Daily AWScrap
nk_workRolling deploy:Deploy on old instance
Rolling deploy with batch:Add instance and deploy in batches.
nk_workAssumeRole:temporary credential for cross acount from another person
Hands-on
getsessiontoken:temporary credential for yourself with session basic
nk_workelasticcache redis:
🙆replication
single thread
🙆persistant
elasticcache memcached:
multi thread
in memory
nk_workWhy do not DynamoDB use eventbridge?
It have DynamoDBStream that is more suitable for DynamoDB than Eventbridge.
nk_workViewer protocolpolicy
You can select HTTPS only or HTTP to HTTPS when you need to connect secure.
nk_worklambdaにはモニタリングタブがあってそこでcloudwatchやx-rayが確認可能
nk_workCreate IAM user & role for attaching suitable policy.
nk_work##Making user and usein Identity center(ex:SSO) is best practice on AWS.
#Identity center OR IAM user
Identity center will be selected for person having multiple account.
For my practice,I use IAM user.
Auto password and attach policy on group.
S3FullAccess,lambdaFull,GlueConsoleFull....
nk_workcost exploerer:ce
nk_work
How much is dataexchange?
nk_work
Cloudwatch to S3...
Eventbridgeschedule?
nk_workS3 to cloudwach to S3
Available S3 access log
Another S3 should be attached policy.
nk_workS3 to Glue to Loadin Redshift
schema on resdhift query editor
nk_workDynamodb's Global table require other region setting and dynamodb stream...
nk_workMaking VPC route table
pl-xxxxxxx のように指定し、ターゲット (Target) にエンドポイント
via gateway
nk_workdatafilter:Row of Law
nk_workVisualization of Glue:workflows of datapipeline
nk_workcloud watch ce traio 2 s3 with lifecycle...
nk_workMaking cloudwatch log group.
Required policy to save
policy is attached above role and resource is attached selfarn.
nk_worklog policy requires
"Action": "s3:GetBucketAcl",
"Action": "s3:PutObject",
Cost & Usage Reports
データエクスポート=CUR
daily hour...