AMAZON WEB SERVICES GUIDE
Summary by Damian Ndunda © 2020
TABLE OF CONTENTS
CHAPTER – AWS INTRODUCTION.. 20
1 AWS DATA CENTER LOCATIONS. 21
2 WHAT IS “CLOUD COMPUTING”?. 21
3 AMAZON AND CLOUD COMPUTING.. 23
4 CLOUD SERVICE LAYERS DIAGRAM... 24
5 CLOUD SERVICE MODEL COMPARISON DIAGRAM... 25
6 HOW YOU CAN BENEFIT FROM USING AWS. 26
7 THE DIFFERENCES THAT DISTINGUISH AWS. 26
AWS GLOBAL INFRASTRUCTURE PICTURE. 32
AWS COMPUTING PLATFORM DIAGRAM... 33
CHAPTER - AMAZON WEB SERVICES CLOUD PLATFORM... 35
Amazon Elastic Compute Cloud (Amazon EC2) 35
Amazon Virtual Private Cloud (Amazon VPC) 37
2 STORAGE & CONTENT DELIVERY NETWORK. 38
Amazon Simple Storage Service (Amazon S3) 38
Amazon Elastic Block Storage (EBS) 39
Amazon Relational Database Service (Amazon RDS) 40
Amazon Elastic MapReduce (Amazon EMR) 42
Amazon Simple Queue Service (Amazon SQS) 44
Amazon Simple Notification Service (Amazon SNS) 44
Amazon Simple Workflow Service (Amazon SWF) 44
Amazon Simple Email Service (Amazon SES) 45
6 DEPLOYMENT AND MANAGEMENT. 47
AWS Identity and Access Management (IAM) 47
Manage IAM users and their access –. 47
Manage federated users and their permissions –. 48
CHAPTER - AMAZON VIRTUAL PRIVATE CLOUD (AMAZON VPC) 51
2 AMAZON VIRTUAL PRIVATE CLOUD (AMAZON VPC) 51
6 DYNAMIC HOST CONFIGURATION PROTOCOL (DHCP) OPTION SETS. 54
7 ELASTIC IP ADDRESSES (EIPS) 54
8 ELASTIC NETWORK INTERFACES (ENIS) 55
TABLE 4.4 Security Group Rules for a Web Server. 58
12 NETWORK ACCESS CONTROL LISTS (ACLS) 59
TABLE 4.5 Comparison of Security Groups and Network ACLs. 59
13 NETWORK ADDRESS TRANSLATION (NAT) INSTANCES AND NAT GATEWAYS. 60
16 VIRTUAL PRIVATE GATEWAYS (VPGS), CUSTOMER GATEWAYS (CGWS), AND VIRTUAL PRIVATE NETWORKS (VPNS) 61
FIGURE 4.4 VPC with VPN connection to a customer network. 62
Create Two Subnets for Your Custom Amazon VPC. 67
Connect Your Custom Amazon VPC to the Internet and Establish Routing. 67
Launch an Amazon EC2 Instance and Test the Connection to the Internet 68
CHAPTER - IMAGES AND INSTANCES. 69
Backup and disaster recovery: 69
Marketing and advertisements: 69
High Performance Computing (HPC): 69
• Instance store-backed AMI: 71
EC2 INSTANCE PRICING OPTIONS. 74
STAGE 2 – CHOOSE AN INSTANCE TYPE. 77
STAGE 3 – CONFIGURE INSTANCE DETAILS. 78
• Enable termination protection: 80
STAGE 6 – CONFIGURE SECURITY GROUPS. 81
STAGE 7 – REVIEW INSTANCE LAUNCH.. 82
CONNECTING TO YOUR INSTANCE. 84
CONFIGURING YOUR INSTANCES. 92
LAUNCHING INSTANCES USING THE AWS CLI 95
STAGE 1 – CREATE A KEY PAIR. 95
STAGE 2 – CREATE A SECURITY GROUP. 95
STAGE 3 – ADD RULES TO YOUR SECURITY GROUP. 96
STAGE 4 – LAUNCH THE INSTANCE. 97
4 PLANNING YOUR NEXT STEPS. 99
5 RECOMMENDATIONS AND BEST PRACTICES. 100
CHAPTER - BUILDING YOUR OWN PRIVATE CLOUDS USING AMAZON VPC. 101
1 VPC CONCEPTS AND TERMINOLOGIES. 102
Security groups and network ACLs. 103
VPC with a single public subnet 109
VPC with public and private subnets (NAT) 109
VPC with public and private subnets and hardware VPN access. 110
VPC with a private subnet only and hardware VPN access. 110
GETTING STARTED WITH THE VPC WIZARD.. 110
FILL IN THE FOLLOWING DETAILS AS REQUIRED: 113
• Private subnet, Availability zone, Private subnet name: 114
Working with route tables. 119
Listing Internet Gateways. 120
Working with security groups and Network ACLs. 121
LAUNCHING INSTANCES IN YOUR VPC. 125
CREATING THE DATABASE SERVERS. 127
4 BEST PRACTICES AND RECOMMENDATIONS. 131
CHAPTER - MONITORING YOUR AWS INFRASTRUCTURE. 132
1 AN OVERVIEW OF AMAZON CLOUDWATCH.. 132
CONCEPTS AND TERMINOLOGIES. 132
CLOUDWATCH LIMITS AND COSTS. 136
2 GETTING STARTED WITH CLOUDWATCH.. 137
MONITORING YOUR ACCOUNT'S ESTIMATE CHARGES USING CLOUDWATCH.. 137
MONITORING YOUR INSTANCE'S CPU UTILIZATION USING CLOUDWATCH.. 142
MONITORING YOUR INSTANCE'S MEMORY AND DISK UTILIZATION USING CLOUDWATCH SCRIPTS. 148
CREATING CLOUDWATCH ACCESS ROLES. 148
INSTALLING THE CLOUDWATCH MONITORING SCRIPTS. 149
• mon-put-instance-data.pl: 150
• mon-get-instance-stats.pl: 150
VIEWING THE CUSTOM METRICS FROM CLOUDWATCH.. 152
MONITORING LOGS USING CLOUDWATCH LOGS. 153
CLOUDWATCH LOG CONCEPTS AND TERMINOLOGIES. 153
GETTING STARTED WITH CLOUDWATCH LOGS. 154
Here's a quick look at the awslogs.conf file’s parameters: 156
CREATING METRIC FILTERS AND ALARMS. 157
3 PLANNING YOUR NEXT STEPS. 160
4 RECOMMENDATIONS AND BEST PRACTICES. 160
CHAPTER - WORKING WITH SIMPLE STORAGE SERVICE. 161
• Reduced Redundancy Storage (RRS): 162
2 GETTING STARTED WITH S3. 162
UPLOADING YOUR FIRST OBJECT TO A BUCKET. 164
ACCESSING BUCKETS AND OBJECTS USING S3CMD.. 166
MANAGING AN OBJECT'S AND BUCKET'S PERMISSIONS. 169
• Resource-based policies: 169
USING BUCKETS TO HOST YOUR WEBSITES. 173
S3 EVENTS AND NOTIFICATION.. 175
THE PARAMETERS ARE AS FOLLOWS: 175
BUCKET VERSIONING AND LIFECYCLE MANAGEMENT. 177
CROSS-REGION REPLICATION.. 180
3 PLANNING YOUR NEXT STEPS. 182
4 RECOMMENDATIONS AND BEST PRACTICES. 183
CHAPTER - DATABASE-AS-A-SERVICE USING AMAZON RDS. 184
1 AN OVERVIEW OF AMAZON RDS. 184
• Micro instances (db.t1.micro): 185
• Standard instances (db.m3): 186
• Memory optimized (db.r3): 186
Here's a quick look at the different storage types provided with your RDS instances: 186
MULTI-AZ DEPLOYMENTS AND READ REPLICAS. 187
2 WORKING WITH AMAZON RDS. 189
GETTING STARTED WITH MYSQL ON AMAZON RDS. 190
CREATING A MYSQL DB INSTANCE. 191
Step 3: Specify DB Details. 192
Step 4: Configure Advanced Settings. 194
Some of the states that a DB instance goes through during its lifecycle: 199
CONNECTING REMOTELY TO YOUR DB INSTANCE. 199
MODIFYING YOUR DB INSTANCES. 202
CREATING READ REPLICAS AND PROMOTING THEM... 205
LOGGING AND MONITORING YOUR DB INSTANCE. 208
CLEANING UP YOUR DB INSTANCES. 210
3 PLANNING YOUR NEXT STEPS. 211
4 RECOMMENDATIONS AND BEST PRACTICES. 211
CHAPTER - EXTENDED AWS SERVICES FOR YOUR APPLICATIONS. 212
1 INTRODUCING AMAZON ROUTE53. 212
• CNAME records: A Canonical Name (CNAME) 215
GETTING STARTED WITH TRAFFIC FLOW... 218
• CloudFront distribution: 218
CONFIGURING HEALTH CHECKS. 219
2 CONTENT DELIVERY USING AMAZON CLOUDFRONT. 222
GETTING STARTED WITH DISTRIBUTIONS. 223
• Grant Read Permissions on Bucket: 225
• Alternate Domain Names (CNAMES): 225
CLOUDFRONT RECOMMENDATIONS AND BEST PRACTICES. 226
ELASTIC CONTAINER SERVICE. 227
• Portability and extensibility: 228
DATABASE MIGRATION MADE EASY WITH DATABASE MIGRATION SERVICE. 230
GO SERVERLESS WITH AWS LAMBDA.. 230
CHAPTER – COMMAND LINE INTERFACE. 231
1 GETTING STARTED WITH AWS CLI 231
2 MANAGING ACCESS AND SECURITY USING THE AWS CLI 233
GETTING HELP WITH THE AWS CLI 238
AWS CLI API DOCUMENTATION.. 244
COMMAND STRUCTURE IN THE AWS CLI 245
SPECIFYING PARAMETER VALUES FOR THE AWS CLI 246
USING JSON FOR PARAMETERS. 250
USING QUOTATION MARKS WITH STRINGS. 253
LOADING PARAMETERS FROM A FILE. 254
GENERATE THE CLI SKELETON AND INPUT PARAMETERS FROM A JSON INPUT FILE. 258
CONTROLLING COMMAND OUTPUT FROM THE AWS CLI 265
HOW TO SELECT THE OUTPUT FORMAT. 265
HOW TO FILTER THE OUTPUT WITH THE --QUERY OPTION.. 269
USING SHORTHAND SYNTAX WITH THE AWS COMMAND LINE INTERFACE. 277
USING AWS CLI PAGINATION OPTIONS. 280
UNDERSTANDING RETURN CODES FROM THE AWS CLI 281
4 USING THE AWS CLI TO WORK WITH AWS SERVICES. 284
USING AMAZON DYNAMODB WITH THE AWS CLI 284
USING AMAZON EC2 WITH THE AWS CLI 288
CREATE, DISPLAY, AND DELETE AMAZON EC2 KEY PAIRS. 288
CREATE, CONFIGURE, AND DELETE SECURITY GROUPS FOR AMAZON EC2. 290
CREATING A SECURITY GROUP. 291
ADDING RULES TO YOUR SECURITY GROUP. 293
DELETING YOUR SECURITY GROUP. 297
LAUNCH, LIST, AND TERMINATE AMAZON EC2 INSTANCES. 297
ADDING A BLOCK DEVICE TO YOUR INSTANCE. 303
ADDING A TAG TO YOUR INSTANCE. 303
USING AMAZON S3 GLACIER WITH THE AWS CLI 305
