Skip to main content

Posts

Showing posts from April, 2024

How to Access AWS?

 User can access AWS in multiple ways.  1. AWS Management Console : Protected by password + MFA  2. AWS Command Line Interface (CLI) : Protected by access keys 3. AWS Software Developer Kit (SDK) - to code : protected by access keys

IAM Policy

IAM Policies IAM Policy: IAM (Identity and Access Management) policies are sets of permissions that define who has access to AWS resources and what actions they can perform on those resources. A policy is a JSON document that consists of one or more statements. Each statement includes an effect (whether to allow or deny actions), a list of actions (API operations), and a list of resources (AWS resources like EC2 instances, S3 buckets, etc.). Step-by-Step Guide to Creating a Custom Policy and Adding it to Users and Groups: Sign in to the AWS Management Console : Go to the IAM dashboard: IAM Console . Create a Custom Policy : In the left navigation pane, click on "Policies" and then click on the "Create policy" button. Select the "JSON" tab to create your policy using JSON format. Define your policy by specifying the following: Effect : Allow or Deny. Action : List of actions (API operations) the policy allows or denies. Resource : List of AWS resources to w...

AWS Identity And Access Management (IAM)

 L et's delve into AWS Identity and Access Management (IAM) and its key components: AWS Identity and Access Management (IAM): AWS IAM is a web service that helps you securely control access to AWS resources. It enables you to manage users, groups, roles, and permissions, allowing you to grant and revoke access to AWS services and resources as needed. Users in AWS IAM: Definition: Users represent individual identities that interact with AWS resources. Each user has a unique set of security credentials (such as username and password or access keys) and specific permissions assigned to them. Purpose: Users are typically used to represent humans or entities (such as applications or services) requiring access to AWS resources. By creating separate users for different individuals or entities, you can enforce the principle of least privilege and ensure that users have only the necessary permissions to perform their tasks. Features: Users can be created, managed, and deactivated within ...

AWS Elastic Cloud Compute (Amazon EC2) Services

Amazon Elastic Compute Cloud (Amazon EC2) Amazon EC2 (Elastic Compute Cloud) is a web service provided by Amazon Web Services (AWS) that allows users to rent virtual computers, known as instances, on which to run their own applications. EC2 provides resizable compute capacity in the cloud, making it easier for developers to scale their computing resources as needed. Users can choose from various instance types with different compute, memory, storage, and networking capacities, depending on their requirements. With EC2, users have full control over their virtual computing environment, including the ability to configure security settings, manage storage, and deploy custom software. Let's take an example: Imagine you are the architect of resources in your company and need to support new web applications. With traditional on-premise model you have to do following: 1. Spend money to purchase the hardware. 2. Wait for the servers to be delivered. 3. Install the servers in physical data c...

AWS Global Infrastructure

 In this post we will see in detail about the AWS Global Infrastructure.  AWS Global Infrastructure Overview: AWS operates a vast and robust global infrastructure designed to provide scalable and reliable cloud computing services to users worldwide. This infrastructure comprises various interconnected components strategically located across the globe to ensure high availability, low latency, and optimal performance for AWS customers. https://infrastructure.aws 1. AWS Regions: Definition: AWS Regions are distinct geographical locations where AWS has multiple data centers (Availability Zones) to provide fault tolerance and high availability. Purpose: Regions allow customers to deploy resources in specific geographic locations to comply with data sovereignty requirements, reduce latency, and improve fault tolerance. Examples: AWS currently offers multiple Regions worldwide, including US East (N. Virginia), US West (Oregon), EU (Ireland), Asia Pacific (Tokyo), etc. Features: E...