Internship Report > Worklog > Week 7 Worklog

Week 7 Worklog

Week 7 Objectives:

Master AWS Directory Service:
- Understand Directory Service options and features
- Configure Microsoft AD and Simple AD
- Implement directory authentication
- Set up directory replication
- Monitor directory health and status
Learn AWS Resource Access Manager (RAM):
- Understand RAM concepts and sharing options
- Configure resource sharing
- Implement cross-account access
- Manage shared resource permissions
- Monitor shared resource usage
Learn AWS Resource Groups:
- Understand resource grouping strategies
- Create and manage resource groups
- Implement tagging strategies
- Configure group-based operations
- Monitor group resources
Master AWS License Manager:
- Understand license management concepts
- Configure license rules and tracking
- Implement license reporting
- Set up license alerts
- Monitor license usage
Learn AWS Certificate Manager:
- Understand ACM concepts and certificate management
- Request and validate public certificates
- Import external certificates
- Configure certificate renewals
- Set up certificate integrations
- Monitor certificate expiry
Master AWS Secrets Manager:
- Understand Secrets Manager concepts and features
- Create and store secrets
- Configure secret rotation
- Set up access policies
- Implement secret encryption
- Monitor secret usage
Learn AWS Parameter Store:
- Understand Parameter Store concepts and hierarchy
- Create parameter hierarchies
- Configure parameter policies
- Set up version tracking
- Implement parameter encryption
- Monitor parameter access
Master AWS Private Certificate Authority:
- Understand Private CA concepts and operations
- Set up private certificate authority
- Issue private certificates
- Configure certificate templates
- Implement revocation
- Monitor CA operations

Tasks to be carried out this week:

