AWS Identity and Access Management (IAM)

AWS Identity and Access Management (IAM)

IAM User:

Newly created IAM User has no permissions associated with it.

IAM Policy:

IAM Policy allows us to change the permission on resources like EC2, S3, etc.

IAM Group:

IAM Group is a collection of users. We can assign IAM policy to IAM Group.

IAM Roles:

IAM Roles is a temporary access to some resource. We do not assign roles. Users, application or services can assume IAM Roles. 

Once a roles is assumed all previous permissions granted through groups and policies are not valid for the total duration of IAM Role is assumed.

MFA is extra layer of security provided in IAM

AWS Network ACL and Security Groups

ACLs perform stateless packet filtering (Always check packets)

Account's Default ACL: Allow all In and out traffic

Customer ACL: Only allow what is defined rest is deny

-------------------------------------------------------------------------

Security Groups perform stateful packet filtering (Remember previous decision for the packet)

By Default 

Deny all In

Allow all out

-------------------------------------------------------------------------

Crontab

 # Example of job definition:
# .---------------- minute (0 - 59)
# |  .------------- hour (0 - 23)
# |  |  .---------- day of month (1 - 31)
# |  |  |  .------- month (1 - 12) OR jan,feb,mar,apr ...
# |  |  |  |  .---- day of week (0 - 6) (Sunday=0 or 7) OR sun,mon,tue,wed,thu,fri,sat
# |  |  |  |  |
# *  *  *  *  * user-name command to be executed

AWS Cloud Practitioner Essentials Notes

-----------------
1. Compute in Cloud
-----------------
Compute on AWS
https://aws.amazon.com/products/compute/

AWS Compute Blog
https://aws.amazon.com/blogs/compute/

AWS Compute Services
https://docs.aws.amazon.com/whitepapers/latest/aws-overview/compute-services.html

Hands-On Tutorials: Compute
https://aws.amazon.com/getting-started/hands-on/?awsf.getting-started-category=category%23compute&awsf.getting-started-content-type=content-type%23hands-on&getting-started-all.sort-by=item.additionalFields.sortOrder&getting-started-all.sort-order=asc&awsf.getting-started-level=*all

Category Deep Dive: Serverless
https://aws.amazon.com/getting-started/deep-dive-serverless/

AWS Customer Stories: Serverless
https://aws.amazon.com/solutions/case-studies/?customer-references-cards.sort-by=item.additionalFields.publishedDate&customer-references-cards.sort-order=desc&awsf.customer-references-location=*all&awsf.customer-references-segment=*all&awsf.customer-references-product=product%23vpc%7Cproduct%23api-gateway%7Cproduct%23cloudfront%7Cproduct%23route53%7Cproduct%23directconnect%7Cproduct%23elb&awsf.customer-references-category=category%23serverless&awsf.customer-references-industry=*all&awsf.customer-references-use-case=*all&awsf.customer-references-tech-category=*all


-----------------
2. Global infrastructure and reliability
-----------------
Global Infrastructure
https://aws.amazon.com/about-aws/global-infrastructure/

Interactive map of the AWS Global Infrastructure
https://aws.amazon.com/about-aws/global-infrastructure/regions_az/

Regions and Availability Zones
https://aws.amazon.com/about-aws/global-infrastructure/regions_az/

AWS Networking and Content Delivery Blog
https://aws.amazon.com/blogs/networking-and-content-delivery/

Tools to Build on AWS
https://aws.amazon.com/tools/

AWS Customer Stories: Content Delivery
https://aws.amazon.com/solutions/case-studies/?customer-references-cards.sort-by=item.additionalFields.publishedDate&customer-references-cards.sort-order=desc&awsf.customer-references-location=*all&awsf.customer-references-segment=*all&awsf.customer-references-product=product%23vpc%7Cproduct%23api-gateway%7Cproduct%23cloudfront%7Cproduct%23route53%7Cproduct%23directconnect%7Cproduct%23elb&awsf.customer-references-category=category%23content-delivery&awsf.customer-references-industry=*all&awsf.customer-references-use-case=*all&awsf.customer-references-tech-category=*all


-----------------
3. Networking
-----------------
Networking and Content Delivery on AWS
https://aws.amazon.com/products/networking/