CREATING AN AMAZON S3 GLACIER VAULT. 305
PREPARING A FILE FOR UPLOADING.. 306
INITIATING A MULTIPART UPLOAD AND UPLOAD FILES. 307
USING AWS IDENTITY AND ACCESS MANAGEMENT FROM THE AWS CLI 313
CREATING IAM USERS AND GROUPS. 313
ATTACH AN IAM MANAGED POLICY TO AN IAM USER. 315
SET AN INITIAL PASSWORD FOR AN IAM USER. 316
CREATE AN ACCESS KEY FOR AN IAM USER. 317
USING AMAZON S3 WITH THE AWS CLI 317
USING HIGH-LEVEL (S3) COMMANDS WITH THE AWS CLI 318
USING API-LEVEL (S3API) COMMANDS WITH THE AWS CLI 326
CONFIGURING A LOGGING POLICY. 326
USING AMAZON SNS WITH THE AWS CLI 327
USING AMAZON SWF WITH THE AWS CLI 330
LIST OF AMAZON SWF COMMANDS BY CATEGORY. 330
COMMANDS RELATED TO ACTIVITIES. 330
COMMANDS RELATED TO DECIDERS. 331
COMMANDS RELATED TO WORKFLOW EXECUTIONS. 331
COMMANDS RELATED TO ADMINISTRATION.. 331
Workflow Execution Management 332
Workflow Execution Visibility. 332
WORKING WITH AMAZON SWF DOMAINS USING THE AWS CLI 333
GET INFORMATION ABOUT A DOMAIN.. 334
5 TROUBLESHOOTING AWS CLI ERRORS. 336
MAIN CLI PROGRAM MUST HAVE 'RUN' PERMISSION.. 336
YOU MUST USE VALID CREDENTIALS. 336
YOUR IAM USER MUST BE ABLE TO RUN THE COMMAND.. 337
• AWS Key Management Service. 338
7 RECOMMENDATIONS AND BEST PRACTICES. 339
CHAPTER - TEN WAYS TO DEPLOY AWS QUICKLY. 340
1 RESEARCHING AWS INTERACTIVITY WITH THIRD-PARTY PRODUCTS. 340
2 DEVELOPING A PLAN FOR SENSITIVE DATA.. 340
3 USE TOOLS TO ENHANCE PRODUCTIVITY. 340
4 CHOOSING THE RIGHT SERVICE. 341
5 ENSURING THAT YOUR PLAN CONSIDERS LOSS OF CONTROL. 341
6 LOOKING FOR ALL-IN-ONE SOLUTIONS THAT AREN’T. 341
7 SPENDING FREE TIME WHERE YOU NEED IT MOST. 342
9 DISCOVERING IMPLIED THIRD-PARTY USE. 342
CHAPTER - TEN MUST-HAVE AWS SOFTWARE PACKAGES. 343
1 USING THE CONSOLE INTERNET TOOLS. 343
2 USING THE COMMAND LINE INTERFACE (CLI) TO INSTALL PACKAGES. 343
3 CHANGING CONFIGURATION USING COMMAND LINE EDITORS. 345
4 CHECKING SYSTEM PERFORMANCE. 345
5 WORKING AT THE SYSTEM LEVEL. 346
6 MAKING CLOUD MANAGEMENT EASIER WITH CLOUDMGR. 349
7 GOING OUTSIDE THE MARKETPLACE WITH ENSTRATIUS. 349
8 MANAGING AND SCALING YOUR APPS USING HEROKU.. 349
9 PERFORMING BROWSER-BASED MANAGEMENT USING HYBRIDFOX. 351
9 GETTING A COMPLETE MANAGEMENT PACKAGE WITH RIGHTSCALE. 351
10 EMPLOYING POLICY-BASED MANAGEMENT WITH SCALR. 351
CHAPTER - PLANNING YOUR NEXT STEPS. 352
1 RESOURCES, RECOMMENDATIONS, AND BEST PRACTICES. 353
2 AMAZON WEB SERVICES SCREEN SHOTS. 354
3 ALTERNATIVE WEB SERVICES PROVIDERS. 356
4 THE DIFFERENCE BETWEEN AWS, AZURE, GOOGLE CLOUD AND OPENSTACK TABLE. 357
5 A FEW EXAMPLE OF COMPANIES AND ORGANIZATIONS RUNNING WEB SERVICES. 358
6 CLOUD SERVICES COMPARISON TABLE. 359
FOREWORD
This booklet is intended to be a short and simple summary of Amazon Web Services. I hope it will truly assist someone who yearns to learn about AWS. For further awareness read the books I used in the reference section. I’ve tried to use the original author’s words as much as possible.
I have written many technology related summaries since I wrote my first one about MSDOS (Microsoft Disk Operating System).The days when COBOL (Computer Business Oriented Programming Language) and Fortran (Formula Translation) were the main languages to learn. These Languages are not common today but still run business softwares for Fortune 500 companies despite them being over 60 years old. The summaries never made it online because internet technology was different back then. Through that whole time there is a book that advices me to Love God and not to kill or steal or be immoral among other instructions that has remained relevant. As technology went obsolete or was updated this instructions remain true and unchanged.
In a few years new technologies come up and the old is upgraded or outdated, but if you knew the old you probably can understand the new better. Just as if you can understand Jesus in the Old Testament prophesies, then you probably understand him better in the New Testament. Otherwise one day one is called intelligent then if they fail to continue learning they fail to know about the new. Example of technology changing would be IPV4 and IPV6. LANS, VLANS, VPN, VPC. Microsoft NetBIOS/NetBEUI, TCP, NAT and AWS Route54. B, C, C++, Java programming languages. Major Certifications from Amazon, Oracle, Microsoft, Cisco, Linux, Google, Other are upgraded every four years on average. Now (today) we have Web 2.0 heading to Web 3.0 making possible not just to share easily but also to run our applications online from the cloud. Facebook (developed with PHP) is another good example of a software cloud run corporation. Others like Bitrix24, Salesforce, Zoho, Weebly, may not be common names to many.
AWS cloud
combines these technologies as Developers will run applications from the cloud,
network administrators will configure the cloud, Relational Database
Administrators will CRUD (Create, Read, Update, Delete) in the cloud, Hardware
engineers will maintain the servers, Sales managers will move products from the
cloud, Web developers will have stronger development tools that allow customer
feedback tracking and reporting, Software run from cloud curbs piracy and
introduces a new level of security encryption, CEOs get up-to-date company
information from all there international branches at their finger tips for
decision making, and many others.
CHAPTER – AWS INTRODUCTION
Amazon Web Services (AWS) is a platform of web services offering solutions for computing, storing, and networking, at different layers of abstraction provided by Amazon inc. Amazon inc is an American multinational technology company based in Seattle, Washington, that focuses on e-commerce, cloud computing, digital streaming and artificial intelligence. One can use cloud services to host web sites, run enterprise applications, and mine tremendous amounts of data. The term web service means services can be controlled via a web interface.
Virtualization has become a widely accepted way to reduce operating costs and increase the reliability of enterprise IT. In addition, grid computing makes a completely new class of analytics, data crunching, and business intelligence tasks possible that were previously cost and time prohibitive.
The data centers of AWS are distributed throughout the United States, Europe, Asia, and South America.
1 AWS DATA CENTER LOCATIONS
Bernard Golden, “Amazon Web Services (AWS) Hardware,” For Dummies, http://mng.bz/k6lT.
Witting A, Witting M, (2016) p 4
2 WHAT IS “CLOUD COMPUTING”?
Cloud computing, or the cloud, is a metaphor for supply and consumption of IT resources.
It builds on many of the advances in the IT industry over the past decade and presents significant opportunities for organizations to shorten time to market and reduce costs. With cloud computing, organizations can consume shared computing and storage resources rather than building, operating, and improving infrastructure on their own. The speed of change in markets creates significant pressure on the enterprise IT infrastructure to adapt and deliver. Cloud computing provides fresh solutions to address these changes. As defined by Gartner1, “Cloud computing is a style of computing where scalable and elastic IT enabled capabilities are delivered as a service to external customers using Internet technologies. “ Flexible, secure, and cost-effective IT infrastructure,
Gartner IT Glossary, http://www.gartner.com/it-glossary/cloud-computing.
Cloud computing is a
model for enabling ubiquitous, convenient, on-demand network
access to a shared pool of configurable computing resources (e.g., networks,
servers,
storage, applications, and services) that can be rapidly provisioned and
released with
minimal management effort or service provider interaction.
