Monitoring with Amazon CloudWatch

What is CloudWatch? CloudWatch acts as one centralized place where metrics are gathered and analyzed from the different AWS services. Many AWS services send metrics automatically for free to CloudWatch at a rate of one data point per metric per 5-minute interval, without you needing to do anything to turn on that data collection. This…

Databases on AWS

If you want to run a relational database on AWS, you first need to select how you want to run it: the unmanaged way or the managed way.The paradigm of managed versus unmanaged services is similar to the Shared Responsibility Model. The Shared Responsibility Model distinguishes between AWS’s and the customer’s security responsibility over a…

Storage Options on AWS

Storage Types on AWS AWS storage services are grouped into three different categories: block storage, file storage, and object storage. File Storage You place your files in a tree-like hierarchy that consists of folders and subfolders. Each file has metadata such as file name, file size, and the date the file was created. The file…

Set Cloudflare WAF rules with Fail2Ban actions

Cloudflare offers API access to it’s WAF IP access rules, which can be a great tool to ban bots on a “edge” level, reducing load on each instance. So once a server bans an IP for repeatedly failing auth, it will be blocked on the CF level, unable to bother other servers. My old script…

EC2 Pricing Options

One of the ways to reduce costs with Amazon EC2 is to choose the right pricing option for the way your applications run. There are three main purchasing options for EC2 instances: on-demand, reserved, and spot instances. On-Demand Instances (Pay As You Go) With On-Demand instances, billing begins whenever the instance is running, and billing…

AWS IAM Policies & Roles

Policies are stored in AWS as JSON documents with several policy elements. When creating a policy, it is required to have each of the following elements inside a policy statement. Element Description Required Example Effect Specifies whether the statement results in an allow or an explicit deny ✔ “Effect”: “Deny” Action Describes the specific actions…

AWS Security Basics

AWS Shared Security Model: https://d1.awsstatic.com/security-center/Shared_Responsibility_Model_V2.59d1eccec334b366627e9295b304202faf7b899b.jpg AWS is responsible for security of the cloud. This means AWS is required to protect and secure the infrastructure that runs all the services offered in the AWS Cloud. AWS is responsible for: The level of responsibility AWS has depends on the service. You’re responsible for security in the cloud.…