Monitoring in AWS can lead to a complicated web of resources and workflows. Maximizing coverage of availability metrics, performance indicators, and security requires knowledge of several services and integration techniques. Log monitoring presents cost, storage, and retention challenges. This course is designed to shed light on monitoring strategies in AWS to eliminate gaps in monitoring, as well as explain differences between traditional monitoring choices and those available as part of the AWS ecosystem.
July 25 and July 26, 7am-11am us/PST, I'll be explaining strategies for taking and passing the AWS Sysops certification. There is a new exam guide that has just been released, my material will cover it, and I'm taking the beta exam before delivery so all my content will be as fresh as possible!
Sign up here
There are still a few spots available for Chad's Introduction to GCP live course on 7/2 and 7/3, hosted by Safari Online! 2 days of 3 hours each, and you'll walk away with the tools necessary to start your Google Cloud Platform experience!
Sign up here, but do it quickly, before it sells out!
Amazon Web Services CodeCommit is a great, very cheap/free program that can be used to store and share code with others. Using the AWS free-tier you can have up to 5 IAM users, and 3 projects on the same account that share code to the same place. This is a simple how-to that should get everything up and running for you and hopefully answer any questions you might have.
1. Assuming that you already have an updated and working version of pip and Python installed you can install the AWS CLI by using this command
pip install awscli --upgrade –user
2. Create an IAM user that has codecommit access. Make sure that you check the box that allows Programatic Access and the other one that allows for AWS Management Console Access if those are things you want your account to have. You must select both of these for initial setup.
For best security principles you should give the account the least access possible to do the job. For set up you can give the account the premade policy that allows only AWS codecommit access. Also be sure to save the access key ID and the secret access key. You will need these.
While in the setup phase of the account, navigate to the “Security Credentials” tab. Once there generate SSH credentials for your account.
You can also generate HTTPS Git credentials for codecommit if you think you’ll use HTTPS to connect to the codecommit repository at all.
Once the account has been made, if you are using the command line interface, use the aws configure command to set up your CLI with your IAM account. This should be your output:
access key ID: (enter access key ID)
secret access key: (enter secret access key)
default region name (us-east-1): (type the availability zone you want, one listed is the current region selected)
default output (text): (this can be changed to JSON if you prefer)
note: make sure the default region is the same one that plan to put your repository is in
3. Next you need to make sure that Git is installed on your computer, you can download it here
4. When you made your new IAM user there should have been a URL that you can use to log into AWS management console. Log in now, and naviagate to CodeCommit.
Click the blue “create” button and make your first repository. Give it a name and a description and you can also set up SNS notifications amongst other things at this stage if you so choose.
I called my repository “testrepo”
5. Now make sure that you have an SSH key pair. If you already have one you can skip this step. You can use an existing one, or make a new one with the keygen command. Before running the command, I’d recommend that you change into your /.ssh directory. Mine was under /Users/”username-here”/.ssh/
Then you can run the keygen command to make your ssh key pair. Once you run the command it will ask you what you want to name your key pair. For the sake of this we’ll call ours “testkeypair”
Enter file in which to save the key (/Users/username/.ssh/id_rsa): testkeypair
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in testkeypair.
Your public key has been saved in testkeypair.pub.
The key fingerprint is:
The key's randomart image is:
| .. |
|. . |
| .. . o * + + |
|. o o O B * + . |
|o. .+ . S + + o o|
|o..=.o. + o o o |
|. + =o. o E . |
| + o oo= |
| o o.o. |
After running the command the key pair is available for use. There will be 2 files saved into the directory you were in at the time of creation, one named “testkeypair” and one named “testkeypair.pub”.
6. Once your key pair has been completely made you can run the “cat” command to view the contents of the file that you made. “cat” into the public file so that you can see the contents for copy and paste purposes
Sign in to the AWS Management Console and open the IAM console at https://console.aws.amazon.com/iam/
In the IAM console, in the navigation pane, choose Users, and from the list of users, choose your IAM user.
On the user details page, choose the Security Credentials tab, and then choose Upload SSH public key.
Paste the contents of your SSH public key into the field, and then choose Upload SSH public key.
Copy or save the information in SSH Key ID (for example, APKAEIBAERJR2EXAMPLE).
7. On your computer, use a text editor to create a config file in the ~/.ssh directory, and then add the following lines to the file, where the value for User is the SSH key ID you copied earlier:
If you gave your private key file a name other than testkeypair, be sure to change that
Save and name this file config.
From the terminal, run the following command to change the permissions for the config file:
chmod 600 config
Run the following command to test your SSH configuration:
You will be asked to confirm the connection, as git-codecommit.us-east-1.amazonaws.com is not yet included in your known hosts file. The AWS CodeCommit server fingerprint is displayed as part of the verification (a9:6d:03:ed:08:42:21:be:06:e1:e0:2a:d1:75:31:5e for MD5 or 3lBlW2g5xn/NA2Ck6dyeJIrQOWvn7n8UEs56fG6ZIzQ for SHA256).
