DEV Community: usamanisarkhan

What happens in Vegas, stays in Vegas- But not for AWS

usamanisarkhan — Tue, 05 Dec 2023 18:54:03 +0000

So here is the quickest update of announcements at the Re-invent 23 event.

1. Amazon Q
Amazon Q is a new type of generative AI assistant specifically for work. It can be tailored to your business and is with security and privacy in mind.

2. Expanded choice of models in Amazon Bedrock
With Amazon Bedrock, customers can drive rapid innovation with the latest versions of foundation models. Customers have even more choice of models to build and scale generative AI applications. This includes additions from Anthropic, Cohere, Meta, and Stability AI, as well as new models in the Amazon Titan family.

3. 5 new Amazon SageMaker capabilities
Amazon SageMaker is a fully managed service that brings together a broad set of tools to enable high-performance, low-cost machine learning for any use case. Five new capabilities will make it even easier for customers to build, train, and deploy models for generative AI.

4. AWS serverless innovations
Three new AWS serverless innovations for Amazon Aurora, Amazon Redshift, and Amazon ElastiCache build on the work AWS has been doing ever since the first service, Amazon S3: Amazon Simple Storage Service, was launched. The new offerings are aimed to help customers analyze and manage data at any scale, while dramatically simplifying their operations

5. Amazon S3 Express One Zone
Amazon S3 is one of the most popular cloud object storage services, holding more than 350 trillion “objects,” or pieces of data, and averaging more than 100 million requests for data a second. Amazon S3 Express One Zone is a new purpose-built storage class for running applications that require extremely fast data access, to achieve the highest possible efficiency.

Amazon Q - A Perfect ITSM

usamanisarkhan — Wed, 29 Nov 2023 10:06:18 +0000

AWS launched a new service named as Amazon Q. It can be tailored to your business by connecting it to company data, information and systems made simple with more than 40 built-in connectors. You can make Amazon Q an expert in your organization's knowledge and experience by pointing it at your internal data repositories, as well as connect to more than 40 enterprise systems—including Amazon Simple Storage Service (Amazon S3), Salesforce, Google Drive, Microsoft 365, ServiceNow, Gmail, Slack, Atlassian, and Zendesk—to help people across your organization easily get the answers they need, make faster decisions, synthesize new information and lift out of the drag of repetitive tasks.
find out more here https://youtube.com/watch?v=bZsIPinetV4

Amazon Rekognition - IS too Good

usamanisarkhan — Sat, 25 Nov 2023 22:43:22 +0000

I am glad to see the confidence intervals in #AmazonRekognition. Its a powerful #AI service from #AWS that has a pretty good, trained model. Its really helpful in building an innovative application that harnesses the capabilities for image and video analysis.
As we continue to explore the vast landscape of AI and AWS, I'm eager to see the positive impact this technology can bring to businesses and society.
Let's drive innovation together!

A guide to Basic AWS provisioning through IAC using Terraform

usamanisarkhan — Fri, 24 Nov 2023 19:37:10 +0000

This is the simplest tutorial of IAC using terraform provision following resource
a. An EC2 Instance
b. S3 Bucket
c. VPC.
d. Covering security groups and subnets.
Pre Requisites
AWS account
Terraform downloaded in local PC.
Step1.
Using IAM AWS console create your keys

In PowerShell execute the command :

aws configure

This will now require 4 entries two of which are regarding access and other two are standard until changed.

Open up VSCode and make four files

main.tf: Terraform configuration file.
variables.tf: Define variables for your project.
outputs.tf: Define output variables for your project.
provider.tf: Store name of region The Code to be pasted in Main.tf is below and for further clarity it is commented.


# Create a custom VPC
resource "aws_vpc" "set14-vpc" {
  cidr_block       = "10.0.0.0/16"
  instance_tenancy = "default"

  tags = {
    Name = "set14-vpc"
  }
}

#Create a public subnet
resource "aws_subnet" "set14-public-subnet" {
  vpc_id = aws_vpc.set14-vpc.id
  cidr_block = "10.0.1.0/24"
  availability_zone = "us-east-1a"

  tags = {
    Name = "set14-public-subnet"
  }
}
#creating an IGW
resource "aws_internet_gateway" "set14-igw" {
  vpc_id = aws_vpc.set14-vpc.id

  tags = {
    Name = "main"
  }
}

resource "aws_s3_bucket" "set-14-s3-backend" {
  bucket = var.bucket_name

  tags = {
    Name        = "set-14-s3-backend"
    Environment = "Dev"
  }
}

resource "aws_s3_bucket_acl" "set14-acl" {
  bucket = aws_s3_bucket.set-14-s3-backend.id
  acl = "public-read"
}

