Changing Root Access Key to IAM Users on AWS

I got an old AWS instance created way back 2009 when I was still learning and only way to access AWS resources through the API was through an access id and security access key. Unfortunately during that time there were no IAM yet. Fast forward a year or so this is highly insecure as those access keys have root access. Best practice is to use IAM and create a user which you add to a Group assigned with the specific policy permissions.

We got a notice from AWS that we need to either rotate or delete our access keys. But better way to do it is create a new user instead.
1. First go to AWS console then IAM, on your dashboard you would see something like this if you have an access key generated from the root.
Delete Root Access Key2. Click accordion tab to expand and click on Manage Security Credentials

3. Expand Access Keys (Access Key ID and Secret Access Key) and check any access keys and where you likely used them. In my case I use them for Amazon SES via PHP SimpleEmailService class.

4. Delete the access keys.

5. Go to on Groups, click Create a Group then Give a name, Attach Policy – AdministratorAccess and AmazonSESFullAcces, then save.

 

Groups

6. Go to User, click on Create User and download the new access key and access secret key.

7. Assign the user to the group.

That should be it.

Now update any of your files that you use the previous root key.

 

 

How to run on WordPress on a LEMP stack on Amazon EC2

At last, finally found time to move my blog on LEMP(Linux, Nginx, MySQL and PHP-FPM) stack and it just one of the many goals I have set for starting overhauling this blog and over the coming days I’ll be optimizing it further and come up with a fresh new design. I’ve been running this blog on Amazon EC2 LAMP stack on t1.micro instance. With micro instances you have limited processing power and memory. Running apache is kinda like an overkill, MySQL most often times crashes due to running out of memory and this layout design is outdated and not responsive. I’ve been focused too much on Salesforce development that I’ve completely snobbed this blog and first love which is designing, web development.

Here a short 3 part tutorial for setting up EC2, LEMP and WordPress

    Part 1 Setup EC2 instance

  • Sign up for AWS account
  • Create a new instance
  • Select Linux distro either Ubuntu 14.04 or higher (HVM preferred)
  • Select t2.micro instance and run through the wizard
  • Edit the security group and make sure you add SSH and HTTP rules
  • Then launch and download your key
  • Once launched get the public IP
  • On Mac SSH using pem key to the IP
    eg. sudo ssh -i my.pem ubuntu@1.1.1.1
  • Part 2 Setup Nginx,MySQL and PHP-FPM

  • Once connect make sure you update your distro local package (sudo apt-get update)
  • Next install nginx
    sudo apt-get install nginx
  • Install MySQL Server
    sudo apt-get install mysql-server
  • Setup MySQL structure
    sudo mysql_install_db
  • Run secure MySQL script and follow the prompts
    sudo mysql_secure_installation
  • Install PHP
    sudo apt-get install php5-fpm php5-mysql
  • Install PHP
    sudo apt-get install php5-fpm php5-mysql
  • Secure PHP
    sudo vi /etc/php5/fpm/php.ini
    Uncomment and set to cgi.fix_pathinfo=0
  • Restart PHP
    sudo service php5-fpm restart
  • Edit nginx configuration to read PHP
    sudo vi /etc/nginx/sites-available/default
  • Add index.php to be parsed
    index index.php index.html index.htm;
  • Restart nginx
    sudo service nginx restart
  • Setup server permissions
    sudo chown -R demo:www-data /var/www/html/*
    sudo chown -R www-data /var/www/wordpress
  • Sweet! Finally you can install your wordpress.