Day	Task	Start Date	Completion Date	References
2	- Learn AWS Directory Service for identity management - Master AWS RAM for resource sharing - Understand AWS Resource Groups for organization - Learn AWS License Manager for license tracking - Practice: + AWS Directory Service: - Set up Microsoft AD and Simple AD - Configure directory trust relationships - Implement directory authentication - Set up directory replication - Monitor directory performance + AWS RAM: - Create resource shares - Configure sharing permissions - Implement cross-account sharing - Set up resource access - Monitor shared resources + AWS Resource Groups: - Create and configure groups - Implement tagging strategies - Set up group-based access - Configure group operations - Monitor group resources + AWS License Manager: - Configure license rules - Set up license tracking - Implement usage reporting - Configure license alerts - Monitor license consumption	10/20/2025	10/20/2025	AWS Directory Service Identity Management Configure Microsoft AD and Simple AD AWS Resource Access Manager (RAM) Create resource shares AWS Resource Groups Organization Create and configure groups AWS License Manager Tracking Configure license rules and tracking
3	- Learn AWS Certificate Manager for SSL/TLS certificates - Master AWS Secrets Manager for secret management - Understand AWS Parameter Store for configuration - Learn AWS Private Certificate Authority - Practice: + AWS Certificate Manager: - Request and validate public certificates - Import external certificates - Configure certificate renewals - Set up certificate integrations - Monitor certificate expiry + AWS Secrets Manager: - Create and store secrets - Configure secret rotation - Set up access policies - Implement secret encryption - Monitor secret usage + AWS Parameter Store: - Create parameter hierarchies - Configure parameter policies - Set up version tracking - Implement parameter encryption - Monitor parameter access + AWS Private CA: - Set up private certificate authority - Issue private certificates - Configure certificate templates - Implement revocation - Monitor CA operations	10/21/2025	10/21/2025	AWS Certificate Manager SSL/TLS Request and validate public certificates AWS Secrets Manager Secret Storage Create and store secrets AWS Parameter Store Configuration -Create parameter hierarchies, configure policies, implement encryption, and monitor access AWS Private Certificate Authority Set up private CA
4	- Learn AWS CloudTrail for auditing and governance - Master CloudWatch Logs & Logs Insights for centralized logging and analysis - Understand AWS X-Ray for distributed tracing - Learn AWS Cost Management (Budgets / Cost Explorer) for cost control - Practice: + AWS CloudTrail: - Enable organization-wide CloudTrail trails - Configure event selectors and logging destinations (S3, CloudWatch) - Analyze management and data events - Set up CloudTrail Lake queries for investigations + CloudWatch Logs & Insights: - Centralize logs from services and instances - Create Log Groups and retention policies - Write Logs Insights queries for troubleshooting - Configure Metric Filters and Alarms from logs + AWS X-Ray: - Instrument applications for tracing (SDKs / agents) - Create service maps and analyze latencies/errors - Trace end-to-end requests across services - Use sampling and annotations for focused tracing + AWS Cost Management: - Configure Cost Explorer and reports - Create Budgets and alerts for cost/usage thresholds - Analyze cost allocation tags and rightsizing recommendations - Integrate Cost data with Trusted Advisor recommendations	10/22/2025	10/22/2025	AWS CloudTrail Auditing Enable organization trails CloudWatch Logs & Insights Analysis Centralize logs AWS X-Ray Distributed Tracing Instrument applications AWS Cost Management Control Configure Cost Explorer and Budgets
5	- Learn AWS Security Hub for centralized security posture - Master AWS Audit Manager for audit automation - Understand AWS Artifact for compliance reports and evidence - Practice: + AWS Security Hub: - Enable Security Hub and integrate GuardDuty, Config, Inspector findings - Use standards (CIS, AWS Foundational) and custom insights - Create automated remediation playbooks with Lambda/SNS - Aggregate findings across accounts and regions - Monitor security posture with dashboards and insights + AWS Audit Manager: - Set up assessment frameworks and evidence collection - Map controls to standards (PCI, ISO, SOC) and create assessment reports - Automate evidence gathering from AWS services - Configure continuous assessments and reporting cadence - Export assessment reports for auditors	10/23/2025	10/23/2025	AWS Security Hub Centralized Security Enable Security Hub AWS Audit Manager Compliance Automation Configure assessment frameworks AWS Artifact Compliance Reports Retrieve compliance reports and certifications
6	- Learn AWS Marketplace for third‑party software procurement - Master AWS Service Quotas for limit management - Understand AWS Well‑Architected Tool for workload reviews - Practice: + AWS Marketplace: - Browse and subscribe to marketplace products - Deploy marketplace AMIs and SaaS offerings - Understand billing and procurement options - Manage marketplace entitlements and contract details - Integrate marketplace products with AWS accounts + AWS Service Quotas: - Review default service quotas per account/region - Request quota increases and track requests - Automate quota monitoring with CloudWatch/Alarms - Use tags and reports to correlate quota usage with workloads - Implement guardrails to avoid quota exhaustion + AWS Well‑Architected Tool: - Run Well‑Architected reviews for workloads - Map findings to improvement plan items - Prioritize remediation actions and track progress - Export reports for stakeholders and auditors - Integrate findings with AWS Config / Trusted Advisor	10/24/2025	10/24/2025	AWS Marketplace Software Procurement Browse and subscribe to marketplace products AWS Service Quotas Limit Management Review quotas AWS Well-Architected Tool Workload Reviews Run reviews

Week 7 Achievements:

