How to create a new user to EC2 Instance in AWS?

Step 1: Login to SSH
Login to Ec2 instance using public DNS (like ec2-54-173-191-129.compute-1.amazonaws.com)
For example:

ssh -i "arunkg.pem" ec2-user@ec2-54-173-191-129.compute-1.amazonaws.com

Step 2: Use the following adduser command to add the newuser account to the system (with an entry in the /etc/passwd file).

sudo adduser newuser

Step 3:Switch to the new account so that newly created files have the proper ownership.

sudo su - newuser

Step 4 Create a folder and set the permission

mkdir .ssh
chmod 700 .ssh
cd .ssh

Step 5: Create a file named authorized_keys in the .ssh directory and change its file permissions to 600 (only the owner can read or write to the file).

touch authorized_keys
chmod 600 authorized_keys

Step 6: Open the authorized_keys and write public key in this.

vi authorized_keys

Paste the public key for your key pair into the file and save the changes.
For example:

ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQClKsfkNkuSevGj3eYhCe53pcjqP3maAhDFcvBS7O6V
hz2ItxCih+PnDSUaw+WNQn/mZphTk/a/gU8jEzoOWbkM4yxyb/wB96xbiFveSFJuOp/d6RJhJOI0iBXr
lsLnBItntckiJ7FbtxJMXLvvwJryDUilBMTjYtwB+QhYXUMOzce5Pjz5/i8SeJtjnV3iAoG/cQk+0FzZ
qaeJAAHco+CY/5WrUBkrHmFJr6HcXkvJdWPkYQS3xqC0+FmUZofz221CBt5IMucxXPkX4rWi+z7wB3Rb
BQoQzd8v7yeb7OzlPnWOyN0qFU0XA246RA8QFYiCNYwI3f05p6KLxEXAMPLE

Question: How to remove a user?

sudo userdel -r newuser

How to install the Apache web server with PHP in EC2

Step 1: Login to SSH
Login to Ec2 instance using public DNS (like ec2-54-173-191-129.compute-1.amazonaws.com)
For example:

ssh -i "arunkg.pem" ec2-user@ec2-54-173-191-129.compute-1.amazonaws.com

In Window, you can use download putty and then login.
PuTTY does not support the private key format (.pem) generated by Amazon EC2. PuTTY has a tool named PuTTYgen, which can convert keys to the required PuTTY format (.ppk). You must convert your private key into this format (.ppk) before attempting to connect to your instance using PuTTY. (Note: You need to convert )


Step 2: Login as root usr

sudo su

Step 3: Update the server

yum update -y

Step 4: Install Apache, PHP and MySQL

yum install httpd php php-mysql stress -y

Step 5: Write something in index.php

cd /var/www/html //go to html folder
vi index.php //Write someting in index.php

Step 6: Start the service

service httpd start

AWS Tutorial Terminology page 6

Question: What is Amazon Route 53?
Amazon Route 53 is a highly available and scalable cloud Domain Name System (DNS) web service.


Question: What are main functions of Route 53?

1. Register domain names: Your website needs a name, such as example.com. Route 53 lets you register a name for your website.
2. Route internet traffic to the resources: Connect the domain with website source code.
3. Check the health of your resources: Route 53 sends automated requests over the internet to a resource, such as a web server, to verify that it's available .

Question: Elaborate the Working of Route 53?
;
See details


Question: What is Network ACLs?
A network access control list (ACL) is an optional layer of security for your VPC that acts as a firewall for controlling traffic in and out.


Question: What are basics of Network ACLs?

1. Your VPC automatically comes with a modifiable default network ACL. By default, it allows all inbound and outbound IPv4 traffic and, if applicable, IPv6 traffic.
2. You can create a custom network ACL and associate it with a subnet. By default, each custom network ACL denies all inbound and outbound traffic until you add rules.
3. Each subnet in your VPC must be associated with a network ACL. If you don't explicitly associate a subnet with a network ACL, the subnet is automatically associated with the default network ACL
4. You can associate a network ACL with multiple subnets
5. A network ACL has separate inbound and outbound rules, and each rule can either allow or deny traffic

Question: What is Amazon EC2 Security Groups?
A security group acts as a virtual firewall that controls the traffic for one or more instances.
When you launch an instance, you associate one or more security groups with the instance. You add rules to each security group that allow traffic to or from its associated instances.


Question: What are difference between security group and network ACL?

1. Network Access control lists are applicable at the subnet level, so any instance in the subnet with an associated NACL will follow rules of NACL. That's not the case with security groups, security groups has to be assigned explicitly to the instance.
2. By default your default vpc, will have a default Network Access Control List which would allow all traffic , both inbound and outbound.
3. NACLs are stateless unlike security groups. Security groups are statefull ,if you add an inbound rule say for port 80, it is automatically allowed out, meaning outbound rule for that particular port need not be explicitly added. But in NACLs you need to provide explicit inbound and outbound rules

Question: Name the several layers of Cloud Computing.?

