This note will explain, how to configure scheduled Snapshot of attached EBS volumes using terraform, Cloudwatch Events with builtin target EC2 CreateSnapshot API. We can use Cloudwatch event to schedule snapshot of EBS volume. For this we need to create Schedule based Cloudwatch Event Rule with Specific Cron expression. Then attach EC2 CreateSnapshot API target…
These days, almost every Software development organization is trying to implement DevOps in their Software Development Lifecycle. DevOps is getting accepted worldwide for its Software Delivery speed and reliability. Infrastructure provisioning or orchestration and Configuration Management both are like heart and soul of DevOps toolchain. Tools like Terraform & Cloud Formation are used for Infrastructure…
Salt based linux and iam user Management I have created Salt States for Managing User. I have uploaded them on GitHub. Kindly check and let me know any suggestions or queries. Clone Git Repo from https://github.com/neeleshg/salt-iamuser-sshkey.git Check out README.MD
These Videos demonstrates configuring AWS Console Login Failure Alerts using CloudTrail, CloudWatch. We also can setup a lambda function, which will disable or take any on that user after number of login failures. Part1 Part2
These 2 videos demonstrates, simple steps to Partition root volume. Part-1 Part-2
The Federal Risk and Authorization Management Program (FedRAMP) is a government-wide program that provides a standardized approach to security assessment, authorization, and continuous monitoring for cloud products and services. FedRAMP is required if organization is planning to have projects from US FedRAL Government. It is also a framework to harden organization’s infrastructure. Getting FedRAMP is…
General Process: Cloudtrail will send all API logs to S3 bucket And will notify to SNS topic SNS will send log details to SQS queue Graylog will poll message from SQS and get the logs from that S3 file By default all logs will be sent to “All Messages” stream. Stream can be used to…
This is high level description of Redis HA Implementation Options. There are couple of ways to setup Redis in HA mode as per business requirements. Main concern in Redis HA is how we are going to distribute Writes and Reads. Sometimes RedisHA is handled at Application level as well. Option 1: Manual This is the…
Steps to configure SSL in Tomcat & integrate it with AWS Elastic Load Balancer (ELB) 1. Create Keystore using keytool.2. Generate Certificate Signing Request (CSR)3. Get RootCertificate, Intermidiate Certificate & Public Certificate. 4. Import above certificates in keystore 5. Configure keystore in tomcat 6. Integrate SSL certificate with AWS ELB – – Generate RSA Private…
Configuring Failover cluster between 2 EC2 instances is bit tricky. We can achieve Failover between 2 EC2 by configuring Elastic IP Failover. In AWS we can associate Elastic IP to an EC2 instance. Using this Elastic IP we can connect to the associated instance using terminal. We can configure basic Failover of EIP using below…