1 Once you have logged in, go to the EC2 service to start it up. Either use the top search bar to look for “EC2” or browse the “Compute” section to find it.

2 Start a new instance: To begin building a new EC2 instance, click the “Launch Instance” button.

3 You will be asked to select an Amazon Machine Image (AMI) during the instance launch wizard. To find the Windows Server AMI of your choosing, select the “AWS Marketplace” tab and conduct a search. There are several versions offered, including Windows Server 2019, 2016, and others. By clicking the “Select” button, you can choose the AMI that best meets your needs.

( 1 ) Instance = highsky-windows-server1

( 2 ) Application and OS Images (Amazon Machine Image) = Windows. Microsoft 

4. Select a type of instance: Depending on the resources and performance you require, choose the instance type. You have the option of selecting a general-purpose instance or a particular instance type. After making your choice, pick “Next: Configure Instance Details” from the menu.

5. Configure instance details: Various settings, including the number of instances, network configurations, storage, security groups, and more, can be made in this area. When you have finished, click the “Next: Add Storage” option. Adjust the settings as necessary.

6. Add storage by setting up your instance’s storage options. If necessary, you can change the default storage size or add more volumes. After making your modifications, select “Next: Add Tags” from the menu.

7.  You can optionally add tags to your instance to improve management and organisation. Key-value pairs called tags are a way of identifying and classifying resources. When you’re ready, press the “Next: Configure Security Group” button.

8.  Setting up a security group will allow you to manage the inbound and outgoing traffic to your instance. A new security group can be made, or you can choose an existing one. For your Windows Server instance, make sure to enable inbound traffic that is required, such as Remote Desktop Protocol (RDP) for remote access. When you’re done, press the “Review and Launch” button.

9.  Review everything you’ve configured for your instance before launching it. Click the “Launch” button if everything appears to be in order.

10.  Choose or create a key pair: If you don’t already have a key pair, you’ll be asked to do so. For safe login to your instance, key pairs are utilised. Save the private key file (.pem) that you downloaded in a secure location. After downloading the key pair, select “Launch Instances” from the menu.

11. Launch status: A notification confirming that your instances are launching will appear. To access the EC2 dashboard, click the “View Instances” option.

12. Connect to your instance by choosing it from the list and clicking the “Connect” button after it has started operating. To connect to your Windows Server instance using Remote Desktop Protocol (RDP), adhere to the recommended steps.

I’m done now! AWS has acknowledged your successful creation of a Windows Server EC2 instance. Now you can use it for the settings and applications you like.

Connect to your Windows instance using RDP

1. When utilising Remote Desktop to login to your Windows instance, you must first locate the initial administrator password and then input it. After the instance launches, it takes some time before this password becomes accessible.

2. The name of the administrator account is determined by the operating system’s language. For instance, the correct term is Administrator for English, Administrator for French, and Administrator for Portuguese. See the Microsoft TechNet Wiki for more details.

3. You can access your instance using the domain credentials you’ve specified in AWS Directory Service if you’ve joined your instance to a domain. Use the administrator’s fully qualified user name on the Remote Desktop login screen in place of the local computer’s name and the generated password.

4. When the instance was launched, you created a private key (.pem) file; select Browse and go to that location. To copy the whole contents of the file to this window, choose the file and then select Open.

5. Decrypt Password is your option. In place of the previous Get password link, the console now shows the instance’s default administrator password under Password. Keep the password in a secure location. In order to connect to the instance, you must enter this password.

6. Select Download file from remote desktop. You are given the option to open or save the RDP shortcut file using your browser. To get back to the Instances page when you have completed downloading the file, select Cancel.

( 1 ) You would see the Remote Desktop Connection dialogue box if you opened the RDP file.

( 2 ) If you saved the RDP file, open it by going to your downloads directory and clicking it to bring up a dialogue box.

7. You can be informed that the remote connection’s publisher is unknown. To maintain your connection to your instance, select Connect.

8. The default selection is the administrator account. The saved password should be copied and pasted.

9. You might see a warning that the security certificate could not be validated because of the nature of self-signed certificates. Use the next several steps to confirm the remote computer’s identification, or just select Yes (Windows) or Continue (Mac OS X) if you believe the certificate.

Successfully EC2 instance Windows Server connect 

1. Activate the EC2 service: After logging in, choose the EC2 service from the list of accessible services to navigate to it.

2. To launch an instance, select the “Launch Instance” button on the EC2 dashboard. This will launch the procedure for creating an instance.

3. Selecting an AMI from Amazon Choose an AMI that meets your needs. AWS offers pre-configured AMIs, or you can utilize your own custom AMI.

4. Select a type of instance: Select the “C5” family, followed by the “c5.xlarge” instance type, in the “Choose Instance Type” section.

5. Configure instance details, including the number of instances, network configurations, and storage choices, based on your requirements. In case you’re unsure, you can leave most of the options alone.

6. Add storage by specifying how much space your EC2 instance needs. Depending on your requirements, you can change the storage’s size, composition, and configuration

7. Set up security groups: Security groups manage the traffic entering and leaving your EC2 instance. Set the security group up to permit access to the ports and protocols required for your use case.

8. Review the setup options you’ve chosen before launching se. Click the “Launch” button if everything appears to be in order.

9. Choose an existing key pair or generate a new one: You must build a key pair in this step in order to securely connect to your EC2 instance. A fresh key pair can be generated or an old one used. Ensure that you download the private key file (.pem) and save it safely.

10. Launch the instance: To launch your EC2 instance after choosing a key pair, click the “Launch Instances” button. It will begin provisioning the instance.

11. Once your EC2 instance is up and running, you can connect to it and access it via SSH or other remote access protocols. To create a secure connection to your instance, use the private key file you downloaded earlier.

