4kb
framework for creating a AWS culture
Table of Contents
-
[EC2 Instance Store]
-
SQS
-
ELB
-
EIP
-
Route 53
-
AWS Well architected framework
-
Autoscaling
-
Cloudwatch
-
ELB
-
ASG
-
STS
-
IAM
-
security best practices
AWS Management & Governance
CloudFormation
AWS CloudFormation allows you to model your entire infrastructure with either a text file or programming languages. This provides a
single source of truth for your AWS resources and helps you to standardize infrastructure components used across your organization, enabling configuration compliance and faster troubleshooting.
It provisions your resources in a
safe, repeatable manner, allowing you to build and rebuild your infrastructure and applications, without having to perform manual actions or write custom scripts.
When you use AWS CloudFormation, you work with
templates and
stacks
If you need to make changes to the running resources in a stack, you update the stack. Before making changes to your resources, you can generate a
change set , which is a summary of your proposed changes.
How It works Code Infrastructure - Code your infra from scratch using cloud formation template language , in either YAML or JSON format or start from any available templates.
Check out your template code or upload into s3 Use AWS cloud formation via browser console, command line or APIs to
create a stack based on your template code. Output - AWS provisons and configures the stacks and resources you specified on your template.
A collection of useful
CloudFormation templates
Advance Cloud Formation Acloudguru
AWS CloudFormation
Best Practices
- Organize Your Stacks By Lifecycle and Ownership
- Use Cross-Stack References to Export Shared Resources
- Use IAM to Control Access
- Reuse Templates to Replicate Stacks in Multiple Environments
- Verify Quotas for All Resource Types
- Use Nested Stacks to Reuse Common Template Patterns
- Do Not Embed Credentials in Your Templates
- Use AWS::CloudFormation::Init to Deploy Software Applications on Amazon EC2 Instances
- Validate Templates Before Using Them
- Manage All Stack Resources Through AWS CloudFormation
- Create Change Sets Before Updating Your Stacks
- Use Stack Policies
- Use AWS CloudTrail to Log AWS CloudFormation Calls
- Use Code Reviews and Revision Controls to Manage Your Templates
- Update Your Amazon EC2 Linux Instances Regularly
CloudWatch
Amazon Cloudwatch Amazon CloudWatch monitors your Amazon Web Services (AWS) resources and the applications you run on AWS in real time. You can use CloudWatch to collect and track metrics, which are variables you can measure for your resources and applications.
You can create alarms which watch metrics and send notifications or automatically make changes to the resources you are monitoring when a threshold is breached. For example, you can monitor the CPU usage and disk reads and writes of your Amazon EC2 instances and then use this data to determine whether you should launch additional instances to handle increased load.
- Amazon CloudWatch console Use the following links to get started using the CloudWatch Query API:
- Actions: An alphabetical list of all CloudWatch actions.
- Data Types: An alphabetical list of all CloudWatch data types.
- Common Parameters: Parameters that all Query actions can use.
- Common Errors: Client and server errors that all actions can return.
- Regions and Endpoints: Supported regions and endpoints for all AWS products.
AWS Storage
S3
Amazon s3 Amazon Simple Storage Service (Amazon S3) is storage for the internet. You can use Amazon S3 to store and retrieve any amount of data at any time, from anywhere on the web. Amazon S3 stores
data as objects within buckets. An object consists of a file and optionally any metadata that describes that file. You can have one or more buckets. For each bucket, you can control access to it (who can create, delete, and list objects in the bucket), view access logs for it and its objects, and choose the geographical region where Amazon S3 will store the bucket and its contents.
Amazon S3 is a
REST service. You can send requests to Amazon S3 using the REST API or the
AWS SDK wrapper libraries that wrap the underlying Amazon S3 REST API, simplifying your programming tasks.
- Making Requests to Amazon S3 over IPv6
- Making Requests Using the AWS SDKs
- Making Requests Using the REST API
AWS Application Integration
SNS
Amazon Simple Notification Service is a web service that enables applications, end-users, and devices to instantly send and receive notifications from the cloud / is a web service that coordinates and manages the delivery or sending of messages to subscribing endpoints or clients.
In Amazon SNS, there are two types of clients
publishers and subscribers also referred to as
producers and consumers. Publishers communicate
asynchronously with subscribers by producing and sending a message to a
SNS topic which is a logical access point and communication channel. Subscribers (that is, web servers, email addresses, Amazon SQS queues, AWS Lambda functions) consume or receive the message or notification over one of the supported protocols (that is, Amazon SQS, HTTP/S, email, SMS, Lambda) when they are subscribed to the topic.
When using Amazon SNS, you (as the owner)
create a topic and control access to it by defining policies that determine which publishers and subscribers can communicate with the topic. A publisher sends messages to topics that they have created or to topics they have permission to publish to. Instead of including a specific destination address in each message, a publisher sends a message to the topic. Amazon SNS matches the topic to a list of subscribers who have subscribed to that topic, and delivers the message to each of those subscribers.
Each topic has a unique name that identifies the Amazon SNS endpoint for publishers to post messages and subscribers to register for notifications. Subscribers receive all messages published to the topics to which they subscribe, and all subscribers to a topic receive the same messages.
-
Step 1: Create a Topic
-
Step 2: Create a Subscription for an Endpoint to the Topic
-
Step 3: Publish a Message to the Topic
-
Step 4: Delete the Subscription and Topic Common Amazon SNS Scenarios
-
Fanout
The "fanout" scenario is when an Amazon SNS message is sent to a topic and then
replicated and pushed to multiple Amazon SQS queues, HTTP endpoints, or email addresses.This allows for
parallel asynchronous processing.For example, you could develop an application that sends an Amazon SNS message to a topic whenever an order is placed for a product. Then, the Amazon SQS queues that are subscribed to that topic would receive identical notifications for the new order. The Amazon EC2 server instance attached to one of the queues could handle the processing or fulfillment of the order while the other server instance could be attached to a data warehouse for analysis of all orders received.
Another way to use "fanout" is to replicate data sent to your production environment with your development environment. Expanding upon the previous example, you could subscribe yet another queue to the same topic for new incoming orders. Then, by attaching this new queue to your development environment, you could continue to improve and test your application using data received from your production environment.
-
Application and System Alerts
Application and system alerts are notifications, triggered by predefined thresholds, sent to specified users by SMS and/or email. For example, since many AWS services use Amazon SNS, you can receive immediate notification when an event occurs, such as a specific change to your Amazon EC2 Auto Scaling group.
-
Push Email and Text Messaging
Push email and text messaging are two ways to transmit messages to individuals or groups via email and/or SMS. For example, you could use Amazon SNS to push targeted news headlines to subscribers by email or SMS. Upon receiving the email or SMS text, interested readers could then choose to learn more by visiting a website or launching an application.
-
Mobile Push Notifications
Mobile push notifications enable you to send messages directly to mobile apps. For example, you could use Amazon SNS for sending notifications to an app, indicating that an update is available. The notification message can include a link to download and install the update.
AWS Compute
EC2
Amazon Elastic Compute Cloud (EC2) is a web service that provides resizeable computing capacity—literally, servers in Amazon's data centers—that you use to build and host your software systems. Amazon EC2 enables you to scale up or down to handle changes in requirements or spikes in popularity, reducing your need to forecast traffic.
Virtual computing environments, known as
instances. Preconfigured templates for your instances, known as
Amazon Machine Images (AMIs) , that package the bits you need for your server (including the operating system and additional software). Various configurations of CPU, memory, storage, and networking capacity for your instances, known as
instance types Secure login information for your instances using
key pairs ```(AWS stores the public key, and you store the private key in a secure place).