-
Notifications
You must be signed in to change notification settings - Fork 0
/
index.html
136 lines (120 loc) · 12.4 KB
/
index.html
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
<title>Adam on AWS | Home</title>
<link rel="stylesheet" type="text/css" href="css/styles.css" />
</head>
<body>
<div class="page-container">
<div id="title-bar">adam <span class="yellow-text">snetiker</span><br><span class="small-teal-text">Solutions Architect Portfolio</span></div>
<img id="header-image" src="images/website-header.png">
<div class="content-container">
<h1>Why Build This Website?</h1>
<br>
<p>This website serves three purposes: it's a place to document my journey toward becoming a Solutions Architect, a portfolio that showcases my ability to apply what I'm learning as I prepare for various certifications, and a project that will grow in complexity and prove to employers that I have practical knowledge and hands-on experience that's similar to what I'd gain in a full-time role. I am using a number of different web services and this site is fully-contained in the AWS cloud.
<br><br>
As I expand my skill set and projects become more involved, I'll continue to update this website to demonstrate my ability to architect solutions using AWS and its many valuable service offerings.
<br><br>
Below is an ongoing digest of micro-tasks I have completed, grouped by service, language, or tool.
<br><br>
For more tasks, check out the projects I'm building as part of the <a href="cloudskills.html" target="_blank">Cloud Native DevOps Bootcamp</a> from CloudSkills.
<br><br>
For more detailed documentation of my experience using various services, take a look at my <a href="digitalcloudtraining.html">Digital Cloud Training labs</a>. I'm currently going through Neal Davis' course in prepration for the AWS Solutions Architect Associate exam. </p>
<p class="service"><strong>Amazon Route 53</strong></p>
<ul>
<li>Registered <em>adamonaws.com</em> using the domain registration feature.</li>
<li>Added <strong class="yellow-text">Simple Routing</strong> A records for the domain and sub-domain.
<li>Edited A records to point to the <strong class="yellow-text">CloudFront distribution</strong> instead of the S3 bucket.</li>
<li>Generated a <strong class="yellow-text">CNAME</strong> record, allowing AWS Certificate Manager to update the DNS configuration to validate it.
</ul>
<p class="service">Amazon Simple Storage Service (S3)</p>
<ul>
<li>Created a bucket for the root domain called <em>adamonaws.com</em> that is configured to host this static website.</li>
<li>Created a bucket for the sub-domain called <em>www.adamonaws.com</em> that is configured to redirect to the root domain.</li>
<li>Created a bucket called <em>logs.adamonaws.com</em> to store website and CloudFront logs and turned on website logging in the domain properties.</li>
<li>Defined and attached a <strong class="yellow-text">bucket policy</strong> that grants read-only access to anonymous users (all website visitors that don't have AWS accounts under my root account).</li>
<li>Enabled <strong class="yellow-text">bucket versioning</strong> and created a <strong class="yellow-text">lifecycle rule</strong> to transition previous versions of objects to the <em>One Zone-IA</em> storage class after 30 days.</li>
</ul>
<p class="service">HTML & CSS</p>
<ul>
<li>Coded this page from scratch using <strong class="yellow-text">Brackets</strong>(ongoing) and uploaded it to the adamonaws.com folder as <em>index.html</em>.</li>
<li>Created a <em>css</em> folder in the <em>adamonaws.com</em> bucket and uploaded <em>styles.css</em>.</li>
<li>Created an <em>images</em> folder in the <em>adamonaws.com</em> bucket and uploaded <em>website-header.png</em>.</li>
<li>Spent a few minutes cleaning up code so the formatting is consistent.</li>
</ul>
<p class="service">Amazon CloudFront</p>
<ul>
<li>Created a new distribution.</li>
<li>Specified <em>adamonaws.com</em> and the subdomain <em>www.adamonaws.com</em> as alternate domain names instead of the default <strong class="yellow-text">S3 website endpoint</strong>.</li>
<li>Invalidated the cached versions of this <em>index.html</em> file, <em>styles.css</em>, and <em>website-header.png</em> in the CloudFront distribution settings so visitors would get the latest version faster.</li>
<li>Changed the CloudFront <strong class="yellow-text">price class</strong> to edge locations in the United States, Canada, and Europe to save money because I don't need world-wide distribution for this small project. </li>
<li>Created a new <strong class="yellow-text">cache policy</strong> that sets the <em>Minimum TTL</em> to 300 seconds (5 minutes) and <em>Maximum TTL</em> to 3600 seconds (1 hour), then applied this policy as the default behavior for the origin. I want the latest versions to be retrieved as often as possible because I'm making many changes to this site very frequently.</li>
</ul>
<p class="service">AWS Certificate Manager</p>
<ul>
<li>Requested a <strong class="yellow-text">custom SSL certificate</strong> for the domain name <em>adamonaws.com</em> and subdomain <em>www.adamonaws.com</em></li>
<li>Turned on <strong class="yellow-text">standard logging</strong> to save logs in a new folder within the prefix <em>cloudfront-logs/</em> in the <em>logs.adamonaws.com</em> bucket.</li>
</ul>
<p class="service">AWS Budgets</p>
<p>I received an email from AWS because during my <strong class="yellow-text">Certified Cloud Practitioner</strong> training, I set a <strong class="yellow-text">billing alert</strong> so I'd be notified when costs pass a threshold of $10, and it worked. The domain name I purchased through Route 53 was $12, so the notification was successful.