I’m done now! You have successfully established an EC2 instance of the high-performance computing capable “c5.xlarge” instance type. Keep in mind to manage and monitor your EC2 instances according to the demands of your workflow.

( 1 ) Navigate to the EC2 Dashboard by clicking on the “Services” dropdown menu, selecting “Compute,” and then clicking on “EC2.”

( 2 ) Click on the “Launch Instance” button.

( 3 ) Select the Amazon Machine Image (AMI) you want to use for your instance.

( 4 ) Choose the instance type that best fits your needs.

( 5 ) Configure the instance details, including the number of instances you want to launch, network settings, and storage.

( 6 )  Add any additional tags, if desired, to help you identify your instance.

( 7 )  Configure security groups to control inbound and outbound traffic to your instance.

( 8 )  Review your configuration and launch your instance.

And click the =  Instances

Click = Connect .. And connect instance 

( 1 )  Apache Web Server install ( httpd)

sudo yum install httpd -y

( 2 ) Activate Apache and start it:
Start the service and make Apache boot up automatically after installation.

sudo systemctl start httpd

sudo systemctl start httpd

Go to EC2 Dashboard 

( 1 ) Click = Actions
( 2 ) Click = Image and templates
( 3 ) Create image

1 Create an image (AMI) : When the instance is selected, click the “Actions” dropdown menu and select “Create Image” (you can also right-click the instance to access this menu as well).

2 Configure the image settings: Give the image a special name and description in the “Create Image” dialogue box. Additionally, you can decide whether to restart the instance before to making the picture, which is advised for data consistency. To begin creating an image, click “Create Image”.

( 1 ) Image name = highsky-image 
( 2 ) Image description – optional = highsky-image 

3 Monitor image creation: It can require a few minutes to create a picture. The EC2 interface allows you to keep tabs on the development. The image will be accessible in the AMIs section once the image creation is complete.

Click = Create image

 Go to EC2 Dashboard / Images / AMIs 

4 Launch a new EC2 instance from the image: To launch the instance creation wizard, select “Launch Instance” from the EC2 dashboard.

5 Instances name = highsky2-image 

6 Choose an Amazon Machine Image (AMI): Click the “My AMIs” tab in the “Instance Creation Wizard’s first step. The picture you made in the previous step ought to appear. Choose it to serve as the new instance’s base image.

7 Configure instance details: Set up the instance’s specifics, including the instance type, network configurations, storage options, and security groups, in accordance with your needs. Examine other settings, and make necessary changes.

And click the =  Instances

Click = Connect .. And connect instance 

yum install httpd -y

 

The AWS CDK or Cloud Development Kit is one of the powerful frameworks which helps developers to find out cloud infrastructure resources by using similar programming languages like Java, TypeScript, and Python.  HighSky IT offers The AWS Security Training Course Ahmedabad, which gives an invaluable resource for architects and developers looking to unlock the complete potential of the CDK.

This course is specially designed to offer comprehensive skills and knowledge to participants related to securing data and applications on the AWS platform.  Such kind of  Data Science Training in Ahmedabad provides valuable insights into best practices and different security measures that can help to protect AWS resources from different potential threats.  This post highlights some key takeaways from such a training course.

What can you learn from AWS CDK or Security Training Course?

• Understanding AWS Security Services

The courses for Ansible Training Ahmedabad offer an in-depth understanding of different security services provided by AWS.  Here, participants can learn about different services like AWS CloudTrail, Identity and Access Management (IAM), Firewall Manager, AWS Key Management Service (KMS), AWS Config, and many more.  Having knowledge about such services can be utilized to improve the AWS environment’s security posture.

• Identity and Access Management

The courses for AWS Security Certification Ahmedabad cover AWS IAM, which is one of the primary components of access control in AWS.  Here, learners can understand the best practices for implementing authorization mechanisms and secure authentication.

• Securing AWS Infrastructure

In this AWS CDK, the participants can learn about best practices and important techniques for securing their AWS infrastructure.  It includes implementing the right access controls, configuring secure network architectures, and applying security policies in order to protect AWS resources.  The participants can also learn about encryption mechanisms, secure data storage options, and methods to secure transit data.

• Incident Response and Compliance

This course gives proper guidance on responding to security incidents and creating an incident response plan in an AWS environment.  Here, participants can learn about AWS security best practices to respond to and mitigate common threats to security.  The learners can gain knowledge of industry regulations and compliance frameworks relevant to AWS, like PCI-DSS, GDPR, and HIPAA.

Apart from that, the course also helps the participants to understand the best practices and security optimization and monitoring and logging for securing AWS resources.

Conclusion

The AWS Security Training Course helps the participants with the skills and knowledge essential to implement security measures in their AWS environment.  If you want to learn more details on this course, then you can connect with Highsky IT Solutions to gain an understanding of securing infrastructure and AWS security services.

First, we need to create an s3 Bucket steps are given below:

To bucket create
1 highsky1
2 highsky2

1 ( highsky1 )
Step 1: Log on to your AWS Console.
Step 2: go to the Search bar  ” S3 services “

Step 3: Click on S3  Scalable Storage in the Cloud” and proceed further

Step 4: Create a new Bucket

In the general configuration category:

Step 5: Enter the bucket name  ( highsky1 ) 

Step 6: Next, choose the  AWS region,  [Asia Pacific (Mumbai) ap-south-1].

ACLs disabled (Recommended)

Bucket owner enforced – Bucket and object ACLs are disabled, and you, as the bucket owner, automatically own and have full control over every object in the bucket. Access control for your bucket and the objects in it is based on policies such as AWS Identity and Access Management (IAM) user policies and S3 bucket policies Objects can be uploaded to your bucket only if they don t specify an ACL or if they use the bucket-owner-full-control canned ACL.

