41 C
Dubai
Sunday, April 27, 2025
Home Blog Page 12

Build Amazon EC2 Instance with Key Pair

Satheshwaran Manoharan
-
0
Build Amazon EC2 Instance with Key Pair

A Step-by-Step Guide to Creating an Amazon EC2 Instance with Key Pair

Amazon Elastic Compute Cloud (EC2) is a powerful cloud computing service that allows you to create and manage virtual servers, known as instances, on the Amazon Web Services (AWS) platform. One important aspect of securing your EC2 instances is by using key pairs, which provide secure access to your instances. In this blog post, we will walk you through the process of creating an EC2 instance with a key pair, ensuring a robust security setup for your cloud infrastructure.

Step 1: Log in to the AWS Management Console
To get started, log in to the AWS Management Console using your AWS account credentials. If you don’t have an account, you can sign up for one on the AWS website.

Step 2: Navigate to the EC2 Dashboard
Once you’re logged in, navigate to the EC2 Dashboard. You can find the EC2 service by searching for it in the AWS Management Console’s search bar.

Step 3: Launch an Instance
On the EC2 Dashboard, click on the “Launch Instance” button to start the instance creation process. This will launch the EC2 instance wizard, which will guide you through the configuration steps.

Step 4: Choose an Amazon Machine Image (AMI)
Select the AMI that best suits your requirements. An AMI is a pre-configured template that contains the operating system and other software for your instance.

Step 7: Add Storage
Specify the storage requirements for your instance. You can choose between Amazon Elastic Block Store (EBS) volumes and instance store volumes based on your needs.

Step 8: Configure Security Groups
Security groups act as virtual firewalls for your instances, controlling inbound and outbound traffic. Configure the security groups to allow access to the necessary ports and protocols.

Step 9: Review and Launch
Review all the instance details you have configured so far. Once you are satisfied, click on the “Launch” button to proceed.

Step 10: Create a Key Pair
In the “Launch Instance” wizard, you will be prompted to create a new key pair or choose an existing one. Select the “Create a new key pair” option and provide a name for your key pair.

Choose .ppk – if you are planning to use putty to connect.

.

Step 11: Download the Key Pair
After creating the key pair, AWS will generate a private key file and allow you to download it. Make sure to store this file in a secure location, as it will be needed to access your instance.

.

Leaving everything default for testing

.
.

Instances is running

.

Download Putty

.

Load the pem file

Accept

Load PEM – By choosing all files

.

Save Private Key

.
.
.

.

Step 12: Launch the Instance
Once you have downloaded the key pair, click on the “Launch Instances” button to start the EC2 instance. AWS will now provision your instance using the selected configuration options.

Conclusion:
Creating an Amazon EC2 instance with a key pair is an essential step towards securing your cloud infrastructure. By following the step-by-step guide outlined in this blog post, you can confidently launch EC2 instances while ensuring that only authorized users have access. Key pairs provide a secure method of authentication and play a crucial role in safeguarding your valuable data and resources in the AWS cloud environment. Start using key pairs today and enhance the security posture of your EC2 instances on Amazon Web Services.

Your instance was not created – Defender for Identity.

Satheshwaran Manoharan
-
2
Your instance was not created – Defender for Identity.

Delete Old ATP Groups if the instance is not getting created. The defender for the Identity instance is not getting created with this error. Something Went Wrong, Your instance was not created because a security group with the same name already exists in the azure active directory. Delete the existing security groups and try again.

Removed those groups

Additional Authentication is required to complete this Signin in M365 Azure AD

Satheshwaran Manoharan
-
0
Additional Authentication is required to complete this Signin in M365 Azure AD

Keep your account secure – Your Organization requires you to set up the following methods of proving who you are :

Additional Authentication is required to complete this Sign-in

In an Authentication Methods Policy, the term “exclude” refers to the ability to restrict or prevent users from registering specific authentication methods. This exclusion does not apply to multi-factor authentication (MFA) itself. Instead, it is focused on allowing users to choose which particular methods they do not wish to register or use.

The Authentication Methods Policy does not exclude users from MFA entirely. It simply allows users to exclude certain specific methods from their authentication choices. For example, if users do not wish to register their mobile phone number for MFA, they can exclude that method. However, they would still be required to use other registered methods when MFA is enforced.

It’s important to note that the exclusion of access methods, such as determining which authentication methods are available in specific scenarios, is typically handled through Conditional Access policies. These policies allow administrators to define specific conditions, such as user location or device type, to determine the appropriate authentication methods.

The Authentication Methods Policy primarily focuses on giving users control over their authentication options and allowing them to exclude specific methods they do not wish to use. At the same time, Conditional Access policies govern the overall access and authentication requirements based on various conditions.

Spring Boot Profiles using Application.yaml in Visual Studio Code

Satheshwaran Manoharan
-
0
Spring Boot Profiles using Application.yaml in Visual Studio Code

.


.

if you want to change the spring boot profile in run time from azure-pipelines.yaml

trigger:
  branches:
    include:
      - main
      - develop

pool:
  vmImage: 'Ubuntu-latest'

steps:
  - task: Maven@3
    inputs:
      mavenPomFile: 'pom.xml'
      mavenOptions: '-Xmx3072m'
      javaHomeOption: 'JDKVersion'
      jdkVersionOption: '17'
      jdkArchitectureOption: 'x64'
      publishJUnitResults: false
      testResultsFiles: '**/surefire-reports/TEST-*.xml'
      goals: '-Dspring.profiles.active=local package'
  - task: CopyFiles@2
    displayName: 'Copy Files to artifact staging directory'
    inputs:
      SourceFolder: '$(System.DefaultWorkingDirectory)'
      Contents: '**/target/*.?(war|jar)'
      TargetFolder: $(Build.ArtifactStagingDirectory)
  - task: PublishBuildArtifacts@1
    inputs:
      pathToPublish: $(Build.ArtifactStagingDirectory)
      artifactName: SampleSpringBootBuild

If you wish to startup App service on a specific spring boot profile

.

