1 Open the AWS Management Console and log in:

2 Open the RDS Dashboard: Choose “RDS” from the list of services once you’ve logged in. The RDS Dashboard will then be displayed

3 Choose the database you want to resize: Choose the database you want to resize by clicking on its identifier in the RDS Dashboard.

4 Take the snapshot database: Click Snapshots and take a snapshot

Snapshot name =  database29-05-2023

Successfully created snapshot 

5 Database Changes: Click the “Modify” button at the top of the page after selecting the database. The Modify DB Instance page will then be displayed.

6 Decide on the instance size and type: There is a section on the Modify DB Instance page titled “Instance specifications.” You can choose a new instance type and size for your database in this section.

change = db.t3.large

7 Set the New Instance Size: Examine the numerous instance types to see which one best satisfies your needs for CPU, memory, storage, and other resources. Change any other settings, like the storage capacity or performance criteria, after choosing the new instance type.

8 Implement the changes: The “Apply Immediately” button is located at the bottom of the page, so navigate there after choosing the new instance size and making any other necessary adjustments. The database’s resizing will start as a result of this.

And Click  Modify DB instance

Successfully modified instance database-1 

9 Track the progress of the resizing: After you’ve made the necessary adjustments, AWS will begin shrinking the database. The RDS Dashboard allows you to keep track of the development. Depending on the size of the database and the volume of data that has to be migrated, it could take some time for the resizing procedure to finish.

Check that Available 

10 Check the Resizing: You can examine the database’s new size and specifications on the RDS Dashboard when the resize process is finished to make sure it was successful.

Changing the size of an RDS database may cause downtime while the resize procedure is being done, so please be aware of that possibility. Planning the resizing during a maintenance window or a time when the impact on your application or users will be minimal is advised. Additionally, Depending on the new instance type and storage size, downsizing a database could result in extra expenditures. Before making any changes, carefully review the pricing information and take into account any possible effects on your AWS billing.

1 Open the AWS Management Console and log in: Visit the AWS website

2 To access the EC2 Dashboard, Choose “EC2” from the list of services after logging in. You will then be directed to the EC2 Dashboard.

3 To resize an instance, choose: Find the instance on the EC2 Dashboard you wish to resize, then click on it to select it. An alternative state, such as terminated, prevents you from changing the instance size, therefore make sure the instance is in the “stopped” or “running” state.

4 Stop the instance: Before scaling, your instance must be stopped if it is already operating. To stop the instance, right-click on it, choose “Instance State,” and then click “Stop.” Click “Yes, Stop” to confirm your action

Successfully stopped instance 

5 Select an instance size: As soon as the instance is chosen, click the “Actions” icon at the top of the page, go to “Instance Settings,” and choose “Change Instance Type.” A new instance size selection dialogue box will be displayed as a result.

6 Choosing a New Instance Size: You can choose from a list of various instance types in the “Change Instance Type” dialogue box. Select the one that has the CPU, memory and other resources you require. After choosing the new instance type, press “Apply.”

changing the t2.micro to  t2.medium

 The instance type changed Successfully

7 Activate the instance: You can now restart the instance if you had to stop it in step 4 for whatever reason. Simply perform right-click on the instance, choose “Instance State,” and then click “Start.” Activate the action by selecting “Yes, Start.”

8 Check the Resizing: Check if the instance has been enlarged after the instance has reached the “running” stage. The EC2 Dashboard allows you to view the instance type and its specifications.

Note: that depending on the new instance type and its related pricing, changing the instance size may result in additional charges. Before making any changes, it is advised to study the pricing information and take into account any possible effects on your AWS billing.

Elastic Block Store (EBS), a scalable block storage solution offered by AWS (Amazon Web Services), offers permanent storage for EC2 (Elastic Compute Cloud) instances. An EC2 instance can have an EBS volume attached to it as a virtual hard drive to store data.es:

The following are some significant traits and qualities of EBS volumes:

1. EBS volumes are made to last and offer long-term storage, therefore they are persistent. Even if the connected EC2 instance is stopped or terminated, the data on an EBS volume continues.

2. Elasticity: EBS volumes can be created in a variety of sizes, from 1 GB to 16 TB, and scaled up or down as necessary. This enables you to accommodate your applications’ fluctuating storage needs.

3. Performance: To accommodate a range of workloads, EBS volumes provide numerous performance options. Four different EBS volume kinds are available:

( 1 ) Suitable for a variety of tasks with balanced performance and cost is the general-purpose SSD (gp2/gp3).

( 2 ) SSDs with provisioned IOPS (io1/io2) are made for high-performance databases and applications that demand reliable and quick I/O.

( 3 ) Throughput Optimised HDD (st1): Designed for heavy streaming workloads with frequent access.

( 4 ) Old HDD (sc1): Designed for workloads that access cold data less frequently

4. Snapshots: EBS volumes support creating point-in-time snapshots, which are incremental backups of the volume’s data. Snapshots are stored in Amazon S3 and can be used to restore volumes or create new volumes.

5. Using the AWS Key Management Service (KMS), you can enable encryption at rest for your EBS volumes. This additional layer of protection further protects your data.

6. High Availability: To increase redundancy and availability, EBS volumes can be linked to an EC2 instance either inside the same availability zone (AZ) or across separate AZs.

7. Data management: As needed, EC2 instances can be quickly attached, detached, and reattached to EBS volumes. Additionally, you can copy volumes, take snapshots, and share snapshots among AWS accounts.

Databases, file systems, content repositories, and other sorts of applications frequently use EBS volumes to provide persistent storage on AWS. They provide versatility, toughness, and performance for data storage and access in the AWS cloud.