Block Public Access settings for this bucket

Public access is granted to buckets and objects through access control lists (ACLs), bucket policies, access point policies, or all. In order to ensure that public access to this bucket and its objects is blocked, turn on Block all public access. These settings apply only to this bucket and its access points. AWS recommends that you turn on Block all public access, but before applying any of these settings, ensure that your applications will work correctly without public access. If you require some level of public access to this bucket or objects within, you can customize the individual settings below to suit your specific storage use cases

Bucket Versioning

Versioning is a means of keeping multiple variants of an object in the same bucket. You can use versioning to preserve, retrieve, and restore every version of every object stored in your Amazon S3 bucket. With versioning, you can easily recover from both unintended user actions and application failures.

Disable

2. Once in the IAM console, click on the “Policies” tab in the left-hand menu.

3. Click the “Create policy” button.

4. Choose either the “Visual editor” or the “JSON” tab to create the policy.

5. choose the Visual editor tab to select the service the policy will apply to and then choose the actions and resources the policy will allow or deny

( 1 ) Select the “JSON” tab.
( 2 ) Define the policy document using the JSON syntax. The policy document specifies the permissions and resources that the policy grants or denies.
( 3 ) Make sure to include the necessary actions, resources, and conditions according to your requirements.
( 4 ) Click on the “Review policy” button.
( 5 ) Provide a name and optional description for your policy.
( 6 ) Review the policy details and click on the “Create policy” button to finalize it.

 

 {
  "Version": "2012-10-17",
  "Statement": [
    {
      "Sid": "Stmt1686230148773",
      "Action": [
        "s3:ListAllMyBuckets"
      ],
      "Effect": "Allow",
      "Resource": "*"
    },
    {
      "Sid": "Stmt1686230216901",
      "Action": "s3:*",
      "Effect": "Allow",
      "Resource": "arn:aws:s3:::Your Bucket Name "
    }
    {
      "Sid": "Stmt1686230222829",
      "Action": "s3:*",
      "Effect": "Allow",
      "Resource": "arn:aws:s3:::Your Bucket Name /*"
    }
  ]
}

Click Next 

Full permission  in Bucket ( highsky1 ) 

( 7 ) Policy Name File ( permission-policy )

And Click ( Create policy )

Once the policy is created, you can attach it to a user, group, or role in IAM. When the user, group, or role tries to access a resource, the policy will be checked to determine whether the action is allowed or denied.

It’s important to test your policy to ensure that it’s providing the intended access and restrictions.  can do this by using the Simulate policy feature in the IAM console, which lets you simulate a policy to see how it would apply in different scenarios

2 Create User 

1. Once in the IAM console, click on the “Users” tab in the left-hand menu.

1. Open the AWS Management Console: Go to the AWS Management Console and log in to your AWS account.

2. Choose RDS: From the list of AWS services, choose RDS (Relational Database Service).

3. Click “Create Database”: On the RDS dashboard, click the “Create database” button.

 4. Choose a database engine: Select the engine you want to use for your RDS instance. Amazon RDS supports various database engines like MySQL, PostgreSQL, Oracle, SQL Server, MariaDB, etc.

 

5 Choose a use case: Select the use case that best fits your needs. This will determine the default settings for your RDS instance, such as the instance class, storage type, and allocated storage.

6 . Configure the instance: Configure the RDS instance by specifying its name, username, and password. You can also choose the instance type, storage type, allocated storage, and other settings based on your requirements.

7. Configure advanced settings: If needed, you can configure advanced settings such as backup retention, maintenance window, security groups, and VPC settings.

8. Launch the instance: After configuring all the settings, review your configuration and click “Create Database” to launch your RDS instance.

9. Please wait for the instance to launch: It may take several minutes for your RDS instance to launch. Once it is ready, you can connect to it using the endpoint provided in the AWS Management Console.

 

That’s it! You have now created an RDS instance in AWS. You can use this instance to host your database and connect to it from your applications.

IAM service policy

1. Open the IAM Management Console: Go to the AWS Management Console and log in to your AWS account. From the list of AWS services, choose “IAM” under “Security, Identity & Compliance”.

2. Create a new policy: In the left-hand navigation pane, click “Policies”, then click “Create policy”.

3. Select a policy template: On the Create Policy page, you can either create your custom policy or use a pre-defined policy template. To create a policy for RDS, you can select the “Amazon RDS” service from the list of available services.

4. Choose the actions: Next, you need to choose the actions that you want to allow or deny for this policy. For example, you might want to allow read-only access to RDS resources or grant permissions to create and modify RDS resources.

5. Select Permission   ( Write )
(  CreateDBSnapshot )

6. Choose the resources: Once you have selected the actions, specify the RDS resources to which this policy applies. You can choose to apply the policy to all resources or specify individual resources by ARN (Amazon Resource Name).

1 db Represents a DB instance that is an isolated database environment running in the cloud

Click Add Arnto restrict access.

Click Theis Account 

( 1 )  Resource Region 

ap-south-1a 

( 2 ) Resource db instance name

database-1 

And Click ( Add ARNs )

IAM service role

1. Navigate to the IAM dashboard.

2. Click on “Roles” from the left-hand menu.

3. Click on the “Create role” button.

4. Choose the type of trusted entity for your role: an AWS service, another AWS account, or a web identity provider.

Use case Allow an AWS service like EC2, Lambda, or others to perform actions in this account.

Click The Lambda

5. Select the policies that define the permissions for your role. You can choose from existing policies or create a custom one.

6. Give your Role a name and description.

7. Review your role and click “Create role” to save it.

That’s it! You have now created an IAM service role in AWS. You can use this role to grant permissions to an AWS service or other entities that need to perform actions on your behalf.

Lambda function

1. Navigate to the Lambda dashboard.

2. Click on the “Create function” button.

3. Choose the type of function you want to create. You can create a function, blueprint, or serverless application repository from scratch.

