Complete The Cloud Resume Challenge The Challenge Part 1: Get AWS Certified and complete The Cloud Resume Challenge Part 2: HTML - Create a website Part 3: CSS - Style your website Part 4: Static Website - Amazon S3 Part 5: HTTPS - Set up Amazon CloudFront Part 6: DNS - Custom domain name with Amazon Route 53 Part 7-12: Backend - Creating a serverless API and requesting it with JS –> Part 13-16: CI/CD - Commit, Build and Deploy with AWS CodePipeline <– tl;dr: Creating a CI/CD pipeline for the frontend and the backend. Automating the deployment with AWS CodePipeline using GitHub as the source repository. ...

tl;dr: Use Flameshot to take screenshots and edit them directly before saving to a file or to the clipboard. Download at flameshot.org/download. Flameshot Flameshot is my favorite screenshot app and I have been using it for years. I’ve shown this app to lots of co-workers over the years since I find it super practical. I have to admit that windows and mac has stepped up their screenshot tools the last years, so everything isn’t as unique as it was the first time i tried out Flameshot. Still I find it the best tool for taking screenshots and I use it daily. ...

tl;dr: You can use S3 to store your Terraform state file remote. To migrate a local state file, add a backend "s3" {} block to your Terraform configuration and run terraform init -migrate-state. You no longer need to use DynamoDB for state locking, as S3 now has native support for this with use_lockfile = true. Table of Contents What is remote state? State locking Set AWS as a Terraform backend Migrating local state to S3 Conclusion What is remote state? When you run terraform apply, terraform will create a state file. When ever you make a change to your terraform configuration and apply it, terraform will check the difference between the config and the state before makeing the needed changes. ...

Complete The Cloud Resume Challenge The Challenge Part 1: Get AWS Certified and complete The Cloud Resume Challenge Part 2: HTML - Create a website Part 3: CSS - Style your website Part 4: Static Website - Amazon S3 Part 5: HTTPS - Set up Amazon CloudFront Part 6: DNS - Custom domain name with Amazon Route 53 –> Part 7-12: Backend - Creating a serverless API and requesting it with JS <– Part 13-16: CI/CD - Commit, Build and Deploy with AWS CodePipeline tl;dr:: Creating a serverless counter for our website using Lambda, DynamoDB, Api Gateway and Terraform then displaying it on our website using javascript. ...

Complete The Cloud Resume Challenge The Challenge Part 1: Get AWS Certified and complete The Cloud Resume Challenge Part 2: HTML - Create a website Part 3: CSS - Style your website Part 4: Static Website - Amazon S3 Part 5: HTTPS - Set up Amazon CloudFront –> Part 6: DNS - Custom domain name with Amazon Route 53 <– Part 7-12: Backend - Creating a serverless API and requesting it with JS Part 13-16: CI/CD - Commit, Build and Deploy with AWS CodePipeline tl;dr: Use Amazone Route 53 to register a custom domain name and point it to your CloudFront distribution. ...

tl;dr: After installing docker-desktop, I needed to use sudo to run commands even though my user is in the docker group. Fix: Change docker context back to default. Introduction - The problem After installing docker-desktop, running docker commands only returns errors. How did this happened? It was working just fine earlier. Let me start from the beginning: Recently I’ve been thinking about learning Kubernetes. And I’ve started doing some research also thinking about completing some of the Kubernetes certifications. ...

Complete The Cloud Resume Challenge The Challenge Part 1: Get AWS Certified and complete The Cloud Resume Challenge Part 2: HTML - Create a website Part 3: CSS - Style your website Part 4: Static Website - Amazon S3 –> Part 5: HTTPS - Set up Amazon CloudFront <– Part 6: DNS - Custom domain name with Amazon Route 53 Part 7-12: Backend - Creating a serverless API and requesting it with JS Part 13-16: CI/CD - Commit, Build and Deploy with AWS CodePipeline tl;dr: HTTPS is like HTTP, but secure. Use CloudFront to front your website redirecting HTTP to HTTPS. ...

tl;dr: A small overview of AWS permissions and policies This is some notes or a cheatsheet I wrote while reading about AWS permissions and policies. It is a collection of information from the AWS documentation and other sources. Table of Contents Policy Types of Policies Evaluation of identity-based policies Identity-based and resource-based policies Cross-account access using IAM roles Service Control Policies (scps) How AWS evaluates policies Policy Consists of: Version: policy language version Id: optional identifier for policy (optional) Statement: One or more individual statements (required) Statements consists of: Sid: Identifier for the statement (optional) Effect: allow or deny Principal: account/user/role/service to which this policy applies Action: list of actions this policy allows/denies Resource: list of resources to which the actions applies Condition: conditions for when this policy is in effect (optional) { "Version": "2012-10-17", "Id": "ExamplePolicyWithCondition", "Statement": [ { "Sid": "AllowS3AccessWithCondition", "Effect": "Allow", "Principal": { "AWS": "arn:aws:iam::123456789012:role/MyExampleRole" }, "Action": "s3:GetObject", "Resource": "arn:aws:s3:::example-bucket/*", "Condition": { "IpAddress": { "aws:SourceIp": "203.0.113.0/24" } } } ] } Types of Policies Organizations resource control policies (RCPs): used to set permissions on AWS Organizations resources Organizations service control policies (SCPs): used to set permission guardrails across multiple AWS accounts Permissions boundaries: used to set the maximum permissions that an identity-based policy can grant to an IAM entity Resource-based policies: attached to resources (S3 bucket, SNS topic, SQS queue) Identity-based policies: attached to IAM identities (users, groups, roles) Session policies: passed when an IAM role is assumed Evaluation of identity-based policies: With resource-based policies: The resulting permissions are the union of the permissions. So only one, the other or both are needed for the action to be allowed. With permissions boundaries: The resulting permissions are the intersection of the permissions. So both the identity-based policy and the permissions boundaries must allow the action for the action to be allowed. With SCPs or RCPs: The resulting permissions are the intersection of the permissions. So both the identity-based policy and the SCPs or RCPs must allow the action for the action to be allowed. The only exceptions are principals that are part of the management account, which are not affected by SCPs or RCPs. Identity-based and resource-based policies In some cases resource-based policies are required as well as identity-based policies. ...

tl;dr: Use terraform as a template for SAM to run your serverless API locally with the flag --hook-name terraform. Table of Contents What is SAM? Setting up Terraform for SAM Building with SAM and Terraform Sam config file Invoking a lambda function locally Running API Gateway locally Adding local DynamoDB with Docker Conclusion Introduction Lambdas for serverless computing is great for creating applications fast without spending time on physical infrastructure. How ever, without a good pipeline and workflow, developing can take a lot of time. ...