Containers are standardized, executable components that integrate application source code with the operating system (OS) libraries and dependencies necessary to run that code in any environment. Docker is an open-source platform that empowers developers to build, distribute, operate, update, and manage containers.

The magic bullet that permanently fixed the virtualization and software container issues was Docker. Yes, that is a bold statement! Other products had made an effort to address these issues, but Docker’s novel strategy and ecosystem had completely eliminated the competition. You will learn the fundamentals of Docker in this course so that you can start utilizing it for your own applications and incorporating it into your workflow.

 1  Installing Docker

What Is Docker? How To Install Rehal 9

It’s possible that the Docker installation package included in the official Ubuntu repository is out of date. We’ll install Docker from the official Docker repository to make sure we have the most up-to-date version. To accomplish that, we will first create a new package source, then install the package after adding the GPG key from Docker to confirm the downloads are legitimate.

Update your current list of packages first:.

apt update

Install the following prerequisites to enable apt to use packages through HTTPS:

apt install apt-transport-https ca-certificates curl software-properties-common

curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add -

Then add your system’s GPG key for the official Docker repository:

APT sources should include the Docker repository:

add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu focal stable"

Additionally, this will add the Docker packages from the recently added repository to our package database.

Verify that you are about to install from the Docker repository rather than the standard Ubuntu repository:

The result will look like this, albeit Docker’s version number can be different:

Note that docker-cue is not installed, but Ubuntu 20.04 (focal)’s Docker repository is the installation candidate.

Install Docker lastly:

apt install docker-ce

Now that Docker has been set up, the daemon should be running and the process should be set to launch upon boot. Verify that it is operating:

To verify that the service is operational and operating, the output should resemble the following:

The Docker client as well as the Docker service (daemon) are now included with the installation of Docker. Later in this lesson, we’ll look at how to use the docker command.

Install docker in complete 

An API Gateway serves as a common entry point for APIs (Application Programming Interfaces), a service offered by cloud computing platforms like Amazon Web Services (AWS). It offers a managed option for safely and scalable developing, deploying, and managing APIs.

Clients can access and interact with the functionality and data offered by backend services by using API Gateway, which acts as a proxy between clients and those services. It serves as a gatekeeper or middleman that receives and processes API requests before sending them to the proper backend service.

API Gateway delivers the following crucial advantages and features:

( 1 ) Create and manage APIs with API Gateway. This includes specifying resources, methods (such as GET, POST, PUT, and DELETE), and the request/response structures that go with each. It offers a method for structuring and organizing your APIs, which makes them simpler to maintain.

( 2 ) Authentication, validation, transformation, and mapping are just a few of the actions that API Gateway can carry out on incoming requests. This gives you the chance to edit or tailor the requests before they go to the backend services, ensuring that they follow any security or format requirements.

( 3 ) Access control and security: API Gateway has built-in security mechanisms to safeguard your APIs and the exposed data. It supports a variety of authentication methods, including OAuth, API keys, AWS Cognito, and AWS Identity and Access Management (IAM) roles. By doing so, you can manage API access and user or client application authentication.

( 4 ) Scalability and performance: API Gateway is built to handle large numbers of API requests and can scale dynamically to address changing traffic loads. It offers caching solutions to enhance performance and lighten the burden on backend services. For further management and control of the usage of your APIs, it includes rate restriction and throttling.

( 5 ) Integration with Backend Services: API Gateway enables integration with a variety of backend services, including Amazon EC2 instances, AWS Lambda functions, and HTTP endpoints. This makes it possible for you to use already-existing services or create new ones to provide the functionality demanded by your APIs.

( 6 ) Monitoring and analytics: API Gateway gives you the logging and tracking tools you need to keep tabs on your APIs’ performance, failures, and usage. You can monitor and gather information about the usage and health of your APIs thanks to its integration with services like AWS CloudWatch.

You may streamline the creation, deployment, and management of APIs by using API Gateway, while also transferring many operational problems to the managed service. In addition to providing a scalable and secure gateway for API connection, it aids in isolating client applications from backend services.

Lambda function

1. Navigate to the Lambda dashboard.

2. Click on the “Create function” button.

3. Choose the type of function you want to create. You can create a function, blueprint, or serverless application repository from scratch.

4. Give your function a name and description.

5. Choose a runtime for your function, such as Python, Node.js, or Java.

( A runtime is a version of a programming language or framework that you can use to write Lambda functions. Lambda supports runtime versions for Node.js, Python, Ruby, Go, Java, C# (.NET Core), and PowerShell (.NET Core)

To use other languages in Lambda, you can create your own runtime.

Note that the console code editor supports only Node.js, Python, and Ruby. If you choose a compiled language, such as Java or C#, you edit and compile your code in your preferred SDE and upload a deployment package to the function. )

Taking by Python 3.1 

6. Configure the function’s execution role, which determines the permissions that the function has to access AWS

Change default execution role
Execution role
Choose a role that defines the permissions of your function. To create a custom role, go to the IAM console
Create a new role with basic Lambda permissions

Click = Create function

Successfully created the function = highsky-function.

API Gateway 

1 Open the API Gateway service: Once logged in, look for “API Gateway” in the “Networking & Content Delivery” section or in the search box of the AWS Management Console.

2 Click on “Create API”: To begin building a new API, use the “Create API” option from the API Gateway service dashboard.

3 Choose the API type: Choose either “REST API” or “WebSocket API” depending on the type of API you want to build. While WebSocket APIs allow for bidirectional communication through the WebSocket protocol, REST APIs are frequently utilised for HTTP-based communication.

4 Select a protocol: Choose whether HTTP or HTTPs is the protocol you wish to use if you decide to develop a REST API. While HTTP is suitable for testing and development, HTTPS is advised for use in operational settings.