Following steps 

1. Open the AWS Management Console and log in.

2. Activate the EC2 service.

3. Create an ” EC2 ” instance

4. Connect to the instance ( puTTY )

5. Login to the root user
Command

[ec2-user@ip-172-31-2-182 ~]$ sudo -i

6.  Check for disk
Command

[root@ip-172-31-2-182 ~]# lsblk

By default disk 

Create Volume 

1. Click “Volumes” on the left navigation pane of the EC2 Dashboard.

2. Select “Create Volume” from the menu.

3. Enter the following information in the “Create Volume” dialogue box.

( 1 ) The preferred availability zone where you wish to establish the EBS volume should be chosen.

( 2 ) Volume Type: Based on your needs, select the appropriate volume type (e.g., magnetic, provisioned IOPS, or general-purpose SSD).

( 3 ) Size: Enter the volume’s size in gibibytes (GiB).

( 4 ) Snapshot: To construct a volume based on a snapshot, select it here if you have one. This step is not required.

( 5 ) Encryption: You can choose this option if you want to encrypt the volume. This step is not required.

You can add whatever tags you want for identification. This step is not required

Volume type

General Purpose SSD
General Purpose SSD (gp2 and gp3) volumes offer cost-effective storage that is ideal for a broad range of workloads.

Size (GiB)

10 (Gib)

Availability Zone
The Availability Zone in which to create the volume. After you create the volume, you can only attach it to instances that are in the same Availability Zone.

Note: Make sure that EBS and EC2 should be in the same availability zone.

ap-south-1b

And click Create volume

Successfully Create volume 

Attach volume 

4. The EBS volume can be created by selecting the “Create Volume” button.

You can attach a volume to an EC2 instance after it has been created by selecting it in the Volumes list and selecting “Actions” > “Attach Volume.” Name the device and specify the instance to which you want to attach the volume (for example, /dev/sdf).

Click Attach volume

Successfully attached volume  

Check for disk Connect to the instance ( puTTY )

[root@ip-172-31-2-182 ~]# lsblk

New disk attached  xvdf 10G

Create an LVM logical volume on a partition created on an EBS volume

Short description

1. You can allocate disc space as well as stripe, re-mirror, and resize logical volumes with LVM. You can assign a single EBS volume or a group of EBS volumes to one or more physical volumes using LVM.
Follow these procedures to extend the partitions and use LVM on your EBS volume:

2. To create a partition, use the fdisk command. Enter 8e00 as the variable’s Hex or GUID. The partition /dev/xvdf1 is created on /dev/xvdf in the example that follows.

[root@ip-172-31-2-182 ~]# fdisk /dev/xvdf

Welcome to fdisk (util-linux 2.37.4).
Changes will remain in memory only, until you decide to write them.
Be careful before using the write command.

Device does not contain a recognized partition table.
Created a new DOS disklabel with disk identifier 0x5cd32037.

Command (m for help): n
Partition type

p primary (0 primary, 0 extended, 4 free)
e extended (container for logical partitions)

Select (default p): e
Partition number (1-4, default 1): ( Enter )
First sector (2048-20971519, default 2048): ( Enter )
Last sector, +/-sectors or +/-size{K,M,G,T,P} (2048-20971519, default 20971519): ( Enter )

Created a new partition 1 of type 'Extended' and of size 10 GiB.

Command (m for help): t
Selected partition 1
Hex code or alias (type L to list all): 8e
Changed type of partition 'Extended' to 'Linux LVM'.

Command (m for help): w
The partition table has been altered.
Calling ioctl() to re-read partition table.
Syncing disks.

[root@ip-172-31-2-182 ~]# yum install lvm2

To build a physical volume from the partition, use the pvcreate command. The example below generates a physical volume from the device /dev/xvdh1:

[root@ip-172-31-2-182 ~]# pvcreate /dev/xvdf1

Physical volume “/dev/xvdf1” successfully created.
Creating devices file /etc/lvm/devices/system.devices

Make volume groupings and include the actual volumes therein.

Create a volume group using the vgcreate command to merge the new physical volumes. One physical volume is used in the example below to build volume group datastore:

[root@ip-172-31-2-182 ~]# vgcreate datastore /dev/xvdf1

Volume group “datastore” successfully created

To construct logical volumes (partitions) from your volume group, use the lvcreate command. The example below builds a database with a 10GB logical volume from the datastore volume group:

[root@ip-172-31-2-182 ~]# lvcreate -n database -L 10G datastore

Created a logical volume named “database”

[root@ip-172-31-2-182 ~]# mkfs.ext3 /dev/datastore/database

mke2fs 1.46.5 (30-Dec-2021)
Creating filesystem with 2621184 4k blocks and 655360 inodes
Filesystem UUID: 172211d1-022b-4d8f-85fa-8c44b223afb9
Superblock backups stored on blocks:
32768, 98304, 163840, 229376, 294912, 819200, 884736, 1605632

Allocating group tables: done
Writing inode tables: done
Creating journal (16384 blocks): done
Writing superblocks and filesystem accounting information: done

[root@ip-172-31-2-182 ~]# blkid /dev/datastore/database

/dev/xvdf1: UUID=”172211d1-022b-4d8f-85fa-8c44b223afb9″ SEC_TYPE=”ext2″ BLOCK_SIZE=”4096″ TYPE=”ext3″ PARTUUID=”5cd32037-01″

[root@ip-172-31-2-182 ~]# blkid /dev/xvdf1 >> /etc/fstab

[root@ip-172-31-2-182 ~]# vim /etc/fstab

/dev/xvdf1: UUID=”172211d1-022b-4d8f-85fa-8c44b223afb9″ SEC_TYPE=”ext2″ BLOCK_SIZE=”4096″ TYPE=”ext3″ PARTUUID=”5cd32037-01″

