Complete The Cloud Resume Challenge The Challenge Part 6: DNS - Custom domain name with Amazon Route 53 Part 5: HTTPS - Set up Amazon CloudFront Part 4: Static Website - Amazon S3 Part 3: CSS - Style your website Part 2: HTML - Create a website Part 1: Get AWS Certified and complete The Cloud Resume Challenge tl;dr: Use Amazone Route 53 to register a custom domain name and point it to your CloudFront distribution. ...
Complete The Cloud Resume Challenge The Challenge Part 5: HTTPS - Set up Amazon CloudFront Part 4: Static Website - Amazon S3 Part 3: CSS - Style your website Part 2: HTML - Create a website Part 1: Get AWS Certified and complete The Cloud Resume Challenge tl;dr: HTTPS is like HTTP, but secure. Use CloudFront to front your website redirecting HTTP to HTTPS. Encrypt your data in transit with HTTPS Have you notised that ugly triangle saying “Not Secure” where there usally is a pretty lock icon in the address bar? ...
tl;dr: A small overview of AWS permissions and policies This is some notes or a cheatsheet I wrote while reading about AWS permissions and policies. It is a collection of information from the AWS documentation and other sources. Table of Contents Policy Types of Policies Evaluation of identity-based policies Identity-based and resource-based policies Cross-account access using IAM roles Service Control Policies (scps) How AWS evaluates policies Policy Consists of: Version: policy language version Id: optional identifier for policy (optional) Statement: One or more individual statements (required) Statements consists of: Sid: Identifier for the statement (optional) Effect: allow or deny Principal: account/user/role/service to which this policy applies Action: list of actions this policy allows/denies Resource: list of resources to which the actions applies Condition: conditions for when this policy is in effect (optional) { "Version": "2012-10-17", "Id": "ExamplePolicyWithCondition", "Statement": [ { "Sid": "AllowS3AccessWithCondition", "Effect": "Allow", "Principal": { "AWS": "arn:aws:iam::123456789012:role/MyExampleRole" }, "Action": "s3:GetObject", "Resource": "arn:aws:s3:::example-bucket/*", "Condition": { "IpAddress": { "aws:SourceIp": "203.0.113.0/24" } } } ] } Types of Policies Organizations resource control policies (RCPs): used to set permissions on AWS Organizations resources Organizations service control policies (SCPs): used to set permission guardrails across multiple AWS accounts Permissions boundaries: used to set the maximum permissions that an identity-based policy can grant to an IAM entity Resource-based policies: attached to resources (S3 bucket, SNS topic, SQS queue) Identity-based policies: attached to IAM identities (users, groups, roles) Session policies: passed when an IAM role is assumed Evaluation of identity-based policies: With resource-based policies: The resulting permissions are the union of the permissions. So only one, the other or both are needed for the action to be allowed. With permissions boundaries: The resulting permissions are the intersection of the permissions. So both the identity-based policy and the permissions boundaries must allow the action for the action to be allowed. With SCPs or RCPs: The resulting permissions are the intersection of the permissions. So both the identity-based policy and the SCPs or RCPs must allow the action for the action to be allowed. The only exceptions are principals that are part of the management account, which are not affected by SCPs or RCPs. Identity-based and resource-based policies In some cases resource-based policies are required as well as identity-based policies. ...
tl;dr: Use terraform as a template for SAM to run your serverless API locally with the flag --hook-name terraform. Table of Contents What is SAM? Setting up Terraform for SAM Building with SAM and Terraform Sam config file Invoking a lambda function locally Running API Gateway locally Adding local DynamoDB with Docker Conclusion Introduction Lambdas for serverless computing is great for creating applications fast without spending time on physical infrastructure. How ever, without a good pipeline and workflow, developing can take a lot of time. ...
Complete The Cloud Resume Challenge The Challenge Part 4: Static Website - Amazon S3 Part 3: CSS - Style your website Part 2: HTML - Create a website Part 1: Get AWS Certified and complete The Cloud Resume Challenge tl;dr: Host a static website from AWS S3 Hosting a static website Finally we get to the good part. Now we get to play with some AWS services. And by the end of this post we will have our personal cloud resume webpage out on the world wide web. ...
Complete The Cloud Resume Challenge The Challenge Part 3: CSS - Style your website Part 2: HTML - Create a website Part 1: Get AWS Certified and complete The Cloud Resume Challenge tl;dr: Learn some basic CSS at w3schools.com. Style a website using CSS. What is CSS? Cascading Style Sheets or CSS is the language used to style html. It is pretty easy to understand. And with the help of google and maybe ChatGPT, you should be able to style you webpage just the way you want it. ...
Complete The Cloud Resume Challenge The Challenge Part 2: HTML - Create a website Part 1: Get AWS Certified and complete The Cloud Resume Challenge tl;dr: Create a website using HTML What is HTML? HTML is the standard markup language for Web pages. With HTML you can create your own Website. HTML is easy to learn - You will enjoy it! w3schools.com Crossroads When building our website I see three choices: ...
tl;dr: Complete an AWS Certification Exam and create an AWS Account. Next we’ll create a website using different AWS services. Following the steps of The Cloud Resume Challenge Complete The Cloud Resume Challenge This is the first post in a series on our journey completing The Cloud Resume Challenge. In short The Cloud Resume Challenge is a challenge to create a website and to host it using a cloud provider. It’s a great way to learn about AWS. My first though was just to rush through it by my self, then write about how I did it afterwords. But I felt it would be to general and high level so I changed my mind. Now the plan is to do one post pr step. This way I can go a bit more into details on each step and all the great AWS services that we will be using throughout this challenge. I can wait to get started. Let’s go! ...
tl;dr: Script to sync github repo with S3: https://github.com/jakejarvis/s3-sync-action Workflow Writing this blog I want as little friction as possible. By that I mean that i want as short as possible distance/time/clicks between me writing a post in a markdown file and the blog being updated on the world wide web. My solution to this goal was version control on GitHub and creating a pipeline with GitHub Actions, that would deploy my webpage automatically on push to main. This way all I need to do is write a new blog post and push it to git ...