Daily AWScrap
Rolling deploy:Deploy on old instance
Rolling deploy with batch:Add instance and deploy in batches.
AssumeRole:temporary credential for cross acount from another person
Hands-on
getsessiontoken:temporary credential for yourself with session basic
elasticcache redis:
🙆replication
single thread
🙆persistant
elasticcache memcached:
multi thread
in memory
Why do not DynamoDB use eventbridge?
It have DynamoDBStream that is more suitable for DynamoDB than Eventbridge.
Viewer protocolpolicy
You can select HTTPS only or HTTP to HTTPS when you need to connect secure.
lambdaにはモニタリングタブがあってそこでcloudwatchやx-rayが確認可能
Create IAM user & role for attaching suitable policy.
##Making user and usein Identity center(ex:SSO) is best practice on AWS.
#Identity center OR IAM user
Identity center will be selected for person having multiple account.
For my practice,I use IAM user.
Auto password and attach policy on group.
S3FullAccess,lambdaFull,GlueConsoleFull....
cost exploerer:ce
How much is dataexchange?
Cloudwatch to S3...
Eventbridgeschedule?
S3 to cloudwach to S3
Available S3 access log
Another S3 should be attached policy.
S3 to Glue to Loadin Redshift
schema on resdhift query editor
Dynamodb's Global table require other region setting and dynamodb stream...
Making VPC route table
pl-xxxxxxx のように指定し、ターゲット (Target) にエンドポイント
via gateway
datafilter:Row of Law
Visualization of Glue:workflows of datapipeline
cloud watch ce traio 2 s3 with lifecycle...
Making cloudwatch log group.
Required policy to save
policy is attached above role and resource is attached selfarn.
log policy requires
"Action": "s3:GetBucketAcl",
"Action": "s3:PutObject",
Cost & Usage Reports
データエクスポート=CUR
daily hour...