Sunday, October 20, 2019

Security Groups for Direct Connect


Posted by at No comments:

Monday, October 7, 2019

Docker and Windows 10

  1. https://hub.docker.com/editions/community/docker-ce-desktop-windows
  2. Click on Get Docket button to download Docker
  3. Docker for Windows Installer.exe  will be downloaded
  4. Docker Tool box needed for other than windows 10 Professional and Enterprise.
  5. https://docs.docker.com/toolbox/toolbox_install_windows/
  6. C:\Program Files\Docker Toolbox
    1. Docker cli client for running docker engine to create images,containers
    2. Docker machine so we can run docker commands
    3. Docker compose to run docker --compose command
    4. Kitematic --> docker gui
    5. Docker quick start
    6. Oracle VM Virtual box
  7. It creates Desktop icon for Docket Quick Start terminal
  8. Launch it
  9. run docker --version  
  10. Docker version 18.03.0-ce, build 0520e24


Posted by at No comments:

Coding Tips

Posted by at No comments:

AWS Base Architecture


Posted by at No comments:

WAR Remediation Steps




  • Apply Jumpstart standards to AWS Account 
  • Deploy CIS Benchmarks throughout AWS account
  • CIS Benchmark Alerts o GuardDuty
  • VPC Flow Logs
  • CloudTrail
  • CloudWatch Logs
  • S3 Buckets collecting the logs, etc.  
  • Resiliency – Utilize Route 53
  • Elastic Load Balancer and instances in Multi AZs. 
  • Monitoring - Compute resources & alerts 
  • Systems Manager – Patching, Cloud Watch Agent 


 Security
Current state from 31% to 83% CIS compliant
  • SCP policies
  • GuardDuty
  • Centralize logs
  • Config rules
  • Security Hub (CIS compliance)

Identity Access Management
  • Clean up unnecessary IAM users and roles

Logging and Monitoring
  • Install  SSM Agent in the front-end instances to easily manage, patch, and run commands to multiples instances via AWS Systems Manager.
  • Installed CloudWatch agent in the front-end instances and sending the application logs to Cloudwatch
  • Configured CloudWatch Alerts and SNS Topic 
  • Monitoring the health of the front-end instances


Reliability
  • Help to define a plan for DR (disaster recovery) (RPO and RTO)
    • Potentially deploy AWS Backups to centrally manage and automate backups across AWS services
  • Provide a Network topology diagram

Cost Optimization
  • Use Reserved Instances for baseline workloads and capacity reservation
Use On-Demand Instances for short-term or unpredictable workloads

Posted by at No comments:

AWS - System Manager Setup (Apache LOGS)

Launch EC2 instance as ROOT

Edit the /etc/awslogs/awslogs.conf file and add the following.

  • sudo yum update -y
  • sudo yum install -y awslogs

  • vim /etc/awslogs/awscli.conf
  • sudo service awslogs start
  • sudo chkconfig awslogs on





vim /etc/awslogs/awslogs.conf

[/var/log/httpd/error_log]
datetime_format = %b %d %H:%M:%S
file = /var/log/httpd/error_log
buffer_duration = 5000
log_stream_name = {instance_id}
initial_position = start_of_file
log_group_name = /var/log/httpd/error_log

[/var/log/httpd/access_log]
datetime_format = %b %d %H:%M:%S
file = /var/log/httpd/access_log
buffer_duration = 5000
log_stream_name = {instance_id}
initial_position = start_of_file
log_group_name = /var/log/httpd/access_log

[/var/log/httpd/ssl_access_log]
datetime_format = %b %d %H:%M:%S
file = /var/log/httpd/ssl_access_log
buffer_duration = 5000
log_stream_name = {instance_id}
initial_position = start_of_file
log_group_name = /var/log/httpd/ssl_access_log

  1. Restart the awslogsd service
service awslogsd restart

Posted by at No comments:

AWS Click Stream Analytics with Kenisys

Posted by at No comments:

AWS - How to Perform EC2 Backup: Step-By-Step Guide

Posted by at No comments:
Subscribe to: Posts (Atom)