RSInfoMinds

  In my previous pos t, We have seen how to set up S3 replication. In this post, we will see how to set up replication and trigger an ad-hoc batch operation to replicate existing objects. Source Bucket: rsinfominds-source-bucket Destination Bucket: rsinfominds-destination-bucket NOTE: Versioning needs to be enabled on both the buckets. The source bucket is created and uploaded with 3 files. Now, We have 2 buckets. Let's create replication from the source bucket. Upon selecting "Yes, Replicate Existing Objects".  It takes to Batch Operation Job. Now that job is created and triggered. You can see the object replicating on the destination bucket.

  In the previous post, we saw how to create an API GW with Lambda.  In this post, we will see how to add an IAM Authorizer to the API GW.  So, all the calls to API GW must be authenticated and authorized via the IAM user's Access and Secret Keys. I already have an IAM user called "rsinfominds". I added APIGW Invoke permission to the user and made a note of the access and secret key. Now, We have an IAM user. Let's update the existing API GW with the IAM authorizer. Finally hit deploy to save the changes. Now, It's time to test it via Postman. It works. We got the reply "Hello from Lambda".

AWS Secrets Manager helps you manage, retrieve, and rotate database credentials, application credentials, OAuth tokens, API keys, and other secrets throughout their lifecycles. In Secrets Manager, a secret consists of secret information, the secret value, plus metadata about the secret. A secret value can be a string or binary.  Let's start with creating a simple secret and how to view using a Python program. Here my secret is going to be a simple key: value pair. To access the secret, I have created an IAM Role and " RoleToRetrieveSecretAtRuntime” with permission to “ GetSecretValue ”. Updating the secret's access policy. The above permission states role " RoleToRetrieveSecretAtRuntime" can perform "GetSecretValue". We are done with the secret part. Now, We are going to use a Python program to view the secret from an EC2 instance.  NOTE: EC2 instance should be attached with the role  RoleToRetrieveSecretAtRuntime import boto3 from botocore.exceptions...

  In this post, we will see about EFS Access Point.  We all know EFS == NFS.  There is an interesting feature available in EFS called access points which lets the user create a separate folder under EFS and the ability to mention the user and group (POSIX) as well as root ownership. An Amazon EFS file system can have a maximum of 1,000 access points. You cannot modify an existing access point after it's created. I already have an EFS created and I am going to create 2 access points called "/data" and  "/config". /data will have POSIX and ROOT as 1001(user) and 1001(group). Permission is 0755. /config will have POSIX and ROOT as 1002(user) and 1002(group). Permission is 0755. Repeat the same for "/config". Now, Let's mount both access point on an EC2 instance. Now, we can see EFS mountpoints will different ownerships. NOTE: You don’t see an option to edit the access points once created.