1. PaaS: Platform as a Service
2. IaaS: Infrastructure as a Service
3. SaaS: Software as a Service

Question: What are the components involved in Amazon Web Services?
Amazon S3 : with this, one can retrieve the key information which are occupied in creating cloud structural design and amount of produced information also can be stored in this component that is the consequence of the key specified.
Amazon SimpleDB : helps in storing the transitional position log and the errands executed by the consumers.
Amazon SQS : this component acts as a mediator between different controllers. Also worn for cushioning requirements those are obtained by the manager of Amazon.
Amazon EC2 instance : helpful to run a large distributed system on the Hadoop cluster. Automatic parallelization and job scheduling can be achieved by this component.


Question: Name the various layers of the cloud architecture?

1. CC- Cluster Controller
2. SC- Storage Controller
3. CLC- Cloud Controller
4. Walrus
5. NC- Node Controller

AWS Tutorial Terminology page 5

Question: What is difference between stored volumes vs cached volumes?
Volume gateway provides an iSCSI target, which enables you to create volumes and mount them as iSCSI devices from your on-premises or EC2 application servers. The volume gateway runs in either a cached or stored mode.


In the cached mode, your primary data is written to S3, while retaining your frequently accessed data locally in a cache for low-latency access.

In the stored mode, your primary data is stored locally and your entire dataset is available for low-latency access while asynchronously backed up to AWS.


Question: What is VPC flow logs?
VPC Flow Logs is a feature that enables you to capture information about the IP traffic going to and from network interfaces in your VPC.


Question: Where VPC flow logs are stored?
Flow log data is stored using Amazon CloudWatch Logs.


Question: What does do VPC flow logs?
to troubleshoot why specific traffic is not reaching an instance, which in turn helps you diagnose overly restrictive security group rules.
You can also use flow logs as a security tool to monitor the traffic that is reaching your instance.


Question: What are five pillars of AWS Well-Architected?

1. Security
2. Reliability
3. Performance
4. Cost optimization
5. Performance Excellence

Question: What is Placement Group?
Placement Group is a logical grouping of instances within a single Availability Zone (AZ) that enables applications to participate in a low-latency, 10 Gbps network. You create a placement group first, and then you can launch instances in the placement group.

Question: What is CNAME record?
CNAME record is a type of DNS record that maps an alias name. CNAME records are typically used to map a subdomain such as www or mail to the domain hosting that subdomain's content.


Question: What is Alias record?
An ALIAS record is a virtual record that we create to provide CNAME-like behavior on apex domains.
For example, if your domain is example.com and you want it to point to a myapp.herokuapp.com, then you cannot use a CNAME record, but you can use an ALIAS record.


Question: What is difference between CNAME Records and Alias Records?
Route 53 charges for CNAME queries whereas does not charge for Alias Records.


Question: What is difference between aws Scale up vs scale out?
Scaling up: when you change the instance types within your Auto Scaling Group to a higher type (for example, changing an instance from a m4.large to a m4.xlarge), scaling down is to do the reverse.
Scaling out: is when you add more instances to your Auto Scaling Group and scaling in is when you reduce the number of instances in your Auto Scaling Group.


Question: What is Amazon Kinesis Data Streams?
Amazon Kinesis Data Streams enables you to build custom applications that process or analyze streaming data for specialized needs.


Question: What is AWS Direct Connect?
AWS Direct Connect makes it easy to establish a dedicated network connection from your premises to AWS.

AWS Machine Learning - Understanding

Question: What is AWS sagemaker?
Amazon SageMaker is a fully-managed platform that enables developers and data scientists to quickly and easily build, train, and deploy machine learning models at any scale.


Question: What is AWS Comprehend?
Amazon Comprehend allows us to analyze unstructured text within search, chat, and documents to understand intent and sentiment.

Question: What is AWS deeplens?
A machine learning technique that uses neural networks to learn and make predictions - through computer vision projects, tutorials, and real world, hands-on exploration with a physical device.


Question: What is AWS Lex?
Amazon Lex is an AWS service for building conversational interfaces for applications using voice and text. Now developer use Alexa with deeplens.


Question: What is AWS polly?
Amazon Polly is a cloud service that converts text into lifelike speech.


Question: What is AWS Rekognition?
Amazon Rekognition is an image analysis service available.


Question: What is AWS transcribe?
Amazon Transcribe is an automatic speech recognition (ASR) service that makes it easy for developers to add speech-to-text capability to their applications.


Question: What is AWS translate?
Amazon Translate translates documents from the following six languages into English, and from english into these languages:

1. Arabic
2. Simplified Chinese
3. French
4. German
5. Portuguese
6. Spanish