AWS: Difference between revisions

From Chorke Wiki
Jump to navigation Jump to search
 
(72 intermediate revisions by the same user not shown)
Line 6: Line 6:


==Users==
==Users==
* Root user
Option|Alter + S » IAM » User groups » Create group
* IAM user
Option|Alter + S » IAM » Policies    » Create policy
Option|Alter + S » IAM » Roles      » Create role
Option|Alter + S » IAM » Users      » Add user
 
AWS Users
  » Root user
  » IAM user


==CloudWatch==
==CloudWatch==
Line 38: Line 44:
\end{array}
\end{array}
</math>
</math>
==Linux Bastion==
'''Bastion''' (Jump Host)
VPC » IGW » {Public, Private, FileServer, DB}
    » Keychain
    » Key Agent (ssh-add -l, ssh-add)
    » Agent Forwarding (ssh -A [email protected]


==Network Interface==
==Network Interface==
Line 43: Line 56:
  VPC » Virtual Private Cloud
  VPC » Virtual Private Cloud
  NAT » (Gateway, Instance)
  NAT » (Gateway, Instance)
    » Instance (Disable Source Destination Checking)
==Domain Name System==
'''FQDN''' (Fully Qualified Domain Name)
'''DNS'''  (Domain Name System | Hosted Zones)
      » C NAME (Canonical Name)
      » A Record
'''DNS'''  Zone Management
      » Domain CP
        » DNS Zone Editor
        » Recors
            » NS (Name Server)
            » A, AAAA
            » MX
            » CNAME (Canonical Name)
            » TXT (Key=> Value(SPF, DKIM), Ownership Checking)
whois cdn.chorke.org
==Scalability==
'''Scalability|Scaling'''
      » Resize  » Vertical  » t2.micro => t2.large
      » Quantity » Horizontal » 1 + 2 + 3 + .. + N
'''HA''' (High Availability) => 1 + 3 + 5 + .. + (N-1)
      » Active  => Managed      => RDS
      » Passive => Self Managed
'''Fault Tolerant'''
      » 501 Not Implemented
      » 502 Gateway Time Out
'''LB''' (Load Balancer)
      » AWS => LBaaS (Load Balancing as a Service) => ELB (Elastic LB)
              » ALB (Application LB)
              » NLB (Network LB)
              » CLB (Classic LB)
'''DB Clustering'''
      » MySQL  => Galera
      » PgSQL  => Patroni
      » MongoDB => Shard, Replica
'''Managed DB'''
      » AWS => RDS
'''Stateless|Distributed''' System » Horizontal Scale(Scale In/Out)
'''Stateful |Centralized''' System » Vertical  Scale(Scale Up/Down)
==Amazon S3==
{|
|valign="top"|
Resign URL
Bucket Versioning
Object Lock
    » Retention modes
        » Governance mode
        » Compliance mode
Create Lifecycle Rule  » Rule Applied  » Rule Action  » current | previous
    » Transition
        »
    » Timeline
|valign="top"|
<syntaxhighlight lang="json">
{ "Version": "2012-10-17",
  "Statement": [{
    "Sid": "Stmt1719306958175",
    "Effect": "Allow",
    "Principal": {
      "AWS": "arn:aws:iam::169020509040:user/academia"
    },
    "Action": "s3:*",
    "Resource": "arn:aws:s3:::chorke"
}]}
</syntaxhighlight>
|valign="top"|
|}
==AWS EC2 API==
{|
| valign="top" |
* [https://www.edureka.co/community/39306/how-to-create-a-emr-cluster-using-java-aws-sdk Create an EMR Cluster using AWS SDK Java]
* [https://docs.aws.amazon.com/AWSEC2/latest/APIReference/making-api-requests.html Making requests to the AWS EC2 API]
* [https://www.edureka.co/community/38871/how-to-create-a-vpc-using-java-sdk Create a VPC using AWS SDK Java]
* [https://docs.aws.amazon.com/awscloudtrail/latest/APIReference/Welcome.html AWS CloudTrail API Reference]
* [https://docs.aws.amazon.com/awscloudtrail/latest/userguide/cloudtrail-user-guide.html AWS CloudTrail User Guide]
* [https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Welcome.html AWS EC2 API Reference]
* [https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateVpc.html AWS EC2 Create VPC]
* [https://sdk.amazonaws.com/java/api/latest/ AWS SDK Java Docs]
* [https://docs.aws.amazon.com/cloudtrail/index.html AWS CloudTrail]
* [https://aws.amazon.com/tools/#SDKs AWS SDKs]
| valign="top" |
* [https://aws.amazon.com/premiumsupport/knowledge-center/create-access-key/ How do I create an AWS access key?]
* [https://chorke.signin.aws.amazon.com/console AWS Sign-in URL for IAM users]
* [https://aws.amazon.com/s3/storage-classes/ Amazon S3 Storage Classes]
* [https://docs.aws.amazon.com/AmazonS3/latest/userguide/replication.html Amazon S3 Replication]
* [https://docs.aws.amazon.com/AmazonS3/latest/userguide/optimizing-performance.html Optimizing Amazon S3]
* [https://docs.aws.amazon.com/AmazonECS/latest/developerguide/load-balancer-types.html Load Balancer Types]
* [https://docs.aws.amazon.com/AmazonS3/latest/userguide/mpuoverview.html S3 Multipart Upload]
* [https://aws.amazon.com/s3/pricing Amazon S3 Pricing]
* [https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-lock-overview.html S3 Object Lock]
* [https://aws.amazon.com/s3/ Amazon S3]
| valign="top" |
* [https://stackoverflow.com/questions/38051789/ AWS S3 Files Listing for a <code>path</code> prefix]
|}


