Home
About Me
- Résumé
Portfolio
- DevOps
- C/C++
- Drupal
- Java
- PHP
- Ruby
- Symfony
- WordPress

Blog
- Astronomy
- Fitness
- Photography
- RDBMS
- Technology
- WWF
Pictures
- Instagram
- Galleries
  - 2005
  - 2006
  - 2007
  - 2008
  - 2009
  - 2010
  - 2011
  - 2012
  - 2013
  - 2014
  - 2015
  - 2016
  - 2017
  - 2018
  - 2019
  - 2020
Contact
Search for:

Cloud Architecture DevOps

AWS

August 30, 2022

Table of Contents

Cloud Strategies
AWS Shared Responsibility Model
Online Calculators
Named Profiles
Installing
Unable to login as root
Unable to login as victord
EC2 Metadata
AWSCLI – unable to install
Billing
1. EC2 Billing
2. Support Billing
3. Automatic Payments Cancelled
4. Billing Alarms vs AWS Budgets
5. Cost Explorer – EC2-Other
6. AWS Cost Management – Utilization Report
7. CloudWatch – Surprising Billing Costs
8. KMS – Surprising Billing Costs
9. EC2 – Surprising Billing Costs (1)
10. EC2 – Surprising Billing Costs (2)
11. Config – Surprising Billing Costs
12. Inspector – Surprising Billing Costs
13. GuardDuty – Surprising Billing Costs
14. RDS – Surprising Billing Costs
15. Secrets Manager – Surprising Billing Costs
VPC
1. Creating a VPC
2. Creating a Site-to-Site VPN (1)
3. Single Site-to-Site VPN connection
4. Multiple Site-to-Site VPN connections
5. What is AWS Site-to-Site VPN?
  1. Concepts
  2. Working with Site-to-Site VPN
  3. Site-to-Site VPN limitations
6. How AWS Site-to-Site VPN works
  1. Site-to-Site VPN Components
  2. Virtual private gateway
  3. Transit gateway
  4. Customer gateway device
  5. Customer gateway
  6. IPv4 and IPv6 support
7. Site-to-Site VPN categories
8. Tunnel options for your Site-to-Site VPN connection
9. Site-to-Site VPN tunnel authentication options
  1. Pre-shared keys
  2. Private certificate from AWS Certificate Manager Private Certificate Authority
10. Site-to-Site VPN tunnel initiation options
  1. VPN tunnel IKE initiation options
  2. Rules and limitations
  3. Working with VPN tunnel initiation options
11. Site-to-Site VPN tunnel endpoint replacements
  1. Endpoint replacements during VPN tunnel updates
  2. Endpoint replacements during VPN connection modifications
12. Customer gateway options for your Site-to-Site VPN connection
13. Accelerated Site-to-Site VPN connections
14. Site-to-Site VPN routing options
  1. Static and dynamic routing
  2. Route tables and VPN route priority
  3. Routing during VPN tunnel endpoint updates
15. Getting started
  1. Prerequisites
  2. Step 1: Create a customer gateway
  3. Step 2: Create a target gateway
  4. Step 3: Configure routing
  5. Step 4: Update your security group
  6. Step 5: Create a Site-to-Site VPN connection
  7. Step 6: Download the configuration file
  8. Step 7: Configure the customer gateway device
16. Creating a Site-to-Site VPN (2)
  1. Azure – Create the Virtual Gateway
  2. AWS – Create Virtual Private Gateway
  3. AWS – Attach Virtual Private Gateway to VPC
  4. AWS – Create Customer Gateway
  5. AWS – Create VPN Connection
  6. Azure – Create a Local Network Gateway
  7. Azure – Create the Azure connection
  8. AWS – Update Route Table
  9. Testing
17. S2S VPN Tunnels go down
18. Security Groups – Temp backup (1)
19. Security Groups – Temp backup (1)
20. SSH into EC2 in Private Subnet
21. Deleting a VPC
IAM
1. IAM via Console
2. IAM via CLI
3. Users
4. Groups
5. Roles
6. Policies
7. Enable Root MFA
8. Disable Root MFA
9. Enable Users MFA
10. Virtual MFA device corrupted
11. Virtual MFA deny access to S3 Buckets & Glacier Vaults
12. IAM Group rom-administrator conflicts with AWS CLI
13. AccessDenied when calling the UpdateAutoScalingGroup operation
14. Unable to access AWS Root Account
15. Enforcing MFA through CLI
16. SSO – Sign in with Google
17. Access Keys
  1. Configure the AWS CLI to use AWS IAM Identity Center
  2. Configure the AWS CLI to use IAM Identity Center token provider credentials with automatic authentication refresh
18. Access Keys Rotation
EC2
1. SSH Keys Pairs
2. Default EC2 users
3. vCPU
4. EC2 via Console
5. EC2 via CLI
6. EBS – Changing from gp2 to io1
7. Custom private IP addresses