AWS Directory Service Mastery:
- Mastered Directory Service concepts and architectures
- Successfully configured Microsoft AD and Simple AD
- Implemented directory trust relationships
- Set up seamless domain joining
- Configured directory replication
- Monitored directory health and performance
- Applied best practices for directory management
AWS RAM Resource Sharing Expertise:
- Mastered RAM concepts and sharing mechanisms
- Successfully created and managed resource shares
- Implemented cross-account resource sharing
- Configured sharing permissions and access
- Monitored shared resource usage
- Applied best practices for resource sharing
AWS Resource Groups Management Proficiency:
- Mastered Resource Groups concepts and organization
- Successfully created and managed resource groups
- Implemented effective tagging strategies
- Configured group-based operations
- Monitored group resources and status
- Applied best practices for resource organization
AWS License Manager Expertise:
- Mastered License Manager concepts and features
- Successfully configured license rules and tracking
- Implemented license usage reporting
- Set up license alerts and notifications
- Monitored license consumption
- Applied best practices for license management
AWS Certificate Manager SSL/TLS Mastery:
- Mastered ACM concepts and certificate management
- Successfully requested and validated public certificates
- Implemented certificate renewals and notifications
- Configured integrations with AWS services
- Monitored certificate lifecycle and expiry
- Applied best practices for SSL/TLS security
AWS Secrets Manager Security Expertise:
- Mastered Secrets Manager concepts and features
- Successfully created and managed sensitive secrets
- Implemented automatic secret rotation
- Configured access controls and encryption
- Monitored secret access and usage
- Applied best practices for secrets management
AWS Parameter Store Configuration Proficiency:
- Mastered Parameter Store concepts and hierarchy
- Successfully created and organized parameters
- Implemented parameter policies and versions
- Configured secure string parameters
- Monitored parameter access patterns
- Applied best practices for configuration management
AWS Private Certificate Authority Expertise:
- Mastered Private CA concepts and operations
- Successfully set up private certificate authorities
- Implemented certificate issuance and templates
- Configured certificate revocation lists
- Monitored CA activities and health
- Applied best practices for private PKI
AWS CloudTrail Auditing Mastery:
- Enabled organization trails and centralized event collection
- Configured event selectors and delivery to S3/CloudWatch
- Performed audit queries and incident investigations with CloudTrail Lake
- Implemented logging retention and secure access controls
CloudWatch Logs & Logs Insights Mastery:
- Centralized logs and created structured Log Groups with retention
- Wrote Logs Insights queries for troubleshooting and metrics extraction
- Built metric filters and alarms driven from logs for proactive alerting
- Integrated logs with dashboards for operational visibility
AWS X-Ray Distributed Tracing Mastery:
- Instrumented applications and services for tracing
- Built service maps and identified latency/error hotspots
- Used traces to correlate logs and metrics for root cause analysis
- Tuned sampling and annotations to reduce noise and cost
AWS Cost Management Mastery (Budgets / Cost Explorer):
- Configured Cost Explorer reports and forecasting
- Created budgets and alerts to control spend
- Used cost allocation tags and rightsizing recommendations for optimization
- Integrated cost insights with Trusted Advisor and operational practices
AWS Security Hub Centralized Security Mastery:
- Enabled Security Hub and integrated findings from GuardDuty, Inspector, and Config
- Applied built-in standards (CIS, AWS Foundational) and created custom insights
- Automated remediation workflows using Lambda and SNS
- Aggregated and triaged findings across accounts and regions
- Built dashboards to monitor security posture and track improvements
AWS Audit Manager Compliance Automation Proficiency:
- Configured assessment frameworks and control mappings
- Automated evidence collection from supported AWS services
- Generated assessment reports aligned with compliance standards
- Set up continuous assessments and scheduled reports for auditors
- Used findings to remediate control gaps and demonstrate compliance
AWS Artifact Compliance Reporting Mastery:
- Used AWS Artifact to retrieve compliance reports and certifications
- Integrated artifact reports into internal audit processes
- Managed access to compliance evidence across teams
- Understood scope and limitations of vendor-supplied compliance artifacts
AWS Marketplace Procurement & Deployment Proficiency:
- Understood Marketplace procurement models (AMI, SaaS, Containers)
- Subscribed and deployed marketplace products in test accounts
- Managed billing, entitlements and vendor contract considerations
- Integrated marketplace solutions with existing AWS environments
- Applied governance controls for marketplace software usage
AWS Service Quotas Management Mastery:
- Reviewed and inventoried service quotas across accounts and regions
- Requested and tracked quota increases where required
- Implemented quota usage monitoring and alarms
- Built operational guardrails to prevent quota exhaustion
- Correlated quota consumption with application scaling patterns
AWS Well‑Architected Tool Review Expertise:
- Performed Well‑Architected reviews and identified risks by pillar
- Generated improvement plans and prioritized remediation items
- Exported reports and communicated findings to stakeholders
- Integrated Well‑Architected results into operational improvement workflows