==References==
==References==
Line 59: Line 182:


| valign="top" |
| valign="top" |
* [https://docs.aws.amazon.com/amplify/latest/userguide/to-add-a-custom-domain-managed-by-a-third-party-dns-provider.html Add a custom domain managed by a 3rd Party]
* [https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/billing-permissions-ref.html IAM policies for Billing & Cost Management]
* [https://www.digitalocean.com/community/tutorials/an-introduction-to-haproxy-and-load-balancing-concepts HAProxy and Load Balancing Concepts]
* [https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/security-iam.html AWS Identity & Access Management]
* [https://cidr.xyz/ IP Address & CIDR Visualizer]
* [https://cidr.xyz/ IP Address & CIDR Visualizer]
* [https://aws.amazon.com/quickstart/architecture/linux-bastion/ Linux Bastion Hosts on AWS]
* [https://aws.amazon.com/quickstart/architecture/linux-bastion/ Linux Bastion Hosts on AWS]
Line 64: Line 191:
* [https://www.calculator.net/ip-subnet-calculator.html?cclass=any&csubnet=24&cip=10.19.83.0&ctype=ipv4&printit=0&x=83&y=18 Calculate 10.19.83.0/24]
* [https://www.calculator.net/ip-subnet-calculator.html?cclass=any&csubnet=24&cip=10.19.83.0&ctype=ipv4&printit=0&x=83&y=18 Calculate 10.19.83.0/24]
* [https://www.calculator.net/ip-subnet-calculator.html?cclass=any&csubnet=24&cip=10.20.13.0&ctype=ipv4&printit=0&x=58&y=29 Calculate 10.20.13.0/24]
* [https://www.calculator.net/ip-subnet-calculator.html?cclass=any&csubnet=24&cip=10.20.13.0&ctype=ipv4&printit=0&x=58&y=29 Calculate 10.20.13.0/24]
* [[Bastion SSH Tunneling]]
| valign="top" |
* [https://dev.to/aws-builders/ssh-setup-and-tunneling-via-bastion-host-3kcc AWS » Bastion Host SSH Tunneling]
* [https://console.aws.amazon.com/codesuite/codecommit/home AWS » Console » CodeCommit]
* [https://console.aws.amazon.com/ AWS » Console » Management]
* [https://docs.aws.amazon.com/AmazonS3/latest/userguide/access-points-policies.html AWS » S3 » Access Point Policy]
* [https://awspolicygen.s3.amazonaws.com/policygen.html AWS » S3 » Policy Generator]
* [https://console.aws.amazon.com/route53/home AWS » Console » Route 53]
* [https://chorke.signin.aws.amazon.com/console AWS » Console » Chorke]
* [https://phd.aws.amazon.com/ AWS » Console » Health]
* [https://console.aws.amazon.com/billing/home AWS » Console » Billing]
* [https://console.aws.amazon.com/iam/home AWS » Console » Users]
|-
| colspan="3" |
----
|-
| valign="top" |
* [https://docs.aws.amazon.com/cloudshell/latest/userguide/welcome.html AWS » CloudShell » Getting Started]
* [https://aws.amazon.com/blogs/aws/aws-cloudshell-command-line-access-to-aws-resources/ AWS » CloudShell » CLI Access]
* [[EKSctl|AWS » EKS » CLI]]
* [[AWS CLI|AWS » CLI]]


|}
| valign="top" |
 
| valign="top" |
 
|-
| colspan="3" |
----
----
{|
|-
| valign="top" |
| valign="top" |
===Specialty===
===Specialty===
Line 78: Line 233:


| valign="top" |
| valign="top" |
===Associate===
===Associate===
* [https://aws.amazon.com/certification/certified-sysops-admin-associate/ AWS Certified SysOps Administrator]
* [https://aws.amazon.com/certification/certified-sysops-admin-associate/ AWS Certified SysOps Administrator]