UUID=172211d1-022b-4d8f-85fa-8c44b223afb9 /mnt/data ext3 defaults  0  0

[root@ip-172-31-2-182 ~]# mkdir /mnt/data

[root@ip-172-31-2-182 ~]# mount -a

[root@ip-172-31-2-182 ~]# df -h

Filesystem Size Used Avail Use% Mounted on
devtmpfs 4.0M 0 4.0M 0% /dev
tmpfs 475M 0 475M 0% /dev/shm
tmpfs 190M 2.8M 188M 2% /run
/dev/xvda1 8.0G 1.5G 6.5G 19% /
tmpfs 475M 0 475M 0% /tmp
tmpfs 95M 0 95M 0% /run/user/1000
/dev/xvda128 10M 1.3M 8.7M 13% /boot/efi
/dev/xvdf1 9.8G 92K 9.3G 1% /mnt/data

[root@ip-172-31-2-182 ~]# lsblk

NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINTS
xvda 202:0 0 8G 0 disk
├─xvda1 202:1 0 8G 0 part /
├─xvda127 259:0 0 1M 0 part
└─xvda128 259:1 0 10M 0 part /boot/efi
xvdf 202:80 0 10G 0 disk
└─xvdf1 202:81 0 10G 0 part /mnt/datab

Create Volume new small size volume

1. Click “Volumes” on the left navigation pane of the EC2 Dashboard.

2. Select “Create Volume” from the menu.

3. Enter the following information in the “Create Volume” dialogue box.

( 1 ) The preferred availability zone where you wish to establish the EBS volume should be chosen.

( 2 ) Volume Type: Based on your needs, select the appropriate volume type (e.g., magnetic, provisioned IOPS, or general-purpose SSD).

( 3 ) Size: Enter the volume’s size in gibibytes (GiB).

( 4 ) Snapshot: To construct a volume based on a snapshot, select it here if you have one. This step is not required.

( 5 ) Encryption: You can choose this option if you want to encrypt the volume. This step is not required.

You can add whatever tags you want for identification. This step is not required

Volume type

General Purpose SSD
General Purpose SSD (gp2 and gp3) volumes offer cost-effective storage that is ideal for a broad range of workloads.

Size (GiB)

5 (Gib)

Availability Zone
The Availability Zone in which to create the volume. After you create the volume, you can only attach it to instances that are in the same Availability Zone.

Note: Make sure that EBS and EC2 should be in the same availability zone.

ap-south-1b

And click Create volume

Successfully Create volume 

Attach volume 

6. The EBS volume can be created by selecting the “Create Volume” button.

You can attach a volume to an EC2 instance after it has been created by selecting it in the Volumes list and selecting “Actions” > “Attach Volume.” Name the device and specify the instance to which you want to attach the volume (for example, /dev/sdf).

Click Attach volume

Check for disk Connect to the instance ( puTTY )

[root@ip-172-31-2-182 ~]# lsblk

NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINTS
xvda 202:0 0 8G 0 disk
├─xvda1 202:1 0 8G 0 part /
├─xvda127 259:0 0 1M 0 part
└─xvda128 259:1 0 10M 0 part /boot/efi
xvdf 202:80 0 10G 0 disk
└─xvdf1 202:81 0 10G 0 part /mnt/database
xvdg 202:96 0 5G 0 disk

[root@ip-172-31-2-182 ~]# fdisk /dev/xvdg

Welcome to fdisk (util-linux 2.37.4).
Changes will remain in memory only, until you decide to write them.
Be careful before using the write command.

Device does not contain a recognized partition table.
Created a new DOS disklabel with disk identifier 0x5955208c.

Command (m for help): n
Partition type
p primary (0 primary, 0 extended, 4 free)
e extended (container for logical partitions)
Select (default p): e
Partition number (1-4, default 1): ( Enter )
First sector (2048-10485759, default 2048): ( Enter )
Last sector, +/-sectors or +/-size{K,M,G,T,P} (2048-10485759, default 10485759): ( Enter )

Created a new partition 1 of type 'Extended' and of size 5 GiB.

Command (m for help): t
Selected partition 1
Hex code or alias (type L to list all): 8e
Changed type of partition 'Extended' to 'Linux LVM'.

Command (m for help): w
The partition table has been altered.
Calling ioctl() to re-read partition table.
Syncing disks.

create an LVM logical volume on a partition created on an EBS volume

1. You can allocate disc space as well as stripe, re-mirror, and resize logical volumes with LVM. You can assign a single EBS volume or a group of EBS volumes to one or more physical volumes using LVM.
Follow these procedures to extend the partitions and use LVM on your EBS volume:

2. To create a partition, use the fdisk command. Enter 8e00 as the variable’s Hex or GUID. The partition /dev/xvdf1 is created on /dev/xvdf in the example that follows.

[root@ip-172-31-2-182 ~]# pvcreate /dev/xvdg1

[root@ip-172-31-2-182 ~]# vgcreate vgdatastore /dev/xvdg1

root@ip-172-31-2-182 ~]# lvcreate -n lvdatabase -L 5G vgdatastore

[root@ip-172-31-2-182 ~]# mkfs.ext3 /dev/lvdatastore/vgdatabase

mke2fs 1.46.5 (30-Dec-2021)
Creating filesystem with 1310464 4k blocks and 327680 inodes
Filesystem UUID: 69463fb2-f6cd-48ba-a47b-62df5674daf0
Superblock backups stored on blocks:
32768, 98304, 163840, 229376, 294912, 819200, 884736

Allocating group tables: done
Writing inode tables: done
Creating journal (16384 blocks): done
Writing superblocks and filesystem accounting information: done

[root@ip-172-31-2-182 ~]# blkid /dev/lvdatastore/vgdatabase

/dev/xvdg1: UUID=”69463fb2-f6cd-48ba-a47b-62df5674daf0″ SEC_TYPE=”ext2″ BLOCK_SIZE=”4096″ TYPE=”ext3″ PARTUUID=”5955208c-01″g1