Click = Bulid

Click = Ok 

5 Choose a name for your API: 

Click = New API 

Choose a name for your API: Give your API a name that clarifies its function.

Choose an endpoint type:

Click = Create API 

API name* = highsky-API

Description = API-highsky

Endpoint Type = Regional

Click = Create API 

Configure the API: Create the API configuration by specifying the resources, methods, and integrations. To add a method to a resource (such as GET, POST, or PUT), click “Create Method”.

Click = Actions 
Click = Create Method 

Click  = Save 

Click = Lambda highsky-function

Test = function

Go to API Gateway  

Click = Actions and Deploy API

Click = Deploy 

Click the = Invoke URL

Successfully

 

1. Known for its clean syntax, expressive syntax, and developer-friendly features, Laravel is an open-source PHP framework for building online applications. It makes it simple to construct dependable and scalable web applications since it adheres to the Model-View-Controller (MVC) architectural paradigm.

La Ravel’s salient characteristics include:

( 1 ) Routing: Laravel offers a straightforward and expressive method for defining web routes, making it simple to manage HTTP requests and specify the proper response logic.

( 2 ) Eloquent, Laravel’s ORM (Object-Relational Mapping), makes querying and manipulating database records simple by offering an intuitive syntax.

( 3 ) Laravel comes with a built-in templating engine called Blade that enables you to create dynamic, reusable views with capabilities like template inheritance, control structures, and simple data rendering.

( 4 ) Database migrations: The migration mechanism provided by Laravel enables you to easily make changes to the database structure while preserving your data and version control your database design.

( 5 ) User registration, login, and password reset functionality can be easily implemented because Laravel comes with a full authentication system preinstalled. Additionally, it provides strong authorization techniques for limiting access to different areas of your application.

( 6 ) Data Caching and Session Management: Laravel comes with built-in support for data caching, which can significantly enhance the performance of your application. It also offers a clear, uncomplicated interface for managing user sessions.

( 7 ) Task Scheduling: By specifying scheduled instructions, Laravel’s task scheduler enables you to automate monotonous operations within your application.

( 8 ) Testing: Laravel offers built-in support for testing, with capabilities like unit testing, integration testing, and browser testing, making it simpler to assure the quality and reliability of your application.

( 9 ) The sizeable and vibrant Laravel community helps to support its ongoing development, thorough documentation, and availability of several packages and extensions that may be simply incorporated into your applications.

Laravel provides a solid basis for developing cutting-edge online applications, with the overall goal of streamlining the development process and increasing developer productivity.

Apache Web Server installation

You will install the Apache2 web server on your Ubuntu system in this initial phase. You will be using the Apache web server and the Laravel web framework in this example.

To update and reload your Ubuntu repository, run the apt command below.

sudo apt update

The Apache2 web server package should then be installed using the following command.

sudo apt install apache2

Enter Y to confirm, then hit ENTER to launch the installation. It’s time to start installing Apache.

After installing Apache2, you must configure the UFW firewall to allow access to HTTP and HTTPS services.

The HTTP and HTTPS services can be added to the UFW firewall by using the ufw command listed below.

sudo ufw allow "Apache Full"

Input the server IP address (for example, http://192.168.1.11) in the address bar of your web browser after it has opened. The Apache2 web server’s default index.html page should now appear.

Installing PHP

The Ubuntu 20.04 computer will have PHP installed and configured after the Apache web server is set up. The PHP package for version 7.4 is available in the standard Ubuntu 20.04 repository, and it has good support for the Laravel web framework.

Install PHP packages for the Laravel web framework by running the apt command below.

sudo apt install php php-curl php-bcmath php-json php-mbstring php-xml php-tokenizer php-zip

Enter Y to approve the installation, then click ENTER to move on. The installation of PHP will start.

Use the Vim editor to make changes to the configuration file php.ini after the PHP installation is complete.

sudo vim /etc/php/8.1/apache2/php.ini

To make the PHP extensions file info, OpenSSL, and mastering available, uncomment the corresponding options.

extension=fileinfo
extension=mbstring
extension=openssl

When finished, save and close the file.

Restart the Apache2 service after that to make the latest PHP configuration modifications.

sudo systemctl restart apache2

Finally, run the following command to check and validate your PHP setup.

On your Ubuntu computer, check the PHP version installed.

php --version

You can see that PHP 7.4.3 is set up on the Ubuntu computer in the screenshot below.

MariaDB Server installation

PHP and the Apache2 web server packages have now been set up. On the Ubuntu 20.04 system, you will now be installing and setting up the MariaDB database server. For the Laravekl project, you will also be creating a fresh MariaDB database and user.

You can use the apt command listed below to install the MariaDB database on an Ubuntu computer.

sudo apt install mariadb-server

Enter Y to confirm, then hit ENTER to launch the installation.

 

Use the command below to log in as the root user to the MariaDB shell once the installation of MariaDB is complete

sudo mysql -u root -p

Run the MariaDB queries listed below to establish a brand-new database and user for the Laravel project. In this case, the user Laravel and the password “password” will be used to create the database laravel_db

CREATE DATABASE laravel_db;

Query OK, 1 row affected (0.001 sec)

CREATE USER laravel@localhost IDENTIFIED BY 'password';

Query OK, 0 rows affected (0.001 sec)

GRANT ALL PRIVILEGES ON laravel_db.* TO laravel@localhost;

Query OK, 0 rows affected (0.001 sec)

FLUSH PRIVILEGES;

Query OK, 0 rows affected (0.001 sec)

exit

Bye

To exit the MariaDB shell, run the query “EXIT” right away. You have now set up a new database and user for the Laravel project as well as installed the MariaDB database server.

