AWS: Difference between revisions
Jump to navigation
Jump to search
(98 intermediate revisions by the same user not shown) | |||
Line 4: | Line 4: | ||
|_____|__|__|_____|__|__|__|__|_____| | |_____|__|__|_____|__|__|__|__|_____| | ||
@2013~2021 Chorke Inc. | @2013~2021 Chorke Inc. | ||
==Users== | |||
Option|Alter + S » IAM » User groups » Create group | |||
Option|Alter + S » IAM » Policies » Create policy | |||
Option|Alter + S » IAM » Roles » Create role | |||
Option|Alter + S » IAM » Users » Add user | |||
AWS Users | |||
» Root user | |||
» IAM user | |||
==CloudWatch== | ==CloudWatch== | ||
Line 12: | Line 22: | ||
1. EC2 Dashboard » Launch instance | 1. EC2 Dashboard » Launch instance | ||
2. Instances » Launch instance | 2. Instances » Launch instance | ||
==Elastic IP== | |||
For Assign Public IP | |||
CIDR » Classless Inter-Domain Routing | |||
AWS Support 16 to 32 | |||
'''IP Before CIDR Block''' | |||
'''Public » Private » Subnet''' | |||
Linux Bastion Hosts on AWS | |||
0.0 » Network address | |||
0.1 » Reserved by '''AWS''' (VPC router) | |||
0.2 » Reserved by '''AWS''' (DNS server) | |||
0.3 » Reserved by '''AWS''' (Future use) | |||
0.255 » Network broadcast | |||
<math> | |||
\begin{array}{lcr} | |||
\mathbf{No.of\ Host:\ 10.19.83.0/28} \\ | |||
\frac{2^{32-24}}{2^{32-28}}\Rightarrow\frac{2^8}{2^4}\Rightarrow2^{8-4}\Rightarrow2^4\Rightarrow16 \\ | |||
\frac{2^{32-24}}{2^{32-28}}=\frac{2^8}{2^4}=2^{8-4}=2^4=16 \\ | |||
\end{array} | |||
</math> | |||
==Linux Bastion== | |||
'''Bastion''' (Jump Host) | |||
VPC » IGW » {Public, Private, FileServer, DB} | |||
» Keychain | |||
» Key Agent (ssh-add -l, ssh-add) | |||
» Agent Forwarding (ssh -A [email protected] | |||
==Network Interface== | |||
ENI » Elastic Network Interface | |||
VPC » Virtual Private Cloud | |||
NAT » (Gateway, Instance) | |||
» Instance (Disable Source Destination Checking) | |||
==Domain Name System== | |||
'''FQDN''' (Fully Qualified Domain Name) | |||
'''DNS''' (Domain Name System | Hosted Zones) | |||
» C NAME (Canonical Name) | |||
» A Record | |||
'''DNS''' Zone Management | |||
» Domain CP | |||
» DNS Zone Editor | |||
» Recors | |||
» NS (Name Server) | |||
» A, AAAA | |||
» MX | |||
» CNAME (Canonical Name) | |||
» TXT (Key=> Value(SPF, DKIM), Ownership Checking) | |||
whois cdn.chorke.org | |||
==Scalability== | |||
'''Scalability|Scaling''' | |||
» Resize » Vertical » t2.micro => t2.large | |||
» Quantity » Horizontal » 1 + 2 + 3 + .. + N | |||
'''HA''' (High Availability) => 1 + 3 + 5 + .. + (N-1) | |||
» Active => Managed => RDS | |||
» Passive => Self Managed | |||
'''Fault Tolerant''' | |||
» 501 Not Implemented | |||
» 502 Gateway Time Out | |||
'''LB''' (Load Balancer) | |||
» AWS => LBaaS (Load Balancing as a Service) => ELB (Elastic LB) | |||
» ALB (Application LB) | |||
» NLB (Network LB) | |||
» CLB (Classic LB) | |||
'''DB Clustering''' | |||
» MySQL => Galera | |||
» PgSQL => Patroni | |||
» MongoDB => Shard, Replica | |||
'''Managed DB''' | |||
» AWS => RDS | |||
'''Stateless|Distributed''' System » Horizontal Scale(Scale In/Out) | |||
'''Stateful |Centralized''' System » Vertical Scale(Scale Up/Down) | |||
==Amazon S3== | |||
{| | |||
|valign="top"| | |||
Resign URL | |||
Bucket Versioning | |||
Object Lock | |||
» Retention modes | |||
» Governance mode | |||
» Compliance mode | |||
Create Lifecycle Rule » Rule Applied » Rule Action » current | previous | |||
» Transition | |||
» | |||
» Timeline | |||
|valign="top"| | |||
<syntaxhighlight lang="json"> | |||
{ "Version": "2012-10-17", | |||
