logo
eng-flag

AWS (Amazon Web Services) Cheatsheet

Table of Contents

  1. Introduction to AWS
  2. Core AWS Services
  3. AWS Management Console
  4. AWS CLI (Command Line Interface)
  5. EC2 (Elastic Compute Cloud)
  6. S3 (Simple Storage Service)
  7. IAM (Identity and Access Management)
  8. RDS (Relational Database Service)
  9. Lambda (Serverless Computing)
  10. CloudFormation (Infrastructure as Code)
  11. VPC (Virtual Private Cloud)
  12. CloudWatch (Monitoring and Observability)
  13. Best Practices and Security

Introduction to AWS

Amazon Web Services (AWS) is a comprehensive cloud computing platform provided by Amazon. It offers a wide array of services including compute power, database storage, content delivery, and other functionality to help businesses scale and grow.

Key Benefits:

  • Flexibility
  • Cost-effectiveness
  • Scalability
  • Security
  • Global reach

Core AWS Services

  1. Compute: EC2, Lambda, ECS
  2. Storage: S3, EBS, EFS
  3. Database: RDS, DynamoDB, Redshift
  4. Networking: VPC, Route 53, CloudFront
  5. Security: IAM, WAF, Shield
  6. Management: CloudWatch, CloudFormation, Systems Manager

AWS Management Console

The AWS Management Console is a web application for managing Amazon Web Services.

  1. Accessing the Console:

    • Go to aws.amazon.com
    • Click on "Sign In to the Console"
    • Enter your credentials

  2. Console Organization:

    • Services menu
    • Recently visited services
    • Resource groups
    • Region selector

  3. Creating a New Service:

    • Search for the service in the services menu
    • Click on the service name
    • Follow the service-specific creation wizard

AWS CLI (Command Line Interface)

The AWS CLI allows you to interact with AWS services using commands in your command-line shell.

  1. Installation:

    pip install awscli

  2. Configuration:

    aws configure

    Enter your AWS Access Key ID, Secret Access Key, region, and output format.

  3. Basic Command Structure:

    aws <service> <command> <options>

  4. Example Commands:

    aws s3 ls
aws ec2 describe-instances
aws rds create-db-instance --engine mysql --db-instance-identifier mydb --db-instance-class db.t2.micro --master-username admin --master-user-password mypassword --allocated-storage 20

EC2 (Elastic Compute Cloud)

EC2 provides scalable computing capacity in the AWS cloud.

  1. Launch an Instance:

    • Open EC2 Dashboard
    • Click "Launch Instance"
    • Choose an Amazon Machine Image (AMI)
    • Select an instance type
    • Configure instance details
    • Add storage
    • Add tags
    • Configure security group
    • Review and launch

  2. Connect to an Instance:

    ssh -i "your-key-pair.pem" ec2-user@your-instance-public-dns

  3. Stop/Start an Instance:

    aws ec2 stop-instances --instance-ids i-1234567890abcdef0
aws ec2 start-instances --instance-ids i-1234567890abcdef0

  4. Terminate an Instance:

    aws ec2 terminate-instances --instance-ids i-1234567890abcdef0

S3 (Simple Storage Service)

S3 is an object storage service offering industry-leading scalability, data availability, security, and performance.

  1. Create a Bucket:

    aws s3 mb s3://my-bucket-name

  2. Upload a File:

    aws s3 cp myfile.txt s3://my-bucket-name

  3. List Bucket Contents:

    aws s3 ls s3://my-bucket-name

  4. Delete a File:

    aws s3 rm s3://my-bucket-name/myfile.txt

  5. Sync Local Directory with S3:

    aws s3 sync . s3://my-bucket-name

IAM (Identity and Access Management)

IAM enables you to manage access to AWS services and resources securely.

  1. Create a New IAM User:

    aws iam create-user --user-name myuser

  2. Attach Policy to User:

    aws iam attach-user-policy --user-name myuser --policy-arn arn:aws:iam::aws:policy/AmazonS3FullAccess

  3. Create Access Key for User:

    aws iam create-access-key --user-name myuser

  4. List Users:

    aws iam list-users

RDS (Relational Database Service)

RDS makes it easy to set up, operate, and scale a relational database in the cloud.

