davethemaker

Category: AWS

  • Tagged- You’re it! (or, Managing AWS Resources with Tagging)

    Tagged- You’re it! (or, Managing AWS Resources with Tagging)

    As I’ve been exploring AWS and creating resources, I oftentimes pass over the optional tags, but as the number of resoures (and complexity of the projects) increases, I know it’s time to re-evaluate my strategy! So this is going to be an exercise in better working with tags to manage resources.. The scenario is that…

  • How CloudTrail Enhances AWS Log Management

    How CloudTrail Enhances AWS Log Management

    CloudTrail is useful in logging API events, such as creating a VPC or instance, and also non-API events (such as logging in using the AWS Management Console), both management and data events. By default, management events are captured for 90 days, but if you want to capture data events (like s3 bucket or lambda), or…

  • AWS Management & Monitoring

    When first setting up my AWS account, it was stressed on the importance of creating a Budget alarm, and also alerts (usually receveiving an SNS or email) for when budget or other resource limits were passed. So, my understanding of CloudTrail and CloudWatch has been very limited, but as I have begun to learn about…

  • Exploring EBS

    In this exercise, I want to gain additional experience working with Elastic Block Storage – one of three types of storage that AWS offers (the othes include Block and EFS/FSx file storage). I’m going to be creating an EBS volume and then then working with it. Let’s take a look: I have a t3.micro EC2…

  • Migrating to RDS

    In this post, I’m going to reference a lab that I am working on- the scenario is we have a single EC2 instance running Linux OS, an Apache server, and an app with PHP (LAMP stack). The instance is doubling as a database server, which is not ideal because then we are responsible on patching,…

  • Exploring Amazon Bedrock

    Last week, I successfully obtained the AWS AI Practitioner certification- wooohoo! Preparing for that exam helped me to better understand this new arena of technology. In this post, I’m going to pivot to getting hands-on experience with Bedrock and a variety of other tools. Let’s jump to it! First, in Amazon Bedrock, I needed to…

  • AWS Architecting MySQL and Workbench

    In this exercise, I’m going to pull together a number of different threads – namely, the design and implementation of the infrastructure to spin up an EC2 instance (hosting Workbench, which will allow me to interact with a database) and an RDS MySQL instance. My objective is to be able to create a database and…

  • Security w/ AWS Network Firewall

    I’ve been focused a lot in security prevention approaches, such as subnetting, security group configuration, IAM policies, and so forth. I also want to touch upon AWS detection services, too. Specifically, the AWS Network Firewall. I have an t2.micro EC2 instance running in us-west-2a Availability Zone. It has a private IPv4 address but no public…

  • IAM deep-dive

    When I first created my AWS account, I created an IAM user account and attached an administrative-permissions policy to it. Thereafter, I signed into my account using that user and authentication, because the root user has super-powerful system powers which is dangerous and (most of the time) unnecessary. In a different exercise, IAM policies have…

  • Data Protection w/ Encryption (KMS)

    One of the critical components of ensuring that data remains confidential, and other critical aspects such as nonrepudiation and authentication, is through the use of encryption methodologies. In this post, I’m going to walk through configuring AWS Encryption using the CLI, creating an encryption key using KMS (which will be used to encrypt and decrypt…