AWS Supports You: Building Modern Applications using Amazon EFS

AWS Supports You: Building Modern Applications using Amazon EFS, gives viewers on the twitch.tv/aws channel an introduction to Amazon Elastic File System (Amazon EFS), Use cases, Modern application development with EFS, Containers, Lambda, Security and Developer and administrative best practices. This series showcases best practices and troubleshooting tips from AWS Support. This episode originally aired on May 10, 2021.

1:52 EFS Introduction
7:11 Cost Optimization
9:51 Modern Application development
12:39 Security & Identity with Access Points
21:15 EFS and ECS demo
31:45 EFS and Lambda demo
42:25 Security and Compliance
43:42 EFS and EC2 demo
48:29 Best Practices
50:41 Resources

#aws

What is GEEK

Buddha Community

AWS Supports You: Building Modern Applications using Amazon EFS

Nicholas Witting

1621489554

Learn to Deploy a PHP Application using Amazon EC2 Instance

Learn about the Deployment of Web application using AWS

Amazon EC2 allows individuals to deploy various applications. Using Amazon EC2, you can launch as many or as few virtual servers as per the given circumstances. Hence, in this blog, I will be discussing on deploying a PHP application using Amazon EC2 instance.

What are the pre requisitions before you go through this blog?

Before you dive into this blog, please make sure that you have created your own Amazon EC2 instance and be connected to it to view the stepwise procedure for deploying a PHP application. Adding to that, you should also have your PHP application in the GitHub repository. Likewise, familiarity with the Linux environment can help to provide a better understanding of the blog content. However, I will further elaborate on all the required Linux commands.

Note: If you have not created your Amazon EC2 instance yet, you can go through my previous blog on the stepwise procedure for creating an Amazon EC2 instance and connecting to the Amazon EC2 instance with the link provided below.

Note: If you are willing to connect to your Amazon EC2 using PuTTy, you can open the link provided below.

_ Note: You should also have your PHP application in your GitHub repository. So, if you have not created your PHP application, then for the demo, you might as well use the application provided in the GitHub repository below._

#amazon #aws #amazon-web-services #amazon-ec2 #web-applications

Rory West

1620881100

AWS: Benefits & Applications in Real World

Amazon Web Services or AWS is the cloud infrastructure and web services division of Amazon.com, the biggest retail player in the world. It is designed to bring immense benefits to organizations. Some organizations, in their excitement to benefit from Amazon, move their applications to AWS without even considering or adopting the lift and shift approach.

Despite the miss, these organizations are accorded the advantages that come with using a cost-efficient and secure infrastructure. But it is very easy for these organizations to forget that it is not that easy to enjoy the twin benefits of agility and flexibility without adopting the recommended changes.

Yes, it is true. Most IT engineers, developers, and programmers do not realize the need to evolve their organization’s architectures to experience the advantages that come with AWS. New applications, scalability, and efficiency are achievable by using cloud-related IT architecture patterns.

#aws #aws applications #aws benefits #aws use cases

Christa Stehr

1598408880

How To Unite AWS KMS with Serverless Application Model (SAM)

The Basics

AWS KMS is a Key Management Service that let you create Cryptographic keys that you can use to encrypt and decrypt data and also other keys. You can read more about it here.

Important points about Keys

Please note that the customer master keys(CMK) generated can only be used to encrypt small amount of data like passwords, RSA key. You can use AWS KMS CMKs to generate, encrypt, and decrypt data keys. However, AWS KMS does not store, manage, or track your data keys, or perform cryptographic operations with data keys.

You must use and manage data keys outside of AWS KMS. KMS API uses AWS KMS CMK in the encryption operations and they cannot accept more than 4 KB (4096 bytes) of data. To encrypt application data, use the server-side encryption features of an AWS service, or a client-side encryption library, such as the AWS Encryption SDK or the Amazon S3 encryption client.

Scenario

We want to create signup and login forms for a website.

Passwords should be encrypted and stored in DynamoDB database.

What do we need?

KMS key to encrypt and decrypt data
DynamoDB table to store password.
Lambda functions & APIs to process Login and Sign up forms.
Sign up/ Login forms in HTML.

Lets Implement it as Serverless Application Model (SAM)!

Lets first create the Key that we will use to encrypt and decrypt password.

KmsKey:
    Type: AWS::KMS::Key
    Properties: 
      Description: CMK for encrypting and decrypting
      KeyPolicy:
        Version: '2012-10-17'
        Id: key-default-1
        Statement:
        - Sid: Enable IAM User Permissions
          Effect: Allow
          Principal:
            AWS: !Sub arn:aws:iam::${AWS::AccountId}:root
          Action: kms:*
          Resource: '*'
        - Sid: Allow administration of the key
          Effect: Allow
          Principal:
            AWS: !Sub arn:aws:iam::${AWS::AccountId}:user/${KeyAdmin}
          Action:
          - kms:Create*
          - kms:Describe*
          - kms:Enable*
          - kms:List*
          - kms:Put*
          - kms:Update*
          - kms:Revoke*
          - kms:Disable*
          - kms:Get*
          - kms:Delete*
          - kms:ScheduleKeyDeletion
          - kms:CancelKeyDeletion
          Resource: '*'
        - Sid: Allow use of the key
          Effect: Allow
          Principal:
            AWS: !Sub arn:aws:iam::${AWS::AccountId}:user/${KeyUser}
          Action:
          - kms:DescribeKey
          - kms:Encrypt
          - kms:Decrypt
          - kms:ReEncrypt*
          - kms:GenerateDataKey
          - kms:GenerateDataKeyWithoutPlaintext
          Resource: '*'

The important thing in above snippet is the KeyPolicy. KMS requires a Key Administrator and Key User. As a best practice your Key Administrator and Key User should be 2 separate user in your Organisation. We are allowing all permissions to the root users.

So if your key Administrator leaves the organisation, the root user will be able to delete this key. As you can see **KeyAdmin **can manage the key but not use it and KeyUser can only use the key. ${KeyAdmin} and **${KeyUser} **are parameters in the SAM template.

You would be asked to provide values for these parameters during SAM Deploy.

#aws #serverless #aws-sam #aws-key-management-service #aws-certification #aws-api-gateway #tutorial-for-beginners #aws-blogs

Rory West

1623650760

An Introduction to the Main AWS Storage Services

When I was nine I discovered QBASIC on my parents’ DOS computer. I got addicted immediately but, in the nineties, we didn’t have stack overflow where I could just copy-paste example code.

What I did have were a few books that I found at a thrift store with example programs printed in them. I would spend hours copying the code (especially since I used the hunt-and-peck typing technique).

Once I had all of that code copied, I had no questions about where to store it.

On my personal, 750 kb floppy disk.

Now I’m a cloud developer, and when I want to store files it’s not as simple of a decision. There are all types of storage in AWS with a different use case for each. In this article, I’m going to walk through the most commonly used storage services and describe the common use cases for them.

#aws #aws-efs #aws-s3 #amazon-web-services #amazon

Sydnie Hansen

1621380600