As the name suggests, AWS CodeBuild is a build service in the cloud. It is fully managed so there is no need to provision, manage, and scale your own build servers. It compiles your source code, runs unit tests, and produces artifacts that are ready to deploy.
You can use the AWS CodeBuild or AWS CodePipeline console to run CodeBuild. You can also automate the running of CodeBuild by using the AWS Command Line Interface (AWS CLI) or the AWS SDKs. In this blog, we will use the AWS CodeBuild console.
In this blog, we will discuss Service Control policies and Session policies as well as the overall IAM Policy evaluation logic. We will also try to decipher the surprisingly easy JSON policy document structure (yes, it does look a bit intimidating initially). To understand the basic concepts and working of AWS IAM, read part 1 of my AWS IAM series of blogs. Read part 2 to further understand authorisation in IAM.
If you manage permissions across multiple accounts, you can use IAM roles, resource-based policies, or access control lists (ACLs) for cross-account permissions. …
Now that we understand the basic concepts and working of AWS IAM (Part 1 of this series), let us understand policies and permissions in IAM, a vital part of access management or authorisation.
For access management in AWS, we create policies and attach them to IAM identities (users/ groups/ roles) or AWS resources. When you associate or attach a policy to an identity or resource, it defines their permissions. Permissions in the policies determine whether the request made by the IAM principal (user or role) is allowed or denied.
Most policies are stored in AWS as JSON documents.
AWS IAM helps you securely control access to AWS resources, it helps in controlling authentication (signing into the AWS account, which is the Identity part of IAM) and authorisation (giving permissions to use resources, which is the access management part of IAM).
With IAM, you can grant other people permission to use resources in your AWS account without having to share your password or access key. You can grant different permissions to different people for different resources.
For example, you might allow some users complete access to Amazon EC2, Amazon S3, etc. For some other users, you might allow read-only…
If you are new to Docker, I would recommend you to read my Understanding Docker blog first.
Dockerfile: A text file that contains all commands needed to build a docker image. The commands are run in the same order as they appear in the Dockerfile. Think of Dockerfile commands as a step-by-step recipe on how to build your docker image.
You ‘build’ the Dockerfile to get an image and you ‘run’ the image to get a container.