4. Give your function a name and description.

5. Choose a runtime for your function, such as Python, Node.js, or Java.

( A runtime is a version of a programming language or framework that you can use to write Lambda functions. Lambda supports runtime versions for Node.js, Python, Ruby, Go, Java, C# (.NET Core), and PowerShell (.NET Core)

To use other languages in Lambda, you can create your own runtime.

Note that the console code editor supports only Node.js, Python, and Ruby. If you choose a compiled language, such as Java or C#, you edit and compile your code in your preferred SDE and upload a deployment package to the function. ) 

Taking by Python 3.1 

6. Configure the function’s execution role, which determines the permissions that the function has to access AWS resources.

7. Write your function code or upload a ZIP file containing your code.

import boto3

def lambda_handler(event, context):
    rds_client = boto3.client('rds')
    instance_id = "database-1"
    snapshot_id="Highskysnapshot"
    try:
        response = rds_client.create_db_snapshot(
            DBInstanceIdentifier=instance_id,
            DBSnapshotIdentifier=snapshot_id
        )
        print(f"Snapshot '{snapshot_id}' creation initiated.")
        return {
                "snapshot_id" : response['DBSnapshot']['DBSnapshotIdentifier'],
                "status" : "started creating"
            }
    except Exception as e:
        print(f"Error creating snapshot: {str(e)}")
        return None

8. Set up your function’s environment variables and any additional settings, such as memory and timeout settings. Click “Create function” to save your Lambda function.

After creating your Lambda function, you can test it manually or set up a trigger to invoke it automatically. You can also monitor your function’s performance and troubleshoot any errors using the AWS Lambda console.

  CloudWatch

1. Navigate to the CloudWatch dashboard.

2. Click on “Events” from the left-hand menu.

3. Click on the “Create rule” button.

4. Choose the “Schedule” option under “Event Source”.

Click Continue To create rule 

5. Configure the croon expression for when you want the RDS DB  instance to start. For example, if you want it to start every day at 8 pm, you would use the expression 30 12 * * ? * 

6. Choose the EC2 instance as the target for the event rule.

7. Configure the specific action that you want to perform on the RDS DB instance, which in this case is to start it.

8. Give your rule a name and description.

9. Click “Create rule” to save your CloudWatch event rule.

After creating your CloudWatch event rule, it will trigger at the scheduled times and start the specified EC2 instance. Be sure to test your rule to ensure it is working as expected.

Successfully 

1 Open the AWS Management Console and log in:

2 Open the RDS Dashboard: Choose “RDS” from the list of services once you’ve logged in. The RDS Dashboard will then be displayed

3 Choose the database you want to resize: Choose the database you want to resize by clicking on its identifier in the RDS Dashboard.

4 Take the snapshot database: Click Snapshots and take a snapshot

Snapshot name =  database29-05-2023

Successfully created snapshot 

5 Database Changes: Click the “Modify” button at the top of the page after selecting the database. The Modify DB Instance page will then be displayed.

6 Decide on the instance size and type: There is a section on the Modify DB Instance page titled “Instance specifications.” You can choose a new instance type and size for your database in this section.

change = db.t3.large

7 Set the New Instance Size: Examine the numerous instance types to see which one best satisfies your needs for CPU, memory, storage, and other resources. Change any other settings, like the storage capacity or performance criteria, after choosing the new instance type.

8 Implement the changes: The “Apply Immediately” button is located at the bottom of the page, so navigate there after choosing the new instance size and making any other necessary adjustments. The database’s resizing will start as a result of this.

And Click  Modify DB instance

Successfully modified instance database-1 

9 Track the progress of the resizing: After you’ve made the necessary adjustments, AWS will begin shrinking the database. The RDS Dashboard allows you to keep track of the development. Depending on the size of the database and the volume of data that has to be migrated, it could take some time for the resizing procedure to finish.

Check that Available 

 

10 Check the Resizing: You can examine the database’s new size and specifications on the RDS Dashboard when the resize process is finished to make sure it was successful.

Changing the size of an RDS database may cause downtime while the resize procedure is being done, so please be aware of that possibility. Planning the resizing during a maintenance window or a time when the impact on your application or users will be minimal is advised. Additionally, Depending on the new instance type and storage size, downsizing a database could result in extra expenditures. Before making any changes, carefully review the pricing information and take into account any possible effects on your AWS billing.

1 Open the AWS Management Console and log in: Visit the AWS website

2 To access the EC2 Dashboard, Choose “EC2” from the list of services after logging in. You will then be directed to the EC2 Dashboard.

3 To resize an instance, choose: Find the instance on the EC2 Dashboard you wish to resize, then click on it to select it. An alternative state, such as terminated, prevents you from changing the instance size, therefore make sure the instance is in the “stopped” or “running” state.

4 Stop the instance: Before scaling, your instance must be stopped if it is already operating. To stop the instance, right-click on it, choose “Instance State,” and then click “Stop.” Click “Yes, Stop” to confirm your action

Successfully stopped instance 

 

5 Select an instance size: As soon as the instance is chosen, click the “Actions” icon at the top of the page, go to “Instance Settings,” and choose “Change Instance Type.” A new instance size selection dialogue box will be displayed as a result.

6 Choosing a New Instance Size: You can choose from a list of various instance types in the “Change Instance Type” dialogue box. Select the one that has the CPU, memory and other resources you require. After choosing the new instance type, press “Apply.”

changing the t2.micro to  t2.medium

 The instance type changed Successfully

7 Activate the instance: You can now restart the instance if you had to stop it in step 4 for whatever reason. Simply perform right-click on the instance, choose “Instance State,” and then click “Start.” Activate the action by selecting “Yes, Start.”

8 Check the Resizing: Check if the instance has been enlarged after the instance has reached the “running” stage. The EC2 Dashboard allows you to view the instance type and its specifications.