Composer installation

Installing the Composer will be done in this section. It is package management for the PHP programming language, comparable to pip for Python, the gem for Ruby, npm for Node.js, and yarn for PHP.

There are several ways to install the Laravel web framework. In this example, Composer will be used to install the Laravel web framework.

To download the Composer installation, run the command listed below.

curl -sS https://getcomposer.org/installer -o composer-setup.php

To install the Composer, execute the installer script “composer-setup.php” right away. By doing this, the Composer will be installed in the /usr/local/bin directory.

sudo php composer-setup.php --install-dir=/usr/local/bin --filename=composer

This screenshot was taken during Composer installation.

Run the command shown below to check and validate the Composer installation when the installation is complete.

sudo -u www-data composer --version

Display the Composer help content.

sudo -u www-data composer --help

Start Installing Laravel

For the purposes of this example, you will need to establish three directories: “.cache” for the PHP package cache, “.config” for the additional Composer setup, and “laravelapp” for the Laravel project itself. The “/var/www” directory will contain all of those directories.

To create new directories for the Laravel installation, run the command below.

sudo mkdir -p /var/www/{.cache,.config,laravelapp}

Currently, give the user and group www-data ownership to the Composer and Laravel directories.

sudo chown -R www-data:www-data /var/www/{.cache,.config,laravelapp}

After that, use the following command to navigate to the /var/www/laravelapp directory.

cd /var/www/laravelapp/

then use the composer command listed below to install the Laravel web framework. The. at the end of the program will install Laravel in the /var/www/laravelapp working directory.

sudo -u www-data composer create-project laravel/laravel .

After the Laravel installation is complete, the outcome is shown below.

Next, use the Vim editor to make changes to the “.env” file when the installation is finished. This setting serves as Laravel’s immediate environment setup and contains information like the installation URL and database specifics.

vim .env

For the Laravel installation, replace the APP_URL configuration with your domain name. The domain name laravelapp.hwdomain.io.c will be used to host the laravel in this example.

APP_URL=http://laravel_db.hwdomain.io

As soon as you have modified your database configuration, modify the database details.

DB_CONNECTION=mysql
DB_HOST=127.0.0.1
DB_PORT=3306
DB_DATABASE=laravel_db
DB_USERNAME=laravel
DB_PASSWORD=password

Save and close the file when you are done.

The MariaDB database server and Laravel web framework installation are now complete.

Setup Apache Virtual Host

The Apache2 virtual host for the Laravel web framework needs to be configured now. The Laravel project will be running in this illustration on the local domain laravel_db.hwdomain.io.

Create a new file “/etc/apache2/sites-available/laravel.conf” using Vim editor.

sudo vim /etc/apache2/sites-available/laravel.conf

The file should now have the following configuration. You can alter the domain if you are already using it. Additionally, be sure to modify the Laravel project’s Document root path.

<VirtualHost *:80>

    ServerAdmin admin@hwdomain.io
    ServerName laravel_db.hwdomain.io
    DocumentRoot /var/www/laravelapp/public

    <Directory />
            Options FollowSymLinks
            AllowOverride None
    </Directory>
    <Directory /var/www/laravelapp>
            AllowOverride All
    </Directory>

    ErrorLog ${APACHE_LOG_DIR}/error.log
    CustomLog ${APACHE_LOG_DIR}/access.log combined

</VirtualHost>

Save and close the file when you are done.

The next step is to run the following command to enable the virtual host configuration laravel. conf and the Apache2 module rewriting.

sudo a2enmod rewrite
sudo a2ensite laravel.conf

Now make sure there are no errors in the Apache2 configuration.

sudo apachectl configtest

Apply the updated virtual host configuration for the Laravel project now by restarting the Apache2 service using the command listed below.

sudo systemctl restart apache2

You have now finished setting up Apache to serve Laravel’s virtual host.

On your machine, edit the /etc/hosts file using the nano/vim editor.

sudo vim /etc/hosts

Include the subsequent configuration. Make sure to update your detailed server’s domain name and IP address.

Save and close the file when you are done.

sudo systemctl restart mariadb.service

sudo systemctl enable mariadb.service

sudo systemctl restart apache2

sudo systemctl enable apache2

Finally, return to your web browser and type the URL for the Laravel installation (i.e., http://laravel_db.hwdomain.io) into the address bar. And you ought to see the Laravel web framework’s default index page. Additionally, you can see the PHP version you are currently using and the Laravel version you just installed at the bottom.

Congratulation! The Laravel web framework has now been successfully installed on Ubuntu 20.04. Additionally, you have learned how to set up the LAMP stack for the Laravel web farm.

1 Once you have logged in, go to the EC2 service to start it up. Either use the top search bar to look for “EC2” or browse the “Compute” section to find it.

2 Start a new instance: To begin building a new EC2 instance, click the “Launch Instance” button.

3 You will be asked to select an Amazon Machine Image (AMI) during the instance launch wizard. To find the Windows Server AMI of your choosing, select the “AWS Marketplace” tab and conduct a search. There are several versions offered, including Windows Server 2019, 2016, and others. By clicking the “Select” button, you can choose the AMI that best meets your needs.

( 1 ) Instance = highsky-windows-server1

( 2 ) Application and OS Images (Amazon Machine Image) = Windows. Microsoft 

4. Select a type of instance: Depending on the resources and performance you require, choose the instance type. You have the option of selecting a general-purpose instance or a particular instance type. After making your choice, pick “Next: Configure Instance Details” from the menu.

5. Configure instance details: Various settings, including the number of instances, network configurations, storage, security groups, and more, can be made in this area. When you have finished, click the “Next: Add Storage” option. Adjust the settings as necessary.

6. Add storage by setting up your instance’s storage options. If necessary, you can change the default storage size or add more volumes. After making your modifications, select “Next: Add Tags” from the menu.