8. Migrating EC2 from VPC to VPC
9. Restoring EC2 from a snapshot
  1. Step 1: Gather Information about the Snapshot to Restore
  2. Step 2: Create a New Volume to hold the Snapshot
  3. Step 3: Remove the Problematic volume from the Instance
  4. Step 4: Attach the NEW Volume to the Instance
  5. Step 5: Restart the Instance
10. OpenVPN
11. AWS VPN Client
12. Pricing Models
13. Downgrading issues
14. AWS-ROM S2S VPN – ROM VPN EC2 Firewall Rule to Allow
  1. Testing public ip addresses
  2. Testing private ip addresses
  3. Testing AWS-ROM S2S VPN connections
  4. Conclusions
15. Reserved Instances
16. Spot Instances
17. Scheduled Instances
18. Increasing volume size
  1. Verify file system disk space
  2. Increase the size with AWS Console
  3. Wait for the volume to complete its optimization (This can take a while)
  4. Verify block devices
  5. Extend the partition
  6. Verify new file system disk space
  7. Extend the file system
  8. [XFS file system]
  9. [ext4 file system]
  10. Finally, verify file system disk space
  11. Increasing volume size with Ansible
19. Decreasing volume size
  1. Snapshot the volume
  2. Create a new smaller EBS volume
  3. Attach the new volume
  4. Format the new volume
  5. Mount the new volume
  6. Copy data from old volume to the new volume
  7. Prepare the new volume
  8. Detach and unmount old volume
  9. Finally, verify file system disk space
  10. Decreasing volume size with Ansible
20. You can’t start the Spot Instance
21. Security Group for Scratch
  1. scratch
  2. scratch-db
  3. scratch-search
22. Snapshots
23. All my EC2 Development and One non-development Instances went down
24. Ghost Instances
25. ELB – Elastic Load Balancers
26. ASG – Auto Scaling Groups
27. ELB + ASG – Load/Stress Testing (TO BE COMPLETED)
  1. Scenario 1
  2. Scenario 2
  3. Scenario 3
  4. Scenario 4
  5. Scenario 5
28. ELB + ASG – EC2 instances cannot connect to the internet
29. ELB + ASG – EC2 instances popping up randomly
30. ELB + ASG – Instance refresh
31. ELB + ASG – Unable to send emails from my EC2 servers behind an ELB/ASG configuration.
  1. My Query
  2. AWS Answer (1)
  3. My Response
  4. AWS Answer (2)
  5. My Solution
32. ELB + ASG – Unable to connect to Azure BOS
33. ELB + ASG – Client IP addresses
34. ELB + ASG – Scheduling
35. ELB + ASG – Empty array returned
36. ELB + ASG – Updating image
37. Jenkins’ pipeline is not working.
38. Unable to SSH using private IP address
39. Price difference between Linux OS
40. Unable to launch CentOS 7 EC2 server
41. Mounting Volumes
42. EC2 Instance Connect Fails
43. System Status Check vs Instance Status Check
SES
1. SMTP
2. SMTP Account Re-activation
3. “< was unexpected at this time”
4. Unable to attach files
5. Email Address for victordiaz.ca
6. Domain for victordiaz.ca
7. Email sending history
8. Your account’s ability to send email is paused in US East (N. Virginia)
9. Failed to authenticate on SMTP server
10. Phishing Attacks – We are getting targeted for cyberattacks
SNS
1. Tracking Message IDs
2. Beautifying messages
S3
1. AWS S3
2. Rsync wonders
3. S3 via Console
4. S3 via CLI
5. S3 Glacier via Console
6. S3 Glacier via CLI
7. S3 Glacier Deep via Console
8. S3 Glacier Deep via CLI
9. make_bucket failed: An error occurred (IllegalLocationConstraintException)
10. S3: Changing S3 bucket region
11. Switching to Glacier or Glacier Deep
12. S3: can’t start new thread
13. Restoring from S3 Glacier & S3 Glacier Deep Archive
  1. Using bash script
  2. Using batch operations
14. S3 > Events – Unable to validate the following destination configurations
15. Insufficient permissions to delete bucket
16. Bandwidth Optimization
17. Access Denied
18. Excluding directories
19. Renaming buckets
20. Backup Times
21. S3 Pricing
22. Make objects public
23. Failed to list buckets
24. An error occurred (SignatureDoesNotMatch) when calling the ListObjectsV2 operation
  1. Verifying reads from S3
  2. Verifying writes to S3
25. You don’t have permissions to edit bucket policy
26. (AccessDenied) when calling the PutObject operation
27. Pre-signing URLs