Note: that depending on the new instance type and its related pricing, changing the instance size may result in additional charges. Before making any changes, it is advised to study the pricing information and take into account any possible effects on your AWS billing.

 

 

Elastic Block Store (EBS), a scalable block storage solution offered by AWS (Amazon Web Services), offers permanent storage for EC2 (Elastic Compute Cloud) instances. An EC2 instance can have an EBS volume attached to it as a virtual hard drive to store data.es:

The following are some significant traits and qualities of EBS volumes:

1. EBS volumes are made to last and offer long-term storage, therefore they are persistent. Even if the connected EC2 instance is stopped or terminated, the data on an EBS volume continues.

2. Elasticity: EBS volumes can be created in a variety of sizes, from 1 GB to 16 TB, and scaled up or down as necessary. This enables you to accommodate your applications’ fluctuating storage needs.

3. Performance: To accommodate a range of workloads, EBS volumes provide numerous performance options. Four different EBS volume kinds are available:

( 1 ) Suitable for a variety of tasks with balanced performance and cost is the general-purpose SSD (gp2/gp3).

( 2 ) SSDs with provisioned IOPS (io1/io2) are made for high-performance databases and applications that demand reliable and quick I/O.

( 3 ) Throughput Optimised HDD (st1): Designed for heavy streaming workloads with frequent access.

( 4 ) Old HDD (sc1): Designed for workloads that access cold data less frequently

4. Snapshots: EBS volumes support creating point-in-time snapshots, which are incremental backups of the volume’s data. Snapshots are stored in Amazon S3 and can be used to restore volumes or create new volumes.

5. Using the AWS Key Management Service (KMS), you can enable encryption at rest for your EBS volumes. This additional layer of protection further protects your data.

6. High Availability: To increase redundancy and availability, EBS volumes can be linked to an EC2 instance either inside the same availability zone (AZ) or across separate AZs.

7. Data management: As needed, EC2 instances can be quickly attached, detached, and reattached to EBS volumes. Additionally, you can copy volumes, take snapshots, and share snapshots among AWS accounts.

Databases, file systems, content repositories, and other sorts of applications frequently use EBS volumes to provide persistent storage on AWS. They provide versatility, toughness, and performance for data storage and access in the AWS cloud.

Following steps 

1. Open the AWS Management Console and log in.

2. Activate the EC2 service.

3. Create an ” EC2 ” instance

4. Connect to the instance ( puTTY )

5. Login to the root user
Command

[ec2-user@ip-172-31-2-182 ~]$ sudo -i

6.  Check for disk
Command

[root@ip-172-31-2-182 ~]# lsblk

By default disk 

Create Volume 

1. Click “Volumes” on the left navigation pane of the EC2 Dashboard.

2. Select “Create Volume” from the menu.

3. Enter the following information in the “Create Volume” dialogue box.

( 1 ) The preferred availability zone where you wish to establish the EBS volume should be chosen.

( 2 ) Volume Type: Based on your needs, select the appropriate volume type (e.g., magnetic, provisioned IOPS, or general-purpose SSD).

( 3 ) Size: Enter the volume’s size in gibibytes (GiB).

( 4 ) Snapshot: To construct a volume based on a snapshot, select it here if you have one. This step is not required.

( 5 ) Encryption: You can choose this option if you want to encrypt the volume. This step is not required.

You can add whatever tags you want for identification. This step is not required

Volume type

General Purpose SSD
General Purpose SSD (gp2 and gp3) volumes offer cost-effective storage that is ideal for a broad range of workloads.

Size (GiB)

10 (Gib)

Availability Zone
The Availability Zone in which to create the volume. After you create the volume, you can only attach it to instances that are in the same Availability Zone.

Note: Make sure that EBS and EC2 should be in the same availability zone.

ap-south-1b

And click Create volume

Successfully Create volume 

Attach volume 

4. The EBS volume can be created by selecting the “Create Volume” button.

You can attach a volume to an EC2 instance after it has been created by selecting it in the Volumes list and selecting “Actions” > “Attach Volume.” Name the device and specify the instance to which you want to attach the volume (for example, /dev/sdf).

Click Attach volume

Successfully attached volume  

 

Check for disk Connect to the instance ( puTTY )

[root@ip-172-31-2-182 ~]# lsblk

New disk attached  xvdf 10G

Create an LVM logical volume on a partition created on an EBS volume

Short description

1. You can allocate disc space as well as stripe, re-mirror, and resize logical volumes with LVM. You can assign a single EBS volume or a group of EBS volumes to one or more physical volumes using LVM.
Follow these procedures to extend the partitions and use LVM on your EBS volume:

2. To create a partition, use the fdisk command. Enter 8e00 as the variable’s Hex or GUID. The partition /dev/xvdf1 is created on /dev/xvdf in the example that follows.

[root@ip-172-31-2-182 ~]# fdisk /dev/xvdf

Welcome to fdisk (util-linux 2.37.4).
Changes will remain in memory only, until you decide to write them.
Be careful before using the write command.

Device does not contain a recognized partition table.
Created a new DOS disklabel with disk identifier 0x5cd32037.

Command (m for help): n
Partition type

p primary (0 primary, 0 extended, 4 free)
e extended (container for logical partitions)

Select (default p): e
Partition number (1-4, default 1): ( Enter )
First sector (2048-20971519, default 2048): ( Enter )
Last sector, +/-sectors or +/-size{K,M,G,T,P} (2048-20971519, default 20971519): ( Enter )

Created a new partition 1 of type 'Extended' and of size 10 GiB.

Command (m for help): t
Selected partition 1
Hex code or alias (type L to list all): 8e
Changed type of partition 'Extended' to 'Linux LVM'.

Command (m for help): w
The partition table has been altered.
Calling ioctl() to re-read partition table.
Syncing disks.

