{"id":16179302,"url":"https://github.com/jonashackt/aws-cheatsheet","last_synced_at":"2025-04-07T11:43:38.517Z","repository":{"id":147269250,"uuid":"164673860","full_name":"jonashackt/aws-cheatsheet","owner":"jonashackt","description":"If your brain starts to explode while thinking about the whole lot of AWS tools, here's some help","archived":false,"fork":false,"pushed_at":"2019-02-25T12:17:12.000Z","size":401,"stargazers_count":5,"open_issues_count":0,"forks_count":2,"subscribers_count":3,"default_branch":"master","last_synced_at":"2025-02-13T14:24:29.061Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":null,"has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/jonashackt.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2019-01-08T15:07:48.000Z","updated_at":"2024-02-04T16:57:10.000Z","dependencies_parsed_at":null,"dependency_job_id":"d0d5b15f-0497-4e7a-9c75-aeb221475860","html_url":"https://github.com/jonashackt/aws-cheatsheet","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jonashackt%2Faws-cheatsheet","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jonashackt%2Faws-cheatsheet/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jonashackt%2Faws-cheatsheet/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jonashackt%2Faws-cheatsheet/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/jonashackt","download_url":"https://codeload.github.com/jonashackt/aws-cheatsheet/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":247648923,"owners_count":20972942,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-10-10T05:26:42.539Z","updated_at":"2025-04-07T11:43:38.496Z","avatar_url":"https://github.com/jonashackt.png","language":null,"funding_links":[],"categories":[],"sub_categories":[],"readme":"# aws-cheatsheet\nIf your brain starts to explode while thinking about the whole lot of AWS tools, here's some help\n\nWe'll try to shed some light into all the tools by classifying them into some categories (like IaaS, hybrid IaaS/PaaS, PaaS \u0026 Configuration Management) and also trying to separate them from each other.\n\n![iaas-paas-saas-comparison](https://blogs.bmc.com/wp-content/uploads/2017/09/iaas-paas-saas-comparison-1024x759.jpg)\n\n\n## IaaS - Infrastructure-as-a-Service\n\n#### EC2\n\nJust \"usual\" VMs\n\n###### AMI - Amazon Machine Images\n\nEC2 instances use Amazon Machine Images (AMI) as there base images.\n\nThese images could be found inside the EC2 instance creation wizard:\n\n![ec2-ami-selector](screenshots/ec2-ami-selector.png)\n\nor with the help of the AWS CLI and the command `aws ec2 describe-images` ([see the docs](https://docs.aws.amazon.com/cli/latest/reference/ec2/describe-instances.html)).\n\nSpecific images - like Ubuntu 18.04 - could be found through the AWS Marketplace or specific AMI finder pages like the [ubuntu Amazon EC2 AMI Locator](https://cloud-images.ubuntu.com/locator/ec2/).\n\n###### AMI instance types\n\nThere are multiple AMI instance types (see https://aws.amazon.com/premiumsupport/knowledge-center/instance-store-vs-ebs/) - especially\n\n* __instance store__ : is directly attached and should be used for temporary data only, instance store volumes is not persistent through instance stops\n* __EBS__: In Amazon Elastic Block Store data will retain longer - EBS volumes preserve their data through instance stops and terminations, backup is easy with EBS snapshot \n\n\n#### Lightsail (EC2 light)\n\nVPS (Virtual Private Server) like DigitalOcean / 1\u00261 (see https://www.heise.de/select/ix/2017/5/1492861894740647)\n\nSubset of EC2, much simpler (512 MiB Lightsail Instance == t2.nano EC2, see https://stackoverflow.com/a/40932906/4964553)\n\n#### S3 \n\nDatabases\n\n\n\n## Hybrid IaaS/PaaS\n\n#### Elastic Container Service (ECS)\n\nBased on Docker-Containers - could be a good choice for mature projects \u0026 mid-term\n\nLike Beanstalk, but with much more control for scaling, size/number of nodes (see https://stackoverflow.com/a/29586384/4964553), auto-scaling etc.