Others Archives

Automating Amazon GuardDuty Notifications through Email Alerts
Gallery

Automating Amazon GuardDuty Notifications through Email Alerts

Amiel Palacol2023-05-26T04:25:10+00:00

Amazon GuardDuty is a powerful security tool that helps to detect suspicious activities and threats in your AWS environment. It uses intelligent threat detection and provides you with a detailed view of potential security issues across your AWS account. Amazon GuardDuty continuously monitors your AWS resources and generates findings based on various threat intelligence sources. This allows you to identify security vulnerabilities and take necessary actions to secure your environment. One of the key features of Amazon GuardDuty is its ability to send notifications about potential security threats. These notifications can be sent to various destinations such as Amazon SNS, [...]

Automating Amazon GuardDuty Notifications through Email AlertsAmiel Palacol2023-05-26T04:25:10+00:00

How to Setup Backup and Recovery in Azure
Gallery

How to Setup Backup and Recovery in Azure

Gerome Pagatpatan2023-05-23T03:04:20+00:00

If you’re managing a cloud infrastructure, you understand that backups are created to safeguard critical data and ensure business continuity. In the event of a server failure, backups expedite the restoration of data and the prompt resumption of operations. It also allows you to revert to previous server states, which is helpful for version control and rollbacks. Additionally, backups are useful resources for testing, development, and creating replica environments. In Microsoft Azure, the dedicated service for managing the backups and recovery of your resources is Azure Backup. It provides scalability, flexibility, incremental backups, point-in-time restore, and long-term retention of your [...]

How to Setup Backup and Recovery in AzureGerome Pagatpatan2023-05-23T03:04:20+00:00

Streamlining EBS Snapshot Management with Amazon Data Lifecycle Manager Automation
Gallery

Streamlining EBS Snapshot Management with Amazon Data Lifecycle Manager Automation

Amiel Palacol2023-05-22T01:41:12+00:00

Amazon Elastic Block Store (EBS) snapshots are an essential part of managing data on Amazon Web Services (AWS). EBS snapshots are backups of your EBS volumes, which are stored in Amazon Simple Storage Service (S3). They are crucial for data protection and disaster recovery, but managing EBS snapshots can be time-consuming and complex. Fortunately, Amazon Data Lifecycle Manager (DLM) provides a solution to simplify EBS snapshot management. DLM is a service that automates the creation, retention, and deletion of EBS snapshots based on predefined schedules and policies. This automation streamlines snapshot management, reduces the risk of data loss, and lowers [...]

Streamlining EBS Snapshot Management with Amazon Data Lifecycle Manager AutomationAmiel Palacol2023-05-22T01:41:12+00:00

Enhancing S3 Bucket Security by Prohibiting Uploads of Unencrypted Objects
Gallery

Enhancing S3 Bucket Security by Prohibiting Uploads of Unencrypted Objects

Amiel Palacol2023-05-22T01:34:06+00:00

Amazon S3 is a widely used object storage service that allows users to store and retrieve large amounts of data. S3 is known for its scalability, durability, and cost-effectiveness, making it an ideal choice for many organizations. However, as with any cloud-based service, security is a crucial concern. One way to enhance the security of S3 buckets is by prohibiting the upload of unencrypted objects. In this article, we will explore why this is important and how it can be implemented. Why Prohibit Uploads of Unencrypted Objects? Unencrypted objects in S3 buckets can be vulnerable to data breaches, which can [...]

Enhancing S3 Bucket Security by Prohibiting Uploads of Unencrypted ObjectsAmiel Palacol2023-05-22T01:34:06+00:00

AWS Lambda: Synchronous vs Asynchronous Invocation
Gallery

AWS Lambda: Synchronous vs Asynchronous Invocation

Carlo Acebedo2024-07-17T03:30:08+00:00

You can invoke a Lambda function in two ways. Synchronous Invocation The first one is called Synchronous invocation, which is the default mode. Synchronous invocation is pretty straightforward. When you invoke a function synchronously, AWS Lambda waits until the function is done processing, then returns the result. Let’s see how this works through the following example: The diagram illustrates a Lambda function-backed API that is managed by API Gateway. When API Gateway receives a GET request from the /getOrder resource, it invokes the getOrder function. The function receives an event containing the payload, processes it, and then returns the result. [...]

