Search This Blog

Saturday, 29 August 2020

Detail day to day activity's of AWS Admin

EC2

  1. Providing EC2 Instances
  2. Bootstraping EC2 instance while launching
  3. Hardening EC2 instances with security groups to open or close port numbers
  4. Recovering EC2 instance keypair
  5. Modifying instance type in case of demanding more / less resources (CPU/ Memory)
  6. Shutting down unused instances as per customer confirmation
  7. Taking AMI of instances if any activity/ change scheduled

VPC

  1. Creating VPC, Subnet, Route tables, Internet Gateway, NACLs, etc for new environment
  2. Creating public and private subnet.
  3. Creating NAT Instances, NAT gateways
  4. Disabling ports in NACLs
  5. Enabling VPC peering between Test, QA and Prod VPCs
  6. Enabling VPC flow logs to monitor network related issues
  7. Creating and configuring Open VPN server to connect instance security.
  8. Creating new users in open VPN server

ELB/ AutoScaling

  1. Creating ELBs
  2. Requesting SSL Certificate for new domains in certificate manager (ACM)
  3. Configuring SSL Certificate on ELBs
  4. Troubleshooting in case of instance are “outOfservice” in ELB
  5. Enabling and analyzing ELB access log
  6. Creating Launch Configuration and Auto Scaling groups
  7. Adding new LC to ASG when AMI updated.

EBS, S3,EFS, Glacier

  1. Creating New EBS Volumes, modifying existing Volume size or volume type.
  2. Taking Volume snapshots for backup
  3. Copying Volumes from one Availability Zone (AZ) to other AZ if requested.
  4. Migration data from one EC2 instance to others.
  5. Enabling encryption on EBS and S3 bucket objects.
  6. Creating S3 buckets and granting request permission through AMI.
  7. Enabling life cycle policies to transfer data from one storage class to other.
  8. Creating EFS and mounting it in multiple instances.

IAM

  1. Creating IAM Users and granting with minimal permissions.
  2. Generating or modifying IAM policies as per requirement.
  3. Creating roles to access one AWS service with others
  4. Enforcing users to use secure password and MAF.

CloudWatch, CluodTrail, TrustAdvisor

  1. Monitoring instances resource utilization through CloudWatch.
  2. Creating alarms, events and custom matrix in CloudWatch.
  3. Enabling CloudTrail and analyzing logs in case of any events occurred.
  4. Collecting trusted Adviser reports timely manner and analyzing reports for cost optimisation.

Route53

  1. Creating Route53 hosted zones to map with public or private domain.
  2. Creating record sets to map with EC2 instances/ ELBs.
  3. Using routing policies if necessary.
  4. Mapping domain from domain register (like godaddy) to route53.

RDS

  1. Creating RDS Instances as per databases per requirement.
  2. Enabling Multi-AZ, read policies as per demand.
  3. Taking snapshots and restoring from snapshots.
Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)