\n\nCould use __EC2 Container Registry (ECR)__ / AWS CLI\n\nCLI example:\n```bash\naws ecs describe-clusters\n```\n\n#### Elastic Container Service for Kubernetes (EKS)\n\nLike ECS, but Kubernetes based (https://docs.aws.amazon.com/eks/latest/userguide/what-is-eks.html)\n\nEKS manages the Kubernetes management infrastructure for you - distributed to different AWS availability zones (https://www.heise.de/developer/meldung/Amazon-EKS-Elastic-Container-Service-fuer-Kubernetes-jetzt-verfuegbar-4069657.html)\n\nCloudWatch and CloudTrail for logging/monitoring AWS workloads\n\n\u003e Amazon EKS passed the Cloud Native Computing Foundation conformance test to become a certified hosted platform, which means that all the plugins and extensions that work with upstream Kubernetes will work as is in EKS (https://thenewstack.io/how-amazon-eks-brings-best-of-kubernetes-and-amazon-web-services/)\n\n\n\n## PaaS - Platform-as-a-Service\n\n#### Elastic Beanstalk\n\nPaaS! More for project kickoffs\n\nAWS Elastic Beanstalk == [Pivotal CloudFoundry](https://pivotal.io/de/platform) == [Red Hat OpenShift Container Platform](https://www.openshift.com/products/container-platform/)\n(see https://www.dev-insider.de/grundlagen-und-zweck-von-aws-elastic-beanstalk-a-654399/)\n\nBlue prints for usual apps\n\nbased on EC2, Route53 etc.\n--\u003e but compared to CloudFoundry et.al. you can access EC2 instances beneath via SSH\n\n\u003e manages all details of capacity provisioning, loadbalancing, autoscaling and monitoring\n\nGUI, CLI, IDE plugins\n\nCould use __EC2 Container Registry (ECR)__ / AWS CLI\n\nDockerrun.aws.json:\n```json\n{\n  \"AWSEBDockerrunVersion\": \"1\",\n  \"Image\": {\n    \"Name\": \"janedoe/image\",\n    \"Update\": \"true\"\n  },\n  \"Ports\": [\n    {\n      \"ContainerPort\": \"1234\"\n    }\n  ],\n  \"Volumes\": [\n    {\n      \"HostDirectory\": \"/var/app/mydb\",\n      \"ContainerDirectory\": \"/etc/mysql\"\n    }\n  ],\n  \"Logging\": \"/var/log/nginx\"\n}\n```\n\nCLI example\n```bash\neb run\n```\n\n\n### Fargate / ECS Fargate\n\nPaaS for Containers\n\nManaged Service, NO server access + NO responsibility for updating, patching etc., intended not for 24/7 running services \n\nremoves any need of Docker host management (https://www.reddit.com/r/aws/comments/7mjs6x/elastic_beanstalk_vs_ecs_fargate/)\n\nrelatively expensive compared to ECS (with Fargate is .25 vCPU and 512 MB memory. The 30 day price for 1 container would be $13.68. A t2.micro offers 1 vCPU and 1GB of ram for $8.35.)