Week 2 Worklog

Week 2 Objectives:

  • Understand AWS Identity and Access Management (IAM)
  • Grant access to AWS services with an IAM role
  • Understand AWS Cloud9 and its features
  • Get started with AWS Cloud9
  • Hosting static website with Amazon S3
  • Master Amazon Relational Database Service (Amazon RDS)
  • Learn container technology with Amazon Lightsail Container
  • Deploy applications using Docker on Ubuntu
  • Implement Auto Scaling Groups for scalable applications
  • Configure Load Balancers for high availability
  • Understand how to monitoring with CloudWatch
  • Master AWS Command Line Interface (CLI) for infrastructure management
  • Understand Amazon DynamoDB NoSQL database service
  • Learn Amazon ElastiCache for Redis in-memory caching service
  • Learn Python SDK (Boto3) for AWS service automation
  • Master AWS Networking and VPC architecture fundamentals
  • Understand advanced networking concepts: Transit Gateway, VPN, Direct Connect
  • Learn Amazon CloudFront CDN for global content delivery
  • Master advanced CloudFront features: Lambda@Edge, Origin Groups, and monitoring

Tasks to be carried out this week:

Day Task Start Date Completion Date Reference Material
2 - Understand and implement IAM roles and policies
- Understand AWS Cloud9 can do and how to implement
- Explore Basic features in AWS Cloud 9
- Using AWS CLI for list EC2 instances in account
- Starting services with Amazon S3 Services
- Practice:
  + Create IAM user and access key
  + Attach IAM policy to grant necessary permissions
  + AWS Cloud9:
   - By using Command Line
   - Working with text file
   - Return to Dashboard
  + Using command: aws ec2 describe-instances for list EC2 instances in account in AWS CLI command
  + Amazon S3:
   - Hosting static website with Amazon S3
   - Using CloudFront for hosting static website		 09/15/2025 09/15/2025 AWS Cloud9

Grant permission for IAM
role

Hosting static website
with Amazon S3
3 - Explore Amazon Relational Database Service (Amazon RDS) and their benefits
- Amazon Lightsail Container:
  + Understand Lightsail Container
  + Deploy container image to Amazon Lightsail Container by using Docker on Ubuntu
- Explore for deploy FCJ Management with Auto Scaling Group
- Practice:
  + Deploy Amazon RDS
  + Deploy Application with MySQL
  + Backup and Restore in Amazon RDS
  + Build container image and deploy
  + Deploy FCJ Management:
   - Create Launch Template and Setup Load balance
   - Create Auto Scaling Group		 09/16/2025 09/16/2025 Amazon RDS

Amazon Lightsail

Deploy an application
with Amazon EC2 Auto
Scaling
4 - Learn and create CloudFormation with template file
- Using CloudWatch Metrics, CloudWatch Logs and CloudWatch dashboard
- Understand Hybrid DNS with Route 53 Resolver
- Practice:
  + CloudWatch:
   - CloudWatch lets users choose and display metrics from their applications
   - Filter data using advanced search expressions
   - Apply math calculations for deeper insights like averages or rankings
   - Add dynamic labels to improve chart readability and interpretation.
  + Route 53 Resolver:
   - Initialize CloudFormation by template.
   - Create and deploy Microsoft AD (AWS Managed Microsoft Active Directory)
   - Setup DNS with In/Out Endpoint		 09/17/2025 09/17/2025 CloudWatch workshop

Hybrid DNS with Route 53
5 - Master AWS CLI fundamentals and EC2 management
- Learn EC2 instance types, AMI, EBS, and SSH connections
- Understand Amazon DynamoDB NoSQL database concepts
- Learn Amazon ElastiCache for Redis in-memory caching
- Learn Python SDK (Boto3) for AWS services
- Practice:
  + Configure AWS CLI with profiles and output formats
  + View resources: aws ec2 describe-instances, aws s3 ls
  + Create Key Pair and Security Groups
  + Launch EC2 with aws ec2 run-instances
  + Connect via SSH and terminate instances
  + Amazon DynamoDB Operations:
   - Create tables and configure primary keys
   - Perform CRUD operations (Create, Read, Update, Delete)
   - Query and Scan data with Python Boto3
   - Load sample data and manage table operations
  + Amazon ElastiCache Redis Operations:
   - Create ElastiCache clusters (mode disabled/enabled)
   - Connect to Redis clusters with Python
   - Set/Get strings and hash operations
   - Implement Publish/Subscribe messaging
   - Work with Redis streams for data processing		 09/18/2025 09/18/2025 Getting Started with AWS CLI

