Karan Kaw's Blog

By combining AWS Lambda with other AWS services, developers can build powerful applications that automatically scale up and down and run in a highly available configuration across multiple data centers – with zero administrative effort required for scalability, back-ups or multi-data center redundancy.

Lambda Functions are like bare-bones standalone

They have to be provided IAM Role

They have to be mapped to a trigger

If There was a way, to do all this in 1 Place - Its called "Lambda Application"

Azure Devops - Branch policies -minimum reviewers

https://docs.microsoft.com/en-us/azure/devops/repos/git/branch-policies?view=azure-devops#require-a-minimum-number-of-reviewers

https://docs.microsoft.com/en-us/azure/devops/organizations/security/about-permissions?view=azure-devops&tabs=preview-page

https://docs.microsoft.com/en-us/azure/devops/organizations/security/permissions?view=azure-devops&tabs=preview-page#groups

apt update

apt update && apt list --upgradable

apt update actually updates list of Updates available for installed software

It fetches list of updates available

AWS Cognito, POLICY Generator, Policy Simulator, IAM Policy Visual Editor

AWS Identities :

1) Users

2) Usergroups

3) Roles

4) Temporary security credentials

https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp.html

https://wellarchitectedlabs.com/reliability/300_labs/300_testing_for_resiliency_of_ec2_rds_and_s3/documentation/aws_credentials/

API Gateway

https://www.youtube.com/watch?v=0dVL70Ayq5I

https://docs.aws.amazon.com/apigateway/latest/developerguide/getting-started.html API Gateway + Lambda

https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html#api_getfederationtoken

IAM > Identity providers > Create Identity Provider

OpenId() vs SAML (ADFS Active Directory Federation Service)

Role can be assigned to

AWS service

EC2, Lambda and others

Another AWS account

Belonging to you or 3rd party

Web identity

Cognito or any OpenID provider

SAML 2.0 federation

Your corporate directory

Choose an API type

HTTP API

Build low-latency and cost-effective REST APIs with built-in features such as OIDC and OAuth2, and native CORS support.

Works with the following:

Lambda, HTTP backends

WebSocket API

Build a WebSocket API using persistent connections for real-time use cases such as chat applications or dashboards.

Roles and users are both AWS identities with permissions policies.

Roles can be used by the following:

An IAM user in the same AWS account as the role

A web service offered by AWS such as Amazon Elastic Compute Cloud (Amazon EC2)

An external user authenticated by an external identity provider (IdP) service that is compatible with SAML 2.0 or OpenID Connect.

Applications running on that instance can retrieve temporary security credentials and perform actions that the role allows

https://sts.amazonaws.com

You can use AWS Security Token Service (AWS STS) to create and provide trusted users with temporary security credentials that can control access to your AWS resources. For more information about AWS STS, see Temporary security credentials in IAM. AWS STS is a global service that has a default endpoint at https://sts.amazonaws.com

EC2 is a Service

Load balancers (EC2 feature)

https://awspolicygen.s3.amazonaws.com/policygen.html

https://policysim.aws.amazon.com/home/index.jsp?#

https://docs.aws.amazon.com/IAM/latest/UserGuide/tutorial_billing.html?icmpid=docs_iam_console#tutorial-billing-step2

IAM -> Policies -> Visual Editor

https://docs.aws.amazon.com/IAM/latest/UserGuide/tutorial_billing.html?icmpid=docs_iam_console#tutorial-billing-step2

IAM > Identity providers > Create Identity Provider

https://console.aws.amazon.com/iamv2/home?#/identity_providers

Route 53 > Hosted zones > Domain.com > Record Type A /CNAME etc

Identity Pool + Role ????????????

AWS Cognito (User Pool) ? ??? How to get Token using postman????????