—The NIST Definition of Cloud Computing,
National Institute of Standards and Technology
Clouds are often divided into the following types:
■ Public—A cloud managed by an organization and open to use by the general public
■ Private—A cloud that virtualizes and shares the IT infrastructure within a single organization
■ Hybrid—A mixture of a public and a private cloud
Cloud computing resembles the trend of business outsourcing because it provides the benefits of leveraging the expertise of others and being cost efficient. However, cloud computing also provides flexibility, scalability, elasticity, and reliability.
3 AMAZON AND CLOUD COMPUTING
AWS has been operating since 2006, and today serves hundreds of thousands of customers worldwide.
Using
AWS, you can requisition compute power, storage, and other services in minutes
and have the flexibility to choose
the development platform or programming model that makes the most sense for the
problems they’re trying to solve.
You pay only for what you use, with no up-front expenses or long-term
commitments, making AWS a cost-effective way
to deliver applications.
AWS is a public cloud. Cloud computing services also have several classifications:
■ Infrastructure as a service (IaaS)—Offers fundamental resources like computing, storage, and networking capabilities, using virtual servers such as Amazon EC2, Google Compute Engine, and Microsoft Azure virtual machines
■ Platform as a service (PaaS)—Provides platforms to deploy custom applications to the cloud, such as AWS Elastic Beanstalk, Google App Engine, and Heroku
■ Software as a service (SaaS)—Combines infrastructure and software running in the cloud, including office applications like Amazon WorkSpaces, Google Apps for Work, and Microsoft Office 365
4 CLOUD SERVICE LAYERS DIAGRAM
Kvreddi, p14
5 CLOUD SERVICE MODEL COMPARISON DIAGRAM
Kvreddi,
p14
6 HOW YOU CAN BENEFIT FROM USING AWS
· Innovative and fast-growing platform · Services solve common problems · Enabling automation · Flexible capacity (scalability) · Built for failure (reliability)
|
· Reducing time to market · Benefiting from economies of scale · Its Worldwide · One Gets Professional partners
|
7 THE DIFFERENCES THAT DISTINGUISH AWS
The Differences that Distinguish AWS
AWS is
readily distinguished from other vendors in the traditional IT computing landscape
because it is:
Flexible. AWS enables organizations to use the programming models,
operating systems, databases, and
architectures with which they are already familiar. In addition, this
flexibility helps organizations mix and match
architectures in order to serve their diverse business needs.
Cost-effective. With AWS, organizations pay only for what they use,
without up-front or long-term commitments.
Scalable and elastic. Organizations can quickly add and subtract AWS
resources to their applications in order to meet customer demand and manage
costs.
Secure. In order to provide end-to-end security and end-to-end privacy,
AWS builds services in accordance with security best practices, provides the
appropriate security features in those services, and documents how to use those
features.
Experienced. When using AWS, organizations can leverage Amazon’s more
than fifteen years of experience delivering large-scale, global infrastructure
in a reliable, secure fashion.
Flexible
Using traditional models to deliver IT solutions often requires large investments in new architectures, programming languages, and operating systems. In contrast, the flexibility of AWS allows you to keep the programming models, languages, and operating systems that you are already using or choose others that are better suited for their project. Instead of re-writing applications, you can easily move them to the AWS cloud and tap into advanced computing capabilities. AWS run almost anything—from full web applications to batch processing to offsite data back-ups.
AWS provides you flexibility when provisioning new services. Instead of the weeks and months it takes to plan, budget, procure, set up, deploy, operate, and hire for a new project, you can simply sign up for AWS and immediately begin deployment on the cloud the equivalent of 1, 10, 100, or 1,000 servers. Many customers find the flexibility of AWS to be a great asset in improving time to market and overall organizational productivity.
Cost-Effective
Developing anddeploying an e-commerce application can be a low-cost effort, but a successful deployment can increase the need forhardware and bandwidth. Furthermore, owning and operating your own infrastructure can incur considerable costs,including power, cooling, real estate, and staff.In contrast, the cloud provides an on-demand IT infrastructure that lets you consume only the amount of resources thatyou actually need. You are not limited to a set amount of storage, bandwidth, or computing resources
You can get started through a completely self-service experience online, scale up and down as needed, and terminate your relationship with AWS at any time.
Scalable and Elastic
AWS uses the term elastic to describe the ability to scale computing resources up and down easily, with minimal friction. Elasticity helps you avoid provisioning resources up front for projects with variable consumption rates or short lifetimes. Instead of acquiring hardware, setting it up, and maintaining it in order to allocate resources to your applications, you use AWS to allocate resources using simple API calls.
Elastic Load Balancing and Auto Scaling can automatically scale your AWS cloud-based resources up to meet unexpected demand, and then scale those resources down as demand decreases. aws.amazon.com/architecture.
Secure
Ensuring
the confidentiality, integrity, and availability of your data is of the utmost
importance to AWS, as is maintaining
your trust and confidence. AWS takes the following approaches to secure the
cloud infrastructure:
Physical security. Amazon has many years of experience designing, constructing, and operating large-scale data centers. The AWS infrastructure is located in Amazon-controlled data centers throughout the world.
Secure services. Each service in the AWS cloud is architected to be secure. The services contain a number of capabilities that restrict unauthorized access or usage without sacrificing the flexibility that customers demand.
Data privacy. You can encrypt personal and business data in the AWS
cloud, and publish backup and redundancy procedures for services so that your
customers can protect their data and keep their applications running.
aws.amazon.com/security.
Experienced
The
AWS cloud provides levels of scale, security, reliability, and privacy that are
often cost-prohibitive for many
organizations to meet or exceed. AWS has built an infrastructure based on
lessons learned from over sixteen years’
experience managing the multi-billion dollar Amazon.com business.
In addition to new services, AWS constantly hones its operational expertise to ensure ongoing dependability, and we continue to incorporate both industry best practices and proprietary advances into the cloud infrastructure.
8 HOW MUCH DOES IT COST?
Use the AWS Simple Monthly Calculator (http://aws.amazon.com/calculator)
FREE TIER
Here is what’s included in the Free Tier:
· 750 hours (roughly a month) of a small virtual server running Linux or Windows. This means you can run one virtual server the whole month or you can run 750 virtual servers for one hour.
· 750 hours (or roughly a month) of a load balancer.
· Object store with 5 GB of storage.
· Small database with 20 GB of storage, including backup.
If your Free Tier ends after one year, you pay for all resources you use. You get some additional benefits, as detailed at http://aws.amazon.com/free.
BILLING
· Based on hours of usage—If you use a server for 61 minutes, that’s usually counted as 2 hours.
· Based on traffic—Traffic can be measured in gigabytes or in number of requests.
· Based on storage usage—Usage can be either provisioned capacity (for example, 50 GB volume no matter how much you use) or real usage (such as 2.3 GB used)
Pay-per-use opportunities
You no longer need to make upfront investments in infrastructure. You can start servers on demand and only pay per hour of usage; and you can stop using those servers whenever you like and no longer have to pay for them.
AWS GLOBAL INFRASTRUCTURE PICTURE
Kvreddi, p27
Kvreddi, p27
AWS COMPUTING PLATFORM DIAGRAM
TABLE OF AWS INFRASTRUCTURE Varia J., Mathew S. (2014), p10
USING AWS IDENTITY AND ACCESS MANAGEMENT FROM THE AWS CLI
To
list the AWS CLI commands for IAM, use the following command.
aws iam help
TOPICS
• Creating IAM Users and
Groups
• Attach an IAM Managed
Policy to an IAM User
• Set an Initial Password
for an IAM User
• Create an Access Key
for an IAM User
CREATING IAM USERS AND GROUPS
To create an IAM group and add a new IAM user to it
1. Use
the create-group
command to
create the group.
$ aws iam create-group --group-name MyIamGroup
2.
Use the create-user
command to
create the user.
$ aws iam create-user --user-name MyUser
{
3.
Use the add-user-to-group
command to
add the user to the group.
$ aws iam add-user-to-group --user-name MyUser --group-name MyIamGroup
4.
To verify that the MyIamGroup group contains the MyUser, use the get-group command.
$ aws iam get-group --group-name MyIamGroup
{
ATTACH AN IAM MANAGED POLICY TO AN IAM USER
To attach an IAM managed policy to an IAM user
1.
Determine the ARN of the policy to attach. The following command uses
list-policies to find the ARN of the policy with the name PowerUserAccess. It
then stores that ARN in an environment variable.
2.
To attach the policy, use the attach-user-policy command, and reference the environment variable
that holds the policy ARN.
$ aws iam attach-user-policy --user-name MyUser --policy-arn $POLICYARN
3.
Verify that the policy is attached to the user by running the list-attached-user-policies
command.
$ aws iam list-attached-user-policies --user-name MyUser
{
SET AN INITIAL PASSWORD FOR AN IAM USER
The following command uses create-login-profile to set an initial password on the specified user
$
aws iam create-login-profile --user-name MyUser --password My!User1Login8P@ssword --password-reset-required
{
Y
ou can use the update-login-profile command to change the password for
an IAM user.
$ aws iam update-login-profile --user-name MyUser --password My!User1ADifferentP@ssword
CREATE AN ACCESS KEY FOR AN IAM USER
You
can use the create-access-key
command to
create an access key for an IAM user. An access key is a set of security
credentials that consists of an access key ID and a secret key. An IAM user can
create only two access keys at one time. If you try to create a third set, the
command returns a LimitExceeded error.
$ aws iam create-access-key --user-name MyUser
{
Use
the delete-access-key
command to
delete an access key for an IAM user. Specify which access key to delete by
using the access key ID.
$ aws iam delete-access-key --user-name MyUser --access-key-id
AKIAIOSFODNN7EXAMPLE
USING AMAZON S3 WITH THE AWS CLI
The
AWS CLI provides two tiers of commands for accessing Amazon S3:
• The s3 tier consists of high-level commands that simplify performing
common tasks, such as creating, manipulating, and deleting objects and buckets.