If you are having problems connecting you can try troubleshooting with the –v parameter so that you can see where things went wrong.
ssh -v git-codecommit.us-east-1.amazonaws.com
8. Assuming that everything went smoothly you can now clone your git repository and make your first commit.
git clone ssh://git-codecommit.us-east1.amazonaws.com/v1/repos/testrepo
Assuming that this is a brand new repository that you are connecting to, it will give you a warning telling you that you may have cloned an empty repository.
This command clones an identical repository that will be stored on your local drive. This keeps a copy of everything you have made and will stay there until you push it to the cloud. You will also need to run pulls to make sure that your local repository is kept updated if others share the repository.
9. Now you are ready to make your first commit. You can create a new file, I’m calling mine “CommitTest”. Just add some words or a phrase to the file to test if things work.
10. To verify that everything works, use the command git status, and you should get the following output:
On branch master
No commits yet
(use "git add <file>..." to include in what will be committed)
nothing added to commit but untracked files present (use "git add" to track)
11. To add the text file to your next upload run the add command
git add CommitTest.txt
Now the test file is in the “to be uploaded” category
12. Now we can send it to the local repository on your computer with the commit command, and this should be the output assuming it sent correctly
[master (root-commit) 8e3ac5d] Adding CommitTest.txt to repo
Committer: name <email@example.com>
Your name and email address were configured automatically based
on your username and hostname. Please check that they are accurate.
You can suppress this message by setting them explicitly:
git config --global user.name "Your Name"
git config --global user.email firstname.lastname@example.org
After doing this, you may fix the identity used for this commit with:
git commit --amend --reset-author
1 file changed, 1 insertion(+)
create mode 100644 CommitTest.txt
13. We can run the git status command again and this should be the output
On branch master
Your branch is based on 'origin/master', but the upstream is gone.
(use "git branch --unset-upstream" to fixup)
nothing to commit, working tree clean
14. Now you will push the contents of your local repository to your AWS repository using the push command.
git push -u origin master
Counting objects: 3, done.
Delta compression using up to 4 threads.
Compressing objects: 100% (2/2), done.
Writing objects: 100% (3/3), 320 bytes | 320.00 KiB/s, done.
Total 3 (delta 0), reused 0 (delta 0)
* [new branch] master -> master
15. If you plan to share this repository with others, they will need to go through the same steps as you did as far as making sure they are SSH compatible, and really everything but making the actual repository.
This could mean that others are uploading code to the repository that you might want. For this you simply run a git pull command whenever your want to sync your repository with that of the cloud one.
Already up to date
My output says I’m already up to date, but if there were things to pull it would say it there.
16. This step shows you how to share with others.
Switch to your /tmp directory now.
Run git clone to pull down a copy of the repository into the shared repo:
git clone ssh://git-codecommit.us-east-1.amazonaws.com/v1/repos/testrepo shared-test-repo
This helps with making sure that there is no significant data loss as well as not overwriting your main repository
Now switch to your /tmp/ repository
Run git config to add another user name and email address represented by placeholders other-user-name and other-email-address (for example, John Doe and email@example.com). This makes it easier to identify the commits the other user made
git config --local user.name "other-user-name" git config --local user.email other-email-address
Use a text editor to create an example text file in the shared-test-repo directory. I called mine sharedtest.txt
Run git add to stage the change to the shared repo:
git add sharedtest.txt
Run git commit to commit the change to the shared repo:
git commit -m "Added sharedtest.txt"
Run git push to push your initial commit through the default remote name Git uses for your AWS CodeCommit repository (origin), from the default branch in your local repo (master):
git push -u origin master
Monitoring in the AWS ecosystem can cover a wider range of actions than an on-premise data center, including the ability to monitor the API events issued against your account. In this course, Monitoring with AWS CloudTrail, you'll learn how to integrate CloudTrail events with CloudWatch Logs through several real-world examples. First, you will learn about the CloudTrail entry format. Next, you will learn how to create metric filters. Finally, you will combine this knowledge into CloudWatch alarms and notifications. By the end of this course, you'll be able to identify opportunities for monitoring API events in your AWS account and effectively deploy metric filters with CloudWatch alarms for appropriate notifications and response.
Security in the cloud can be difficult to implement using tools designed for on-premise data centers. In this course, Implementing Amazon Inspector, you'll learn how to automate ongoing security audits using this service on EC2 instances. First, you'll explore how to install the Inspector Agent. Next, you'll learn about the various components of the service and how to create audits. Finally, you'll discover how to implement manual or fully automated ongoing reports with notifications based on the findings. By the end of this course, you'll have an understanding of Amazon Inspector and some of it's most important uses.
I was recently asked for for tips for working form home by Secrets to Being Smarter, a blog for "where devs, IT admins and creative pros go for news tips and more". I have been based out of the home for over 6 years and have found that there is more to consider than 'shall I work from the couch, or the kitchen table?'
If you're currently working from home, or considering taking the plunge, consider the tips offered in this post. http://www.pluralsight.com/blog/career/smarter-secrets-working-from-home-tips
Professionals working from home and individual contributors boost their career success by being team players. I have contributed my experience in a blog post aimed at improving your team and career goals. http://plrsig.ht/2mJrKdq I'd love to here your experience with building a successful team.
(Secrets to Being Smarter is an industry blog that brings information to you from working professionals.)