Kubernetes is a powerful tool. It can help you manage complex applications and provide you with the ability to easily automate tasks involved in managing them. In this course, we will start exploring Kubernetes from a beginner's standpoint. We will discuss what Kubernetes is and what it does, and we will work with some of the basic functionality of Kubernetes hands-on. We will build a simple Kubernetes cluster. We will also deploy a sample microservice application to the cluster in order to explore how Kubernetes can help easily manage such applications.

A Practical Guide to Kubernetes

In this lesson, we'll create a few Identity and Access Management (IAM) resources. Even though we could create a cluster with the user you used to register to AWS, it is a good practice to create a separate account that contains only the privileges we'll need for the exercises that follow.

## Creating the IAM Group
First, we'll create an IAM group called `kops`.

aws iam create-group \
    --group-name kops

We don't care much for any of the information from the output except that it does not contain an error message thus confirming that the group was created successfully.

Next, we'll assign a few policies to the group thus providing the future users of the group with sufficient permissions to create the objects we'll need.

Since our cluster will consist of [EC2](https://aws.amazon.com/ec2) instances, the group will need to have the permissions to create and manage them. We'll need a place to store the state of the cluster so we'll need access to [S3](https://aws.amazon.com/s3). Furthermore, we need to add [VPCs](https://aws.amazon.com/vpc/) to the mix so that our cluster is isolated from prying eyes. Finally, we'll need to be able to create additional IAMs.

In AWS, user permissions are granted by creating policies. We'll need `AmazonEC2FullAccess`, `AmazonS3FullAccess`, `AmazonVPCFullAccess`, and `IAMFullAccess`.

The commands that attach the required policies to the `kops` group are as follows.

In this lesson, we'll create a few Identity and Access Management (IAM) resources. Even though we could create a cluster with the user you used to register to AWS, it is a good practice to create a separate account that contains only the privileges we'll need for the exercises that follow.

# Creating the IAM Group
First, we'll create an IAM group called `kops`.

In this lesson, we will create an Identity and Access Management group and a user.

Preparing for the Cluster Setup: IAM Group and User

Creating the IAM Group