Work with Amazon
DynamoDB

Amazon ElastiCache
- Redis
6 - Master AWS Networking fundamentals and VPC architecture
- Learn VPC components: Subnets, Route Tables, Internet Gateway, NAT Gateway
- Understand Security Groups and NACLs for network security
- Explore VPC Peering, Transit Gateway, and hybrid connectivity
- Learn Route 53 DNS services and Load Balancing concepts
- Master Amazon CloudFront CDN and content delivery
- Practice:
  + VPC Components Deep Dive:
   - Create and configure VPC with multiple subnets
   - Configure Route Tables and Internet/NAT Gateways
   - Implement Security Groups and Network ACLs
  + Advanced Networking:
   - Set up Transit Gateway and Site-to-Site VPNs
   - Configure Route 53 DNS endpoints and hosted zones
   - Implement VPC Endpoints for AWS services
   - Create VPC Peering connections
   - Deploy Network Load Balancer configurations
  + CloudFront Content Delivery:
   - Create S3 bucket for static website hosting
   - Configure CloudFront distribution with S3 origin
   - Implement Origin Access Identity (OAI) for security
   - Test performance improvements and edge locations
   - Configure custom domain names and SSL certificates
  + Advanced CloudFront Features:
   - Configure distribution invalidations for cache management
   - Set up custom error pages and Origin Groups for failover
   - Implement response headers and cache behaviors
   - Create and deploy Lambda@Edge functions
   - Monitor performance with CloudFront metrics and logs		 09/19/2025 09/19/2025 AWS Networking and Content Delivery

CloudFront with S3
Bucket Origin

Advanced CloudFront Workshop

Week 2 Achievements:

  • AWS Identity and Access Management (IAM) Mastery:

    • Comprehensive understanding of IAM concepts: Users, Groups, Roles, and Policies
    • Successfully created and managed IAM users with appropriate access keys
    • Configured and attached IAM policies to grant necessary permissions
    • Understood least privilege principle and IAM security best practices

  • AWS Cloud9 Development Environment Proficiency:

    • Mastered AWS Cloud9 features and capabilities
    • Gained proficiency in using Cloud9 IDE for development tasks
    • Effectively worked with command line interface within Cloud9
    • Managed files and performed text editing in cloud-based environment
    • Navigated and utilized Cloud9 dashboard efficiently

  • Advanced AWS CLI Skills:

    • Successfully utilized AWS CLI within Cloud9 environment
    • Executed aws ec2 describe-instances command to list and manage EC2 instances
    • Integrated AWS CLI commands into daily workflow
    • Understood how to combine GUI and CLI for efficient AWS resource management

  • Amazon S3 & Static Website Hosting:

    • Understood basic concepts of Amazon S3 service
    • Grasped S3 bucket and object storage functionality
    • Successfully deployed static website hosting with Amazon S3
    • Configured S3 bucket to serve web content
    • Understood use cases and benefits of S3 in cloud architecture
    • Integrated CloudFront to enhance performance and distribution of static websites
    • Mastered best practices for web hosting on AWS cloud platform

  • Amazon RDS Database Management:

    • Mastered concepts and benefits of Amazon Relational Database Service (RDS)
    • Successfully deployed and configured Amazon RDS instances
    • Developed and deployed applications integrated with MySQL database
    • Performed backup and restore operations in Amazon RDS
    • Understood best practices for database management on cloud
    • Gained proficiency in database security and performance optimization in RDS environment