[root@ip-172-31-2-182 ~]# blkid /dev/xvdg1 >> /etc/fstab

[root@ip-172-31-2-182 ~]# vim /etc/fstab

/dev/xvdg1: UUID=”69463fb2-f6cd-48ba-a47b-62df5674daf0″ SEC_TYPE=”ext2″ BLOCK_SIZE=”4096″ TYPE=”ext3″ PARTUUID=”5955208c-01″

UUID=69463fb2-f6cd-48ba-a47b-62df5674daf0 /mnt/database ext3 defaults 0 0

[root@ip-172-31-2-182 ~]# mkdir /mnt/databse

[root@ip-172-31-2-182 ~]# mount -a

[root@ip-172-31-2-182 ~]# df -h

Filesystem Size Used Avail Use% Mounted on
devtmpfs 4.0M 0 4.0M 0% /dev
tmpfs 475M 0 475M 0% /dev/shm
tmpfs 190M 2.9M 188M 2% /run
/dev/xvda1 8.0G 1.5G 6.5G 19% /
tmpfs 475M 0 475M 0% /tmp
/dev/xvda128 10M 1.3M 8.7M 13% /boot/efi
/dev/xvdf1 9.8G 92K 9.3G 1% /mnt/data
tmpfs 95M 0 95M 0% /run/user/1000
/dev/xvdg1 4.9G 92K 4.6G 1% /mnt/database

[root@ip-172-31-2-182 ~]# lsblk

NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINTS
xvda 202:0 0 8G 0 disk
├─xvda1 202:1 0 8G 0 part /
├─xvda127 259:0 0 1M 0 part
└─xvda128 259:1 0 10M 0 part /boot/efi
xvdf 202:80 0 10G 0 disk
└─xvdf1 202:81 0 10G 0 part /mnt/data
xvdg 202:96 0 5G 0 disk
└─xvdg1 202:97 0 5G 0 part /mnt/database

copy data from old drive(data) to new drive(database)

[root@ip-172-31-2-182 data]# cp -avxH /mnt/data/* /mnt/database/

Please check all data copied from the old EBS drive to the new EBS drive

[root@ip-172-31-2-182 ~]# df -h

Change mount point from database to data

[root@ip-172-31-2-182 /]# vim /etc/fstab

Old FSTAB UUID entry.

UUID=eb777ba8-5231-49f6-bb99-13b67bc9b981 /mnt/data ext2 defaults 0 0
UUID=8206c47c-cdaa-4b48-80a5-035c80beb782 /mnt/database ext2 defaults 0 0

New FSTAB UUID entry.

#UUID=eb777ba8-5231-49f6-bb99-13b67bc9b981 /mnt/data ext2 defaults 0 0
UUID=8206c47c-cdaa-4b48-80a5-035c80beb782 /mnt/data ext2 defaults 0 0

[root@ip-172-31-2-253 /]# mount -a

And check the mount point 

[root@ip-172-31-2-253 /]# df -h

[root@ip-172-31-2-253 /]# df -h
Filesystem Size Used Avail Use% Mounted on
devtmpfs 4.0M 0 4.0M 0% /dev
tmpfs 475M 0 475M 0% /dev/shm
tmpfs 190M 2.8M 188M 2% /run
/dev/xvda1 8.0G 1.5G 6.5G 19% /
tmpfs 475M 0 475M 0% /tmp
/dev/xvda128 10M 1.3M 8.7M 13% /boot/efi
tmpfs 95M 0 95M 0% /run/user/1000
/dev/xvdg1 5.0G 22M 4.7G 1% /mnt/data

Go to EC2 Dashboard and click “Volumes”

Click 10 (Gib)  EBS and Detach the Volume

EBS 10 (Gib) delete volume

[root@ip-172-31-2-253 /]# lsblk

NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINTS
xvda 202:0 0 8G 0 disk
├─xvda1 202:1 0 8G 0 part /
├─xvda127 259:0 0 1M 0 part
└─xvda128 259:1 0 10M 0 part /boot/efi
xvdg 202:96 0 5G 0 disk
└─xvdg1 202:97 0 5G 0 part /mnt/data

Successfully Detach and delete 

The term “DevOps” was created by combining the acronyms for the words “development” and “operations,” however, it refers to neither code nor a programming language, as many individuals believe. Within a single IT group or company, it is an idea or mindset that facilitates the collaboration between the development group and the operation team.

• DevOps Implementation in an online trading company

There are instances when the two groups are combined into one. The financial trade firm’s testing, creation, and development approach was automated. You can learn more case studies when enrolling in DevOps Online Course in Ahmedabad. However, the deployment was completed in 45 seconds, leveraging DevOps. The length of the entire procedure was shortened, and customers’ levels of engagement improved.

• Advance your skills with Ansible and DevOps

DevOps is made simpler using Ansible by automating the integration of internally created apps into production processes. Ansible is a highly well-liked DevOps tool for overseeing, automating, orchestrating, and customizing IT infrastructure. With the help of the Ansible Training and Certification Course in Ahmedabad, you will get greater insight into Ansible being an advanced tool for automation, management of systems, and DevOps. Still, it offers practical applications for regular users. Without the need for programming knowledge, Ansible enables you to set up a single machine and possibly a whole system of machines simultaneously.

• Meet industry demands with Linux systems

Enrolling in Linux Certification in Ahmedabad can help you address the demands or needs of your company. You might want to certify your knowledge or expertise with Linux. In any case, performance-driven tests, practical tests, or a mix of these can be used to decide professional certificates. These techniques are intended to assess your aptitude for the duties expected of Linux administrators.

There are several ways to be prepared for a certification test. Still, training courses are well-liked since they might demonstrate to you real Linux-based corporate systems and the usual problems and activities you must learn. Several businesses provide Linux Administration Online Training in Ahmedabad that enables you to study while carrying out activities in an online Linux atmosphere to learn real-world applicability in an educational setting.