• The s3api tier behaves identically to other AWS services by exposing
direct access to all Amazon S3 API operations. It enables you to carry out
advanced operations that might not be possible with the following tier's
high-level commands alone.
To
get a list of all of the commands available in each tier, use the help argument
with the aws s3api or aws s3 commands.
$ aws s3 help
$ aws s3api help
The AWS CLI supports copying, moving, and syncing from Amazon S3 to Amazon S3 using the server-side COPY operation provided by Amazon S3. This means that your files are kept in the cloud, and are not downloaded to the client machine, then back up to Amazon S3.
TOPICS
• Using High-Level (s3)
Commands with the AWS CLI
• Using API-Level (s3api)
Commands with the AWS CLI
USING HIGH-LEVEL (S3) COMMANDS WITH THE AWS CLI
MANAGING BUCKETS
High-level aws s3 commands support common bucket operations, such as creating, listing, and deleting buckets.
Use
the s3 mb command to create a
bucket. Bucket names must be globally unique and should be DNS
compliant. Bucket names can contain lowercase letters, numbers, hyphens, and
periods. Bucket names can start and end only with a letter or number, and
cannot contain a period next to a hyphen or another period.
$ aws s3 mb s3://bucket-name
$
aws s3 ls
2018-12-11 17:08:50 my-bucket
2018-12-14 14:55:44 my-bucket2
The
following command lists all objects and folders (referred to in S3 as 'prefixes') in a bucket.
$ aws s3 ls s3://bucket-name
The previous output shows that under the prefix path/ there exists one file named MyFile1.txt. You can filter the output to a specific prefix by including it in the command. The following command lists the objects in bucket-name/path (that is, objects in bucket-name filtered by the prefix path/).
$ aws s3 ls s3://bucket-name/path/
$ aws s3 rb s3://bucket-name
he
following example deletes all objects and subfolders in the bucket and then
removes the bucket.
$ aws s3 rb s3://bucket-name –force
Note: If you're using a versioned bucket that contains previously deleted—but retained—objects, this command does not allow you to remove the bucket. You must first remove all of the content.
MANAGING OBJECTS
The object commands include s3 cp, s3 ls, s3 mv, s3 rm, and s3 sync. .The sync command synchronizes the contents of a bucket and a directory, or two buckets.
Note: All high-level commands that involve uploading objects into an Amazon S3 bucket (s3 cp, s3 mv, and s3 sync) automatically perform a multipart upload when the object is large. Failed uploads can't be resumed when using these commands.
If
the process is interrupted by a kill command or system failure, the in-progress
multipart upload remains in Amazon S3 and must be cleaned up manually in the
AWS Management Console or with the s3api abort-multipart-upload command. The cp, mv, and
sync commands include a --grants option that you can use to grant permissions
on the object to specified users or groups. Set the --grants option to a list
of permissions using following syntax.
--grants Permission=Grantee_Type=Grantee_ID
[Permission=Grantee_Type=Grantee_ID ...]
Each value contains the following elements:
•
Permission – Specifies the granted
permissions, and can be set to read, readacl, writeacl, or full.
• Grantee_Type
–
Specifies how to identify the grantee, and can be set to uri, emailaddress, or
id.
• Grantee_ID
–
Specifies the grantee based on Grantee_Type.
• uri – The group's URI. For more information, see Who Is a Grantee?
•
emailaddress – The account's email address.
• id – The account's canonical ID.
The
following example copies an object into a bucket. It grants read permissions on
the object to everyone and full permissions (read, readacl, and writeacl) to
the account associated with [email protected].
$ aws s3 cp file.txt s3://my-bucket/ --grants read=uri=http://acs.amazonaws.com/groups/global/AllUsers
[email protected]
You
can also specify a nondefault storage class (REDUCED_REDUNDANCY or STANDARD_IA)
for objects that you upload to Amazon S3. To do this, use the --storage-class
option.
$ aws s3 cp file.txt s3://my-bucket/ --storage-class
REDUCED_REDUNDANCY
The
s3 sync command uses the following syntax. Possible source-target combinations
are:
• Local file system to Amazon S3
• Amazon S3 to local file system
• Amazon S3 to Amazon S3
$ aws s3 sync <source> <target> [--options]
The
following example synchronizes the contents of an Amazon S3 folder named path
in my-bucket with the current working directory. s3 sync updates any
files that have a different size or modified time than files with the same name
at the destination. The output displays specific operations performed during
the sync. Notice that the operation recursively synchronizes the subdirectory MySubdirectory
and its contents with s3://my-bucket/path/MySubdirectory.
$ aws s3 sync . s3://my-bucket/path
Typically, s3 sync only copies missing or outdated files or objects between the source and target. However, you can also supply the --delete option to remove files or objects from the target that are not present in the source. The following example, which extends the previous one, shows how this works.
// Delete local file
$ rm ./MyFile1.txt
// Attempt sync without --delete option - nothing happens
$ aws s3 sync . s3://my-bucket/path
// Sync with deletion - object is deleted from bucket
$ aws s3 sync . s3://my-bucket/path --delete
delete: s3://my-bucket/path/MyFile1.txt
// Delete object from bucket
$ aws s3 rm s3://my-bucket/path/MySubdirectory/MyFile3.txt
delete: s3://my-bucket/path/MySubdirectory/MyFile3.txt
// Sync with deletion - local file is deleted
$ aws s3 sync s3://my-bucket/path . –delete
delete:
MySubdirectory\MyFile3.txt
// Sync with Infrequent Access storage class
$ aws s3 sync . s3://my-bucket/path --storage-class STANDARD_IA
You
can use the --exclude and --include options to specify rules that filter the
files or objects to copy during the sync operation. By default, all items in a
specified folder are included in the sync. Therefore, --include is needed only
when you have to specify exceptions to the --exclude option (that is, --include
effectively means "don't exclude"). The options apply in the order
that's specified, as shown in the following example.
Local
directory contains 3 files:
MyFile1.txt
MyFile2.rtf
MyFile88.txt
'''
$ aws s3 sync . s3://my-bucket/path --exclude "*.txt"
upload: MyFile2.rtf to s3://my-bucket/path/MyFile2.rtf
'''
$ aws s3 sync . s3://my-bucket/path --exclude "*.txt" --include
"MyFile*.txt
The --exclude and --include options also filter files or objects to be deleted during an s3 sync operation that includes the --delete option.
Assume
local directory and s3://my-bucket/path currently in sync and each contains 3
files:
MyFile1.txt
MyFile2.rtf
MyFile88.txt
'''
// Delete local .txt files
$ rm *.txt
// Sync with delete, excluding files that match a pattern. MyFile88.txt is
deleted, while
remote MyFile1.txt is not.
$ aws s3 sync . s3://my-bucket/path --delete --exclude "my-bucket/path/MyFile?.txt"
delete: s3://my-bucket/path/MyFile88.txt
The s3 sync command also accepts an --acl option, by which you may set the access permissions for files copied to Amazon S3. The --acl option accepts private, public-read, and public-readwrite values.
$ aws s3 sync . s3://my-bucket/path --acl public-read
some
examples.
// Copy MyFile.txt in current directory to s3://my-bucket/path
$ aws s3 cp MyFile.txt s3://my-bucket/path/
// Move all .jpg files in s3://my-bucket/path to ./MyDirectory
$ aws s3 mv s3://my-bucket/path ./MyDirectory --exclude "*"
--include "*.jpg" --recursive
// List the contents of my-bucket
$ aws s3 ls s3://my-bucket
// List the contents of path in my-bucket
$ aws s3 ls s3://my-bucket/path/
// Delete s3://my-bucket/path/MyFile.txt
$ aws s3 rm s3://my-bucket/path/MyFile.txt
// Delete s3://my-bucket/path and all of its contents
$ aws s3 rm s3://my-bucket/path –recursive
When you use the --recursive option on a directory or folder with cp, mv, or rm, the command walks the directory tree, including all subdirectories. These commands also accept the --exclude, -- include, and --acl options as the sync command does.
USING API-LEVEL (S3API) COMMANDS WITH THE AWS CLI
APPLYING A CUSTOM ACL
API-level command, put-bucket-acl. The following example shows how to grant full control to two AWS users ([email protected] and [email protected]) and read permission to everyone. The identifier for "everyone" comes from a special URI that you pass as a parameter.
$ aws s3api put-bucket-acl --bucket MyBucket --grant-full-control 'emailaddress="[email protected]",emailaddress="[email protected]"' --grant-read'uri="http://acs.amazonaws.com/groups/global/AllUsers"'
CONFIGURING A LOGGING POLICY
The API command put-bucket-logging configures bucket logging policy. In the following example, the AWS user [email protected] is granted full control over the log files, and all users have read access to them. Notice that the put-bucket-acl command is also required to grant the Amazon S3 log delivery system (specified by a URI) the permissions needed to read and write the logs to the bucket.
$ aws s3api put-bucket-acl --bucket MyBucket --grant-read-acp 'URI="http://acs.amazonaws.com/groups/s3/LogDelivery"' --grant-write "URI="http://acs.amazonaws.com/groups/s3/LogDelivery"'
$ aws s3api put-bucket-logging --bucket MyBucket --bucket-logging-status file://logging.json
The file logging.json in the previous command has the following content.
USING AMAZON SNS WITH THE AWS CLI
aws sns help
TOPICS
•
Create a
Topic
• Subscribe to a Topic
• Publish to a Topic
• Unsubscribe from a
Topic
• Delete a Topic
CREATE A TOPIC
$ aws sns create-topic --name my-topic
SUBSCRIBE TO A TOPIC
The following example specifies the email protocol and an email address for the notificationendpoint.
$ aws sns subscribe --topic-arn arn:aws:sns:us-west-2:123456789012:my-topic --protocol email --notification-endpoint [email protected]
AWS
immediately sends a confirmation message by email to the address you specified
in the subscribe command. The email message has the following text.
