Real-Life Scenario: DevOps Engineer in an IT Company

Step 1: Launch & Connect to an EC2 Instance

Scenario:
You have just joined TechFlow Solutions as a DevOps Engineer. Your manager asks you to set up a secure Linux server on AWS to manage company files and ensure proper access control for different departments.

1. Launch an AWS EC2 Linux VM

Your company follows AWS for cloud infrastructure, and they need a secure environment to store and manage data.

You log into the AWS Management Console, navigate to EC2, and launch an Ubuntu instance.

Since the company wants to keep costs low, you select a t2.micro instance (free tier eligible).

To allow remote access, you configure the Security Group to permit SSH (port 22) only for authorized users.

You create a Key Pair (techflow-key.pem), download it, and keep it safe.

Once everything is set, you launch the instance and wait for it to be ready.

2. Connect to EC2 via SSH

Your team needs you to connect to the server and begin setup.

You obtain the public IP of the instance from the AWS Console and use SSH to connect:

ssh -i techflow-key.pem ubuntu@your-ec2-public-ip
If the key permissions are too open, you fix them with:

chmod 400 techflow-key.pem

Step 2: Create Users & Groups
_Scenario:
_Your HR and IT departments want you to create user accounts for employees and ensure each department has proper access.

• Create Groups for Each Department

The IT manager gives you a list of departments that need system access.

You create a group for each department:

sudo groupadd sysadmin
sudo groupadd legal
sudo groupadd hr
sudo groupadd sales
sudo groupadd strategy
sudo groupadd executives
sudo groupadd it_interns
sudo groupadd finance

Create Users & Assign Them to Groups

The HR team provides a list of employees. You create users for them and add them to their respective groups:

sudo useradd -m -s /bin/bash -G sysadmin andrew
sudo useradd -m -s /bin/bash -G legal julius
sudo useradd -m -s /bin/bash -G hr chizi
sudo useradd -m -s /bin/bash -G sales jeniffer
sudo useradd -m -s /bin/bash -G strategy adeola
sudo useradd -m -s /bin/bash -G executives bach
sudo useradd -m -s /bin/bash -G it_interns gozie
sudo useradd -m -s /bin/bash -G finance ogochukwu

3. Set Passwords for Users
Each employee needs a password for login. You set their passwords:

sudo passwd andrew
sudo passwd julius
sudo passwd chizi
sudo passwd jeniffer
sudo passwd adeola
sudo passwd bach
sudo passwd gozie
sudo passwd ogochukwu

Employees will be prompted to enter a secure password upon their first login.

Step 3: Create Company Directories & Set Permissions
Scenario:
The company’s data storage policy requires that each department has a separate directory where only authorized employees can access files.

• Create Department-Specific Directories

You create folders for different company data storage needs:

sudo mkdir -p /company_data/finance_budgets
sudo mkdir -p /company_data/contract_documents
sudo mkdir -p /company_data/business_projections
sudo mkdir -p /company_data/business_models
sudo mkdir -p /company_data/employee_data
sudo mkdir -p /company_data/vision_mission
sudo mkdir -p /company_data/server_config

Assign Ownership to Groups & Set Permissions

The IT policy states that only relevant departments should access their data. You set the correct permissions:

sudo chown :finance /company_data/finance_budgets
sudo chmod 770 /company_data/finance_budgets

sudo chown :legal /company_data/contract_documents
sudo chmod 770 /company_data/contract_documents

sudo chown :strategy /company_data/business_projections
sudo chmod 770 /company_data/business_projections

sudo chown :strategy /company_data/business_models
sudo chmod 770 /company_data/business_models

sudo chown :hr /company_data/employee_data
sudo chmod 770 /company_data/employee_data

sudo chown :executives /company_data/vision_mission
sudo chmod 770 /company_data/vision_mission

sudo chown :sysadmin /company_data/server_config
sudo chmod 700 /company_data/server_config

**_

Explanation:

**
**_chown :groupname directory_path** → Assigns ownership to a specific department.

chmod(change modification) 770 → Full access to the department, no access for others.

chmod 700 → Restricted access (for sysadmins only).

Step 4: Verify the Setup
Scenario:
Before reporting back to your manager, you need to ensure everything is set up correctly.

• Check User List

You confirm that all employees have been added:
cat /etc/passwd | grep -E 'andrew|julius|chizi|jeniffer|adeola|bach|gozie|ogochukwu'

• Check Group Memberships

You verify that each user belongs to the correct department:

groups andrew
groups julius
groups chizi
groups jeniffer
groups adeola
groups bach
groups gozie
groups ogochukwu

• Verify Directory Permissions

You check that department directories have the correct ownership and permissions:
ls -ld /company_data/*

All users and groups are set up, and permissions are properly configured!

Conclusion

As the DevOps Engineer, you successfully:

1. Set up a secure AWS Linux server.
2. Created users and assigned them to departments.
3. Implemented access control to protect company data.
4. Verified everything works as expected.

You have successfully created a properly structured group and folder for your IT company as a devops engineer.