Console access.
Step 8: Testing the End User Experience
- Sign out and sign in as an end user.
- Launch the “Linux Desktop” product, specifying parameters and key pair.
- Verify that the product is launched successfully.
Step 9: Cleaning Up
- Terminate the provisioned product.
- Remove the product from the portfolio.
- Delete constraints, end user group roles, and the portfolio.
- Finally, delete the product itself.
Conclusion
Congratulations! You’ve successfully completed this hands-on lab, which introduced you to essential AWS Service Catalog tasks and best practices. We hope this comprehensive guide has equipped you with the skills needed to set up and manage resources within AWS Service Catalog