Replace with your Artifact jar file name

java -jar /home/site/wwwroot/portal-0.0.1-SNAPSHOT.jar --spring.profiles.active=local

Startup Command to be set if you are using release pipelines.

This blog post will explore how to use Spring Boot profiles with an application.yaml file in Visual Studio Code. Spring Boot provides a convenient way to manage application configurations for different environments using profiles. By leveraging profiles, developers can easily switch between different sets of configuration properties based on the current environment, such as development, testing, or production.

To start, we need to create an application.yaml file in our Spring Boot project. This file will contain the configuration properties for our application. In this example, we have defined a server configuration with the port set to 8081 and a servlet context path set to “/portal/”. Additionally, we have specified that the active profile is “dev” using the spring.profiles.active property.

To make use of the application.yaml file, we must ensure that our project is set up with the necessary dependencies. In Visual Studio Code, we can easily manage our project dependencies using the built-in Maven or Gradle support. To enable web application development, we should include the required Spring Boot starter dependencies, such as spring-boot-starter-web.

Next, we can create a Spring Boot application class that will serve as the entry point for our application. This class should be annotated with @SpringBootApplication, which will enable auto-configuration and component scanning. With this setup, our application will automatically detect the application.yaml file and load the configuration properties defined within it.

We can run the application in Visual Studio Code to test our configuration. By default, Spring Boot will use the “dev” profile since it was specified as the active profile in the application.yaml file. However, we can easily switch profiles by modifying the spring.profiles.active property in the application.yaml file or by passing the –spring.profiles.active command-line argument when running the application.

Using profiles with the application.yaml file provides a flexible and convenient way to manage configurations for different environments in a Spring Boot application. With Visual Studio Code’s support for Maven or Gradle, developers can easily set up and manage dependencies, making it a suitable choice for developing Spring Boot applications.

Create Local Admin Account Using Intune

Dinesh D P
-
3
Create Local Admin Account Using Intune

Create a Device Configuration Profile

Navigate to > endpoint.microsoft.com

Create new custom policy

Add OMA-URI Settings (Create User)

Create New User Using OMA-URI Settings

OMA-URI

 ./Device/Vendor/MSFT/Accounts/Users/localadmin/Password

Add another OMU-URI (Add user to Admin Group)

Add localadmin User to Administrator Group

OMA-URI

./Device/Vendor/MSFT/Accounts/Users/localadmin/LocalUserGroup

Select a Device Group

User Created & Added to Administrator Group

Send Emails using Microsoft Graph and Shared Mailboxes

Satheshwaran Manoharan
-
1
Send Emails using Microsoft Graph and Shared Mailboxes

Send Email from an Application using Microsoft Graph and Microsoft 365 shared mailbox without an logged in user.

Log into Exchange Admin center and create a shared mailbox.

.

Create an Enterprise Application

.
.
.

Choose Microsoft Graph

.

Choose Application

.

Add Mail.Send Permission

.

Grant Admin Consent

.

Grant Admin Consent Confirmation

.

Grant is successful

.

Create a Secret

.

Copy the secret and keep in a notepad

Collect your Client ID – Application (Client) ID

There are two steps – Take Token – then use the token to send email.

.

Use Postman to get Token.

grant_typeclient_credentials
client_id538cfed0-656d-4195-ae15-700467d946dc
client_secretCns8Q~M3WdNSgesDxrfb0i4_rBd0iCPrJg_kodjY
scopehttps://graph.microsoft.com/.default

Download Postman 64 Bit and install on Windows or Mac

.

Copy the Access Token – Take it without double quotes

.

Now lets POST on graph url to send some test emails. Put this as Headers

AuthorizationBearer REPLACE-WITH-TOKEN-VALUE-WITHOUT-QUOTES
Content-Typeapplication/json
.

{
    "message": {
        "subject": "Sending from Graph",
        "body": {
            "contentType": "Text",
            "content": "Sending from Graph using PostMan"
        },
        "toRecipients": [
            {
                "emailAddress": {
                    "address": "sathesh@azure365prox.com"
                }
            }
        ],
        "ccRecipients": [
            {
                "emailAddress": {
                    "address": "info@azure365pro.com"
                }
            }
        ]
    },
    "saveToSentItems": "false"
}
.
.

Email is generated

.

If the scope of permission is wide. In Enterprise scenario you can harden it using New-ApplicationAccessPolicy which i have explained in this article to reach attachments using Graph. Access Specific Office 365 Mailbox using Microsoft Graph – Azure365Pro.com

1...111213...113Page 12 of 113

EDITOR PICKS

POPULAR POSTS

POPULAR CATEGORY

ABOUT ME

Satheshwaran Manoharan - Microsoft MVP - Award-winning Technology Leader with a wealth of experience running large teams and diversified industry exposure in cloud computing. From shipping lines to rolling stocks.In-depth expertise in driving cloud adoption strategies and modernizing systems to cloud native. Specialized in Microsoft Cloud, DevOps, and Microsoft 365 Stack and conducted numerous successful projects worldwide. Also, Acting as a Technical Advisor for various start-ups.

Contact : Info@Azure365Pro.com

FOLLOW US

© Azure365Pro.com

× How can I help you?