#security gp
resource "aws_security_group" "set14-sg" {
  name        = "allow_tls"
  description = "Allow TLS inbound traffic"
  vpc_id      = aws_vpc.set14-vpc.id

  ingress {
    description      = "TLS from VPC"
    from_port        = var.port_ssh
    to_port          = var.port_ssh
    protocol         = "tcp"
    cidr_blocks      = ["0.0.0.0/0"]

  }
  ingress {
    description      = "TLS from VPC"
    from_port        = 0
    to_port          = 0
    protocol         = "-1"
    cidr_blocks      = ["0.0.0.0/0"]

  }

  egress {
    from_port        = 0
    to_port          = 0
    protocol         = "-1"
    cidr_blocks      = ["0.0.0.0/0"]

  }

  tags = {
    Name = "allow_tls"
  }
}
#creating ec2 Instance
resource "aws_instance" "set14-ec2" {
  ami           = "ami-05a5f6298acdb05b6"
  instance_type = "t2.micro"
  subnet_id = aws_subnet.set14-public-subnet.id
  vpc_security_group_ids = [aws_security_group.set14-sg.id]

user_data = <<-EOF
#!bin/bash
sudo yum update -y
sudo yum install httpd -y
sudo systemctl start httpd
EOF

  tags = {
    Name = "HelloWorld"
    Owner = "Kenny"

  }

}

The Code to be pasted in variable.tf is below and for further clarity it is commented.

variable "bucket_name"{
    default = "set-14-s3-backend"
}

variable "port_ssh"{
    default = 22
}

The Code to be pasted in output.tf is below

output "Kenny-ip-address" {
    value = aws_instance.set14-ec2.public_ip
}
output "Kenny-vpc-id" {
    value = aws_vpc.set14-vpc.id
}

The Code to be pasted in provide.tf is below

# Configure the AWS Provider
provider "aws" {
  region = "us-east-1"
}

In VSC using terminal execute :
terraform init

In VSC using terminal execute :
terraform plan

In VSC using terminal execute :
terraform apply

If you open up the Amazon Console, you will be able to see the resource provisioned.
In order to destroy all resources and get back to initial stage .
In VSC using terminal execute :
terraform destroy

I hope you liked this tutorial !. Let me know in the comments

Are you feeling Hungry ? How about a free food App

usamanisarkhan — Wed, 22 Nov 2023 00:08:27 +0000

With PartyRock, you can share apps and content you create with a single click. Publish your app for others to find with shareable links. Discover, play, and remix apps to make them your own. You can even create a snapshot link of the content your app generates to quickly share your results with your community. PartyRock is most fun with friends.
Check out this food app i made in 3 minutes https://partyrock.aws/u/Usama/cL2O2jrFn/Community-Helper%3A-Get-Me-Food-for-Free

Building end-to-end AWS DevSecOps CI/CD pipeline (Part 1- Continuous Delivery)

usamanisarkhan — Sat, 18 Nov 2023 23:51:10 +0000

This series of Articles will cover setting up of end to end AWS DevSecOps CI/CD Pipelines. We will start from an easier and faster side in a very basic component and will then setup the complete pipeline.
DESIRED PRODUCT AT THE END OF THIS SERIES

This can be a very good starting point for someone who starting a career as a DevOps Engineer and also showcasing on Github profile.
So Lets kick in the first Step. The tutorials of CD pipeline are available on AWS student hub but i have made this more easier.
DESIRED PRODUCT AT THE END OF THIS PART