Highsky IT Solutions offers the most effective courses to help you gain the knowledge to succeed as a DevOps engineer. They also demonstrate the business’s development team’s perspective, ability to collaborate, operation of product development, and a few tools businesses employ to safeguard the effectiveness of their web applications.

An essential security precaution is setting up Multi-Factor Authentication (MFA) for your AWS root account. By requiring an additional verification step when logging into your AWS account, MFA adds an extra layer of security. The following describes how to set up MFA for your AWS root account:

Step 1: Use your root account login information to access the AWS Management Console.

Step 2: Select “My Security Credentials” from the dropdown menu by clicking on your account name or number in the top navigation bar. The page titled “Security Credentials” will then be shown.

Step 3: Scroll down to the “Multi-Factor Authentication (MFA)” section on the “Security Credentials” page, and then select the “Manage MFA” option.

Step 4: Select “Continue” from the menu on the “Manage MFA Device” page to begin the configuration procedure.

Step 5: You will be given the option of selecting an MFA device. These are your two choices:

1. Virtual MFA device: This method generates MFA codes using a smartphone app, such as Google Authenticator or Authy.

2. U2F security key: With this method, MFA is provided by means of a physical security key, such as a YubiKey.

Select the “Continue” button after making your selection according to your preferences.

Step 6: To configure your chosen MFA device, adhere to the on-screen instructions:

1.  Install a compatible app on your smartphone, then scan the QR code provided by AWS to use a virtual MFA device. You must input the 6-digit authentication number generated by the app on the AWS page.

2. You must place a U2F security key into a USB port and then push the key’s button when instructed to do so. page.

Step 7: AWS will give you backup codes when you set up your MFA device. In the event that you lose control of your MFA device, these codes are crucial. Keep these codes in a safe place at all times.

Step 8: You will be prompted to enable MFA for your root account once the setup process is complete. Select “Activate MFA” from the menu.

Step 9: You will be prompted by AWS to sign in once more with your root account credentials, but this time you must additionally enter the MFA code from your device.

Step 10: Your AWS root account will be secured by this additional security precaution after successfully signing in with MFA.

To guarantee you can access your AWS account in the future, keep your MFA device (smartphone or U2F security key) and the backup codes in a secure location.

1. Select “My Security Credentials” from the dropdown menu by clicking on your account name or number in the top navigation bar. The page titled “Security Credentials” will then be shown.

2.  Scroll down to the “Multi-Factor Authentication (MFA)” section on the “Security Credentials” page, and then select the “Manage MFA” option.

and click Assing MFA device

Specify MFA device name  

3. Device name = my-mobile

Enter a meaningful name to identify this device.

 MFA device to use, 

                                                 Authenticator app
Authenticate using a code generated by an app installed on your mobile device or computer.

4. Install a compatible app on your smartphone, then scan the QR code provided by AWS to use a virtual MFA device. You must input the 6-digit authentication number generated by the app on the AWS page.

Go to the mobile play Store then search Google Authenticator and install the app  

Successful MFA device assigned 

Log out of your account 

1. Then log in to your account  

2. And your email file 

2. your password file 

3. Google Authenticator (MFA) = Code 

Successful enable Multi-Factor Authentication (MFA) Root Account

An AWS account—for example, Account A—can grant another AWS account, Account B, permission to access its resources such as buckets and objects. Account B can then delegate those permissions to users in its account. In this example scenario, a bucket owner grants cross-account permission to another account to perform a specific bucket operation

This article helps you navigate this minefield, with details not only of how the S3 permissions work but also of how you can implement some common real-world scenarios such as S3 bucket access from another AWS account.

• Account A administrator user attaches a bucket policy granting cross-account permissions to Account B to perform specific bucket operations. Note that the administrator user in Account B will automatically inherit the permissions.
• Account B administrator user attaches user policy to the user delegating the permissions it received from Account A
• The user in Account B then verifies permissions by accessing an object in the bucket owned by Account A.

First, we need to create an s3 Bucket steps are given below:

Step 1: Log on to your AWS Console

Step 2: go to the Search bar  ” S3 services

Step 3: Click on S3  Scalable Storage in the Cloud” and proceed further

Step 4: Create a new Bucket

In the general configuration category:

Step 5: Enter the bucket name  (cross-account bucket ) 

Step 6: Next, choose the  AWS region,  [Asia Pacific (Mumbai) ap-south-1].

ACLs disabled (Recommended)

Bucket owner enforced – Bucket and object ACLs are disabled, and you, as the bucket owner, automatically own and have full control over every object in the bucket. Access control for your bucket and the objects in it is based on policies such as AWS Identity and Access Management (IAM) user policies and S3 bucket policies Objects can be uploaded to your bucket only if they don t specify an ACL or if they use the bucket-owner-full-control canned ACL.

Block Public Access settings for this bucket

Public access is granted to buckets and objects through access control lists (ACLs), bucket policies, access point policies, or all. In order to ensure that public access to this bucket and its objects is blocked, turn on Block all public access. These settings apply only to this bucket and its access points. AWS recommends that you turn on Block all public access, but before applying any of these settings, ensure that your applications will work correctly without public access. If you require some level of public access to this bucket or objects within, you can customize the individual settings below to suit your specific storage use cases

Bucket Versioning

Versioning is a means of keeping multiple variants of an object in the same bucket. You can use versioning to preserve, retrieve, and restore every version of every object stored in your Amazon S3 bucket. With versioning, you can easily recover from both unintended user actions and application failures.