  • Container Technology & Amazon Lightsail:

    • Understood Amazon Lightsail Container service and its use cases
    • Gained proficiency in building and managing container images with Docker
    • Successfully deployed container applications to Amazon Lightsail Container
    • Worked effectively with Docker on Ubuntu environment
    • Mastered containerization concepts and best practices
    • Understood how to optimize container deployment for production workloads

  • Auto Scaling & Load Balancing:

    • Mastered concepts and benefits of Amazon EC2 Auto Scaling
    • Successfully deployed FCJ Management application with Auto Scaling Group
    • Created and configured Launch Templates for scalable applications
    • Set up and managed Load Balancers for high availability
    • Understood scaling policies and monitoring for dynamic workloads
    • Gained proficiency in cost optimization strategies with auto scaling

  • Infrastructure as Code & CloudFormation:

    • Mastered Infrastructure as Code (IaC) concepts and benefits
    • Gained proficiency in creating and managing CloudFormation templates
    • Successfully deployed and managed AWS resources using CloudFormation
    • Understood best practices for template design and stack management
    • Mastered version control and rollback strategies for infrastructure code
    • Automated resource deployment and configuration management

  • CloudWatch Monitoring & Observability:

    • Mastered CloudWatch Metrics, Logs, and Dashboard functionalities
    • Successfully established comprehensive monitoring for AWS applications
    • Used advanced search expressions to filter and analyze log data
    • Applied mathematical calculations for deeper insights and analytics
    • Created dynamic labels to improve chart readability and interpretation
    • Set up alerting and notification systems for proactive monitoring
    • Understood performance optimization based on monitoring data

  • Hybrid DNS & Route 53 Resolver:

    • Mastered Hybrid DNS architecture and use cases
    • Successfully deployed and configured Route 53 Resolver endpoints
    • Set up AWS Managed Microsoft Active Directory integration
    • Configured inbound and outbound DNS resolution
    • Understood DNS security and performance optimization
    • Managed cross-premises DNS connectivity and troubleshooting

  • AWS CLI & Command Line Infrastructure Management:

    • Mastered AWS Command Line Interface (CLI) installation and configuration
    • Successfully configured AWS CLI profiles for multiple environments
    • Understood and implemented different output formats (JSON, YAML, text, table)
    • Gained proficiency in using CLI auto-prompt for interactive command creation
    • Mastered infrastructure viewing and management through command line
    • Successfully used aws ec2 describe-instances for EC2 resource inspection
    • Implemented S3 bucket management using aws s3 ls commands
    • Understood regional resource management and cross-region operations

  • EC2 Lifecycle Management via CLI:

    • Mastered complete EC2 instance lifecycle management through AWS CLI
    • Successfully created and managed AWS Key Pairs for secure access
    • Configured Security Groups and ingress rules for SSH access
    • Gained proficiency in launching EC2 instances using aws ec2 run-instances
    • Mastered SSH connection methods and troubleshooting
    • Successfully monitored instance status using CLI commands
    • Implemented proper resource cleanup and instance termination procedures
    • Understood EC2 instance types, AMI selection, and EBS volume management

  • Amazon DynamoDB NoSQL Database Mastery:

    • Understood fundamental concepts of Amazon DynamoDB NoSQL database service
    • Mastered DynamoDB core components: Tables, Items, Attributes, and Primary Keys
    • Gained proficiency in DynamoDB secondary indexes and query optimization
    • Understood read consistency models and capacity management
    • Successfully implemented DynamoDB naming rules and data type specifications
    • Mastered backup and restore capabilities for data protection
    • Understood encryption at rest and security best practices
    • Gained expertise in scaling strategies and performance optimization

  • Python SDK (Boto3) & AWS Service Automation:

    • Mastered Python Boto3 SDK for AWS service automation and integration
    • Understood the difference between Boto3 Client and Resource interfaces
    • Successfully configured AWS SDK with proper authentication methods
    • Gained proficiency in DynamoDB table creation and schema design
    • Mastered CRUD operations: Create, Read, Update, and Delete data
    • Successfully implemented Query and Scan operations for data retrieval
    • Understood batch operations and efficient data loading techniques
    • Implemented proper error handling and resource management in Python code