[root@ip-172-31-2-182 ~]# yum install lvm2

To build a physical volume from the partition, use the pvcreate command. The example below generates a physical volume from the device /dev/xvdh1:

[root@ip-172-31-2-182 ~]# pvcreate /dev/xvdf1

Physical volume “/dev/xvdf1” successfully created.
Creating devices file /etc/lvm/devices/system.devices

Make volume groupings and include the actual volumes therein.

Create a volume group using the vgcreate command to merge the new physical volumes. One physical volume is used in the example below to build volume group datastore:

[root@ip-172-31-2-182 ~]# vgcreate datastore /dev/xvdf1

Volume group “datastore” successfully created

To construct logical volumes (partitions) from your volume group, use the lvcreate command. The example below builds a database with a 10GB logical volume from the datastore volume group:

[root@ip-172-31-2-182 ~]# lvcreate -n database -L 10G datastore

Created a logical volume named “database”

[root@ip-172-31-2-182 ~]# mkfs.ext3 /dev/datastore/database

mke2fs 1.46.5 (30-Dec-2021)
Creating filesystem with 2621184 4k blocks and 655360 inodes
Filesystem UUID: 172211d1-022b-4d8f-85fa-8c44b223afb9
Superblock backups stored on blocks:
32768, 98304, 163840, 229376, 294912, 819200, 884736, 1605632

Allocating group tables: done
Writing inode tables: done
Creating journal (16384 blocks): done
Writing superblocks and filesystem accounting information: done

[root@ip-172-31-2-182 ~]# blkid /dev/datastore/database

/dev/xvdf1: UUID=”172211d1-022b-4d8f-85fa-8c44b223afb9″ SEC_TYPE=”ext2″ BLOCK_SIZE=”4096″ TYPE=”ext3″ PARTUUID=”5cd32037-01″

[root@ip-172-31-2-182 ~]# blkid /dev/xvdf1 >> /etc/fstab

[root@ip-172-31-2-182 ~]# vim /etc/fstab

/dev/xvdf1: UUID=”172211d1-022b-4d8f-85fa-8c44b223afb9″ SEC_TYPE=”ext2″ BLOCK_SIZE=”4096″ TYPE=”ext3″ PARTUUID=”5cd32037-01″

UUID=172211d1-022b-4d8f-85fa-8c44b223afb9 /mnt/data ext3 defaults  0  0

[root@ip-172-31-2-182 ~]# mkdir /mnt/data

[root@ip-172-31-2-182 ~]# mount -a

[root@ip-172-31-2-182 ~]# df -h

Filesystem Size Used Avail Use% Mounted on
devtmpfs 4.0M 0 4.0M 0% /dev
tmpfs 475M 0 475M 0% /dev/shm
tmpfs 190M 2.8M 188M 2% /run
/dev/xvda1 8.0G 1.5G 6.5G 19% /
tmpfs 475M 0 475M 0% /tmp
tmpfs 95M 0 95M 0% /run/user/1000
/dev/xvda128 10M 1.3M 8.7M 13% /boot/efi
/dev/xvdf1 9.8G 92K 9.3G 1% /mnt/data

[root@ip-172-31-2-182 ~]# lsblk

NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINTS
xvda 202:0 0 8G 0 disk
├─xvda1 202:1 0 8G 0 part /
├─xvda127 259:0 0 1M 0 part
└─xvda128 259:1 0 10M 0 part /boot/efi
xvdf 202:80 0 10G 0 disk
└─xvdf1 202:81 0 10G 0 part /mnt/datab

Create Volume new small size volume

1. Click “Volumes” on the left navigation pane of the EC2 Dashboard.

2. Select “Create Volume” from the menu.

3. Enter the following information in the “Create Volume” dialogue box.

( 1 ) The preferred availability zone where you wish to establish the EBS volume should be chosen.

( 2 ) Volume Type: Based on your needs, select the appropriate volume type (e.g., magnetic, provisioned IOPS, or general-purpose SSD).

( 3 ) Size: Enter the volume’s size in gibibytes (GiB).

( 4 ) Snapshot: To construct a volume based on a snapshot, select it here if you have one. This step is not required.

( 5 ) Encryption: You can choose this option if you want to encrypt the volume. This step is not required.

You can add whatever tags you want for identification. This step is not required

Volume type

General Purpose SSD
General Purpose SSD (gp2 and gp3) volumes offer cost-effective storage that is ideal for a broad range of workloads.

Size (GiB)

5 (Gib)

Availability Zone
The Availability Zone in which to create the volume. After you create the volume, you can only attach it to instances that are in the same Availability Zone.

Note: Make sure that EBS and EC2 should be in the same availability zone.

ap-south-1b

And click Create volume

Successfully Create volume 

 

Attach volume 

6. The EBS volume can be created by selecting the “Create Volume” button.

You can attach a volume to an EC2 instance after it has been created by selecting it in the Volumes list and selecting “Actions” > “Attach Volume.” Name the device and specify the instance to which you want to attach the volume (for example, /dev/sdf).

Click Attach volume

Check for disk Connect to the instance ( puTTY )

[root@ip-172-31-2-182 ~]# lsblk

NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINTS
xvda 202:0 0 8G 0 disk
├─xvda1 202:1 0 8G 0 part /
├─xvda127 259:0 0 1M 0 part
└─xvda128 259:1 0 10M 0 part /boot/efi
xvdf 202:80 0 10G 0 disk
└─xvdf1 202:81 0 10G 0 part /mnt/database
xvdg 202:96 0 5G 0 disk

[root@ip-172-31-2-182 ~]# fdisk /dev/xvdg

 

Welcome to fdisk (util-linux 2.37.4).
Changes will remain in memory only, until you decide to write them.
Be careful before using the write command.