7.  You can optionally add tags to your instance to improve management and organisation. Key-value pairs called tags are a way of identifying and classifying resources. When you’re ready, press the “Next: Configure Security Group” button.

8.  Setting up a security group will allow you to manage the inbound and outgoing traffic to your instance. A new security group can be made, or you can choose an existing one. For your Windows Server instance, make sure to enable inbound traffic that is required, such as Remote Desktop Protocol (RDP) for remote access. When you’re done, press the “Review and Launch” button.

9.  Review everything you’ve configured for your instance before launching it. Click the “Launch” button if everything appears to be in order.

10.  Choose or create a key pair: If you don’t already have a key pair, you’ll be asked to do so. For safe login to your instance, key pairs are utilised. Save the private key file (.pem) that you downloaded in a secure location. After downloading the key pair, select “Launch Instances” from the menu.

11. Launch status: A notification confirming that your instances are launching will appear. To access the EC2 dashboard, click the “View Instances” option.

12. Connect to your instance by choosing it from the list and clicking the “Connect” button after it has started operating. To connect to your Windows Server instance using Remote Desktop Protocol (RDP), adhere to the recommended steps.

I’m done now! AWS has acknowledged your successful creation of a Windows Server EC2 instance. Now you can use it for the settings and applications you like.

Connect to your Windows instance using RDP

1. When utilising Remote Desktop to login to your Windows instance, you must first locate the initial administrator password and then input it. After the instance launches, it takes some time before this password becomes accessible.

2. The name of the administrator account is determined by the operating system’s language. For instance, the correct term is Administrator for English, Administrator for French, and Administrator for Portuguese. See the Microsoft TechNet Wiki for more details.

3. You can access your instance using the domain credentials you’ve specified in AWS Directory Service if you’ve joined your instance to a domain. Use the administrator’s fully qualified user name on the Remote Desktop login screen in place of the local computer’s name and the generated password.

4. When the instance was launched, you created a private key (.pem) file; select Browse and go to that location. To copy the whole contents of the file to this window, choose the file and then select Open.

5. Decrypt Password is your option. In place of the previous Get password link, the console now shows the instance’s default administrator password under Password. Keep the password in a secure location. In order to connect to the instance, you must enter this password.

6. Select Download file from remote desktop. You are given the option to open or save the RDP shortcut file using your browser. To get back to the Instances page when you have completed downloading the file, select Cancel.

( 1 ) You would see the Remote Desktop Connection dialogue box if you opened the RDP file.

( 2 ) If you saved the RDP file, open it by going to your downloads directory and clicking it to bring up a dialogue box.

7. You can be informed that the remote connection’s publisher is unknown. To maintain your connection to your instance, select Connect.

8. The default selection is the administrator account. The saved password should be copied and pasted.

9. You might see a warning that the security certificate could not be validated because of the nature of self-signed certificates. Use the next several steps to confirm the remote computer’s identification, or just select Yes (Windows) or Continue (Mac OS X) if you believe the certificate.

Successfully EC2 instance Windows Server connect 

1. Activate the EC2 service: After logging in, choose the EC2 service from the list of accessible services to navigate to it.

2. To launch an instance, select the “Launch Instance” button on the EC2 dashboard. This will launch the procedure for creating an instance.

3. Selecting an AMI from Amazon Choose an AMI that meets your needs. AWS offers pre-configured AMIs, or you can utilize your own custom AMI.

4. Select a type of instance: Select the “C5” family, followed by the “c5.xlarge” instance type, in the “Choose Instance Type” section.

5. Configure instance details, including the number of instances, network configurations, and storage choices, based on your requirements. In case you’re unsure, you can leave most of the options alone.

6. Add storage by specifying how much space your EC2 instance needs. Depending on your requirements, you can change the storage’s size, composition, and configuration

7. Set up security groups: Security groups manage the traffic entering and leaving your EC2 instance. Set the security group up to permit access to the ports and protocols required for your use case.

8. Review the setup options you’ve chosen before launching se. Click the “Launch” button if everything appears to be in order.

9. Choose an existing key pair or generate a new one: You must build a key pair in this step in order to securely connect to your EC2 instance. A fresh key pair can be generated or an old one used. Ensure that you download the private key file (.pem) and save it safely.

10. Launch the instance: To launch your EC2 instance after choosing a key pair, click the “Launch Instances” button. It will begin provisioning the instance.

11. Once your EC2 instance is up and running, you can connect to it and access it via SSH or other remote access protocols. To create a secure connection to your instance, use the private key file you downloaded earlier.

I’m done now! You have successfully established an EC2 instance of the high-performance computing capable “c5.xlarge” instance type. Keep in mind to manage and monitor your EC2 instances according to the demands of your workflow.

( 1 ) Navigate to the EC2 Dashboard by clicking on the “Services” dropdown menu, selecting “Compute,” and then clicking on “EC2.”

( 2 ) Click on the “Launch Instance” button.

( 3 ) Select the Amazon Machine Image (AMI) you want to use for your instance.

( 4 ) Choose the instance type that best fits your needs.

( 5 ) Configure the instance details, including the number of instances you want to launch, network settings, and storage.

( 6 )  Add any additional tags, if desired, to help you identify your instance.

( 7 )  Configure security groups to control inbound and outbound traffic to your instance.

( 8 )  Review your configuration and launch your instance.

And click the =  Instances

Click = Connect .. And connect instance 

( 1 )  Apache Web Server install ( httpd)

sudo yum install httpd -y

( 2 ) Activate Apache and start it:
Start the service and make Apache boot up automatically after installation.

sudo systemctl start httpd

sudo systemctl start httpd

Go to EC2 Dashboard 

( 1 ) Click = Actions
( 2 ) Click = Image and templates
( 3 ) Create image

1 Create an image (AMI) : When the instance is selected, click the “Actions” dropdown menu and select “Create Image” (you can also right-click the instance to access this menu as well).