You have chosen to subscribe to the topic:
arn:aws:sns:us-west-2:123456789012:my-topic To confirm this subscription, click
or visit the following link (If this was in error no action is necessary):
Confirm subscription
After
the recipient clicks the Confirm subscription link, the recipient's
browser displays a notification message with information similar to the
following.
Subscription confirmed!
You have subscribed [email protected] to the topic:my-topic. Your
subscription's id is:
arn:aws:sns:us-west-2:123456789012:my-topic:1328f057-de93-4c15-512e-8bb22EXAMPLE
If it was not your intention to subscribe, click here to unsubscribe.
PUBLISH TO A TOPIC
The following example sends the message "Hello World!" to all subscribers of the specified topic.
$ aws sns publish --topic-arn arn:aws:sns:us-west-2:123456789012:my-topic --message "Hello World!"
In this example, AWS sends an email message with the text "Hello World!" to [email protected]
UNSUBSCRIBE FROM A TOPIC
In this example, AWS sends an email message with the text "Hello World!" to [email protected]
$ aws sns unsubscribe --subscription-arn arn:aws:sns:us-west-2:123456789012:mytopic:1328f057-de93-4c15-512e-8bb22EXAMPLE
To
verify that you successfully unsubscribed, use the list-subscriptions command to confirm that
the ARNno longer appears in the list.
$ aws sns list-subscriptions
DELETE A TOPIC
$ aws sns delete-topic --topic-arn arn:aws:sns:us-west-2:123456789012:my-topic
To verify that AWS successfully deleted the topic, use the list-topics command to confirm that the topic no longer appears in the list.
$ aws sns list-topics
USING AMAZON SWF WITH THE AWS CLI
aws swf help
TOPICS
• List of Amazon SWF
Commands by Category
• Working with Amazon SWF
Domains Using the AWS CLI
LIST OF AMAZON SWF COMMANDS BY CATEGORY
You
can also get help for an individual command, by placing the help directive
after the command name. The following shows an example.
$ aws swf register-domain help
TOPICS
• Commands Related to
Activities
• Commands Related to
Deciders
• Commands Related to
Workflow Executions
• Commands Related to
Administration
• Visibility Commands
COMMANDS RELATED TO ACTIVITIES
Activity workers use poll-for-activity-task to get new activity tasks. After a worker receives an activity task from Amazon SWF, it performs the task and responds using respond-activity-task completed if successful or respond-activity-task-failed if unsuccessful. The following are commands that are performed by activity workers:
•
poll-for-activity-task
• respond-activity-task-completed
• respond-activity-task-failed
• respond-activity-task-canceled
• record-activity-task-heartbeat
COMMANDS RELATED TO DECIDERS
The
following are commands that are performed by deciders:
• poll-for-decision-task
• respond-decision-task-completed
COMMANDS RELATED TO WORKFLOW EXECUTIONS
The
following commands operate on a workflow execution:
• request-cancel-workflow-execution
• start-workflow-execution
• signal-workflow-execution
• terminate-workflow-execution
COMMANDS RELATED TO ADMINISTRATION
•
register-activity-type
• deprecate-activity-type
•
register-workflow-type
• deprecate-workflow-type
•
register-domain
• deprecate-domain
•
request-cancel-workflow-execution
• terminate-workflow-execution
VISIBILITY COMMANDS
•
list-activity-types
• describe-activity-type
•
list-workflow-types
• describe-workflow-type
•
describe-workflow-execution
• list-open-workflow-executions
• list-closed-workflow-executions
• count-open-workflow-executions
• count-closed-workflow-executions
• get-workflow-execution-history
•
list-domains
• describe-domain
•
count-pending-activity-tasks
• count-pending-decision-tasks
WORKING WITH AMAZON SWF DOMAINS USING THE AWS CLI
TOPICS
• List Your Domains
• Get Information about a
Domain
• Register a Domain
• Deprecating a Domain
LIST YOUR DOMAINS
use swflist-domains.
Here's
a minimal example.
$ aws swf list-domains --registration-status REGISTERED
{
GET INFORMATION ABOUT A DOMAIN
use swf describe-domain.
$
aws swf describe-domain --name ExampleDomain
{
REGISTER A DOMAIN
use swf register-domain. There are two required parameters, --name, which takes the domain name to register, and -- workflow-execution-retention-period-in-days, which takes an integer to specify the number of days to retain workflow execution data on this domain, up to a maximum period of 90 days
$ aws swf register-domain --name MyNeatNewDomain --workflow-execution-retention-period-indays 0
The command doesn't return any output, but you can use swf list-domains or swf describedomain to see the new domain. For example:
$
aws swf describe-domain --name MyNeatNewDomain
{
DEPRECATING A DOMAIN
use swf deprecate-domain
$ aws swf deprecate-domain --name MyNeatNewDomain
$
aws swf list-domains --registration-status DEPRECATED
{
5 TROUBLESHOOTING AWS CLI ERRORS
If you use pip to install the AWS Command Line Interface (AWS CLI), you might need to add the folder that contains the aws program to your operating system's PATH environment variable, or change its mode to make it executable.
If aws is in your PATH and you still see this error, it might not have the right file mode. Try running it directly.
$ ~/.local/bin/aws –version
PERMISSIONS ISSUES
MAIN CLI PROGRAM MUST HAVE 'RUN' PERMISSION
Make sure that the aws program has run permissions for the calling user. Typically, you would use 755. Run chmod +x to add run permissions to the file.
$ chmod +x ~/.local/bin/aws
YOU MUST USE VALID CREDENTIALS
The following example shows how to check the credentials used for the default profile.
$ aws configure list
The following example shows how to check the credentials of a named profile.
$ aws configure list --profile saanvi
If
you are using valid credentials, your clock may be out of sync. On Linux,
macOS, or Unix, run date to check the time.
$ date
If
your system clock is not correct within a few minutes, use ntpd to sync it.
$ sudo service ntpd stop
$ sudo ntpdate time.nist.gov
$ sudo service ntpd start
$ ntpstat
YOUR IAM USER MUST BE ABLE TO RUN THE COMMAND
Error: An error occurred (UnauthorizedOperation) when calling the CreateKeyPair operation: You are not authorized to perform this operation. Your IAM user or role must have permission to call the API actions that correspond to the commands that you run with the AWS CLI. Most commands call a single action with a name that matches the command name; however, custom commands like aws s3 sync call multiple APIs.
You can see which APIs a command calls by using the --debug option.
6 NEXT STEPS
Roles are nothing but a group of permissions that grant users access to some particular AWS resources and services. But wait, doesn't a policy do the same thing? You're absolutely right! Both are, in a sense, a set of permissions, but the difference lies in where and how you apply them.
Policies are applied to users and groups that belong to a particular AWS account, whereas roles are applied to users who are generally not a part of your AWS account. In a sense, you use roles to delegate access to users, applications, and services that do not have access to your AWS resources. You can also use roles to create federated identities where a user from your organization's corporate directory gets access to your AWS resources on a temporary basis.
learn more about roles and how you can leverage them in your organization, use http://docs.aws.amazon.com/IAM/latest/UserGuide/roles-toplevel.html.
AWS has also services as well that help with your account's easy administration and management.
• AWSCloudTrail: CloudTrail enables you, as an administrator, to log and record each and every API call that is made from within your account. These logs can contain information such as the API's request and response parameters, who made the API call, the time of the API call, and so on. These details are vital and can be used during security audits, compliance tracking, and so on. To know more about AWSCloudTrail, check http://aws.amazon.com/cloudtrail/getting-started/.
• AWSConfig: AWSConfig is a fully
automated service that enables you to take a complete snapshot of all your AWS
resource's configurations for compliance and auditing purposes. It can also be
used as a change management tool to find out when your AWS resources were
created, updated, and destroyed. To know more about AWSConfig, check http://aws.amazon.com/config/details/.
• AWS Key Management Service: As the name suggest,
this new service enables you to manage your account's keys more effectively and
efficiently. It also provides add-on functionality such as centralized key
management, one click encryption of your data, automatic key rotations, and so
on so forth. To know more about AWS Key Management Service, check http://aws.amazon.com/kms/getting-started/.
7 RECOMMENDATIONS AND BEST PRACTICES
• Get rid of the Root Account, use IAM wherever necessary. Hide away the Root key and avoid using it unless it's the end of the world!
• Create separate IAM users for your organization, each with their own sets of access and Secret Keys. DO NOT SHARE YOUR KEYS OR PASSWORDS! Sharing such things is never a good idea and can cause serious implications and problems.
• Create separate administrators for each of the AWS services that you use.
• Use roles and groups to assign individual IAM users permissions. Always employ the least privilege approach wherein a particular group or role has the least amount of privileges assigned to it. Provide only the required level of access and permissions that the task demands.
• Leverage multi-factor authentication (MFA) wherever possible. Although passwords are good, they are still not the best option when it comes to authenticating users at times.
• Rotate your passwords and keys on a periodic basis. Create keys only if there is a requirement for it. If there are unused keys and/or users, then make sure you delete them on a regular basis.
• Maintain a logs and history of your AWS account and its services. Use AWSCloudTrail for security and compliance auditing.
• Use temporary credentials (IAM Roles) rather than sharing your account details with other users and applications.
• Leverage AWS Key Management Service to encrypt data and your keys wherever necessary.
CHAPTER - TEN WAYS TO DEPLOY AWS QUICKLY
Mueller J.P., (2017) p343
1 RESEARCHING AWS INTERACTIVITY WITH THIRD-PARTY PRODUCTS
Although AWS provides a broad range of support for various products, it doesn’t support every product out there. Always ensure that AWS supports your products of choice before you begin doing anything with it. If a third-party product you use requires full support for NFSv4, AWS may not be the solution you need. A lack of configuration options or other support issues may cause the products to fail or work incorrectly when moved to the cloud.
2 DEVELOPING A PLAN FOR SENSITIVE DATA
Amazon can’t advise you in this regard: Data safety is a requirement that you must address as part of your own cloud strategy planning.
3 USE TOOLS TO ENHANCE PRODUCTIVITY
» Built-in: You have access to all the built-in tools (many of which you find demonstrated in this book in the form of the various consoles and wizards).
