In this post I’d like to talk about the Credential Report and the Access Advisor. These are two very useful reports you can view to learn the security of your account and can provide information on how to improve. First off the Credential Report is generated from the account level and allows you to look…
Category: Uncategorized
Post #64 (AWS) – IAM roles
As discussed previously policies are the equivalent to permissions in AWS. Well what if you need to assign permissions to an AWS service? Yes, there are times where you need to assign permissions to services to allow them to perform actions on your behalf in AWS, similar to a service user in windows. In this…
Post #63 (AWS) – CloudShell, a WebUI alternative to AWS CLI
AWS CLI is a great way to access AWS over the terminal, but what if you want to be able to use a terminal to manager AWS within the WebUI management console? Well that’s where CloudShell comes in. It is a terminal you can access within your management console that allows you to run your…
Post #62 (AWS) – AWS CLI installation
You can install AWS CLI on your Windows, Linux, or Mac machine and this will allow you to be able to access AWS from the command line as well as automate tasks using scripts. You can get started with the following link, with the exception of linux it’s as easy as downloading any application. Linux…
Post #61 (AWS) – The different methods of managing your AWS services.
You have three options for managing your AWS services. They are the management console, AWS CLI, and AWS SDK. The AWS management console is a GUI interface you access with a username and password, also sometimes MFA. The AWS CLI is the CLI of AWS you can access via your terminal, you access using an…
Post #60 (AWS) – IAM and MFA
Yes you read that correctly, you can assign MFA to your IAM users. You have a few options for this. You can use a virtual MFA device, such as Microsoft authenticator. You can have multiple accounts assigned to this so you don’t need to have a device for every account you own, that would get…
Post #59 (AWS) – More information on IAM
Within IAM very similarly to AD you can assign policies to groups which propagate to users, if you want to have a policy apply to just one user you use an in-line policy. A policy is structured like so { “Version”: “2012-10-17”, “Id”: “ExamplePolicy”, “Statement”: [ { “Sid”: “ExampleStatement”, “Effect”: “Allow”, “Action”: “s3:GetObject”, “Principal”: “*”,…
Post #58 (AWS) – IAM (Identity and Access Management)
Very similar to any normal account hierarchy such as Active Directory, IAM is a global service as well meaning you do not need to deploy in a specific region to use it. You have a root account created by default, you should avoid using this account and instead create specific user accounts following the rule…
Post #57 (AWS) – Getting started with AWS
AWS also known as Amazon web services, is Amazon’s offering for a cloud service. It was launched internally in 2002 and became public a few years later and is now the largest cloud offering in the business. AWS can be divided into Regions then into availability zones. A region may be multiple locations in the…
Post #56 (Informational) – Next up AWS Certified Solutions Architect Associate
Now that I’ve gotten more comfortable with programming I am ready to proceed with attempting to earn my AWS Certified Solution Architect Associate certification. I will learn the data necessary in all four domains and take the exam more than likely before the end of this year. Once I’ve earned this certification and have become…