2 Configure the image settings: Give the image a special name and description in the “Create Image” dialogue box. Additionally, you can decide whether to restart the instance before to making the picture, which is advised for data consistency. To begin creating an image, click “Create Image”.

( 1 ) Image name = highsky-image 
( 2 ) Image description – optional = highsky-image 

3 Monitor image creation: It can require a few minutes to create a picture. The EC2 interface allows you to keep tabs on the development. The image will be accessible in the AMIs section once the image creation is complete.

Click = Create image

 Go to EC2 Dashboard / Images / AMIs 

4 Launch a new EC2 instance from the image: To launch the instance creation wizard, select “Launch Instance” from the EC2 dashboard.

5 Instances name = highsky2-image 

6 Choose an Amazon Machine Image (AMI): Click the “My AMIs” tab in the “Instance Creation Wizard’s first step. The picture you made in the previous step ought to appear. Choose it to serve as the new instance’s base image.

7 Configure instance details: Set up the instance’s specifics, including the instance type, network configurations, storage options, and security groups, in accordance with your needs. Examine other settings, and make necessary changes.

And click the =  Instances

Click = Connect .. And connect instance 

yum install httpd -y

 

The AWS CDK or Cloud Development Kit is one of the powerful frameworks which helps developers to find out cloud infrastructure resources by using similar programming languages like Java, TypeScript, and Python.  HighSky IT offers The AWS Security Training Course Ahmedabad, which gives an invaluable resource for architects and developers looking to unlock the complete potential of the CDK.

This course is specially designed to offer comprehensive skills and knowledge to participants related to securing data and applications on the AWS platform.  Such kind of  Data Science Training in Ahmedabad provides valuable insights into best practices and different security measures that can help to protect AWS resources from different potential threats.  This post highlights some key takeaways from such a training course.

What can you learn from AWS CDK or Security Training Course?

• Understanding AWS Security Services

The courses for Ansible Training Ahmedabad offer an in-depth understanding of different security services provided by AWS.  Here, participants can learn about different services like AWS CloudTrail, Identity and Access Management (IAM), Firewall Manager, AWS Key Management Service (KMS), AWS Config, and many more.  Having knowledge about such services can be utilized to improve the AWS environment’s security posture.

• Identity and Access Management

The courses for AWS Security Certification Ahmedabad cover AWS IAM, which is one of the primary components of access control in AWS.  Here, learners can understand the best practices for implementing authorization mechanisms and secure authentication.

• Securing AWS Infrastructure

In this AWS CDK, the participants can learn about best practices and important techniques for securing their AWS infrastructure.  It includes implementing the right access controls, configuring secure network architectures, and applying security policies in order to protect AWS resources.  The participants can also learn about encryption mechanisms, secure data storage options, and methods to secure transit data.

• Incident Response and Compliance

This course gives proper guidance on responding to security incidents and creating an incident response plan in an AWS environment.  Here, participants can learn about AWS security best practices to respond to and mitigate common threats to security.  The learners can gain knowledge of industry regulations and compliance frameworks relevant to AWS, like PCI-DSS, GDPR, and HIPAA.

Apart from that, the course also helps the participants to understand the best practices and security optimization and monitoring and logging for securing AWS resources.

Conclusion

The AWS Security Training Course helps the participants with the skills and knowledge essential to implement security measures in their AWS environment.  If you want to learn more details on this course, then you can connect with Highsky IT Solutions to gain an understanding of securing infrastructure and AWS security services.

First, we need to create an s3 Bucket steps are given below:

To bucket create
1 highsky1
2 highsky2

1 ( highsky1 )
Step 1: Log on to your AWS Console.
Step 2: go to the Search bar  ” S3 services “

Step 3: Click on S3  Scalable Storage in the Cloud” and proceed further

Step 4: Create a new Bucket

In the general configuration category:

Step 5: Enter the bucket name  ( highsky1 ) 

Step 6: Next, choose the  AWS region,  [Asia Pacific (Mumbai) ap-south-1].

ACLs disabled (Recommended)

Bucket owner enforced – Bucket and object ACLs are disabled, and you, as the bucket owner, automatically own and have full control over every object in the bucket. Access control for your bucket and the objects in it is based on policies such as AWS Identity and Access Management (IAM) user policies and S3 bucket policies Objects can be uploaded to your bucket only if they don t specify an ACL or if they use the bucket-owner-full-control canned ACL.

Block Public Access settings for this bucket

Public access is granted to buckets and objects through access control lists (ACLs), bucket policies, access point policies, or all. In order to ensure that public access to this bucket and its objects is blocked, turn on Block all public access. These settings apply only to this bucket and its access points. AWS recommends that you turn on Block all public access, but before applying any of these settings, ensure that your applications will work correctly without public access. If you require some level of public access to this bucket or objects within, you can customize the individual settings below to suit your specific storage use cases

Bucket Versioning

Versioning is a means of keeping multiple variants of an object in the same bucket. You can use versioning to preserve, retrieve, and restore every version of every object stored in your Amazon S3 bucket. With versioning, you can easily recover from both unintended user actions and application failures.

Disable

2. Once in the IAM console, click on the “Policies” tab in the left-hand menu.

3. Click the “Create policy” button.

4. Choose either the “Visual editor” or the “JSON” tab to create the policy.

5. choose the Visual editor tab to select the service the policy will apply to and then choose the actions and resources the policy will allow or deny

( 1 ) Select the “JSON” tab.
( 2 ) Define the policy document using the JSON syntax. The policy document specifies the permissions and resources that the policy grants or denies.
( 3 ) Make sure to include the necessary actions, resources, and conditions according to your requirements.
( 4 ) Click on the “Review policy” button.
( 5 ) Provide a name and optional description for your policy.
( 6 ) Review the policy details and click on the “Create policy” button to finalize it.