AWS Networking & Content Delivery Blog
https://aws.amazon.com/blogs/networking-and-content-delivery/

Amazon Virtual Private Cloud
https://aws.amazon.com/vpc/?vpc-blogs.sort-by=item.additionalFields.createdDate&vpc-blogs.sort-order=desc

What is Amazon VPC?
https://docs.aws.amazon.com/vpc/latest/userguide/what-is-amazon-vpc.html

How Amazon VPC works
https://docs.aws.amazon.com/vpc/latest/userguide/how-it-works.html


-----------------
4. Storage and Database
-----------------
Cloud Storage on AWS
https://aws.amazon.com/products/storage/

AWS Storage Blog
https://aws.amazon.com/blogs/storage/

Hands-On Tutorials: Storage
https://aws.amazon.com/getting-started/hands-on/?awsf.getting-started-category=category%23storage&awsf.getting-started-content-type=content-type%23hands-on&getting-started-all.sort-by=item.additionalFields.sortOrder&getting-started-all.sort-order=asc&awsf.getting-started-level=*all

AWS Customer Stories: Storage
https://aws.amazon.com/solutions/case-studies/?customer-references-cards.sort-by=item.additionalFields.publishedDate&customer-references-cards.sort-order=desc&awsf.customer-references-location=*all&awsf.customer-references-segment=*all&awsf.customer-references-product=product%23vpc%7Cproduct%23api-gateway%7Cproduct%23cloudfront%7Cproduct%23route53%7Cproduct%23directconnect%7Cproduct%23elb&awsf.customer-references-category=category%23storage&awsf.customer-references-industry=*all&awsf.customer-references-use-case=*all&awsf.customer-references-tech-category=*all

AWS Database Migration Service
https://aws.amazon.com/dms/

Databases on AWS
https://aws.amazon.com/products/databases/

Category Deep Dive: Databases
https://aws.amazon.com/getting-started/deep-dive-databases/

AWS Database Blog
https://aws.amazon.com/blogs/database/

AWS Customer Stories: Databases
https://aws.amazon.com/solutions/case-studies/?customer-references-cards.sort-by=item.additionalFields.publishedDate&customer-references-cards.sort-order=desc&awsf.customer-references-location=*all&awsf.customer-references-segment=*all&awsf.customer-references-product=product%23vpc%7Cproduct%23api-gateway%7Cproduct%23cloudfront%7Cproduct%23route53%7Cproduct%23directconnect%7Cproduct%23elb&awsf.customer-references-category=category%23databases&awsf.customer-references-industry=*all&awsf.customer-references-use-case=*all&awsf.customer-references-tech-category=*all


-----------------
5. Security
-----------------
Security, Identity, and Compliance on AWS
https://aws.amazon.com/products/security/

Whitepaper: Introduction to AWS Security
https://docs.aws.amazon.com/whitepapers/latest/introduction-aws-security/welcome.html

Whitepaper: Amazon Web Services - Overview of Security Processes
https://docs.aws.amazon.com/whitepapers/latest/aws-overview-security-processes/aws-overview-security-processes.pdf

AWS Security Blog
https://aws.amazon.com/blogs/security/

AWS Compliance
https://aws.amazon.com/compliance/

AWS Customer Stories: Security, Identity, and Compliance
https://aws.amazon.com/solutions/case-studies/?customer-references-cards.sort-by=item.additionalFields.publishedDate&customer-references-cards.sort-order=desc&awsf.customer-references-location=*all&awsf.customer-references-segment=*all&awsf.customer-references-product=product%23vpc%7Cproduct%23api-gateway%7Cproduct%23cloudfront%7Cproduct%23route53%7Cproduct%23directconnect%7Cproduct%23elb&awsf.customer-references-category=category%23security-identity-compliance&awsf.customer-references-industry=*all&awsf.customer-references-use-case=*all&awsf.customer-references-tech-category=*all


-----------------
6. Monitoring and Analytics
-----------------
Management and Governance on AWS
https://aws.amazon.com/products/management-and-governance/

Monitoring and Observability
https://aws.amazon.com/products/management-and-governance/use-cases/monitoring-and-observability/?whats-new-cards.sort-by=item.additionalFields.postDateTime&whats-new-cards.sort-order=desc&blog-posts-cards.sort-by=item.additionalFields.createdDate&blog-posts-cards.sort-order=desc

