Small tip: Multi aws-cli environment

Motivation If you use multi AWS accounts in your work environment, I hightly recommend to configure your “aws-cli profile” so that you can easily change your aws-cli account. The only thing you need to do when you want to change your aws-cli environment is the option --profile. Very simple. How to configure Check under ~/.aws/. You can configure multi profile.

AWS Network for dummy (me)

Reference I found the good slide which contains good figures to understand AWS network. Physical location From the slide 10/58. Region consists of multi AZs (Availability Zone) An AZ consists of AZ-a, AZ-b, AZ-c, etc. AZx (x=a,b,c) consists of data centers The latency within the Region is ~2ms. Logical network VPC: A private network like across AZs (AZa, AZb, AZc). VPC subnet: Each AZx is assiend a subnet, like 172.

Cognito - tutorial

First thing you should decide We should decided “User pool” or “Identity pool”. Here is the official blog post about the differences. In a nut shell, User pools are for authentication (identify verification), and Identity pools are for authorization (access control). I’ll try an User pool. Future scope: integrate with AppSync. Tutorial 1. Create an User pool I followed the link. Very easy. Choose Manage User Pools. Manage User Pools.

AppSync - Tutorial

Getting started Set up Go to AppSync Page. Create API. Getting Started. Customize your API or import from Amazon DynamoDB -> Create with wizard Click Start Create model Model Name: Atlex00Model Configure model fields: Name: uid, Type: ID, Required. Name: first_name: Type: String Name: last_name: Type: String Name: gender: Type: Int Name: age: Type: Int Name: email: Type: Email Configure model table (optional) Table Name: Atlex00ModelTable Primary Key: uid, Sort key: first_name Create resources API configuration API name: atlex00AppSync Your API is almost ready… Updating the schema.

API Gateway as S3 proxy

Overview of the task Here is the official tutorial page. Here is an overview of the tasks. Create a role contains two policies. AmazonAPIGatewayPushToCloudWatchLogs AmazonS3ReadOnlyAccess Create paths with {} braces. This part is regarded as variable. E.g. {folder}. Create method request for the paths. Authorization: using AWS_IAM. request path: {folder} Pre-setting up You should make your own IAM Role which contains two policies below.

Manage AWS Route53 with Ansible

I have a chance to automate AWS Route 53 manipulation with Ansible and here is a note. As Ansible always does, most useful informations are in the official document. Set up environment Install boto According to an Ansible official document, We need to install boto (AWS SDK for Python). boto: pip install -U boto Get AWS API keys and export it boto used two keys in order to use AWS API under the hood.