"Statement": [{ | |||
"Sid": "Stmt1719306958175", | |||
"Effect": "Allow", | |||
"Principal": { | |||
"AWS": "arn:aws:iam::169020509040:user/academia" | |||
}, | |||
"Action": "s3:*", | |||
"Resource": "arn:aws:s3:::chorke" | |||
}]} | |||
</syntaxhighlight> | |||
|valign="top"| | |||
|} | |||
==AWS EC2 API== | |||
{| | |||
| valign="top" | | |||
* [https://www.edureka.co/community/39306/how-to-create-a-emr-cluster-using-java-aws-sdk Create an EMR Cluster using AWS SDK Java] | |||
* [https://docs.aws.amazon.com/AWSEC2/latest/APIReference/making-api-requests.html Making requests to the AWS EC2 API] | |||
* [https://www.edureka.co/community/38871/how-to-create-a-vpc-using-java-sdk Create a VPC using AWS SDK Java] | |||
* [https://docs.aws.amazon.com/awscloudtrail/latest/APIReference/Welcome.html AWS CloudTrail API Reference] | |||
* [https://docs.aws.amazon.com/awscloudtrail/latest/userguide/cloudtrail-user-guide.html AWS CloudTrail User Guide] | |||
* [https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Welcome.html AWS EC2 API Reference] | |||
* [https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateVpc.html AWS EC2 Create VPC] | |||
* [https://sdk.amazonaws.com/java/api/latest/ AWS SDK Java Docs] | |||
* [https://docs.aws.amazon.com/cloudtrail/index.html AWS CloudTrail] | |||
* [https://aws.amazon.com/tools/#SDKs AWS SDKs] | |||
| valign="top" | | |||
* [https://aws.amazon.com/premiumsupport/knowledge-center/create-access-key/ How do I create an AWS access key?] | |||
* [https://chorke.signin.aws.amazon.com/console AWS Sign-in URL for IAM users] | |||
* [https://aws.amazon.com/s3/storage-classes/ Amazon S3 Storage Classes] | |||
* [https://docs.aws.amazon.com/AmazonS3/latest/userguide/replication.html Amazon S3 Replication] | |||
* [https://docs.aws.amazon.com/AmazonS3/latest/userguide/optimizing-performance.html Optimizing Amazon S3] | |||
* [https://docs.aws.amazon.com/AmazonECS/latest/developerguide/load-balancer-types.html Load Balancer Types] | |||
* [https://docs.aws.amazon.com/AmazonS3/latest/userguide/mpuoverview.html S3 Multipart Upload] | |||
* [https://aws.amazon.com/s3/pricing Amazon S3 Pricing] | |||
* [https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-lock-overview.html S3 Object Lock] | |||
* [https://aws.amazon.com/s3/ Amazon S3] | |||
| valign="top" | | |||
* [https://stackoverflow.com/questions/38051789/ AWS S3 Files Listing for a <code>path</code> prefix] | |||
|} | |||
==References== | ==References== | ||
Line 21: | Line 175: | ||
* [https://aws.amazon.com/certification/certified-cloud-practitioner/ AWS Certified Cloud Practitioner] | * [https://aws.amazon.com/certification/certified-cloud-practitioner/ AWS Certified Cloud Practitioner] | ||
* [https://docs.aws.amazon.com/IAM/latest/UserGuide/console_account-alias.html AWS account ID and its alias] | * [https://docs.aws.amazon.com/IAM/latest/UserGuide/console_account-alias.html AWS account ID and its alias] | ||
* [https://linuxcontainers.org/ LXC - Linux container] | |||
* [https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/WhatIsCloudWatch.html Amazon CloudWatch] | * [https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/WhatIsCloudWatch.html Amazon CloudWatch] | ||
* [https://en.wikipedia.org/wiki/Help:Displaying_a_formula Displaying a Formula] | |||
* [https://aws.amazon.com/ec2/instance-types/ EC2 Instance Types] | * [https://aws.amazon.com/ec2/instance-types/ EC2 Instance Types] | ||
* [https://www.vagrantup.com/ Vagrant] | |||
| valign="top" | | | valign="top" | | ||