 

 {
  "Version": "2012-10-17",
  "Statement": [
    {
      "Sid": "Stmt1686230148773",
      "Action": [
        "s3:ListAllMyBuckets"
      ],
      "Effect": "Allow",
      "Resource": "*"
    },
    {
      "Sid": "Stmt1686230216901",
      "Action": "s3:*",
      "Effect": "Allow",
      "Resource": "arn:aws:s3:::Your Bucket Name "
    }
    {
      "Sid": "Stmt1686230222829",
      "Action": "s3:*",
      "Effect": "Allow",
      "Resource": "arn:aws:s3:::Your Bucket Name /*"
    }
  ]
}

Click Next 

Full permission  in Bucket ( highsky1 ) 

( 7 ) Policy Name File ( permission-policy )

And Click ( Create policy )

Once the policy is created, you can attach it to a user, group, or role in IAM. When the user, group, or role tries to access a resource, the policy will be checked to determine whether the action is allowed or denied.

It’s important to test your policy to ensure that it’s providing the intended access and restrictions.  can do this by using the Simulate policy feature in the IAM console, which lets you simulate a policy to see how it would apply in different scenarios

2 Create User 

1. Once in the IAM console, click on the “Users” tab in the left-hand menu.

1. Open the AWS Management Console: Go to the AWS Management Console and log in to your AWS account.

2. Choose RDS: From the list of AWS services, choose RDS (Relational Database Service).

3. Click “Create Database”: On the RDS dashboard, click the “Create database” button.

 4. Choose a database engine: Select the engine you want to use for your RDS instance. Amazon RDS supports various database engines like MySQL, PostgreSQL, Oracle, SQL Server, MariaDB, etc.

 

5 Choose a use case: Select the use case that best fits your needs. This will determine the default settings for your RDS instance, such as the instance class, storage type, and allocated storage.

6 . Configure the instance: Configure the RDS instance by specifying its name, username, and password. You can also choose the instance type, storage type, allocated storage, and other settings based on your requirements.

7. Configure advanced settings: If needed, you can configure advanced settings such as backup retention, maintenance window, security groups, and VPC settings.

8. Launch the instance: After configuring all the settings, review your configuration and click “Create Database” to launch your RDS instance.

9. Please wait for the instance to launch: It may take several minutes for your RDS instance to launch. Once it is ready, you can connect to it using the endpoint provided in the AWS Management Console.

 

That’s it! You have now created an RDS instance in AWS. You can use this instance to host your database and connect to it from your applications.

IAM service policy

1. Open the IAM Management Console: Go to the AWS Management Console and log in to your AWS account. From the list of AWS services, choose “IAM” under “Security, Identity & Compliance”.

2. Create a new policy: In the left-hand navigation pane, click “Policies”, then click “Create policy”.

3. Select a policy template: On the Create Policy page, you can either create your custom policy or use a pre-defined policy template. To create a policy for RDS, you can select the “Amazon RDS” service from the list of available services.

4. Choose the actions: Next, you need to choose the actions that you want to allow or deny for this policy. For example, you might want to allow read-only access to RDS resources or grant permissions to create and modify RDS resources.

5. Select Permission   ( Write )
(  CreateDBSnapshot )

6. Choose the resources: Once you have selected the actions, specify the RDS resources to which this policy applies. You can choose to apply the policy to all resources or specify individual resources by ARN (Amazon Resource Name).

1 db Represents a DB instance that is an isolated database environment running in the cloud

Click Add Arnto restrict access.

Click Theis Account 

( 1 )  Resource Region 

ap-south-1a 

( 2 ) Resource db instance name

database-1 

And Click ( Add ARNs )

IAM service role

1. Navigate to the IAM dashboard.

2. Click on “Roles” from the left-hand menu.

3. Click on the “Create role” button.

4. Choose the type of trusted entity for your role: an AWS service, another AWS account, or a web identity provider.

Use case Allow an AWS service like EC2, Lambda, or others to perform actions in this account.

Click The Lambda

5. Select the policies that define the permissions for your role. You can choose from existing policies or create a custom one.

6. Give your Role a name and description.

7. Review your role and click “Create role” to save it.

That’s it! You have now created an IAM service role in AWS. You can use this role to grant permissions to an AWS service or other entities that need to perform actions on your behalf.

Lambda function

1. Navigate to the Lambda dashboard.

2. Click on the “Create function” button.

3. Choose the type of function you want to create. You can create a function, blueprint, or serverless application repository from scratch.

4. Give your function a name and description.

5. Choose a runtime for your function, such as Python, Node.js, or Java.

( A runtime is a version of a programming language or framework that you can use to write Lambda functions. Lambda supports runtime versions for Node.js, Python, Ruby, Go, Java, C# (.NET Core), and PowerShell (.NET Core)

To use other languages in Lambda, you can create your own runtime.

Note that the console code editor supports only Node.js, Python, and Ruby. If you choose a compiled language, such as Java or C#, you edit and compile your code in your preferred SDE and upload a deployment package to the function. ) 

Taking by Python 3.1 

6. Configure the function’s execution role, which determines the permissions that the function has to access AWS resources.