Device does not contain a recognized partition table.
Created a new DOS disklabel with disk identifier 0x5955208c.

Command (m for help): n
Partition type
p primary (0 primary, 0 extended, 4 free)
e extended (container for logical partitions)
Select (default p): e
Partition number (1-4, default 1): ( Enter )
First sector (2048-10485759, default 2048): ( Enter )
Last sector, +/-sectors or +/-size{K,M,G,T,P} (2048-10485759, default 10485759): ( Enter )

Created a new partition 1 of type 'Extended' and of size 5 GiB.

Command (m for help): t
Selected partition 1
Hex code or alias (type L to list all): 8e
Changed type of partition 'Extended' to 'Linux LVM'.

Command (m for help): w
The partition table has been altered.
Calling ioctl() to re-read partition table.
Syncing disks.

create an LVM logical volume on a partition created on an EBS volume

1. You can allocate disc space as well as stripe, re-mirror, and resize logical volumes with LVM. You can assign a single EBS volume or a group of EBS volumes to one or more physical volumes using LVM.
Follow these procedures to extend the partitions and use LVM on your EBS volume:

2. To create a partition, use the fdisk command. Enter 8e00 as the variable’s Hex or GUID. The partition /dev/xvdf1 is created on /dev/xvdf in the example that follows.

[root@ip-172-31-2-182 ~]# pvcreate /dev/xvdg1

[root@ip-172-31-2-182 ~]# vgcreate vgdatastore /dev/xvdg1

root@ip-172-31-2-182 ~]# lvcreate -n lvdatabase -L 5G vgdatastore

[root@ip-172-31-2-182 ~]# mkfs.ext3 /dev/lvdatastore/vgdatabase

mke2fs 1.46.5 (30-Dec-2021)
Creating filesystem with 1310464 4k blocks and 327680 inodes
Filesystem UUID: 69463fb2-f6cd-48ba-a47b-62df5674daf0
Superblock backups stored on blocks:
32768, 98304, 163840, 229376, 294912, 819200, 884736

Allocating group tables: done
Writing inode tables: done
Creating journal (16384 blocks): done
Writing superblocks and filesystem accounting information: done

[root@ip-172-31-2-182 ~]# blkid /dev/lvdatastore/vgdatabase

/dev/xvdg1: UUID=”69463fb2-f6cd-48ba-a47b-62df5674daf0″ SEC_TYPE=”ext2″ BLOCK_SIZE=”4096″ TYPE=”ext3″ PARTUUID=”5955208c-01″g1

[root@ip-172-31-2-182 ~]# blkid /dev/xvdg1 >> /etc/fstab

[root@ip-172-31-2-182 ~]# vim /etc/fstab

/dev/xvdg1: UUID=”69463fb2-f6cd-48ba-a47b-62df5674daf0″ SEC_TYPE=”ext2″ BLOCK_SIZE=”4096″ TYPE=”ext3″ PARTUUID=”5955208c-01″

UUID=69463fb2-f6cd-48ba-a47b-62df5674daf0 /mnt/database ext3 defaults 0 0

[root@ip-172-31-2-182 ~]# mkdir /mnt/databse

[root@ip-172-31-2-182 ~]# mount -a

[root@ip-172-31-2-182 ~]# df -h

Filesystem Size Used Avail Use% Mounted on
devtmpfs 4.0M 0 4.0M 0% /dev
tmpfs 475M 0 475M 0% /dev/shm
tmpfs 190M 2.9M 188M 2% /run
/dev/xvda1 8.0G 1.5G 6.5G 19% /
tmpfs 475M 0 475M 0% /tmp
/dev/xvda128 10M 1.3M 8.7M 13% /boot/efi
/dev/xvdf1 9.8G 92K 9.3G 1% /mnt/data
tmpfs 95M 0 95M 0% /run/user/1000
/dev/xvdg1 4.9G 92K 4.6G 1% /mnt/database

[root@ip-172-31-2-182 ~]# lsblk

NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINTS
xvda 202:0 0 8G 0 disk
├─xvda1 202:1 0 8G 0 part /
├─xvda127 259:0 0 1M 0 part
└─xvda128 259:1 0 10M 0 part /boot/efi
xvdf 202:80 0 10G 0 disk
└─xvdf1 202:81 0 10G 0 part /mnt/data
xvdg 202:96 0 5G 0 disk
└─xvdg1 202:97 0 5G 0 part /mnt/database

copy data from old drive(data) to new drive(database)

[root@ip-172-31-2-182 data]# cp -avxH /mnt/data/* /mnt/database/

Please check all data copied from the old EBS drive to the new EBS drive

[root@ip-172-31-2-182 ~]# df -h

Change mount point from database to data

[root@ip-172-31-2-182 /]# vim /etc/fstab

Old FSTAB UUID entry.

UUID=eb777ba8-5231-49f6-bb99-13b67bc9b981 /mnt/data ext2 defaults 0 0
UUID=8206c47c-cdaa-4b48-80a5-035c80beb782 /mnt/database ext2 defaults 0 0

New FSTAB UUID entry.