\n\n\n\n### Docker Datacenter / Docker Cloud\n\nPart of Docker EE\n\nonpremise download \"Docker Universal Control Plane (UCP)\"\n\nIn the Cloud use cloud.docker.com\n\nConnect all Nodes running Docker, Cloud or on-Premise in one Browser-Dashboard (also AWS resources)\n\n\n\n## DevOps / Configuration Management Tools\n\n#### Cloudformation\n\n\n#### Ansible \u0026 AWS\n\n\u003e Ansible can be used to define, deploy, and manage a wide variety of AWS services (see https://www.ansible.com/integrations/cloud/amazon-web-services)\n\nOut of the box, Ansible has nearly 100 modules supporting AWS capabilities, including:\n\nAMI Management\nAutoscaling Groups\nCloudFormation\nCloudTrail\nCloudWatch\nDynamoDB\nElastiCache\nElastic Block Store (EBS)\nElastic Cloud Compute (EC2)\nElastic IPs (EIP)\nElastic Load Balancers (ELB)\nIdentity Access Manager (IAM)\nKinesis\nLambda\nRelational Database Service\nRoute53\nSecurity Groups\nSecurity Token Service\nSimple Storage Service (S3)\nVirtual Private Cloud (VPC)\n\n\nAnsible AWS Guide: https://docs.ansible.com/ansible/latest/scenario_guides/guide_aws.html\n\n\u003e Ansible modules provide an easier to use interface than CloudFormation in many examples, without defining a complex JSON document. This is recommended for most users.\n\nexample\n```yaml\n# demo_setup.yml\n\n- hosts: localhost\n  connection: local\n  gather_facts: False\n\n  tasks:\n\n    - name: Provision a set of instances\n      ec2:\n         key_name: my_key\n         aws_access_key: \"{{ec2_access_key}}\"\n  \t\t aws_secret_key: \"{{ec2_secret_key}}\"\n         group: test\n         instance_type: t2.micro\n         image: \"{{ ami_id }}\"\n         wait: true\n         exact_count: 5\n         count_tag:\n            Name: Demo\n         instance_tags:\n            Name: Demo\n      register: ec2\n```\n\n#### OpsWorks / Chef\n\nAWS managed configuration management service, based on Chef (https://www.dev-insider.de/aws-opsworks-stacks-und-opsworks-for-chef-automate-a-663363/)\n\n2 varieties (https://www.dev-insider.de/aws-opsworks-stacks-und-opsworks-for-chef-automate-a-663363/):\n\n1. AWS OpsWorks for Chef Automate (costs (Enterprise Chef), as like AWS OpsWorks Puppet Enterprise (see https://www.dev-insider.de/chef-server-fuers-konfigurationsmanagement-aufsetzen-a-775500/))\n2. AWS OpsWorks Stacks\n\n\n#### Bootstrapping via CloudInit\n\n#### AWS Codepipeline\n\nalternative to Jenkins / GitLab (see https://aws.amazon.com/codepipeline/) - but bound to AWS\n\nhttps://medium.com/@xoor/using-aws-codepipeline-to-automate-deployments-to-elasticbeanstalk-e80ca988ef70\n\n\n\n\n## Basis-KnowHow\n\n###### Build-Time vs. Boot-Time\n\nAMI baseconfig --\u003e bootstrapping / boot up maybe needs a lot of time (Patches usw.) --\u003e user defined AMIs could be a good way\n\nVPCs, Security-Groups, Network-ACLs, Router, LBs ...\n\n\n# Certification\n\nhttps://aws.amazon.com/certification/certified-solutions-architect-associate/\n\n\n# Links\n\nhttps://hackernoon.com/too-many-choices-how-to-pick-the-right-tool-to-manage-your-docker-clusters-b5b3061b84b7\n\nhttps://dev.to/totalcloudio/ecs-vs-eks-vs-fargate-the-good-the-bad-the-ugly-58he\n\nhttps://grahamlyons.com/article/everything-you-need-to-know-about-networking-on-aws\n\nhttps://aws.amazon.com/solutions/ (AWS Solutions are technical reference implementations built and vetted by AWS Architects and AWS Partners, designed to help customers solve the common problems faced by their peers around the world. AWS Solutions are built to be operationally effective, performant, reliable, secure, cost effective, and be Well-Architected.)\n\nhttps://itnext.io/the-cloud-skills-shortage-and-the-unemployed-army-of-the-certified-bd405784cef1?gi=b4d1e67021ff\n\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fjonashackt%2Faws-cheatsheet","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fjonashackt%2Faws-cheatsheet","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fjonashackt%2Faws-cheatsheet/lists"}