AWS Lambda: Synchronous vs Asynchronous InvocationCarlo Acebedo2024-07-17T03:30:08+00:00

Connecting your Lambda Function to a Private Database
Gallery

Connecting your Lambda Function to a Private Database

Carlo Acebedo2023-05-15T02:11:53+00:00

If you want your Lambda function to interact with resources (e.g., RDS database, EC2 instance) inside a private subnet, you won't be able to do so by default. The reason for this is that Lambda functions live in an isolated and secured VPC managed by AWS. This is why when you create a Lambda function, you don’t go through any networking configurations (VPC, subnet, ENIs), unlike when creating EC2 instances. Also, you cannot establish a VPC peering connection between the VPC where Lambda functions are run and the VPC where your private resources are located because the former is not [...]

Connecting your Lambda Function to a Private DatabaseCarlo Acebedo2023-05-15T02:11:53+00:00

How AWS IAM Handles Conflicting IAM Policies
Gallery

How AWS IAM Handles Conflicting IAM Policies

Carlo Acebedo2023-05-03T03:39:25+00:00

Overview When a user attempts an action in AWS, such as launching an EC2 instance or listing S3 buckets, AWS evaluates all involved IAM policies to determine whether to grant the request. Since IAM policies can be associated with various types of identities, the hierarchy of these identities influences the final permissions for a user. AWS IAM Policy Evaluation Flow Let’s break down the process of how AWS evaluates a request using the simplified version of the AWS flow chart below: 1. Default Deny AWS denies a request by default. For example, if your IAM user has no policies attached [...]

How AWS IAM Handles Conflicting IAM PoliciesCarlo Acebedo2023-05-03T03:39:25+00:00

Understanding the IAM:PassRole Permission
Gallery

Understanding the IAM:PassRole Permission

Carlo Acebedo2023-08-24T02:44:43+00:00

Introduction Many AWS services often require the use of an IAM role to execute actions on your behalf. For example, when you create a Lambda function, you assign an execution role to it. AWS can generate one for you automatically, and then you define the permissions you want it to have after. Most of the time, that's the case. However, there are instances when you might choose to associate an existing IAM role. In practice, we often concentrate on which permissions a user is allowed to perform and which are off-limits. But what's often overlooked are the IAM roles a [...]

Understanding the IAM:PassRole PermissionCarlo Acebedo2023-08-24T02:44:43+00:00

Different Ways of Passing Parameters Securely in CloudFormation
Gallery

Different Ways of Passing Parameters Securely in CloudFormation

Carlo Acebedo2023-04-27T12:27:15+00:00

Introduction When writing CloudFormation templates, it's a security best practice to avoid hardcoding sensitive info, like client secrets, API keys, or passwords. Sharing templates with hardcoded details by mistake can put your infrastructure and data at risk. In this article, we'll explore different secure methods to pass parameters in CloudFormation templates. Using the NoEcho Attribute To avoid hardcoding parameters in your template, you can define them during stack creation using the Parameters section. However, these values will still be visible in plaintext in the Console. To mask critical data, consider using the NoEcho attribute. The NoEcho attribute offers a simple [...]

Different Ways of Passing Parameters Securely in CloudFormationCarlo Acebedo2023-04-27T12:27:15+00:00

How to Set Up Alerts Rules and Action Groups in Azure Monitor
Gallery

How to Set Up Alerts Rules and Action Groups in Azure Monitor

Gerome Pagatpatan2023-04-10T04:23:35+00:00

In this article, we’ll learn how to create action groups and alert rules to automatically monitor our infrastructure and take automated actions based on certain conditions. The service that we’ll use for this tutorial is Azure Monitor. Alerts in Azure Monitor act as a watchdog, constantly monitoring your infrastructure and application for potential problems. It alerts you before users experience any problems by sending you alerts when something is wrong with your system. This way, you can address the problem quickly and avoid affecting users. How to Setup Action Groups Action Groups are a set of actions that you specify [...]

How to Set Up Alerts Rules and Action Groups in Azure MonitorGerome Pagatpatan2023-04-10T04:23:35+00:00

Previous 15 16 17 18 192021 22 23 24 Next

AWS, Azure, and GCP Certifications are consistently among the top-paying IT certifications in the world, considering that most companies have now shifted to the cloud. Upskill and earn over $150,000 per year with an AWS, Azure, or GCP certification!

Follow us on LinkedIn, Facebook, or join our Slack study group. More importantly, answer as many practice exams as you can to help increase your chances of passing your certification exams on your first try!