Configuration, Compliance, and Auditing
https://aws.amazon.com/products/management-and-governance/use-cases/configuration-compliance-and-auditing/?whats-new-cards.sort-by=item.additionalFields.postDateTime&whats-new-cards.sort-order=desc&blog-posts-cards.sort-by=item.additionalFields.createdDate&blog-posts-cards.sort-order=desc

AWS Management & Governance Blog
https://aws.amazon.com/blogs/mt/

Whitepaper: AWS Governance at Scale
https://docs.aws.amazon.com/whitepapers/latest/aws-governance-at-scale/aws-governance-at-scale.html


-----------------
7. Pricing and Support
-----------------
AWS Pricing
https://aws.amazon.com/pricing/

AWS Free Tier
https://aws.amazon.com/free/?all-free-tier.sort-by=item.additionalFields.SortRank&all-free-tier.sort-order=asc&awsf.Free%20Tier%20Types=*all&awsf.Free%20Tier%20Categories=*all

AWS Cost Management
https://aws.amazon.com/aws-cost-management/

Whitepaper: How AWS Pricing Works
https://d1.awsstatic.com/whitepapers/aws_pricing_overview.pdf

Whitepaper: Introduction to AWS Economics
https://d1.awsstatic.com/whitepapers/introduction-to-aws-cloud-economics-final.pdf

AWS Support
https://aws.amazon.com/premiumsupport/

AWS Knowledge Center
https://aws.amazon.com/premiumsupport/knowledge-center/


-----------------
8. Migration and Innovation
-----------------
Migration & Transfer on AWS
https://aws.amazon.com/products/migration-and-transfer/

A Process for Mass Migrations to the Cloud
https://aws.amazon.com/blogs/enterprise-strategy/214-2/

6 Strategies for Migrating Applications to the Cloud
https://aws.amazon.com/blogs/enterprise-strategy/6-strategies-for-migrating-applications-to-the-cloud/

AWS Cloud Adoption Framework
https://aws.amazon.com/professional-services/CAF/

AWS Fundamentals: Core Concepts
https://aws.amazon.com/getting-started/fundamentals-core-concepts/

AWS Cloud Enterprise Strategy Blog
https://aws.amazon.com/blogs/enterprise-strategy/

Modernizing with AWS Blog
https://aws.amazon.com/blogs/modernizing-with-aws/

AWS Customer Stories: Data Center Migration
https://aws.amazon.com/solutions/case-studies/?customer-references-cards.sort-by=item.additionalFields.publishedDate&customer-references-cards.sort-order=desc&awsf.customer-references-location=*all&awsf.customer-references-segment=*all&awsf.customer-references-product=product%23vpc%7Cproduct%23api-gateway%7Cproduct%23cloudfront%7Cproduct%23route53%7Cproduct%23directconnect%7Cproduct%23elb&awsf.customer-references-category=category%23datacenter-migration&awsf.customer-references-industry=*all&awsf.customer-references-use-case=*all&awsf.customer-references-tech-category=*all

-----------------
9. The Cloud Journey
-----------------
AWS Well-Architected
https://aws.amazon.com/architecture/well-architected/?wa-lens-whitepapers.sort-by=item.additionalFields.sortDate&wa-lens-whitepapers.sort-order=desc

Whitepaper: AWS Well-Architected Framework
https://d1.awsstatic.com/whitepapers/architecture/AWS_Well-Architected_Framework.pdf

AWS Architecture Center
https://aws.amazon.com/architecture/

Six Advantages of Cloud Computing
https://docs.aws.amazon.com/whitepapers/latest/aws-overview/six-advantages-of-cloud-computing.html

AWS Architecture Blog
https://aws.amazon.com/blogs/architecture/


-----------------
10. AWS Certified Cloud Practitioner Basics
-----------------
Overview of Amazon Web Services
https://d1.awsstatic.com/whitepapers/aws-overview.pdf

How AWS Pricing Works
http://d1.awsstatic.com/whitepapers/aws_pricing_overview.pdf

Compare AWS Support Plans
https://aws.amazon.com/premiumsupport/plans/