» Third party: Vendors such as Scalr (http://www.scalr.com/ ), RightScale (http://www.rightscale.com/) , Hybridfox (https://code.google.com/p/hybridfox/ ), CloudMGR (http://www.cloudmgr.com/ ), and Enstratius (http://www.enstratius.com/home) all offer strong management platforms for AWS.
» Developer: Some developer tools can lend themselves to administrator use as well. The Amazon pages at https://aws.amazon.com/developertools and https://aws.amazon.com/tools/ offer some ideas on what Amazon makes available
ElasticFox-EC2Tag (https://github.com/cookpad/elasticfox-ec2tag).
The article at http://www.serverwatch.com/server-tutorials/8-trending-third-party- management-tools-for-amazon-web-services.html provides a listing of some interesting browser extensions.
4 CHOOSING THE RIGHT SERVICE
The secret to the problem of which service to choose is to look at who else is using that ser-vice, define how they’re using it, and consider what restrictions they put in place when using it.
5 ENSURING THAT YOUR PLAN CONSIDERS LOSS OF CONTROL
The host determines what your rights are, when you can have them, and how you use them. This loss of control means that administrators may now find themselves in a position of having to ask permission to perform certain tasks or of requesting that the host perform the task for them
When you configure EB, EB automatically creates an S3 bucket for you. You can view the contents of this bucket and interact with it in other ways. Removing your EB instance doesn’t remove the S3 bucket. Unfortunately, you can’t delete the bucket; either (see https://forums.aws.amazon.com/thread.jspa?threadID=145366 as an example of this problem). To remove the bucket, you must ask Amazon to do it for you. Fortunately, Amazon documents most of the cases that require you to ask permission to do something or have someone at Amazon do it for you.
6 LOOKING FOR ALL-IN-ONE SOLUTIONS THAT AREN’T
To provide a seamless mobile experience, you also need to work with Amazon Cognito (https://aws.amazon.com/cognito/). Be certain that you understand the following:
» What level of support each service provides
» Other services that you might need to obtain a full solution
» Limits of each service that could impact your business
» Potential service problems that could cause legal or other issues that you must work out before using AWS
7 SPENDING FREE TIME WHERE YOU NEED IT MOST
To gain a basic idea of how things will work with your cloud-based solution at the outset, focus your time on these services:
» EC2 (computing)
» S3, EBS, and EFS (storage solutions)
» IAM and Cognito (security)
8 WORKING WITH TEMPLATES
Amazon CloudFormation (https://aws.amazon.com/cloudformation/) enables you to automate some processes through templates.
Templates https://aws.amazon.com/cloudformation/aws-cloudformation-templates/
Yes, you do gain control by using the CLI, but the advantage of using the console is that you don’t have to remember a lot of arcane parameters and the precise syntax for issues commands that the CLI requires. The time to use the CLI is when you start moving toward batch processes and working with services such as Amazon Lambda to perform tasks
9 DISCOVERING IMPLIED THIRD-PARTY USE
The
implication of using a third-party service within AWS is that you need to perform
additional research about that third party. https://www.elastic.co/products/elasticsearch
CHAPTER - TEN MUST-HAVE AWS SOFTWARE PACKAGES
Mueller J.P., (2017) p351
1 USING THE CONSOLE INTERNET TOOLS
Utility/Package |
What It Does |
Default Packages |
|
elinks |
Provides a text-based browser for use in the SSH session. http://elinks.or.cz . |
Optional Packages |
|
fetchmail |
Provides a text-based email program that can access POP3, IMAP, ODMR, and ETRN-based stores. https://sourceforge.net/projects/fetchmail . |
ftp |
Provides a text-based File Transfer Protocol (FTP) application for sending and receiving files to and from an FTP server. |
jwhois |
Determines the owner and other information associated with a particular web domain. https://directory.fsf.org/wiki/Jwhois . |
lftp |
Performs advanced batch processing of HTTP-specific commands, akin to the manner in which the bash shell works. You typically use this utility for scripted FTP uploads or other repetitive tasks. https://lftp.yar.ru |
mutt |
Provides a text-based email program that can access all the common data stores. This utility is a little more GUI-based and friendlier than fetchmail. http://www.mutt.org . |
2 USING THE COMMAND LINE INTERFACE (CLI) TO INSTALL PACKAGES
Thecommand for installing a single package is
sudo yum install <package name>
In this case, the sudo (super user do) command allows you to perform almost any task conceivable with a Linux distribution. The yum (Yellowdog Updater, Modifed) command is the method used to tell Linux to install, delete, query, or otherwise manage packages. In this case, you tell yum to install a new package, which you define by specifying a <package name>.
Determine whether a particular package is available using the following command:
rpm -qa | grep '<package name>'
The rpm command performs the actual package search. You use the -qa switch to tell rpm to find all the packages. Outputting all the installed packages would provide too much information. So, you take the output of the rpm command and send it to the grep command using a pipe (|). The pipe is handy because it lets you combine commands. In this case, grep takes the whole list of installed packages and searches for packages that contain the text you provide. For example, if you want to find all the Python-related packages on your system, you type rpm -qa | grep ’python’ and press Enter. As an alternative to using rpm, you can rely on the following yum command:
sudo yum search '<package name>'
The yum version returns more information because it includes all the available packages, not just those installed on your system. A package can contain more than one utility. To obtain a listing of utilities in a package, use the following command:
rpm -ql '<package name>'
sudo yum groupinstall "<group package name>"
A group package name normally appears in quotes because it’s actually a string that tells Linux which group to use. For example, if you want yum to install all the performance tools, you specify the “Performance Tools” as a string. To obtain a list of available groups, type sudo yum grouplist and press Enter. Likewise, to learn the content of a particular group, type sudo yum groupinfo "<group package name>" and press Enter.
By
default, yum installs only the mandatory packages for a group. If you want to
install all the packages, you must modify the previous command to look like
this:
sudo yum --setopt=group_package_types=mandatory,default,optional groupinstall
"<group package name>"
The --setopt command-line switch tells yum which package features to install. In this case, you tell yum to install the mandatory, default, and optional packages from the group package.
3 CHANGING CONFIGURATION USING COMMAND LINE EDITORS
Utility/Package |
What It Does |
Default Packages |
|
vim |
Allows editing of text files using the Vi IMproved (VIM) editor.See http://www.vim.org/ for additional details. |
Utility/Package |
What It Does |
Optional Packages |
|
ctags |
Creates a tag file containing identifiers based on the content of code files for use with a text editor. The tags help the editor provide amplifying information when displaying the file onscreen. The etags utility is an Emacs-specific version that produces more information for this particular editor. http://ctags.sourceforge.net |
emacs |
Displays an extensible, customizable, real-time text editor generally used to modify code files, hence the original name Editing Macros, or Emacs (but you can use it for any other text-editing purpose as well). https://emacswiki.org . |
emacs-auctex |
Provides support for tau-epsilon-chi (TeX) files in the Emacs editor. https://www.gnu.org/software/auctex/ |
emacs-gnuplot |
Provides gnuplot support for the Emacs editor. https://mkmcc.github.io/software/gnuplot-mode.html |
4 CHECKING SYSTEM PERFORMANCE
Utility/Package |
What It Does |
Mandatory Packages |
|
blktrace |
Performs block I/O tracing tasks to determine the time required to perform tasks such as data transfers. http://www.cse.unsw.edu.au/~aaronc/iosched/doc/blktrace.html |
sysstat (includes: sar,
sadf, |
Provides access to a set of utilities to perform a series of specific, system-level checks. For example, the sar command collects, reports, and saves system activity information. See http://sebastien.godard.pagesperso-orange.fr/ |
Utility/Package |
What It Does |
Default Packages |
|
dstat |
Generates system resource statistics for CPU, disk, I/O, memory, and network activity. http://dag.wiee.rs/home-made/dstat |
iotop |
Focuses on generating statistics for block read and block write requests for disks. http://linux.die.net/man/1/iotop . |
oprofle |
Performs continuous, system-wide monitoring of resources and activity. http://oprofile.sourceforge.net/news . |
Optional Packages |
|
oprofle-jit |
Provides the capability of creating Executable and Linkable Format (ELF) files after an OProfle monitoring session. http://oprofile.sourceforge.net/doc/getting-jit-reports.html |
5 WORKING AT THE SYSTEM LEVEL
Utility/Package |
What It Does |
Default Packages |
|
conman |
Provides connectivity with other remote consoles. http://www.tutorialspoint.com/unix_commands/conman.htm |
mgetty |
Allows connectivity with modems. http://linuxcommand.org/man_pages/mgetty8. |
Utility/Package |
What It Does |
mkbootdisk |
Creates a boot disk for starting the system. http://linuxcommand.org/man_pages/mkbootdisk8.html |
net-snmp-libs |
Contains the libraries used for Simple Network Management Protocol (SNMP)-related tasks. |
nmap |
Performs detailed network mapping tasks. https://nmap.org/ . |
ntp |
Synchronizes the clocks of the systems within a given network with a master time source (ultimately allowing synchronization with an Internet source, such as time.nist.gov). http://www.ntp.org |
openldap-clients |
Contains the libraries used for the Lightweight Directory Access Protocol (LDAP)-related tasks. |
quota |
Manages disk quotas for both users and groups. http://www.tldp.org/HOWTO/Quota.html |
rng-tools (includes: rngd |
Performs testing and configuration of the random number-generation capabilities of a system. Because a virtual machine can’t access the underlying hardware, this set of utilities isn’t useful when working with AWS. |
screen |
Allows use of multiple shell windows when working with SSH. https://www.rackaid.com/blog/linux-screen-tutorial-and-how-to . |