* [https://docs.aws.amazon.com/amplify/latest/userguide/to-add-a-custom-domain-managed-by-a-third-party-dns-provider.html Add a custom domain managed by a 3rd Party] | |||
* [https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/billing-permissions-ref.html IAM policies for Billing & Cost Management] | |||
* [https://www.digitalocean.com/community/tutorials/an-introduction-to-haproxy-and-load-balancing-concepts HAProxy and Load Balancing Concepts] | |||
* [https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/security-iam.html AWS Identity & Access Management] | |||
* [https://cidr.xyz/ IP Address & CIDR Visualizer] | |||
* [https://aws.amazon.com/quickstart/architecture/linux-bastion/ Linux Bastion Hosts on AWS] | |||
* [https://www.redhat.com/en/topics/containers/whats-a-linux-container What's a Linux container?] | |||
* [https://www.calculator.net/ip-subnet-calculator.html?cclass=any&csubnet=24&cip=10.19.83.0&ctype=ipv4&printit=0&x=83&y=18 Calculate 10.19.83.0/24] | |||
* [https://www.calculator.net/ip-subnet-calculator.html?cclass=any&csubnet=24&cip=10.20.13.0&ctype=ipv4&printit=0&x=58&y=29 Calculate 10.20.13.0/24] | |||
* [[Bastion SSH Tunneling]] | |||
| | | valign="top" | | ||
* [https://dev.to/aws-builders/ssh-setup-and-tunneling-via-bastion-host-3kcc AWS » Bastion Host SSH Tunneling] | |||
* [https://console.aws.amazon.com/codesuite/codecommit/home AWS » Console » CodeCommit] | |||
* [https://console.aws.amazon.com/ AWS » Console » Management] | |||
* [https://docs.aws.amazon.com/AmazonS3/latest/userguide/access-points-policies.html AWS » S3 » Access Point Policy] | |||
* [https://awspolicygen.s3.amazonaws.com/policygen.html AWS » S3 » Policy Generator] | |||
* [https://console.aws.amazon.com/route53/home AWS » Console » Route 53] | |||
* [https://chorke.signin.aws.amazon.com/console AWS » Console » Chorke] | |||
* [https://phd.aws.amazon.com/ AWS » Console » Health] | |||
* [https://console.aws.amazon.com/billing/home AWS » Console » Billing] | |||
* [https://console.aws.amazon.com/iam/home AWS » Console » Users] | |||
|- | |||
| colspan="3" | | |||
---- | |||
|- | |||
| valign="top" | | |||
* [https://docs.aws.amazon.com/cloudshell/latest/userguide/welcome.html AWS » CloudShell » Getting Started] | |||
* [https://aws.amazon.com/blogs/aws/aws-cloudshell-command-line-access-to-aws-resources/ AWS » CloudShell » CLI Access] | |||
* [[EKSctl|AWS » EKS » CLI]] | |||
* [[AWS CLI|AWS » CLI]] | |||
| valign="top" | | |||
| valign="top" | | |||
|- | |||
| colspan="3" | | |||
---- | ---- | ||
|- | |||
| valign="top" | | | valign="top" | | ||
===Specialty=== | ===Specialty=== | ||
Line 39: | Line 233: | ||
| valign="top" | | | valign="top" | | ||
===Associate=== | ===Associate=== | ||
* [https://aws.amazon.com/certification/certified-sysops-admin-associate/ AWS Certified SysOps Administrator] | * [https://aws.amazon.com/certification/certified-sysops-admin-associate/ AWS Certified SysOps Administrator] | ||
Line 57: | Line 250: | ||
_|"""""|_|"""""|_|"""""|_|"""""|_|"""""|_|"""""| | _|"""""|_|"""""|_|"""""|_|"""""|_|"""""|_|"""""| | ||
"`-0-0-'"`-0-0-'"`-0-0-'"`-0-0-'"`-0-0-'"`-0-0-' | "`-0-0-'"`-0-0-'"`-0-0-'"`-0-0-'"`-0-0-'"`-0-0-' | ||
<math> | |||
\begin{array}{lcr} | |||
\mathbf{CHORKE\ ACADEMIA\ INC} \\ | |||
\mathbb{CHORKE\ ACADEMIA\ INC} \\ | |||
\mathsf{CHORKE\ ACADEMIA\ INC} \\ | |||
\end{array} | |||
</math> |
Latest revision as of 03:06, 18 November 2024
_____ _____ _____ _____ _____ _____ | | | | | __ | | | __| | --| | | | -| -| __| |_____|__|__|_____|__|__|__|__|_____| @2013~2021 Chorke Inc.