Disable

Create the same again as above but put /* on bucket ARN

Copy policy

Go to Policy generator

past policy

 {
   "Version": "2012-10-17",
   "Id": "Policy1683696444814",
   "Statement": [
     {
        "Sid": "Stmt1683696418840",
        "Effect": "Allow",
        "Principal": {
          "AWS": "arn:aws:iam::Account-B-id :root"
        },
        "Action": "s3:*",
        "Resource": "arn:aws:s3:::cruse-account-s3-buckee"
     },
     {
       "Sid": "Stmt1683696442588",
       "Effect": "Allow",
       "Principal": {
         "AWS": "arn:aws:iam::Account-B-id:root"
       },
       "Action": "s3:*",
       "Resource": "arn:aws:s3:::cruse-account-s3-buckee/*"
      }
    ]
  }

After that, we have to log in to Aws Account ( B ).

Step 1: Now open a new tab and open AWS Policy Generator
https://awspolicygen.s3.amazonaws.com/policygen.

1: Select the Type of Policy  = IAM policy 

2: Actions = GetObject , ListBucket , PutObject

3: Amazon Resource Name (ARN) = arn:aws:s3:::cruse-account-s3-buckee

4: Click [ Add statement ]

5: Select the Type of Policy  = IAM policy 

6: Actions = GetObject , ListBucket , PutObject

7: Amazon Resource Name (ARN) = arn:aws:s3:::cruse-account-s3-buckee/*

Copy policy,

{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Sid": "Stmt1683701367955",
      "Action": [
        "s3:GetObject",
        "s3:ListBucket",
        "s3:PutObject"
      ],
      "Effect": "Allow",
      "Resource": "arn:aws:s3:::cruse-account-s3-buckee"
    },
    {
      "Sid": "Stmt1683701399477",
      "Action": [
        "s3:GetObject",
        "s3:ListBucket",
        "s3:PutObject"
      ],
      "Effect": "Allow",
      "Resource": "arn:aws:s3:::cruse-account-s3-buckee"
    }
  ]
}

Step 2: Navigate to the IAM Dashboard by clicking on the “Services” dropdown menu, selecting “SecuritNy, Identity, & Compliance,” and then clicking on “IAM.”

Step 2: Click on “Policies” in the left-hand menu and then click on the “Create policy” button.

Step 3: After generating paste it into Identity and Access Management (IAM) | Click on
Policy | Click on Create Policy | Click on JSON | Click on Create Policy

Click next

Step 4: file policy name = cruse-account-policy

Click Create policy

Security credentials

C:\> msiexec.exe /i https://awscli.amazonaws.com/AWSCLIV2.msi

C:\> msiexec.exe /i https://awscli.amazonaws.com/AWSCLIV2.msi /qn

C:\> aws --version
aws-cli/2.10.0 Python/3.11.2 Windows/10 exe/AMD64 prompt/off

command  = aws configure

  Access key ID

Secret access key

Inter

Inter

command  aws s3 ls s3://cruse-account-s3-buckee

 aws s3 cp "s3://cruse-account-s3-buckee/ aws bsnner.jpg" .

The data science industry is expanding swiftly, and more organizations recognize the advantages of hiring people with data science skills. The past three-year timeframe saw a 75 percent spike in employment advertisements for data scientists. More people are taking steps to learn data science to differentiate themselves from other candidates and follow this potentially beneficial profession. Getting the appropriate training is essential if you’re interested in establishing a data science position.

• Gain professional advantages by learning DevOps

Studying DevOps can be extremely helpful for everyone in the software development field, whether in the operations or design departments. You may participate in a DevOps Online Course in Ahmedabad, considering your expertise and skill phase to enjoy professional advantages like shorter manufacturing processes, higher delivery rates, better teamwork and interaction, and more robotics productivity and collaboration with skilled programmers.

• Boost your data science skills with Docker courses

Data scientists may benefit from learning Docker by enrolling in the Docker Certification Course in Ahmedabad. It enables them to quickly handle connections and situations, ensuring their software functions reliably on many platforms. Additionally, it frees them from having to depend entirely on the DevOps group. The portability of dockers enables quicker project software launch since several data scientists may easily help develop them.

• Enhance your skills with Python Courses

Many people choose Python because of its accessibility, but data scientists find it even more enticing because of its wide range of excellent libraries. With the addition of libraries throughout time, Python has become more sophisticated and efficient. You can enroll in Python Courses in Ahmedabad and learn about selecting a library perfect for your Data Science requirements.

• Enhance your career with data science training

Data science training makes your ability to meet the growing need for Big Data expertise and technologies easier. Professionals that have completed Data Science Training Ahmedabad are equipped with data management tools. An extra benefit for an applicant for an enhanced and successful career is if they are knowledgeable of and proficient in these important data abilities.

Enrolling in a data science training program will provide you with every detail you require to succeed in the industry, including the basics to advanced abilities. This is the initial step in obtaining certification as a data scientist. A well-known provider of computer technologies and services, Highsky IT Solutions also offers a range of IT certifications and training courses in cloud computing, open-source programming, networking, privacy and security, and data science.

1. Open the AWS Management Console: Go to the AWS Management Console and log in to your AWS account.

2. Choose RDS: From the list of AWS services, choose RDS (Relational Database Service).

 3. Click “Create Database”: On the RDS dashboard, click the “Create database” button.

 4. Choose a database engine: Select the engine you want to use for your RDS instance. Amazon RDS supports various database engines like MySQL, PostgreSQL, Oracle, SQL Server, MariaDB, etc.

5. Choose a use case: Select the use case that best fits your needs. This will determine the default settings for your RDS instance, such as the instance class, storage type, and allocated storage.

6 . Configure the instance: Configure the RDS instance by specifying its name, username, and password. You can also choose the instance type, storage type, allocated storage, and other settings based on your requirements.

7. Configure advanced settings: If needed, you can configure advanced settings such as backup retention, maintenance window, security groups, and VPC settings.

8. Launch the instance: After configuring all the settings, review your configuration and click “Create Database” to launch your RDS instance.

