Posts

AWS NAT using NAT instance ကျွန်တော်တို့ဟာ NAT GW ကိုမသုံးပဲနဲ့ EC2 Instance တစ်ခုကို NAT အနေနဲ့သုံးလို့ရပါသေးတယ်။ NAT GW ရဲ့ Cost ကို လျော့ချချင်တာပဲဖြစ်ဖြစ်၊ NAT အနောက်မှာ ရှိတဲ့ Inbound Outbound traffic တွေကို ကိုယ်တိုင် manage လုပ်ချင်တဲ့အခါမျိုးတွေ မှာအသုံးပြုလို့ရပါတယ်။ နောက်ပြီး NAT instance ကို Private host တွေရဲ့ Jump server or Bastion server အဖြစ်လည်းအသုံးပြုနိုင်ပါသေးတယ်။အားနည်းချက်အနေနဲ့ကတော့ AWS managed မဟုတ်တာကြောင့် administrator ကလိုချင်တဲ့ပုံစံကိုကိုယ်တိုင်ပြင်ယူရပါမယ်။ Setup: အရင်ဆုံးကျွန်တော် EC2 instance နှစ်ခုကို create လုပ်ပါမယ်။ ကျွန်တော်ကတော့ နှစ်ခုလုံးကို Ubuntu 20.04LTS ကိုပဲအသုံးပြုထားပါတယ်။ (မှတ်ချက်။ ။ကျွန်တော်ကတော့ IP tables rule ကို အသုံးပြုပြီး NAT လုပ်သွားမှာပါ။ တစ်ကယ်လို့ AWS NAT AMI ကိုအသုံးပြုပြီးတော့လုပ်တယ်ဆိုရင်လည်းအတူတူပါပဲ)...

Creating RDS + EC2 (Two Tier Architecture) Objective To connect RDS with EC2. Install MySQL Client on EC2. Using mysql command line to connect RDS. Create Database name in HC_WYNH EC2 instance (Ubuntu Server) with app-server-sg (security Group) RDS instance with db-server-sg (security group) Installing Mysql client on EC2 (ubuntu). sudo apt-get install mysql-client Using mysql command to connect with RDS. mysql -h {DB End Point} -P LOCAL_PORT -u RDS_USER -p Creating a Database :wq!...

Creating Key Pair using AWS CFN Create key pairs - Amazon Elastic Compute Cloud Objective To create AWS Key Pair using Cloudformation. (Using the default profile) Create a CloudFormation Template: Start by creating a CloudFormation template in YAML format.**`AWS::EC2::KeyPair`** is defined with the name “wynhkeypair". You can change the **`KeyName`** property to your desired key pair name. AWSTemplateFormatVersion:"2010-09-09"Resources:wynhkeypair:#edit here Type:AWS::EC2::KeyPairProperties:KeyName:wynhkeypairDeploy the Template: aws cloudformation create-stack --stack-name wynhkeypair --template-body file://keypair-wynh....

EC2 + Keypair creation Create key pairs - Amazon Elastic Compute Cloud AWS::EC2::Instance - AWS CloudFormation Objective To create AWS KeyPair + EC2 using Cloudformation. (Using the default profile) Create a CloudFormation Template: Make a yaml file named ec2cfn.yaml. Added the below template. AWSTemplateFormatVersion:"2010-09-09"Description:CFN+EC2+KeyPairResources:wynhkeypair:Type:'AWS::EC2::KeyPair'Properties:KeyName:wynhkeypairEc2Instance:Type:'AWS::EC2::Instance'Properties:InstanceType:'t2.micro'AvailabilityZone:'ap-southeast-1a'ImageId:'ami-002843b0a9e09324a'KeyName:!RefwynhkeypairRun the code: aws cloudformation create-stack --stack-name ec2nkeypair --template-body file://ec2cfn.yaml Output: The keypair(wynhkeypair) is attached. Describe the key pair: aws ec2 describe-key-pairs --filters Name=key-name,Values=wynhkeypair --query KeyPairs[*]....

Objective IAM Policy Create EC2 Instances Specific Instance Type (t2.micro, t3.micro) Specific Region (ap-southeast-1) Create RDS Instances Specific Region (ap-southeast-1) Create IAM User Attach the above policy. IAM Policy { "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Action": [ "ec2:DescribeAccountAttributes", "ec2:DescribeInstances", "ec2:DescribeImages", "ec2:DescribeInstanceTypes", "ec2:DescribeKeyPairs", "ec2:CreateKeyPair", "ec2:DescribeVpcs", "ec2:DescribeSubnets", "ec2:DescribeSecurityGroups", "ec2:CreateSecurityGroup", "ec2:AuthorizeSecurityGroupIngress" ], "Resource": "*" }, { "Effect": "Allow", "Action": "ec2:RunInstances", "Resource": [ "arn:aws:ec2:ap-southeast-1:764523291456:network-interface/*", "arn:aws:ec2:ap-southeast-1:764523291456:volume/*", "arn:aws:ec2:ap-southeast-1:764523291456:key-pair/*", "arn:aws:ec2:ap-southeast-1:764523291456:security-group/*", "arn:aws:ec2:ap-southeast-1:764523291456:subnet/subnet-*", "arn:aws:ec2:ap-southeast-1::image/ami-*" ] }, { "Effect": "Allow", "Action": [ "ec2:RunInstances", "ec2:StartInstances", "ec2:StopInstances", "ec2:TerminateInstances", "ec2:CreateTags" ], "Resource": [ "arn:aws:ec2:ap-southeast-1:764523291456:instance/*" ], "Condition": { "StringEquals": { "ec2:InstanceType": [ "t2....