7. Write your function code or upload a ZIP file containing your code.

import boto3

def lambda_handler(event, context):
    rds_client = boto3.client('rds')
    instance_id = "database-1"
    snapshot_id="Highskysnapshot"
    try:
        response = rds_client.create_db_snapshot(
            DBInstanceIdentifier=instance_id,
            DBSnapshotIdentifier=snapshot_id
        )
        print(f"Snapshot '{snapshot_id}' creation initiated.")
        return {
                "snapshot_id" : response['DBSnapshot']['DBSnapshotIdentifier'],
                "status" : "started creating"
            }
    except Exception as e:
        print(f"Error creating snapshot: {str(e)}")
        return None

8. Set up your function’s environment variables and any additional settings, such as memory and timeout settings. Click “Create function” to save your Lambda function.

After creating your Lambda function, you can test it manually or set up a trigger to invoke it automatically. You can also monitor your function’s performance and troubleshoot any errors using the AWS Lambda console.

  CloudWatch

1. Navigate to the CloudWatch dashboard.

2. Click on “Events” from the left-hand menu.

3. Click on the “Create rule” button.

4. Choose the “Schedule” option under “Event Source”.

Click Continue To create rule 

5. Configure the croon expression for when you want the RDS DB  instance to start. For example, if you want it to start every day at 8 pm, you would use the expression 30 12 * * ? * 

6. Choose the EC2 instance as the target for the event rule.

7. Configure the specific action that you want to perform on the RDS DB instance, which in this case is to start it.

8. Give your rule a name and description.

9. Click “Create rule” to save your CloudWatch event rule.

After creating your CloudWatch event rule, it will trigger at the scheduled times and start the specified EC2 instance. Be sure to test your rule to ensure it is working as expected.

Successfully 

You must follow a set of steps in order to install WordPress on Ubuntu using the command line interface (CLI). Here is a detailed instruction:

1 System package updates:
Update the system packages to the most recent versions first. Run the following commands in a terminal after opening it:

sudo apt update
sudo apt upgrade

2 Set up the LAMP stack:

A web server, database, and PHP are necessary for WordPress. Using the command line, you may install the LAMP stack (Linux, Apache, MySQL, and PHP):

( 1 ) Install Apache

sudo apt-get install apache2 -y

( 2 ) Activate Apache and start it:
Start the service and make Apache boot up automatically after installation.

sudo systemctl start apache2

sudo systemctl enable apache2

( 3 ) Install MariaDB

sudo apt-get install mariadb -y

( 4 ) Activate Mariadb and start it:
Start the service and make Mariadb boot up automatically after installation.

sudo systemctl start mariadb

sudo systemctl enable mariadb

( 5 ) MySQL configuration

You’ll be asked to choose a root password when installing the MySQL server. Establish a strong password and abide by the directions. Run the subsequent command to protect the MySQL installation after that:

sudo mysql_secure_installation

follow a pick 

 

 

Your root password 

 

And then create the database

( 7 ) The creation of a MySQL database and user

Run the following command to enter the MySQL shell:

sudo mysql -u root -p

Enter the root password you created before. A new database and user can be created for highsky_db after you are logged in:

create database highsky_db

Check the Database

SHOW DATABASES;

And Exit 

( 6 ) Install PHP

sudo apt-get install php

( 7 ) Install PHP-MySQL

sudo apt-get install php-mysql php-cgi php-cli php-gd

( 8 ) Restart the Apache service

sudo systemctl enable apache2

( 9 ) Installing and setting up WordPress:

Move to the Apache web server root directory:

sudo cd /var/www/html/

( 10 ) Install WordPress using the most recent version:

sudo wget https://wordpress.org/latest.zip

( 11 ) Unzip Tar File

sudo unzip latest.zip

( 12 ) Check the unzip file

sudo ls

( 13 ) Copy this  file /var/www/html/

sudo cp -r wordpress/* /var/www/html/

( 14 ) Allow the Apache service in ufw

sudo ufw allow http

( 15 ) your IP address copy

sudo ip a

( 16 ) Access WordPress:

Open a web browser and type your server’s IP address or domain name. The WordPress installation page ought to appear. To finish the installation, adhere to the on-screen directions.

And click the Let ‘s go’

Scroll and click  Submit  

( 17 ) And go to Terminal to create a file /var/www/html/wp-config.php

sudo vim wp-config.php

Copy the full path And paste /var/www/html/wp-config.php

Click the Run the installation

your Email id file then Click install WordPress

Click Log in

Successful WordPress installation

 

1 what is WordPress

Popular content management systems (CMS) like WordPress are used to build and maintain websites. It is a free and open-source platform that enables people to publish content and develop websites without having to have a deep understanding of coding.

WordPress is very flexible and adaptable for all sorts of websites since it offers a user-friendly interface and a variety of configurable themes and plugins. Originally designed as a blogging platform, it has now matured into a feature-rich CMS that can power everything from straightforward personal blogs to intricate e-commerce websites and corporate portals.

WordPress has a few important features, such as:

1 Simple Content Management: WordPress makes it simple for users to write blog posts, create pages,  add images and videos, and more.

2 Themes & Personalization: Users can alter the look of their website by selecting from a wide range of free and commercial themes. Furthermore, WordPress offers a wide range of customization options via plugins and widgets, allowing users to expand the functionality and features of their websites.

3 WordPress was created with search engine optimization (SEO) in mind, and it offers a number of tools and plugins to help with content optimization and raise search engine ranks.

4 WordPress has an extensive ecosystem of plugins that users may install to increase the functionality of their websites. Contact forms, e-commerce options, social network integration, security improvements, and other features are all covered by these plugins.

5 Support and Community The WordPress platform has a sizable and vibrant community of users, developers, and contributors who help one another out, share information, and create fresh themes and plugins. This community feature guarantees users access to information, support, and updates for their WordPress websites.

WordPress is a popular and adaptable platform that enables people, companies, and organizations to construct and maintain websites easily.