Users
Option|Alter + S » IAM » User groups » Create group Option|Alter + S » IAM » Policies » Create policy Option|Alter + S » IAM » Roles » Create role Option|Alter + S » IAM » Users » Add user
AWS Users » Root user » IAM user
CloudWatch
- SNS (Simple Notification Service)
- AMI (Amazon Machine Image)
EC2 Instance
1. EC2 Dashboard » Launch instance 2. Instances » Launch instance
Elastic IP
For Assign Public IP CIDR » Classless Inter-Domain Routing AWS Support 16 to 32 IP Before CIDR Block Public » Private » Subnet Linux Bastion Hosts on AWS
0.0 » Network address 0.1 » Reserved by AWS (VPC router) 0.2 » Reserved by AWS (DNS server) 0.3 » Reserved by AWS (Future use) 0.255 » Network broadcast
Linux Bastion
Bastion (Jump Host) VPC » IGW » {Public, Private, FileServer, DB} » Keychain » Key Agent (ssh-add -l, ssh-add) » Agent Forwarding (ssh -A [email protected]
Network Interface
ENI » Elastic Network Interface VPC » Virtual Private Cloud NAT » (Gateway, Instance) » Instance (Disable Source Destination Checking)
Domain Name System
FQDN (Fully Qualified Domain Name) DNS (Domain Name System | Hosted Zones) » C NAME (Canonical Name) » A Record DNS Zone Management » Domain CP » DNS Zone Editor » Recors » NS (Name Server) » A, AAAA » MX » CNAME (Canonical Name) » TXT (Key=> Value(SPF, DKIM), Ownership Checking)
whois cdn.chorke.org
Scalability
Scalability|Scaling » Resize » Vertical » t2.micro => t2.large » Quantity » Horizontal » 1 + 2 + 3 + .. + N
HA (High Availability) => 1 + 3 + 5 + .. + (N-1) » Active => Managed => RDS » Passive => Self Managed Fault Tolerant » 501 Not Implemented » 502 Gateway Time Out
LB (Load Balancer) » AWS => LBaaS (Load Balancing as a Service) => ELB (Elastic LB) » ALB (Application LB) » NLB (Network LB) » CLB (Classic LB)
DB Clustering » MySQL => Galera » PgSQL => Patroni » MongoDB => Shard, Replica
Managed DB » AWS => RDS
Stateless|Distributed System » Horizontal Scale(Scale In/Out) Stateful |Centralized System » Vertical Scale(Scale Up/Down)
Amazon S3
Resign URL Bucket Versioning Object Lock » Retention modes » Governance mode » Compliance mode Create Lifecycle Rule » Rule Applied » Rule Action » current | previous » Transition » » Timeline |
{ "Version": "2012-10-17",
"Statement": [{
"Sid": "Stmt1719306958175",
"Effect": "Allow",
"Principal": {
"AWS": "arn:aws:iam::169020509040:user/academia"
},
"Action": "s3:*",
"Resource": "arn:aws:s3:::chorke"
}]}
|
AWS EC2 API
References
___ _ _ / __| | |_ ___ _ _ | |__ ___ | (__ | ' \ / _ \ | '_| | / / / -_) \___| |_||_| \___/ _|_|_ |_\_\ \___| _|"""""|_|"""""|_|"""""|_|"""""|_|"""""|_|"""""| "`-0-0-'"`-0-0-'"`-0-0-'"`-0-0-'"`-0-0-'"`-0-0-'