  • Amazon ElastiCache Redis In-Memory Caching:

    • Mastered Amazon ElastiCache for Redis concepts and architecture
    • Understood clusters, nodes, and shards configuration for high availability
    • Successfully created and managed ElastiCache clusters (mode disabled/enabled)
    • Gained proficiency in Redis data partitioning across up to 500 shards
    • Mastered automatic failure detection and recovery mechanisms
    • Successfully integrated ElastiCache with EC2, CloudWatch, and other AWS services
    • Understood backup management, patching, and security features
    • Implemented Redis operations: strings, hashes, Pub/Sub, and streams
    • Mastered performance optimization and cost-effective caching strategies

  • AWS Networking & VPC Architecture Mastery:

    • Mastered Amazon Virtual Private Cloud (VPC) concepts and architecture
    • Understood AWS global infrastructure: Regions, Availability Zones, and Edge Locations
    • Successfully configured VPC components: Subnets, Route Tables, and CIDR blocks
    • Gained proficiency in Elastic Network Interfaces (ENI) and Elastic IP addresses
    • Mastered Internet Gateway and NAT Gateway configurations for internet connectivity
    • Implemented VPC Endpoints for secure AWS service connections without internet
    • Understood network security with Security Groups and Network ACLs (NACLs)
    • Mastered stateful vs stateless firewall concepts and rule configurations

  • Advanced Networking & Hybrid Connectivity:

    • Mastered VPC Peering for inter-VPC communication and limitations
    • Gained expertise in Transit Gateway for centralized network hub architecture
    • Successfully configured VPN Site-to-Site for hybrid cloud connectivity
    • Understood AWS Direct Connect for dedicated private connections
    • Mastered Route 53 DNS services, endpoints, and internal hosted zones
    • Implemented Network Load Balancer (NLB) for high-performance Layer 4 load balancing
    • Understood Transit Gateway Network Manager for network visualization
    • Mastered complex routing scenarios and traffic flow optimization

  • Network Security & Performance Optimization:

    • Implemented comprehensive network security using multiple layers of protection
    • Mastered Security Group rules and best practices for least privilege access
    • Successfully configured Network ACLs for subnet-level security controls
    • Understood VPC Flow Logs for network monitoring and troubleshooting
    • Implemented network segmentation strategies for different environments
    • Mastered DNS resolution and Route 53 advanced features
    • Optimized network performance through proper subnet and routing design
    • Understood cost optimization strategies for networking services

  • Amazon CloudFront Content Delivery Network:

    • Mastered CDN concepts and global edge locations
    • Successfully created and configured CloudFront distributions with S3 origins
    • Implemented Origin Access Identity (OAI) for enhanced security
    • Understood performance benefits and edge caching strategies
    • Mastered custom domain configuration and SSL certificate management
    • Mastered global content delivery optimization techniques

  • Advanced CloudFront Features & Lambda@Edge:

    • Expertly configured distribution invalidations for efficient cache management
    • Successfully implemented custom error pages for enhanced user experience
    • Mastered Origin Groups for automatic failover and high availability
    • Configured response headers for security and performance optimization
    • Created custom cache behaviors for different content types
    • Developed and deployed Lambda@Edge functions for request processing
    • Monitored CloudFront performance using comprehensive metrics and logs
    • Applied CloudFront best practices including compression and SSL/TLS encryption

  • Cloud Development Workflow:

    • Established complete development environment on cloud
    • Developed skills in working with cloud-based tools and services
    • Understood how to integrate multiple AWS services in a workflow
    • Built foundation for advanced cloud development practices
    • Integrated database services into cloud application architecture
    • Mastered containerization and auto scaling in cloud architecture
    • Implemented Infrastructure as Code and comprehensive monitoring solutions
    • Designed secure and scalable network architectures for production workloads