The service catalog is ready. Let’s test it. When you created the users databaseuser and applicationuser, it provides a console sign-in URL https://<AWS-ACCOUNT_NUMBER>.signin.aws.amazon.com/console to login using these usernames and the password.
-
Login to AWS using the URL for the user databaseuser. The username is databaseuser and the password is the password you entered at the time of creating the user account.
-
First you try to create any AWS resource from the AWS console. It will not work because the user account does not have permission for it. The user can configure the resources only using the service catalog.
-
Go to the AWS Service Control Management Console, you will see the enduser view of the catalog where the products assigned to databaseuser are listed.
-
Use the dot menu for the Product-DynamicDB and click on the Launch product option to start creation of the product.
-
On the next screen, enter awsdojo-dynamodb as the Name and then click on NEXT.
-
On the next screen, enter awsdojotable for the parameter NoSQLTableName and then click on the NEXT. The table is created with this name.
-
Click NEXT on the next screen.
-
Click NEXT again on the next screen.
-
Finally click LAUNCH on the Launch - Product-DynamoDB screen. It will start creation of the product. The earlier status will be Under change. If you refresh the page after sometime, it will change to Available.
-
The product is created. If you go to DynamoDB AWS Console, you can see the DynamoDB table created by the service catalog.
-
Similarly, you can login as applicationuser and can see only the products assigned to the user in the service catalog. You can also test launch of a product assigned. You can also verify that the user is not able to create resources from the AWS console.
-
Congratulations, it finishes the workshop. You learnt how to configure AWS Service Catalog to manage standardized provisioning of the resources in AWS. Please go the next task to clean the AWS account.