1.Change Password

2.Assign MFA

3.Save QR Code

4.Creating budget alert, for this go to Billing and Cost Management under that go to Budgets, Click on Create Budget 

 

5.Select monthly cost budget template 

 

6.Give the name to the budget template and set the budgeted amount and create the template, Enter the emails in the email recipients field (techteam@mismosystmes.com, alerts@mismosystmes.com)


 




7.Now select the created budget and click on edit option, click next, and then create 3 alerts, and save the changes that have been made. Use email id:- alert@mismosystems.com, techteam@mismosystems.com

  

 

 

8.Now creating IAM alerts, open Cloud trails, select Create trail 


 


9. Give the name to the trail, select create new S3 bucket, leave all the other options as default 

 

10. Do not forget to enable the cloudwatch logs, Give the role name. Leave rest all the settings as default and create the Cloud trail.

 

11.Search for Simple Notification Service and create a topic 

 

12. Select the standard type and give the name to your topic and leave all the other options as default

 

13.Now click on subscription and create a subscription 


 


14.Search the topic name that you have created and select the type as email and give the email address, alerts@mismosystmes.com

 

15.Search the topic name that you have created and select the type as email and give the email address  techteam@mismosystmes.com

 

16.Go to CLOUDWATCH and go to log group, click on the log group that have been created, go to metric filters, and create a Metric filter 

 

17.Paste the given code in the filter pattern filed -:

{ ( ($.eventSource = "iam.amazonaws.com") && (($.eventName = "Add*") || ($.eventName = "Put*Policy") || ($.eventName = "Attach*") || ($.eventName = "Change*") || ($.eventName = "Create*") || ($.eventName = "Deactivate*") || ($.eventName = "Delete*") || ($.eventName = "Detach*") || ($.eventName = "Enable*") || ($.eventName = "Put*") || ($.eventName = "Remove*") || ($.eventName = "Set*") || ($.eventName = "Update*") || ($.eventName = "Upload*")) ) }


 


18. Give the metric filter name, set the metric value to 1, leave rest options as default.

 

19.Now go to metric filter and select the filter that you have just created and then click on “create alarm”.


 

20. Specify the metrics shown in the Screen shot select sum not average

 

 

21. Click next, Seldct in alarm, select the existing notification that you have created and select the topic name, leave rest of the options as default 

 


22. Give the alarm name in the next step and description also and create the alarm. For testing the alarm create a user and see whether any notification is coming or not in mail

 


23.Setting up Single-Sign-On

    For this go to portal.azure.com and go to Microsoft Entra ID

 



    Now go to Enterprise Application

 


    Click on Create new Application. 

 


    Select AWS as Cloud platform.

 






    Select AWS Single-Account Access


 

    Aws, cheers AWS

 


    Go to SSO, select  SAML.

 

    

    Download federation Metadata XML.

 


    Add provider in IAM using SAML

 

 

    Name-azure AD

    Create role to access the provider, SAML , select the provider, allow console access 


     Permissions-administrator


 

    Another role with all the same steps except the permission, ReadOnlyAccess.


 



    crate policy, service IAM, service list role.

 


    create user, AureAD, policy list role.

 


    creates access key


    Go to azure, Provisioning, select automatic, enter the credentials, and test connection


    add users (Amandeep sir , Porvinder sir and Vineet sir) and Assign Administrative Role


    And group SSO-ReadOnly assign ReadOnly Role.