2 You can adhere to these general procedures to install WordPress on CentOS, Red Hat, or Fedora:

( 1 ) System package updates:
For a start, make sure your system packages are updated so you have the most recent dependencies and updates:

[root@server ~]# yum update

( 2 )  Apache Web Server install
WordPress needs a web server to run, and Apache is a common option. Use the command line interface to install Apache:

[root@server ~]# yum install httpd -y

( 3 ) Activate Apache and start it:
Start the service and make Apache boot up automatically after installation.

[root@server ~]# systemctl start httpd

[root@server ~]# systemctl enable httpd

( 4 ) MariaDB (or MySQL) install :
MariaDB is a good option for WordPress’ requirement for a database server. Use the subsequent command to install MariaDB:

yum install mariadb-server mariadb

( 5 ) Start MariaDB and make it active:
Start the service and make it such that MariaDB starts automatically when the system boots after installing it.

systemctl start mariadb

systemctl enable mariadb

3 MariaDB Secure installation on RHE

( How to install MariaDB and use MariaDB redhat )

To configure the MariaDB root password and increase security, run the security script:

mysql_secure_installation

( 1 ) MariaDB, just like MySQL is the default. secure Therefore, you must take another step and run the mysql_secure_installation script.

You are guided through a series of prompts by the Running command. You will need to create a root password first. The default root user unix socket authentication in MariaDB is insufficiently secure.

So, decline from using the Unix socket authentication by pressing  ” n ” and hitting

mysql_secure_installation

Enter current password for root (enter for none):  [Press Enter] 

Setting the root password or using the unix_socket ensures that nobody
can log into the MariaDB root user without the proper authorisation.

Your root account is protected, so you can safely answer ‘n’.

Switch to unix_socket authentication [Y/n]   [Press ” n ” Enter ] 

Change the root password? [Y/n]    [ Press ” y ” Enter ]

New password:                                   [ highsky@123 ]

Re-enter new password: Re-enter password  [ highsky@123 ]

Password updated successfully!
Reloading privilege tables.
… Success!
By default, a MariaDB installation has an anonymous user, allowing anyone
to log into MariaDB without having to have a user account created for
them. This is intended only for testing, and to make the installation
go a bit smoother. You should remove them before moving into a
production environment.

Remove anonymous users? [Y/n]        [ Press ” y ” Enter ] 
.. Success!

Normally, root should only be allowed to connect from ‘localhost’. This
ensures that someone cannot guess at the root password from the network.

Disallow root login remotely? [Y/n]   [ Press ” y ” Enter ]
… Success!

By default, MariaDB comes with a database named ‘test’ that anyone can
access. This is also intended only for testing, and should be removed
before moving into a production environment.

Remove test database and access to it? [Y/n]  [ Press ” y ” Enter ]
– Dropping test database…
… Success!
– Removing privileges on test database…
… Success!

Reloading the privilege tables will ensure that all changes made so far
will take effect immediately.

Reload privilege tables now? [Y/n]   [ press ” y ” Enter ] 
… Success!

Cleaning up…

All done! If you’ve completed all of the above steps, your MariaDB
installation should now be secure

Successful Secure installation

4 Create MariaDB Database 

( 1 )  Log in now back to the MariaDB server and authenticate with the password you configured.

[root@server ~]# mysql -u root -p

Enter password:  Enter your root password

( 2 ) Create a test database. Here, we are going to name it highsky_db

MariaDB [(none)]> CREATE DATABASE redhat_db;

Query OK, 1 row affected (0.001 sec)

( 3 ) Check the database

MariaDB [(none)]> SHOW DATABASES;

 

( 4 )  Exit the MariaDB shell:

exit

( 5 ) Start MariaDB and make it active:
Start the service and make it such that MariaDB starts automatically when the system boots after installing it.

[root@server ~]# systemctl restart mariadb.service

5  Run the below command to complete installing PHP on your system.

( 1 ) Install PHP

[root@server ~]# yum install php

[root@server ~]# yum install php-mysqlnd.x86_64

6 Installing and downloading WordPress:

( 1 ) Access the Apache web root directory by changing:

[root@server ~]# cd /var/www/html/

( 2 ) Installing WordPress’ most recent version:

[root@server html]# wget https://wordpress.org/latest.zip

( 3 ) Check the  file

[root@server html]# ls

( 4 ) unzip the WordPress files:

[root@server html]# unzip latest.zip

( 5 ) Check the  file

[root@server html]# ls

 

( 6 ) Copy this  file /var/www/html/

[root@server html]# cp -r wordpress/* /var/www/html/

( 7 ) Restart the Apache service and Boot time lode

[root@server html]# systemctl restart httpd

[root@server html]# systemctl enable httpd

( 8 ) Firewall add Apache service

root@server html]# firewall-cmd --permanent --add-service=http

( 9 ) Firewall Reload

[root@server html]# firewall-cmd –reload

( 10 ) your IP address copy

[root@server html]# ifconfig

ens160: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.66.128 netmask 255.255.255.0 broadcast 192.168.66.255
inet6 fe80::3325:3f19:e2c4:6a01 prefixlen 64 scopeid 0x20<link>
ether 00:0c:29:1f:38:1c txqueuelen 1000 (Ethernet)
RX packets 19211 bytes 26321860 (25.1 MiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 4360 bytes 312961 (305.6 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

my IP 192.168.66.128

7 Access WordPress:

Open a web browser and type the IP address or domain name of your server. The WordPress installation page ought to appear. To finish the installation, adhere to the on-screen directions.

And click the Let ‘s go’

 

Click Submit 

And go to Terminal to create a file /var/www/html/wp-config.php

[root@server html]# vim wp-config.php

Copy the full path And paste /var/www/html/wp-config.php

 

Click the Run the installation

your Email id file then Click install WordPress

Click Log in

Successful WordPress installation