So just a quick little lab before I give my significant other a lift - creating a VPC peering connection. Unlike yesterday, no need to faff creating the infrastructure as it's prepared in the lab. Not much to say here except it at least it was the first time (to my recollection) setting this up. Unfortunately like many pre-set labs on this AWS learning environment, the bootstrapping often seems to fail. Here I was supposed to log into the MySQL instance in the private subnet (whose VPC has no IGW) to connect via the application server. Nevermind, onto the next one! So actually before doing this next lab, I had started another but as mentioned before, the AWS learning environment sometimes doesn't always deploy or requires workarounds for whatever reason. In this instance, the script was supposed to provide S3 bucket access to my IP (which I enter in the Cloud9 Terminal) but unfortunately this didn't work for whatever reason. Unable to proceed, I moved onto the next lab. So ...

So having finished the bootcamp, passed the CCP I wanted to work through and exhaust the resources I have available to me. The shortest of these was 3 months of free LinkedIn Learning. Unfortunately however this involved lots of theory and not a lot of hands on but I will be elaborating on a further blogpost about this. Having done a initial Udemy course invoking infrasture with code, this felt so slow! But nevertheless, it was a great reminder about the best and most appropriate way to deploy.   These two labs are just little "projects" in the graduate AWS re/Start learner environment we have for six months.  First little thing I did today was replicate the three-tier architecture above. In short I established a Virtual Private Cloud (VPC) with four subnets (1 public, 3 private - hello again CIDR blocks!) spread across two availability zones for redundancy. Set-up the internet and NAT gateway and built the different security groups for each tier. The only thing that felt...

AWS Organizations is a centralized account management service that allows you to consolidate multiple AWS accounts into a structured organization, offering consolidated billing and enhanced account management for improved budget, security, and compliance management. The organizational structure involves a hierarchy of organizational units (OUs) within a root, resembling an upside-down tree. Policies attached to nodes in this hierarchy cascade down to affect all branches and leaves, ensuring consistent controls. The service enables centrally managed access policies, controlled access to AWS services, and automated AWS account creation. However, it doesn't replace AWS Identity and Access Management (IAM) policies, which are applied to individual IAM users, groups, and roles within an account. In contrast, AWS Organizations uses Service Control Policies (SCPs) to regulate access to AWS services for entire accounts or groups of accounts within an OU, affecting all users, groups, and ro...

Amazon CloudWatch monitors the performance and health of our resources and applications in AWS. As a result it lets us: Track resource and application performance Collect and monitor log files Get notified when an alarm goes off CloudWatch consists of three primary components: metrics, alarms, and events. When running applications on Amazon EC2 instances, monitoring workload performance is crucial. This involves addressing two key questions: ensuring sufficient EC2 resources for fluctuating performance requirements and automating resource provisioning on demand. While Amazon CloudWatch facilitates performance monitoring and log file collection, it doesn't directly manage EC2 instances. Amazon EC2 Auto Scaling is our solution, as it enables dynamic scaling to maintain fleet health and availability during demand fluctuations. Amazon CloudWatch serves as a distributed statistics-gathering system, collecting and tracking metrics, including custom ones, and triggering no...

Storage is one of the most  critical component of cloud computing. The main AWS Cloud storage services are grouped into four categories: Block storage – Amazon Elastic Block Store (Amazon EBS) provides highly available and low-latency block storage capabilities to workloads that require persistent storage that is accessible from an Amazon Elastic Compute Cloud (Amazon EC2) instance. Object storage – Two services fall in this category. Amazon Simple Storage Service (Amazon S3) is designed to store objects of any type in a secure, durable, and scalable way, and make them accessible over the internet. Amazon Simple Storage Service Glacier provides low-cost and highly durable object storage for long-term backup and archive of any type of data. File storage – Two services support storing data at the file level. Amazon Elastic File System (Amazon EFS) provides a simple, scalable, elastic file system for Linux-based work...