-
How CloudTrail Enhances AWS Log Management
CloudTrail is useful in logging API events, such as creating a VPC or instance, and also non-API events (such as logging in using the AWS Management Console), both management and data events. By default, management events are captured for 90 days, but if you want to capture data events (like s3 bucket or lambda), or…
-
Exploring EBS
In this exercise, I want to gain additional experience working with Elastic Block Storage – one of three types of storage that AWS offers (the othes include Block and EFS/FSx file storage). I’m going to be creating an EBS volume and then then working with it. Let’s take a look: I have a t3.micro EC2…
-
Migrating to RDS
In this post, I’m going to reference a lab that I am working on- the scenario is we have a single EC2 instance running Linux OS, an Apache server, and an app with PHP (LAMP stack). The instance is doubling as a database server, which is not ideal because then we are responsible on patching,…
-
AWS Architecting MySQL and Workbench
In this exercise, I’m going to pull together a number of different threads – namely, the design and implementation of the infrastructure to spin up an EC2 instance (hosting Workbench, which will allow me to interact with a database) and an RDS MySQL instance. My objective is to be able to create a database and…
-
EC2 Instance Monitoring
I’ve gotten to the point where spinning up an EC2 instance feels pretty comfortable, and it’s pretty easy to scale out to include additional instances as needed. Amidst that robust ability to create more and more, however, it’s important to be able to look at the performance of each instance – because these are finite…
-
Security w/ AWS Network Firewall
I’ve been focused a lot in security prevention approaches, such as subnetting, security group configuration, IAM policies, and so forth. I also want to touch upon AWS detection services, too. Specifically, the AWS Network Firewall. I have an t2.micro EC2 instance running in us-west-2a Availability Zone. It has a private IPv4 address but no public…
-
Patches! Using the Patch Manager ( w/ AWS Systems Manager)
One of tthe challenges of mitigating vulnerabilities and building a robust defense against potential threats against networked systems includes making sure that OS and app software is up to date and patched against known vulnerabilities and security risks. Especially if there are a lot of instances involved! It’s so easy to spin up new EC2…
-
From local to EC2: Docker Apache Web App
I’ve been following a tutorial which describes how to use containers within the AWS environment- it’s well done (Cantrill) but it does require the user (me) to simply download a pre-packaged container-ready file as part of a Cloud Formation deployment. That works for the intention of the author – provide a good, birds-eye view of…
-
EC2 Architecture via AWS Console
For better understanding building out AWS architecture, and to include my using an architectural diagram to guide my efforts (bear with me, this is my fledgling attempt so it’s a bit rough!). Here’s what I will be building out – a basic architecture supporting the spinning up of an EC2 instance: The steps I plan…
-
AWS Console: VPC+SN+SG+EC2+RT
In this post, I’m going to detail my journey building out this infrastructure. Here’s the goal: The goal is to practice a few things besides the deployment of these resources: INTRO: There’s a lot of directions that this project can grow, but the scope for this particular project is limited in scope: the ability for…
-
Subscribe
Subscribed
Already have a WordPress.com account? Log in now.
davethemaker 