#UUID=eb777ba8-5231-49f6-bb99-13b67bc9b981 /mnt/data ext2 defaults 0 0
UUID=8206c47c-cdaa-4b48-80a5-035c80beb782 /mnt/data ext2 defaults 0 0

[root@ip-172-31-2-253 /]# mount -a

And check the mount point 

[root@ip-172-31-2-253 /]# df -h

[root@ip-172-31-2-253 /]# df -h
Filesystem Size Used Avail Use% Mounted on
devtmpfs 4.0M 0 4.0M 0% /dev
tmpfs 475M 0 475M 0% /dev/shm
tmpfs 190M 2.8M 188M 2% /run
/dev/xvda1 8.0G 1.5G 6.5G 19% /
tmpfs 475M 0 475M 0% /tmp
/dev/xvda128 10M 1.3M 8.7M 13% /boot/efi
tmpfs 95M 0 95M 0% /run/user/1000
/dev/xvdg1 5.0G 22M 4.7G 1% /mnt/data

Go to EC2 Dashboard and click “Volumes”

Click 10 (Gib)  EBS and Detach the Volume

EBS 10 (Gib) delete volume

[root@ip-172-31-2-253 /]# lsblk

NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINTS
xvda 202:0 0 8G 0 disk
├─xvda1 202:1 0 8G 0 part /
├─xvda127 259:0 0 1M 0 part
└─xvda128 259:1 0 10M 0 part /boot/efi
xvdg 202:96 0 5G 0 disk
└─xvdg1 202:97 0 5G 0 part /mnt/data

Successfully Detach and delete 

The term “DevOps” was created by combining the acronyms for the words “development” and “operations,” however, it refers to neither code nor a programming language, as many individuals believe. Within a single IT group or company, it is an idea or mindset that facilitates the collaboration between the development group and the operation team.

• DevOps Implementation in an online trading company

There are instances when the two groups are combined into one. The financial trade firm’s testing, creation, and development approach was automated. You can learn more case studies when enrolling in DevOps Online Course in Ahmedabad. However, the deployment was completed in 45 seconds, leveraging DevOps. The length of the entire procedure was shortened, and customers’ levels of engagement improved.

• Advance your skills with Ansible and DevOps

DevOps is made simpler using Ansible by automating the integration of internally created apps into production processes. Ansible is a highly well-liked DevOps tool for overseeing, automating, orchestrating, and customizing IT infrastructure. With the help of the Ansible Training and Certification Course in Ahmedabad, you will get greater insight into Ansible being an advanced tool for automation, management of systems, and DevOps. Still, it offers practical applications for regular users. Without the need for programming knowledge, Ansible enables you to set up a single machine and possibly a whole system of machines simultaneously.

• Meet industry demands with Linux systems

Enrolling in Linux Certification in Ahmedabad can help you address the demands or needs of your company. You might want to certify your knowledge or expertise with Linux. In any case, performance-driven tests, practical tests, or a mix of these can be used to decide professional certificates. These techniques are intended to assess your aptitude for the duties expected of Linux administrators.

There are several ways to be prepared for a certification test. Still, training courses are well-liked since they might demonstrate to you real Linux-based corporate systems and the usual problems and activities you must learn. Several businesses provide Linux Administration Online Training in Ahmedabad that enables you to study while carrying out activities in an online Linux atmosphere to learn real-world applicability in an educational setting.

Highsky IT Solutions offers the most effective courses to help you gain the knowledge to succeed as a DevOps engineer. They also demonstrate the business’s development team’s perspective, ability to collaborate, operation of product development, and a few tools businesses employ to safeguard the effectiveness of their web applications.

An essential security precaution is setting up Multi-Factor Authentication (MFA) for your AWS root account. By requiring an additional verification step when logging into your AWS account, MFA adds an extra layer of security. The following describes how to set up MFA for your AWS root account:

Step 1: Use your root account login information to access the AWS Management Console.

Step 2: Select “My Security Credentials” from the dropdown menu by clicking on your account name or number in the top navigation bar. The page titled “Security Credentials” will then be shown.

Step 3: Scroll down to the “Multi-Factor Authentication (MFA)” section on the “Security Credentials” page, and then select the “Manage MFA” option.

Step 4: Select “Continue” from the menu on the “Manage MFA Device” page to begin the configuration procedure.

Step 5: You will be given the option of selecting an MFA device. These are your two choices:

1. Virtual MFA device: This method generates MFA codes using a smartphone app, such as Google Authenticator or Authy.

2. U2F security key: With this method, MFA is provided by means of a physical security key, such as a YubiKey.

Select the “Continue” button after making your selection according to your preferences.

Step 6: To configure your chosen MFA device, adhere to the on-screen instructions:

1.  Install a compatible app on your smartphone, then scan the QR code provided by AWS to use a virtual MFA device. You must input the 6-digit authentication number generated by the app on the AWS page.

2. You must place a U2F security key into a USB port and then push the key’s button when instructed to do so. page.

Step 7: AWS will give you backup codes when you set up your MFA device. In the event that you lose control of your MFA device, these codes are crucial. Keep these codes in a safe place at all times.

Step 8: You will be prompted to enable MFA for your root account once the setup process is complete. Select “Activate MFA” from the menu.

Step 9: You will be prompted by AWS to sign in once more with your root account credentials, but this time you must additionally enter the MFA code from your device.

Step 10: Your AWS root account will be secured by this additional security precaution after successfully signing in with MFA.

To guarantee you can access your AWS account in the future, keep your MFA device (smartphone or U2F security key) and the backup codes in a secure location.

1. Select “My Security Credentials” from the dropdown menu by clicking on your account name or number in the top navigation bar. The page titled “Security Credentials” will then be shown.

2.  Scroll down to the “Multi-Factor Authentication (MFA)” section on the “Security Credentials” page, and then select the “Manage MFA” option.

and click Assing MFA device

Specify MFA device name  

3. Device name = my-mobile

Enter a meaningful name to identify this device.

 MFA device to use, 

                                                 Authenticator app
Authenticate using a code generated by an app installed on your mobile device or computer.

4. Install a compatible app on your smartphone, then scan the QR code provided by AWS to use a virtual MFA device. You must input the 6-digit authentication number generated by the app on the AWS page.

Go to the mobile play Store then search Google Authenticator and install the app  

Successful MFA device assigned 

Log out of your account 

1. Then log in to your account  

2. And your email file 

2. your password file 

3. Google Authenticator (MFA) = Code 

Successful enable Multi-Factor Authentication (MFA) Root Account