Pre Requisites
Will to learn.
You must have an AWS account (free tier is sufficient)
Must have a Github account.
Downloaded Git and Visual Studio Code on your local machine.
Time.
Step 1 : Create an IAM Role
Sign in to the AWS Management Console and open the IAM console at https://console.aws.amazon.com/iam/.
In the IAM console, in the navigation pane, choose Policies, and then choose Create policy.
On the Specify permissions page, choose JSON.
Remove the example JSON code.
Paste the following code: { "Version": "2012-10-17", "Statement": [ { "Action": [ "s3:Get*", "s3:List*" ], "Effect": "Allow", "Resource": "*" } ]}
Choose Next.
On the Review and create page, in the Policy name box, type CodeDeployDemo-EC2-Permissions.
(Optional) For Description, type a description for the policy.
Choose Create policy.
In the navigation pane, choose Roles, and then choose Create role.
Under Use case, choose the EC2 use case.
Choose Next.
In the list of policies, select the check box next to the policy you just created (CodeDeployDemo-EC2-Permissions). If necessary, use the search box to find the policy.
To use Systems Manager to install or configure the CodeDeploy agent, select the check box next to AmazonSSMManagedInstanceCore. This AWS managed policy enables an instance to use Systems Manager service core functionality. If necessary, use the search box to find the policy.
Choose Next.
On the Name, review, and create page, in Role name, enter a name for the service role (for example, CodeDeployDemo-EC2-Instance-Profile), and then choose Create role.
You've now created an IAM instance profile to attach to your Amazon EC2 instances.

Configure Elastic Beanstalk

In a new browser tab, open the AWS Elastic Beanstalk console.
Choose the orange Create Application button.
Choose Web server environment under the Configure environment heading.
In the text box under the heading Application name, enter DevOpsGettingStarted.
In the Platform dropdown menu, under the Platform heading, select Node.js . Platform branch and Platform version will automatically populate with default selections.
Confirm that the radio button next to Sample application under the Application code heading is selected.
Confirm that the radio button next to Single instance (free tier eligible) under the Presets heading is selected.
Select Next.
On the Configure service access screen, choose Use an existing service role for Service Role.
For EC2 instance profile dropdown list, the values displayed in this dropdown list may vary, depending on whether you account has previously created a new environment.
Now that you've created an IAM Role, and refreshed the list, it displays as a choice in the dropdown list. Select the IAM Role you just created from the EC2 instance profile dropdown list.
Choose Skip to Review on the Configure service access page.
The Review page displays a summary of all your choices.
Choose Submit at the bottom of the page to initialize the creation of your new environment.
While waiting for deployment, you should see:
A screen that will display status messages for your environment.
After a few minutes have passed, you will see a green banner with a checkmark at the top of the environment screen.
Once you see the banner, you have successfully created an AWS Elastic Beanstalk application and deployed it to an environment.

Connect Git

In a new browser tab, navigate to GitHub and make sure you are logged into your account.
In that same tab, open the aws-elastic-beanstalk-express-js-sample repo.
Choose the white Fork button on the top right corner of the screen. Next, you will see a small window asking you where you would like to fork the repo.
Verify it is showing your account and choose Create a fork. After a few seconds, your browser will display a copy of the repo in your account under Repositories.
Go to the repository and choose the green Code button near the top of the page.
To clone the repository using HTTPS, confirm that the heading says Clone with HTTPS. If not, select the Use HTTPS link.
Choose the white button with a clipboard icon on it (to the right of the URL)
If you're on a Mac or Linux computer, open your terminal. If you're on Windows, launch Git Bash.5. In the terminal or Bash platform, whichever you are using, enter the following command and paste the URL you just copied in Step 2 when you clicked the clipboard icon. Be sure to change "YOUR-USERNAME" to your GitHub username. You should see a message in your terminal that starts with Cloning into. This command creates a new folder that has a copy of the files from the GitHub repo.git clone https://github.com/YOUR-USERNAME/aws-elastic-beanstalk-express-js-sample
In the new folder there is a file named app.js. Open app.js in your favorite code editor.
Change the message in line 5 to say something other than "Hello World!" and save the file.
Go to the folder created with the name aws-elastic-beanstalk-express-js-sample/ and Commit the change with the following commands:git add app.jsgit commit -m "change message"
Push the local changes to the remote repo hosted on GitHub with the following command. Note that you need to configure Personal access tokens (classic) under Developer Settings in GitHub for remote authentication.git push

Configure Code Build

In a new browser tab, open the AWS CodeBuild console.
Choose the orange Create project button.
In the Project name field, enter Build-DevOpsGettingStarted.
Select GitHub from the Source provider dropdown menu.
Confirm that the Connect using OAuth radio button is selected.
Choose the white Connect to GitHub button. A new browser tab will open asking you to give AWS CodeBuild access to your GitHub repo.
Choose the green Authorize aws-codesuite button.
Enter your GitHub password.
Choose the orange Confirm button.
Select Repository in my GitHub account.
Enter aws-elastic-beanstalk-express-js-sample in the search field.
Confirm that Managed Image is selected.
Select Amazon Linux 2 from the Operating system dropdown menu.
Select Standard from the Runtime(s) dropdown menu.
Select aws/codebuild/amazonlinux2-x86_64-standard:3.0 from the Image dropdown menu.
Confirm that Always use the latest image for this runtime version is selected for Image version.
Confirm that Linux is selected for Environment type.
Confirm that New service role is selected.
Select Insert build commands.
Choose Switch to editor.
Replace the Buildspec in the editor with the code below
:version: 0.2phases: build: commands: - npm i --saveartifacts: files: - '*/'
Choose the orange Create build project button. You should now see a dashboard for your project.