xdelta |
Performs delta compression on C libraries to make them smaller. http://xdelta.org/ |
zisofs-tools |
Contains the tools needed to work with compressed disks. http://freecode.com/projects/zisofstools |
zsh |
Provides access to a shell used for interactive and scripted command-line tasks. See http://zsh.sourceforge.net/ for additional information. |
Optional Packages |
|
adjtimex |
Displays and sets the Linux kernel time variables. http://linuxcommand.org/man_pages/adjtimex8.html . |
Utility/Package |
What It Does |
amanda-client |
Contains the tools required to implement the Advanced Maryland Automatic Network Disk Archiver (AMANDA). These tools are designed for use with Windows, so they won’t work with your free-tier Linux installation. http://www.amanda.org/ |
arptables_jf |
Contains the tools required to work with the Address Resolution Protocol (ARP). http://kb.linuxvirtualserver.org/wiki/Using_arptables_to_disable_ARP . |
arpwatch |
Tracks Ethernet and IP address pairings. http://linuxcommand.org/man_pages/arpwatch8.html |
audit (includes:
augenrules, |
Contains the tools required to perform audits of processes. https://linux-audit.com/tag/autrace/ and https://www.digitalocean.com/community/tutorials/how-to-use-the-linuxauditing-system-on-centos-7 |
avahi-tools |
Contains the tools used to implement the Avahi zero configuration networking system. https://wiki.archlinux.org/index.php/avahi |
createrepo |
Provides the means for working with RPM-metadata (repodata). http://createrepo.baseurl.org/ . |
gnutls-utils (includes: |
Contains utilities for working with the GNU Transport Layer Security (TLS) features of AWS. http://www.gnutls.org . |
iptraf |
Performs IP monitoring tasks. See http://linuxcommand.org/man_pages/iptraf8.html |
ktune |
Performs kernel-tuning tasks. Because a virtual machine can’t access the underlying operating system, this utility isn’t useful when working with AWS. |
lslk |
Lists local locks on files. This utility is outdated. See http://linux.die.net/man/8/lslk |
Utility/Package |
What It Does |
lsscsi |
Obtains information about Small Computer System Interface (SCSI) drives attached to the local system. Because a virtual machine can’t access the underlying hardware, this utility isn’t useful when working with AWS. See http://sg.danny.cz/scsi/lsscsi.html |
mc |
Provides the means to manage files on disk using the Midnight Commander utility. See https://www.midnight-commander.org . |
mrtg |
Tracks the activities of any routers attached to the system using the Mult-Router Trafc Grabber. See http://oss.oetiker.ch/mrtg |
net-snmp-utils (includes: |
Contains a number of tools for performing SNMP related tasks. See http://net-snmp.sourceforge.net/ |
pinentry |
Displays dialog boxes used to enter Personal Identifcation Numbers (PINs) and other security information. See https://www.gnupg.org/related_software/pinentry/index.en.html |
uuidd |
Generates Universally Unique Identifers (UUIDs) to ensure that apps and other system processes can recognize unique instances of any object. See http://linux.die.net/man/8/uuidd |
vlock |
Locks a virtual console, enabling you to save your current session. http://linux.die.net/man/1/vlock |
watchdog |
Performs tests to ensure that the system hasn’t frozen because of an errant process. See http://linux.die.net/man/8/watchdog |
(TeX is a typesetting system originally created by Donald Knuth;you can read more about it at https://www.tug.org/whatis.html.)
Tau-epsilon-chi(TeX) editor support
6 MAKING CLOUD MANAGEMENT EASIER WITH CLOUDMGR
CloudMGR (http://www.cloudmgr.com/ ) is a cloud-management solution that enables you to interact with AWS using an alternative interface
AWS
supports three levels of CloudMGR:
» CloudMGR Business: The basic solution for automating business-related
tasks in the cloud.
» CloudMGR for Autotask: This solution works with Autotask (https://www.cloudmgr.com/autotask ) to manage huge arrays
of AWS servers in supportof multiple clients.
» CloudMGR for cPanel Web Host Manager Complete Solution (WHMCS): This
solution integrates with cPanel (https://www.cloudmgr.com/cpanelwhm ) to let you work with
websites with greater ease.
Amazon Marketplace (https://aws.amazon.com/marketplace/search/)
7 GOING OUTSIDE THE MARKETPLACE WITH ENSTRATIUS
Enstratius (http://www.enstratius.com/aws)
This product works with both public and private clouds. It focuses on the EC2,ELB, RDS, SNS, and S3 services. One of this product’s special features is its capability to connect various cloud solutions.
8 MANAGING AND SCALING YOUR APPS USING HEROKU
Heroku (https://www.heroku.com/)
The
product defines three phases of custom app management:
» Deployment
» Management
» Scaling
You
can use Heroku with AWS, Google, and Azure (simultaneously, if necessary). It
also works with both Linux and Windows. The supported Linux distributions are
» CoreOS
» Ubuntu
» Red Hat Enterprise Linux (RHEL)
You
can use these languages directly with Heroku:
» Node
» Ruby
» Java
» PHP
» Python
» Go
Business applications according to InfoWorld (http://www.infoworld.com/article/3103514/application-development/businessesstick-with-java-python-and-c.html).
9 PERFORMING BROWSER-BASED MANAGEMENT USING HYBRIDFOX
Hybridfox (https://github.com/CSSCorp/hybridfox) provides a simplified but limited management solution for a number of cloud environments: AWS, Eucalyptus, OpenStack, OpenNebula, and HP Cloud. The goal of this product is to allow you to use a single-browser environment, Firefox, to manage the supported cloud environments seamlessly. Use Hybridfox to perform these kinds of tasks:
» Manage platform images
» Start and stop instances
» Manage instances
» Manage Elastic IPs
» Manage security groups
» Manage Key-pairs
» Manage Elastic Block Storage (EBS)
9 GETTING A COMPLETE MANAGEMENT PACKAGE WITH RIGHTSCALE
RightScale (http://www.rightscale.com/)
RightScale appears to provide full support for all the popular cloud environments, including AWS, Google, Azure, and SOFTLAYER. When using a product such as RightScale, you also pay for all the services provided. In addition, you need to consider the costs associated with vendor lock-in (an inability to move to other solutions without starting from scratch).
10 EMPLOYING POLICY-BASED MANAGEMENT WITH SCALR
Scalr (http://www.scalr.com/ ) focuses on using policies for management tasks. Scalr comes in hosted, enterprise, and community editions. For example, downloading the community edition lets you work with your cloud setup using your PC. You gain the efficiencies and speed that the PC environment provides. The community edition is free (see the pricing guide at http://www.scalr.com/pricing.html )
One needs to learn how to perform scripting tasks using the Scalr approach, but it also means that you can work with multiple cloud environments without necessarily having to learn each cloud environment’s API individually.
CHAPTER - PLANNING YOUR NEXT STEPS
Knowing how you want to take advantage of cloud resources requires understanding your core competencies and identifying the areas that are best served through an external infrastructure.
· Do you have legacy applications that need greater scalability, reliability, or security than you can afford to maintain in your own environment?
· What are your hardware and bandwidth capacity requirements?
· How will you be prepared to scale up (and down) following deployment?
· How can the cloud advance your IT and business objectives?
As you answer each question, apply the lenses of flexibility, cost effectiveness, scalability, elasticity, and security.
Code and examples available for download at www.manning.com/books/amazon-web-services-in-action and from GitHub at https://github.com/AWSinAction/code
1 RESOURCES, RECOMMENDATIONS, AND BEST PRACTICES
Wadia Y. (2016)
• For anyone just starting off with AWS, I would really recommend reading the Getting Started with AWS guides. These are some well written and to the point guides covering topics such as hosting static websites, deploying web apps, analyzing Big Data, and so on. Go to https://aws.amazon.com/documentation/gettingstarted
• Next, the holy grail of all AWS services and a must to read if you are planning to work with AWS—the AWS documentations page. This page is a one stop shop for all your AWS service user guides, CLI and API references as well. Refer to https://aws.amazon.com/documentation/ for more information.
• Although not mandatory, the AWS case studies page is yet another important place where you can read about how and what customers are using AWS for. You can filter case studies based on their use cases, all provided at https://aws.amazon.com/solutions/case-studies/
• Make sure you also have a look at the pricing for each of the AWS services that you use by following this link: https://aws.amazon.com/pricing/services/ .
• Here are some best practice guides provided by AWS as well, which are a must read if you are planning to use AWS as a production environment:
° General AWS Cloud Best Practices to follow: http://media.amazonwebservices.com/AWS_Cloud_Best_Practices.pdf .
° How to build fault tolerant application on AWS: http://media.amazonwebservices.com/AWS_Building_Fault_Tolerant_Applications.pdf .
° A few design considerations and best practices to keep in mind when designing DR solutions on AWS: http://media.amazonwebservices.com/AWS_Disaster_Recovery.pdf .
°
AWS Security Best Practices guide: http://media.amazonwebservices.com/AWS_Security_Best_Practices.pdf .
2 AMAZON WEB SERVICES SCREEN SHOTS
3 ALTERNATIVE WEB SERVICES PROVIDERS
AWS isn’t the only cloud computing provider. Microsoft and Google have cloud offerings as well. OpenStack is different because it’s open source and developed by more than 200 companies including IBM, HP, and Rackspace.
Below are some common features of cloud providers:
■ Virtual servers (Linux and Windows)
■ Object store
■ Load balancer
■ Message queuing
■ Graphical user interface
■ Command-line interface
4 THE DIFFERENCE BETWEEN AWS, AZURE, GOOGLE CLOUD AND OPENSTACK TABLE
Witting A, Witting M, (2016) p 16
5 A FEW EXAMPLE OF COMPANIES AND ORGANIZATIONS RUNNING WEB SERVICES
AWS – Lyft, Netflix, Toyota, Airbnb, Unilever, BMW, Samsung, MI, Zynga, Redfin, Capital One others
GOOGLE CLOUD PLATFORM – Chase, HSBC, Paypal, 20th Century Fox, Bloomberg, Target, Dominos, others
MICROSOFT AZURE – HP, Fujitsu, Honeywell, Johnson Controls, Polycom, Adobe, others
6 CLOUD SERVICES COMPARISON TABLE
Edureka, Cloud Masters Certification Training, www.edureka.co/masters-program/cloud-architect-training
REFERENCES
Amazon Inc (2019) AWS Command Line Interface: User Guide, Amazon Web Services, Inc.
