This a checklist on learning AWS (based on this great Reddit post: https://www.reddit.com/r/sysadmin/comments/8inzn5/so_you_want_to_learn_aws_aka_how_do_i_learn_to_be/)
All CloudFormation templates were created in the Oregon (us-west-2) region.
- Account Basics
- Create an IAM user for personal use
- Set up MFA for your root user, turn off all root user API keys
- Set up Billing Alerts
- Configure the AWS CLI for your user
- Web Hosting Basics
- Deploy a EC2 VM and host a simple static web page
- Take a snapshot of your VM, delete the VM, and deploy a new one from the snapshot. Basically disk backup + disk restore
- Auto Scaling
- Create an AMI from that VM and put it in an autoscaling group so one VM always exists
- Put a Elastic Load Balancer in front of that ASG
- External Data
- Create a DynamoDB table and experiment with loading and retrieving data manually, then do the same via a script on your local machine
- Refactor your static page so that it reads/updates the AWS DynamoDB table (Hint: EC2 Instance Role)
- Web Hosting Platform-as-a-Service
- Deploy an application on ElasticBeanstalk
- Create a S3 static website
- Register a domain. Set Route53 as the Nameservers and use Route53 for DNS. Make www.yourdomain.com go to your Elastic Beanstalk. Make static.yourdomain.com serve data from the S3 bucket
- Enable SSL for your Static S3 Website (Hint: CloudFront + ACM)
- Enable SSL for your Elastic Beanstalk Website
- Microservices
- Create an API that has POST/GET bindings to update/retrieve data from DynamoDB
- Serverless
- Write a AWS Lambda function to run every night. Implement Least Privilege security for the Lambda Role. (Hint: Lambda using Python 3, Boto3, Amazon SES, scheduled with CloudWatch)
- Implement API Gateway to interact with Lambda
- Continuous Delivery
- Explore and implement a Continuous Delivery pipeline
- Develop a CI/CD pipeline to automatically update a dev deployment of your infrastructure when new code is published, and then build a workflow to update the production version if approved
- Misc
- Kinesis
- EMR / Glue
- Spot instances / fleets => https://github.com/awslabs/ec2-spot-labs/blob/master/workshops/ec2-spot-fleet-web-app/README.md
- KMS
- SNS / SQS
- More complex IAM policies (permission boundaries)
- SAM => https://github.com/awslabs/serverless-application-model / https://aws.amazon.com/blogs/compute/developing-net-core-aws-lambda-functions/
- Networking (creating VPC from scratch)
- Terraform => https://www.terraform.io/intro/getting-started/build.html / https://github.com/terraform-providers/terraform-provider-aws/tree/master/examples