28. You don’t have permission to delete bucket “elasticbeanstalk-ca-central-1-{{ AWS_ACCOUNT }}”
S3 Glacier
1. Welcome to Amazon S3 Glacier
2. Backing up and Restoring from Vaults
KMS
1. What is AWS Key Management Service?
2. Creating a Customer Managed Key – Symmetric
3. Creating a Customer Managed Key – Asymmetric
4. Creating a Customer Managed Key – BYOK
5. Deleting a Customer Managed Key
6. Encryption/Decryption at Rest – Client
7. Encryption/Decryption at Rest – Server
8. Encryption during Transit
Route 53
1. Health Checks
2. DNS
EFS
1. Creating an EFS
2. EFS
3. Mount.nfs4: Connection timed out
CloudWatch
1. Adding Disk Space Alarm
2. Logs
3. Service Monitoring
4. Composite Alarms
5. ServiceNow Integration
CloudTrail
1. How to use
CloudEndure
1. CloudEndure Disaster Recovery
Direct Connect
1. What is it?
ECR
1. What is AWS ECR?
2. AWS ECR Pricing
3. Creating a private AWS ECR repository
ECS
1. What is AWS ECS?
2. AWS ECS Pricing
3. Creating an ECS
4. Deleting an ECS
5. Unable to run task – No Container Instances were found in your cluster.
Certificate Manager
1. What is the Certificate Manager?
2. Importing my TLS certificate into AWS
Cognito
1. Log into AWS with Google (TO BE COMPLETED)
SSO
Organizations
Systems Manager
1. Unable to add managed instances into Systems Manager
2. Unable to execute Run Command
Athena
1. My First Athena DB
Inspector
1. My First Scan
Data Lifecycle Manager
Backup
RDS
1. My First DB
Lambda
1. My First Lambda function
CloudFormation
1. Template Anatomy
2. AWS::IAM::Role – Unable to create role
Beanstalk
1. Installing AWS BS CLI
SAM
CodeDeploy
1. The overall deployment failed because too many individual instances failed deployment
CodePipeline
1. Connecting GitHub
2. CodeDeploy agent was not able to receive the lifecycle event
3. Logs
CDK
1. AWS CDK Primary Programming Language
2. AWS CDK Releases
3. AWS CDK Developer Guide
4. AWS CDK API/Construct Library
5. L1 Constructs
6. L2 Constructs
7. L3 Constructs
8. Benefits of using high level constructs
9. GitHub CDK Examples
10. AWS CDK Workshop
11. Pluralsight Course GitHub Repo
12. Cross-Stack vs Nested-Stack Architectures
13. Renaming Resources
14. Challenges
15. Interacting with AWS
16. Benefits of a Development Workflow
17. IaC Approaches
18. IaC Approaches – Procedural
19. IaC Approaches – Declarative
20. IaC Solutions for AWS
21. Next steps with the CDK
22. Cross-Reference Stacks
23. CDK Command Line Parameters
24. Context Values
25. ModuleNotFoundError: No module named ‘aws_cdk’
26. This software has not been tested with node v21.2.0.
27. Import “aws_cdk” could not be resolved
28. Newer version of CDK is available
29. How to know the status of CDK Stack
30. allow_default_port_to vs allow_to_default_port
31. Renaming CDK Object Names
32. Awful Logical IDs and Physical IDs Naming Convention
33. Is the docker daemon running?
34. aws-cdk-lib.aws_ec2.VpcProps#cidr is deprecated
35. aws-cdk-lib.aws_ec2.LaunchTemplateProps#keyName is deprecated
36. CDK bootstrap stack version 6 required. Please run ‘cdk bootstrap’ with a recent version of the CDK CLI
37. npm notice New minor version of npm available! 10.2.4 -> 10.4.0
38. CDK Python vs CDK TypeScript
QuickSight
ELK
SysAdmin
1. Instance reachability check failed
  1. AWS Tech Support – Attempt 1 (failed)
  2. AWS Tech Support – Attempt 2 (Succeeded)
2. Newer Linux kernels may rename your devices
3. Memory Allocation Issues
4. Space Allocation Issues
5. dyld: Library not loaded
6. AWS-ROM S2S VPN Tunnels keep going down
7. AWS-ROM S2S VPN DNS does not work
  1. Testing AWS-ROM S2S VPN
8. Network Diagrams
9. All my EC2 Development and One non-development Instances went down
10. Space Allocation Issues (2)
Awesome AWS
1. AWS CloudEndure
2. AWS CloudFormation
3. AWS Cloud9
4. AWS CodeCommit
5. AWS CodePipeline
6. AWS EKS (Elastic Kubernetes Service)
7. AWS Config
8. AWS Control Tower (From AWS Meeting)
9. AWS File System (From AWS Meeting)
10. AWS Storage Gateway (From AWS Meeting)
11. AWS Well-Architected Framework
12. AWS WAF & Shield
13. AWS Trusted Advisor
14. AWS Athena

aws, cloud-architecture, devops

Written By victord On August 30, 2022

By