Latest revision as of 03:06, 18 November 2024

 _____ _____ _____ _____ _____ _____ 
|     |  |  |     | __  |  |  |   __|
|   --|     |  |  |    -|    -|   __|
|_____|__|__|_____|__|__|__|__|_____|
@2013~2021                Chorke Inc.

Users

Option|Alter + S » IAM » User groups » Create group
Option|Alter + S » IAM » Policies    » Create policy
Option|Alter + S » IAM » Roles       » Create role
Option|Alter + S » IAM » Users       » Add user
AWS Users 
  » Root user
  » IAM user

CloudWatch

  • SNS (Simple Notification Service)
  • AMI (Amazon Machine Image)

EC2 Instance

1. EC2 Dashboard » Launch instance
2. Instances     » Launch instance

Elastic IP

For Assign Public IP
CIDR » Classless Inter-Domain Routing
       AWS Support 16 to 32
       IP Before CIDR Block
       Public » Private » Subnet
       Linux Bastion Hosts on AWS
0.0   » Network address
0.1   » Reserved by AWS (VPC router)
0.2   » Reserved by AWS (DNS server)
0.3   » Reserved by AWS (Future use)
0.255 » Network broadcast

Linux Bastion

Bastion (Jump Host)
VPC » IGW » {Public, Private, FileServer, DB}
    » Keychain 
    » Key Agent (ssh-add -l, ssh-add)
    » Agent Forwarding (ssh -A [email protected]

Network Interface

ENI » Elastic Network Interface
VPC » Virtual Private Cloud
NAT » (Gateway, Instance)
    » Instance (Disable Source Destination Checking)

Domain Name System

FQDN (Fully Qualified Domain Name)
DNS  (Domain Name System | Hosted Zones)
     » C NAME (Canonical Name)
     » A Record
DNS  Zone Management
     » Domain CP
        » DNS Zone Editor
        » Recors
           » NS (Name Server)
           » A, AAAA
           » MX
           » CNAME (Canonical Name)
           » TXT (Key=> Value(SPF, DKIM), Ownership Checking)
whois cdn.chorke.org

Scalability

Scalability|Scaling
     » Resize   » Vertical   » t2.micro => t2.large
     » Quantity » Horizontal » 1 + 2 + 3 + .. + N
HA (High Availability) => 1 + 3 + 5 + .. + (N-1)
     » Active  => Managed      => RDS
     » Passive => Self Managed 
Fault Tolerant
     » 501 Not Implemented
     » 502 Gateway Time Out
LB (Load Balancer)
     » AWS => LBaaS (Load Balancing as a Service) => ELB (Elastic LB)
              » ALB (Application LB)
              » NLB (Network LB)
              » CLB (Classic LB)
DB Clustering
     » MySQL   => Galera
     » PgSQL   => Patroni
     » MongoDB => Shard, Replica
Managed DB
     » AWS => RDS
Stateless|Distributed System » Horizontal Scale(Scale In/Out)
Stateful |Centralized System » Vertical   Scale(Scale Up/Down)

Amazon S3

Resign URL
Bucket Versioning
Object Lock
    » Retention modes
       » Governance mode
       » Compliance mode
Create Lifecycle Rule  » Rule Applied  » Rule Action  » current | previous
    » Transition
       »
    » Timeline
{ "Version": "2012-10-17",
  "Statement": [{
    "Sid": "Stmt1719306958175",
    "Effect": "Allow",
    "Principal": {
      "AWS": "arn:aws:iam::169020509040:user/academia"
    },
    "Action": "s3:*",
    "Resource": "arn:aws:s3:::chorke"
}]}

AWS EC2 API

References



Specialty

Associate

Professional

    ___    _                        _             
   / __|  | |_      ___      _ _   | |__    ___   
  | (__   | ' \    / _ \    | '_|  | / /   / -_)  
   \___|  |_||_|   \___/   _|_|_   |_\_\   \___|  
 _|"""""|_|"""""|_|"""""|_|"""""|_|"""""|_|"""""| 
 "`-0-0-'"`-0-0-'"`-0-0-'"`-0-0-'"`-0-0-'"`-0-0-'