9. Please wait for the instance to launch: It may take several minutes for your RDS instance to launch. Once it is ready, you can connect to it using the endpoint provided in the AWS Management Console.

That’s it! You have now created an RDS instance in AWS. You can use this instance to host your database and connect to it from your applications.

IAM service policy

1. Open the IAM Management Console: Go to the AWS Management Console and log in to your AWS account. From the list of AWS services, choose “IAM” under “Security, Identity & Compliance”.

2. Create a new policy: In the left-hand navigation pane, click “Policies”, then click “Create policy”.

3. Select a policy template: On the Create Policy page, you can either create your custom policy or use a pre-defined policy template. To create a policy for RDS, you can select the “Amazon RDS” service from the list of available services.

4. Choose the actions: Next, you need to choose the actions that you want to allow or deny for this policy. For example, you might want to allow read-only access to RDS resources or grant permissions to create and modify RDS resources.

5. Choose the resources: Once you have selected the actions, specify the RDS resources to which this policy applies. You can choose to apply the policy to all resources or specify individual resources by ARN (Amazon Resource Name).

6. Review and create the policy: After specifying the actions and resources, review the policy details and click “Create policy” to save the policy.

7. Attach the policy to a user or group: Once you have created the policy, you need to attach it to a user or group that needs access to RDS resources. You can do this by navigating to the user or group in the IAM console, clicking on the “Permissions” tab, and then attaching the policy to the user or group.

That’s it! You have now created an IAM service policy for RDS and attached it to a user or group. The user or group can now perform the allowed actions on the specified RDS resources.

IAM service role

1. Navigate to the IAM dashboard.

2. Click on “Roles” from the left-hand menu.

3. Click on the “Create role” button.

4. Choose the type of trusted entity for your role: an AWS service, another AWS account, or a web identity provider.

5. Select the policies that define the permissions for your role. You can choose from existing policies or create a custom one.

6. Give your role a name and description.

7. Review your role and click “Create role” to save it.

That’s it! You have now created an IAM service role in AWS. You can use this role to grant permissions to an AWS service or other entities that need to perform actions on your behalf.

Lambda function

1. Navigate to the Lambda dashboard.

2. Click on the “Create function” button.

3. Choose the type of function you want to create. You can create a function, blueprint, or serverless application repository from scratch.

4. Give your function a name and description.

5. Choose a runtime for your function, such as Python, Node.js, or Java.

6. Configure the function’s execution role, which determines the permissions that the function has to access AWS resources.

7. Write your function code or upload a ZIP file containing your code.

8. Set up your function’s environment variables and any additional settings, such as memory and timeout settings. Click “Create function” to save your Lambda function.

After creating your Lambda function, you can test it manually or set up a trigger to invoke it automatically. You can also monitor your function’s performance and troubleshoot any errors using the AWS Lambda console.

  CloudWatch

1. Navigate to the CloudWatch dashboard.

2. Click on “Events” from the left-hand menu.

3. Click on the “Create rule” button.

4. Choose the “Schedule” option under “Event Source”.

5. Configure the croon expression for when you want the RDS DB  instance to start. For example, if you want it to start every day at 8 pm, you would use the expression 25 5 * *? *

6. Choose the EC2 instance as the target for the event rule.

7. Configure the specific action that you want to perform on the RDS DB instance, which in this case is to start it.

8. Give your rule a name and description.

9. Click “Create rule” to save your CloudWatch event rule.

After creating your CloudWatch event rule, it will trigger at the scheduled times and start the specified EC2 instance. Be sure to test your rule to ensure it is working as expected.

STOP THE RDS DB INSTANCE

1. creating IAM policy

2. creating IAM role

4. creating Lambda function RDS-stop-instance and attaching a role

8. creating CloudWatch Choose the “Schedule” option under the “Event Source” rule.

9. Configure the croon expression for when you want the RDS DB  instance to s. For example, if you want it to start every day at 8 pm, you would use the expression 10 6 * *? *

successfully RDS starts to stop the instance

1. go to search for the IAM dashboard

2. Click on Policies in the left-hand navigation pane.

3. Click on the Create policy button.

4. Choose either the JSON & Visual editor tab depending on your preference for creating the policy

5. Create a policy using either the JSON code editor or the visual editor.

6. Give your policy a name and description.

7. Click on the Create Policy button to save your policy

Here’s an example of a simple IAM policy created using the visual editor:

(IAM service) policy

1. Click on the “Visual Editor” tab.

2. Click on “Create Policy”.

3. Select services, actions, and resources.

4. Choose whether to grant or deny permissions.

5. Create your policy using either the JSON code editor or the visual editor.

6. Define your policy by adding the required statements. Each statement must include an action, resource, and effect. The effect must be set to “Deny” to explicitly deny access to the specified resources.

7. Review the policy summary.

8. Provide a name and a description.

9. Click on the “Create policy” button.

Once you’ve created your policy, you can attach it to one or more IAM users, groups, or roles to grant or restrict their access to AWS resources.

IAM (serves) Roles

1. Navigate to the IAM dashboard.

2. Click on “Roles” from the left-hand menu.

3. Click on the “Create role” button.

4. Choose the type of trusted entity for your role: an AWS service, another AWS account, or a web identity provider.

5. Choose the use case that best fits your scenario, such as EC2 or Lambda.

6. Select the policies that define the permissions for your role. You can choose from existing policies or create a custom one.

7. Give your role a name and description.

8. Review your role and click “Create role” to save it.

After creating your role, you can assign it to an IAM user or group to permit them to access AWS resources. For example, you can assign the role to an EC2 instance to permit it to access other AWS resources. Be sure to test your role to ensure it provides the intended level of access.

Lambda function

1. Navigate to the Lambda dashboard.

2. Click on the “Create function” button.

3. Choose the type of function you want to create. You can create a function from scratch, a blueprint, or a serverless application repository.