Creating a New Pipeline

In a browser window, open the AWS CodePipeline console.
Choose the orange Create pipeline button. A new screen will open up so you can set up the pipeline.
In the Pipeline name field, enter Pipeline-DevOpsGettingStarted.
Confirm that New service role is selected.
Choose the orange Next button.
Select GitHub version 1 from the Source provider dropdown menu.
Choose the white Connect to GitHub button. A new browser tab will open asking you to give AWS CodePipeline access to your GitHub repo.
Choose the green Authorize aws-codesuite button. Next, you will see a green box with the message You have successfully configured the action with the provider.
From the Repository dropdown, select the repo you created in Connect Git step.
Select main from the branch dropdown menu.
Confirm that GitHub webhooks is selected.
Choose the orange Next button.
From the Build provider dropdown menu, select AWS CodeBuild. Select Build-DevOpsGettingStarted under Project name.Choose the orange Next button.
Configure the deploy stage
Select AWS Elastic Beanstalk from the Deploy provider dropdown menu.
Select the field under Application name and confirm you can see the app DevOpsGettingStarted created in Step Above.
Select DevOpsGettingStarted-env from the Environment name textbox.
Choose the orange Next button. You will now see a page where you can review the pipeline configuration.
Choose the orange Create pipeline button
Open the AWS CodePipeline console.
You should see the pipeline we created, which was called Pipeline-DevOpsGettingStarted. Select this pipeline.
Choose the white Edit button near the top of the page.
Choose the white Add stage button between the Build and Deploy stages.
In the Stage name field, enter Review.
Choose the orange Add stage button.
In the Review stage, choose the white Add action group button.
Under Action name, enter Manual_Review.
From the Action provider dropdown, select Manual approval.
Confirm that the optional fields have been left blank.
Choose the orange Done button.
Choose the orange Save button at the top of the page.
Choose the orange Save button to confirm the changes. You will now see your pipeline with four stages: Source, Build, Review, and Deploy.
In your favorite code editor, open the app.js file from Connect Git.
Change the message in Line 5.
Save the file.
Open your preferred Git client.
Navigate to the folder created in Connect Git.
Commit the change and push with the following commands:git add app.jsgit commit -m "Full pipeline test"git push
Navigate to the AWS CodePipeline console.
Select the pipeline named Pipeline-DevOpsGettingStarted. You should see the Source and Build stages switch from blue to green.
When the Review stage switches to blue, choose the white Review button.
Write an approval comment in the Comments textbox.
Choose the orange Approve button.
Wait for the Review and Deploy stages to switch to green.
Select the AWS Elastic Beanstalk link in the Deploy stage. A new tab listing your Elastic Beanstalk environments will open.
Select the URL in the Devopsgettingstarted-env row. You should see a webpage with a white background and the text you had in your most recent GitHub commit.
Congratulations! You have a fully functional continuous delivery pipeline hosted on AWS.

Secure your S3 Buckets

usamanisarkhan — Thu, 09 Nov 2023 21:11:56 +0000

Protection of data on Cloud remains of paramount importance. With the ever changing environment, the basic building blocks of Cloud infrastructure must be safeguarded right from the start. Here are 3 simple steps for Cloud Engineers and Managers to ensure the security of S3 Buckets. #CloudSecurity #S3Buckets #Cybersecurity #AWS #awsacademy #awscloud

STEP 1 :
SELECT “BLOCK ALL PUBLIC ACCESS” OPTION

STEP 2:
SELECT “DISABLE ACLs” OPTION IN OBJECT OWNERSHP

STEP 3:
SELECT “ENABLE VERSIONING” OPTION

AWS Cloud Institute

usamanisarkhan — Tue, 07 Nov 2023 04:20:20 +0000

The virtual cloud-skills training program that will help you launch your career as a cloud developer in as little as one year - regardless of your technical background. Come build the in-demand skills that put YOU in demand. This is going to be a game changer for all the learners. (Available in USA only)