AWS Archives - Page 6 of 14 - Anuj Varma, Hands-On Technology Architect, Clean Air Activist

Archives for AWS - Page 6

Security Audits of AWS Accounts – Roles, Policies and equivalents on GCP and Azure

January 20, 2020 Security Audits of AWS Accounts – Roles, Policies and equivalents on GCP and Azure2020-06-14T19:05:25-05:00 Azure 2 Comments

What should be audited? And why FullAdmin is a terrible idea. (Also read, KMS based data encryption on AWS and Google Cloud) CloudTrail logs, CloudWatch log groups, GuardDuty logs, Inspector logs,…

Cloud KMS and AWS KMS – Encrypting data using native cloud services on Google cloud and AWS

January 16, 2020 Cloud KMS and AWS KMS – Encrypting data using native cloud services on Google cloud and AWS2023-02-17T11:25:41-06:00 AWS 4 Comments

A note on terminology - Cloud KMS refers to Google's KMS offering. It will never be used for AWS. AWS KMS is known as AWS KMS. CMK (Customer managed key)…

Installing an SSL certificate on an EC2 instance

January 16, 2020 Installing an SSL certificate on an EC2 instance2020-01-27T13:01:13-06:00 AWS No Comment

Pre Requisites You would need these three items: The actual Server certificate (.crt file) Private key (.crt file) CA bundle (contains intermediate certificates and the root certificate). This chain of…

ec2 with public IP is still not accessible

January 15, 2020 ec2 with public IP is still not accessible2020-01-15T10:46:23-06:00 AWS No Comment

As long as the subnet containing the EC2 has an internet gateway (route), then the only other issue could be the SG on the EC2. The security group needs to…

Remediate Non Compliant Resources using Custom AWS Config

November 26, 2019 Remediate Non Compliant Resources using Custom AWS Config2020-08-23T20:29:02-05:00 AWS No Comment

Using System Manager Documents (SSM Docs) To remediate non compliant resources, one could leverage existing Systems Manager documents to accomplish this. Clicking on ‘Edit Config Rule’ –> 'Manage remediation' by…

PCI Compliance for 3 Tier Apps hosted on AWS

November 26, 2019 PCI Compliance for 3 Tier Apps hosted on AWS2021-09-13T11:25:29-05:00 AWS 2 Comments

PCI Compliance requires that the network as well as the data be secured – both at rest and in transit. Here are some relevant AWS services that help achieve PCI…

Control Tower vs Landing Zones in AWS –High Level Recap

November 3, 2019 Control Tower vs Landing Zones in AWS –High Level Recap2019-11-03T21:02:45-06:00 AWS No Comment

Control Tower Pros Self Service model - A 'better' supported service - with shorter AWS support response times (compared to Landing Zones) Lower Complexity - most customers report smoother execution…

Check available IP addresses in an AWS Subnet

November 1, 2019 Check available IP addresses in an AWS Subnet2019-11-01T15:26:42-05:00 AWS No Comment

Install the AWS CLI. Get your AWS IAM user's access key (downloads a csv file) Connect to your aws account - (from cmd prompt, type aws configure). Enter your access…

Blue Green Deployments and Testing – AWS

September 26, 2019 Blue Green Deployments and Testing – AWS2019-09-26T15:44:41-05:00 AWS No Comment

When an application is developed and deployed to an AWS Elastic Beanstalk environment, having two separate, but identical, environments—blue and green—increases availability and reduces risk. The blue environment is the…

monitoring and alerting , AWS cloudwatch vs GCP stackdriver

September 13, 2019 monitoring and alerting , AWS cloudwatch vs GCP stackdriver2019-09-13T08:28:05-05:00 AWS No Comment

Overview For alerting based on monitored CPU, RAM etc., Amazon CloudWatch and Stackdriver are part of your native cloud monitoring services. Some of the features offered by Amazon CloudWatch are:…

«‹4 567 8 ›»