4. Give your function a name and description.

5. Choose a runtime for your function, such as Python, Node.js, or Java.

6. Configure the function’s execution role, which determines the permissions that the function has to access AWS resources.

7. Write your function code or upload a ZIP file containing your code.

8. Configure your function’s triggers, which determine when the function is executed. As triggers, you can use AWS services such as S3, API Gateway, or CloudWatch Events.

9. Set up your function’s environment variables and any additional settings, such as memory and timeout settings.

10. Click “Create function” to save your Lambda function.

After creating your Lambda function, you can test it by invoking it manually or setting up a trigger to invoke it automatically. You can also monitor your function’s performance and troubleshoot any errors using the AWS Lambda console.

CloudWatch

1. Navigate to the CloudWatch dashboard.

2. Click on “Events” from the left-hand menu.

3. Click on the “Create rule” button.

4. Choose the “Schedule” option under “Event Source”.

5. Configure the croon expression for when you want the EC2 instance to start. For example, if you want it to start every day at 7 pm, you would use the expression 30 13 * * ? *.

6. Choose the EC2 instance as the target for the event rule.

7. Configure the specific action that you want to perform on the EC2 instance, which in this case is to start it.

8. Give your rule a name and description.

9. Click “Create rule” to save your CloudWatch event rule.

After creating your CloudWatch event rule, it will trigger at the scheduled times and start the specified EC2 instance. Be sure to test your rule to ensure it is working as expected.

First, we need to create an s3 Bucket steps are given below:

 Step 1: Log on to your AWS Console.
Step 2: go to the Search bar  ” S3 services “

Step 3: Click on S3  Scalable Storage in the Cloud” and proceed further

Step 4: Create a new Bucket

In the general configuration category:

Step 5: Enter the bucket name  (delete-object-put object bucket in our case) 

Step 6: Next, choose the  AWS region,  [Asia Pacific (Mumbai) ap-south-1].

ACLs disabled (Recommended)

Bucket owner enforced – Bucket and object ACLs are disabled, and you, as the bucket owner, automatically own and have full control over every object in the bucket. Access control for your bucket and the objects in it is based on policies such as AWS Identity and Access Management (IAM) user policies and S3 bucket policies Objects can be uploaded to your bucket only if they don t specify an ACL or if they use the bucket-owner-full-control canned ACL.

Block Public Access settings for this bucket

Public access is granted to buckets and objects through access control lists (ACLs), bucket policies, access point policies, or all. In order to ensure that public access to this bucket and its objects is blocked, turn on Block all public access. These settings apply only to this bucket and its access points. AWS recommends that you turn on Block all public access, but before applying any of these settings, ensure that your applications will work correctly without public access. If you require some level of public access to this bucket or objects within, you can customize the individual settings below to suit your specific storage use cases

Bucket Versioning

Versioning is a means of keeping multiple variants of an object in the same bucket. You can use versioning to preserve, retrieve, and restore every version of every object stored in your Amazon S3 bucket. With versioning, you can easily recover from both unintended user actions and application failures.

Disable

Step 7: Click on Create Bucket.

If the bucket is created successfully, you will see a message like this on the top of the page:

Creating an IAM (Identity and Access Management) service in AWS (Amazon Web Services) can be done by following these steps:

1. Go to the IAM service by searching for it in the search bar or selecting it from the list of services.

2. Once in the IAM console, click on the “Users” tab in the left-hand menu.

3. Click the “Add user” button.

4. Enter a name for the new user and select the “Programmatic access” checkbox to give the user access to AWS via APIs, CLI, and SDKs.

5. Click “Next: Permissions” to assign the user permissions.

6. Choose an existing policy or create a new one that defines the user’s permissions.

7. Click “Review” to review the user’s information and permissions.

8. click Create User to create a new user.

Once the user is created, you’ll be provided an Access Key ID and a Secret Access Key, which you can use to programmatically access AWS services. Be sure to keep these credentials safe, as they provide access to your AWS resources.

Click Download .csv file

To create an IAM (Identity and Access Management) policy in AWS (Amazon Web Services), you can follow these steps:

1. Go to the IAM service by searching for it in the search bar or selecting it from the list of services.

2. Once in the IAM console, click on the “Policies” tab in the left-hand menu.

3. Click the “Create policy” button.

4. Choose either the “Visual editor” or the “JSON” tab to create the policy.

5. choose the Visual editor tab to select the service the policy will apply to and then choose the actions and resources the policy will allow or deny

Deny

6. choose the JSON tab, and enter the policy in JSON format. The JSON format must include a version, statement, and action.

7. then create the policy enter a name and description and click Create a policy

Once the policy is created, you can attach it to a user, group, or role in IAM. When the user, group, or role tries to access a resource, the policy will be checked to determine whether the action is allowed or denied.

It’s important to test your policy to ensure that it’s providing the intended access and restrictions.  can do this by using the Simulate policy feature in the IAM console, which lets you simulate a policy to see how it would apply in different scenarios.

Attach policy

1. Once in the IAM console, click on the “Users,” “Groups,” or “Roles” tab in the left-hand menu, depending on which entity you want to attach the policy to.

2. Select the user, group, or role that you want to attach the policy to.

3. Click on the “Permissions” tab, and then click on the “Attach policies” button.

4. In the search bar, type the name or description of the policy that you want to attach, and then select the policy from the list.

5. Click Attach policy to attach the policy to the selected entity

After attaching the policy, the user, group, or role will have the permissions granted by the policy. You can also create custom policies and attach them to entities as needed. Be sure to test your policies to ensure that they’re providing the intended access and restrictions.

Successful for Attach policies

 Login for user

Click for Amazon S3 servicers

Click  for bucket name  = Deleteobject-putobject-deny

Click  [ Upload ]

the below snaps, the user is not able to delete objects and not able to upload objects