  1. Create a DB Instance:

    aws rds create-db-instance --db-instance-identifier mydb --db-instance-class db.t3.micro --engine mysql --master-username admin --master-user-password password --allocated-storage 20

  2. Describe DB Instances:

    aws rds describe-db-instances

  3. Take a DB Snapshot:

    aws rds create-db-snapshot --db-instance-identifier mydb --db-snapshot-identifier mydb-snapshot

  4. Delete a DB Instance:

    aws rds delete-db-instance --db-instance-identifier mydb --skip-final-snapshot

Lambda (Serverless Computing)

AWS Lambda lets you run code without provisioning or managing servers.

  1. Create a Lambda Function:

    aws lambda create-function --function-name my-function --runtime python3.8 --role arn:aws:iam::123456789012:role/lambda-role --handler lambda_function.lambda_handler --zip-file fileb://function.zip

  2. Invoke a Lambda Function:

    aws lambda invoke --function-name my-function --payload '{"key1": "value1", "key2": "value2"}' output.txt

  3. Update Lambda Function Code:

    aws lambda update-function-code --function-name my-function --zip-file fileb://function.zip

  4. Delete a Lambda Function:

    aws lambda delete-function --function-name my-function

CloudFormation (Infrastructure as Code)

CloudFormation provides a common language to describe and provision all the infrastructure resources in your cloud environment.

  1. Create a Stack:

    aws cloudformation create-stack --stack-name my-stack --template-body file://template.yaml

  2. Update a Stack:

    aws cloudformation update-stack --stack-name my-stack --template-body file://updated-template.yaml

  3. Describe Stack Resources:

    aws cloudformation describe-stack-resources --stack-name my-stack

  4. Delete a Stack:

    aws cloudformation delete-stack --stack-name my-stack

VPC (Virtual Private Cloud)

Amazon VPC lets you provision a logically isolated section of the AWS Cloud where you can launch AWS resources in a virtual network that you define.

  1. Create a VPC:

    aws ec2 create-vpc --cidr-block 10.0.0.0/16

  2. Create a Subnet:

    aws ec2 create-subnet --vpc-id vpc-1234567890abcdef0 --cidr-block 10.0.1.0/24

  3. Create an Internet Gateway:

    aws ec2 create-internet-gateway
aws ec2 attach-internet-gateway --vpc-id vpc-1234567890abcdef0 --internet-gateway-id igw-1234567890abcdef0

  4. Create a Route Table:

    aws ec2 create-route-table --vpc-id vpc-1234567890abcdef0
aws ec2 create-route --route-table-id rtb-1234567890abcdef0 --destination-cidr-block 0.0.0.0/0 --gateway-id igw-1234567890abcdef0

CloudWatch (Monitoring and Observability)

Amazon CloudWatch is a monitoring and observability service built for DevOps engineers, developers, site reliability engineers (SREs), and IT managers.

  1. Create an Alarm:

    aws cloudwatch put-metric-alarm --alarm-name cpu-mon --alarm-description "Alarm when CPU exceeds 70%" --metric-name CPUUtilization --namespace AWS/EC2 --statistic Average --period 300 --threshold 70 --comparison-operator GreaterThanThreshold --dimensions Name=InstanceId,Value=i-12345678 --evaluation-periods 2 --alarm-actions arn:aws:sns:us-east-1:111122223333:MyTopic --unit Percent

  2. List Metrics:

    aws cloudwatch list-metrics --namespace AWS/EC2

  3. Get Metric Statistics:

    aws cloudwatch get-metric-statistics --namespace AWS/EC2 --metric-name CPUUtilization --dimensions Name=InstanceId,Value=i-12345678 --start-time 2022-10-01T00:00:00 --end-time 2022-10-02T00:00:00 --period 3600 --statistics Average

  4. Create a Dashboard:

    aws cloudwatch put-dashboard --dashboard-name MyDashboard --dashboard-body file://dashboard-body.json

Best Practices and Security

  1. Use IAM roles for EC2 instances instead of storing AWS credentials
  2. Enable MFA (Multi-Factor Authentication) for all IAM users
  3. Use VPC to isolate your resources
  4. Regularly rotate access keys and passwords
  5. Use encryption for data at rest and in transit
  6. Implement least privilege access
  7. Enable CloudTrail for API logging
  8. Use Security Groups and NACLs to control network access
  9. Regularly patch and update your systems
  10. Use AWS Config to assess, audit, and evaluate configurations of your AWS resources

2024 © All rights reserved - buraxta.com