We need to understand the following concept .
1. VPC
2. Subnets
3. Internet Gateway
4. Route table
5. Security group
6. Ec2
7. Nat Gateway.
Steps to create and set up a VPC in AWS:
1. create a own vpc
2. create a public and private subnet for different Availability zone by assigning CIDR blocks.
3. Create Internet Gateway and attach it to the Vpc.
4. Create two Routing Table one as Public and one as private by associating the appropriate subnets to it.
5. Edit the Public route Table's Route alone and map the Internet Gateway, not the Private one and leave it as it is.
6. Create two security groups- one for public and one for private then edit the public security group's inbound rules with RDP, HTTP, HTTPS, SSH and map 0.0.0.0/0 in the source, And then for private security group edit the inbound rules and map the Security group of public in the source.
7. Create two Ec2's one in public and one in private subnets with proper security groups.
8. Login into the public Ec2 instance and check whether it is getting internet connection.
9. Create NAT gateway with new elastic IP for the internet connection in the privat subnet. then Map it to Private Routing table
10. Now login to the private ec2 and verify the connectivity and internet facility.
We need to understand the following concept:1. Security Engineering (IAM)
2. Storage Engineering (S3)
3. Network Engineering (VPC)
4. Database Engineering (RDS)
5. Server Engineering (EC2)
6. Application Engineering
Security Engineering: IAM
What is IAM?
Identity and Access Management (IAM) enables you to manage access to AWS services and resources securely. Using IAM you can create and manage AWS users and groups, and use permissions to allow and deny their acces to AWS resources.
Types of users:
Root user:
Root url:
IAM users:
IAM url:
Practical:
creating 4 components:
1. group
2. users
3. policies
4. roles
* 4 types of scenario:
1. user to service
2. service to service
3. user to service to service
4. creating MFA (Multi Factor Authentication)
ELB & ASG --> AWS Service
Types of load balancer:
1. Classic
2. Application
3. Network
4. Gateway
Classic load balancer & Auto Scaling:
1. Ec2 Instance (2)
2. Classic Load balancer
3. Launch Template
4. Auto scaling group
#!/bin/bash
yum install httpd -y
service httpd start
echo "IBIKZ-Webserver 1"> var/www/html/index.html
#!/bin/bash
yum install httpd -y
service httpd start
echo "IBIKZ-Webserver 2"> /var/www/html/index.html
ALB
ELB- Elastic Load Balancer
ASG- Auto Scaling Group
IRCTC website Tatkal
Types of load balancer:
1. Classic
2. Application
3. Network
4. Gateway
www.ibikz.com/product
www.ibikz.com/services
1. Ec2 Instance (2)
2. Target Group (2)
3. Application Load balancer
#!/bin/bash
yum install httpd -y
service httpd start
mkdir /var/www/html/prod
echo "prod home page"> /var/www/html/prod/index.html
#!/bin/bash
yum install httpd -y
service httpd start
mkdir /var/www/html/Dev
echo "dev home page"> /var/www/html/dev/index.html
-----------------------------------------------------------------------------------------------------------------------------
1. Elastic ip - static
public, private
2. Add Drive
3. Add Data
4. Modify drive
5. Snap shot
6. attach the snap shot to another server
Storage Engineering - S3 (simple storage service)
This act like one Drive - Storage and retrieval
What is S3?
* Simple Storage Service, it is unstructured manner of storing, process and retraival of data.
* It is a storage on the Internet.
* It can be accessed anywhere and anytime from anywhere on the web.
* It also act as a Version Control System by having the feature called versioning.(Git)
Benefits:
Availability - 99.9%
Durability 99.9999999%
-
upto 5TB data can be stored under 1 object
upto 100 object can create in 1 bucket
limitation we can't install any application or OS
volume is rural and s3 is global
Bucket --> max 100
object> It can be any format, max size of 5TB
It is a Global service.
Functions of S3:
It is a storage unit.
Collections of object.
It is a single level container, can cointain multiple folders, or objects can be placed directly.
Upload and Download can be easier
Name of the bucket should be globally unique.
Allows max 100 bucket per user
Data kept secured from unauthorized access through authentication machanism.
.png)