Amazon Inc (2019) Amazon Elastic Compute Cloud - User Guide for Linux Instances, Amazon Web Services Inc.
Amazon Inc (2019) Amazon Web Services Documentation, AWS inc
Amazon Inc (2019) Amazon Web Services Whitepaper, AWS inc
Baron J., Baz H., Bixler T., Gaut B., Kelly K.E., Senior S., Stamper J., (2017) AWS Certified Solutions Architect Official Study Guide, John Wiley & Sons, Inc. Indianapolis, Indiana
Beach B.(2014) Pro Powershell for Amazon Web Services – DevOps for the AWS Cloud, Apress Media, California USA.
Golden B. (2013) Amazon Web Services™ For Dummies, John Wiley & Sons, Inc. New Jersey USA
Hashimoto N. (August 2013) Amazon S3 Cookbook, PACKT Publishing, Birmingham, United Kingdom
Kvreddi, Hand Book For AWS Admin, SUVEN IT, Hyderabad India [Online] Available from: https://www.scribd.com/document/.../Aws-Admin-Guide-by-Suven-It-v1-PDF [Accessed date 24 May 2019 16:24hrs]
Matthew S. (2019) Overview of Amazon Web Services AWS Whitepaper, AWS inc
Mueller J.P., (2017) AWS For Admins (dummies), John Wiley & Sons, Hoboken, New Jersey
Varia J., Mathew S. (2014), Overview of Amazon Web Services [Online] Available from: https://media.amazonwebservices.com/AWS_Overview.pdf [Accessed date 24 May 2019 16:24hrs]
Wadia Y. (February 2016) AWS Administration – The Definitive Guide, Packt Publishing, Birmingham UK
Witting A, Witting M, (2016) Amazon Web services in Action. Manning Publications Co Shelter Island, New York
REFERENCES
Amazon Inc (2019) AWS Command Line Interface: User Guide, Amazon Web Services, Inc.
Amazon Inc (2019) Amazon Elastic Compute Cloud - User Guide for Linux Instances, Amazon Web Services Inc.
Amazon Inc (2019) Amazon Web Services Documentation, AWS Inc
Amazon Inc (2019) Amazon Web Services Whitepaper, AWS Inc
Amazon Inc (2022) IPv6 on AWS (Best practices for adopting and designing IPv6-based networks), Amazon Web Services, Inc.
Baron J., Baz H., Bixler T., Gaut B., Kelly K.E., Senior S., Stamper J., (2017) AWS Certified Solutions Architect Official Study Guide, John Wiley & Sons, Inc. Indianapolis, Indiana
Beach B.(2014) Pro Powershell for Amazon Web Services – DevOps for the AWS Cloud, Apress Media, California USA.
Golden B. (2013) Amazon Web Services™ For Dummies, John Wiley & Sons, Inc. New Jersey USA
Hashimoto N. (August 2013) Amazon S3 Cookbook, PACKT Publishing, Birmingham, United Kingdom
Joyjeet Banerjee (2021) AWS Certified Solutions Architect Associate E X A M G U I D E (Exam SAA-C02), Second Edition, McGraw Hill USA
Kvreddi, Hand Book For AWS Admin, SUVEN IT, Hyderabad India [Online] Available from: https://www.scribd.com/document/.../Aws-Admin-Guide-by-Suven-It-v1-PDF [Accessed date 24 May 2019 16:24hrs]
Matthew S. (2019) Overview of Amazon Web Services AWS Whitepaper, AWS Inc
Mueller J.P., (2017) AWS for Admins (dummies), John Wiley & Sons, Hoboken, New Jersey
Shinder T, Shinder D.L. (2000) MCSE Windows 2000 Accelerated Study Guide (Exam 70-240) Osborne McGraw-Hill, Berkeley California
SurePass, Exam Questions, Amazon AWS Certified SysOps Administrator, https://www.surepassexam.com
Tutorials Point (2019) BabylonJS, www.tutorialspoint.com, [email protected] https://store.tutorialspoint.com
Varia J., Mathew S. (2014), Overview of Amazon Web Services [Online] Available from: https://media.amazonwebservices.com/AWS_Overview.pdf [Accessed date 24 May 2019 16:24hrs]
Wadia Y. (February 2016) AWS Administration – The Definitive Guide, Packt Publishing, Birmingham UK
Witting A, Witting M, (2016) Amazon Web services in Action. Manning Publications Co Shelter Island, New York
Zhadanovsky L., Introduction to Amazon Web Services
WEB LINKS
Penetration Testing
[Online] Available from: https://aws.amazon.com/security/penetration-testing/
[Accessed date 16 November 2021]
Perspectives in the AWS Cloud Adoption Framework
[Online] Available from: https://aws.amazon.com/professional-services/CAF/
[Accessed date 16 November 2021]
RESERVED INSTANCE (RI)
[Online] Available from: https://aws.amazon.com/ec2/pricing/reserved-instances/
[Accessed date 16 November 2021]
Service control policies (SCPs)
[Online] Available from: https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_scps.html
[Accessed date 16 November 2021]
Six Strategies for Migrating Applications to the Cloud
[Online] Available from: https://aws.amazon.com/blogs/enterprise-strategy/6-strategies-for-migrating-applications-to-the-cloud/
[Accessed date 16 November 2021]
Jignesh Solanki, Vertical Scaling and Horizontal Scaling in AWS
[Online] Available from: https://dzone.com/articles/vertical-scaling-and-horizontal-scaling-in-aws
[Accessed date 4 November 2021]
What is AWS Well-Architected Tool?
[Online] Available from: https://docs.aws.amazon.com/wellarchitected/latest/userguide/intro.html
[Accessed date 4 November 2021]
Lazaro Ibanez, AWS: What are the Simple Monthly Calculator, Cost and Usage Report, Cost Explorer and Budgets?
Online] Available from: https://lazaroibanez.com/aws-what-are-the-simple-monthly-calculator-cost-and-usage-report-cost-explorer-and-budgets-5540b0c1ddbe
[Accessed date 4 November 2021]
AWS: What are the Simple Monthly Calculator, Cost and Usage Report, Cost Explorer and Budgets?
Online] Available from: https://lazaroibanez.com/aws-what-are-the-simple-monthly-calculator-cost-and-usage-report-cost-explorer-and-budgets-5540b0c1ddbe
[Accessed date 4 November 2021]
The 5 Pillars of the AWS Well-Architected Framework
[Online] Available from: https://aws.amazon.com/blogs/apn/the-5-pillars-of-the-aws-well-architected-framework/
[Accessed date 4 November 2021]
Derek Belt , https://aws.amazon.com/blogs/apn/the-5-pillars-of-the-aws-well-architected-framework/
[Online] Available from: https://docs.aws.amazon.com/wellarchitected/latest/framework/oe-design-principles.html
[Accessed date 4 November 2021]
Design Principles
[Online] Available from: https://docs.aws.amazon.com/wellarchitected/latest/framework/oe-design-principles.html
[Accessed date 4 November 2021]
Amazon S3 Storage Classes
[Online] Available from: https://aws.amazon.com/s3/storage-classes/
[Accessed date 4 November 2021]
Getting started with IPv6 on AWS
[Online] Available from: https://cloudonaut.io/getting-started-with-ipv6-on-aws/
[Accessed date 9 March 2022]
Dual-stack IPv6 architectures for AWS and hybrid networks
[Online] Available from: https://aws.amazon.com/blogs/networking-and-content-delivery/dual-stack-ipv6-architectures-for-aws-and-hybrid-networks/
[Accessed date 9 March 2022]
What is IPv6?
[Online] Available from: https://www.geeksforgeeks.org/what-is-ipv6/
[Accessed date 9 March 2022]
What is IPv6?
[Online] Available from: https://www.educba.com/what-is-ipv6/
[Accessed date 9 March 2022]
What is IPv6? Why you should start using it now? ByKavya Bali
[Online] Available from: https://serverguy.com/servers/what-is-ipv6/
[Accessed date 9 March 2022]
Internet Protocol Version 6
[Online] Available from: https://docs.microsoft.com/en-us/dotnet/framework/network-programming/internet-protocol-version-6
[Accessed date 9 March 2022]
IPv6 Addressing
[Online] Available from: https://docs.microsoft.com/en-us/dotnet/framework/network-programming/ipv6-addressing
[Accessed date 9 March 2022]
IPv6 Addresses
[Online] Available from: https://docs.oracle.com/en-us/iaas/Content/Network/Concepts/ipv6.htm
[Accessed date 9 March 2022]
Special addresses
[Online] Available from: https://en.wikipedia.org/wiki/Reserved_IP_addresses#IPv6
[Accessed date 9 March 2022]
Home/ Info/ Products/ BIG TECH Metaverse Metaverse Vs. Virtual Reality PC Buyers Guide/ IEEE 802 Standards Social Media Platforms Technology Videos/ Computer & IT Certifications Processor Generations Memory SSD Vs. HDD HTML 5G STEM Business Intelligence Tools Web Intelligence Venus Project/ Computer Security and Law Techno Lingo Encyclopedias Search Engines Glossary Contact
Certified Enterprise Blockchain Professional (CEBP) Web 3.0 Satoshi Nakamoto Cryptocurrency Ethereum NFT Merkle Tree El-Salvador eNaira
AWS Certification Google Certification Oracle Certifications cisco certifications Huawei Certification Microsoft Certifications Linux Certification Business Certifications
Google-Cloud-Platform-Guide Amazon-Web-Services-Guide Global-Cloud-Infrastructure-Of-AWS Amazon-Web-Services-Cli-Guide AWS-Cloudformation Devops Microsoft-Azure Oracle-Cloud Digitalocean-Cloud Openstack-Cloud
Active Components Passive Components Test Electrical Components Electronics Classification
Web C++ JAVA Python Angular.js Scala
Copyright BICT Solutions Privacy Policy. | Terms and Conditions apply | All rights reserved.