</p>
<p class="service">Amazon Simple Email Service (SES)</p>
<ul>
<li>Verified the new domain <em>adamonaws.com</em> and generated <strong class="yellow-text">DomainKeys Identified Mail (DKIM)</strong> settings to prove that all emails sent from this domain are authentic.</li>
<li>Set up mail FROM domain as <em>mail.adamonaws.com</em>, with <em>amazonses.com</em> as the default setting if no MX record is found. Published updated <strong class="yellow-text">MX</strong> and <strong class="yellow-text">SPF</strong> records in Route 53.</li>
<li>Created a new email address, <em>[email protected]</em>.</li>
<li>Set up an <strong class="yellow-text">email receipt rule</strong> by configuring an <strong class="yellow-text">action</strong> that sends emails to an <strong class="yellow-text">SNS topic</strong> called <em>adamonaws_emails</em>.</li>
</ul>
<p class="service">Amazon Simple Notification Service (SNS)</p>
<ul>
<li>Created subscription to <em>adamonaws_emails</em> topic that I created using AWS Simple Email Service.</li>
<li>Selected the <strong class="yellow-text">EMAIL</strong> protocol and set the endpoint as my personal email address. This allows me to verify the new email address by forwarding the verification to the SNS topic, which sends the email to my Gmail inbox. To change it, edit the subscription in the SNS console.</li>
<li>Requested <strong class="yellow-text">production access</strong> using the SES console so that I can send emails from my domain email address for networking purposes. All new email accounts begin in the sandbox environment, which means they can only send emails to addresses that have been verified through the SES console.</li>
<li>Configured SNS to send bounce and complaint notifications to the <em>adamonaws_emails</em> topic. </li>
</ul>
<p class="service">Git & GitHub</p>
<ul>
<li>Used MacOS Terminal to create a local repository.</li>
<li>Created a <a href="https://github.com/adam-snetiker/AdamOnAWS" target="_blank">GitHub repository</a> for this project.</li>
<li>Added the remote origin to the local machine so changes can be pushed to GitHub.</li>
<li>Created and updated README.md file.</li>
<li>Attempted to add all files and pushed them to the remote repository. Since I edited the README file remotely, I came across syncing errors and had to research a solution.</li>
<li>Had to perform a pull because I edited the README.md file on the website, not locally. Once I did that, I was able to add and push everything to GitHub successfully.</li>
<li>Implemented a <strong class="yellow-text">GitHub Action</strong> from the marketplace that automates the upload of any file in the repository by syncing it with my S3 bucket <em>adamonaws.com</em> whenever a change to this page is made and pushed. </li>
<li>In order to prevent exposing my access key ID and secret access key, I created a new <strong class="yellow-text">repository secret</strong> in my GitHub settings. This should prevent my account from being flagged by AWS for committing keys to my repo like it was before I learned how to properly implement this action.</li>
<li>Began learning scripting with Python and PowerShell. Updated GitHub action to exclude all files with .py or .ps1 extensions.</li>
</ul>
<p class="service">AWS Identity and Access Management</p>
<ul>
<li>Updated password after receiving warnings from AWS security team.</li>
<li>Rotated keys to make sure my account stays open. Contacted customer service explaining that there is no unauthorized behavior.</li>
</ul>
<p class="service">AWS Key Management Service (SSE-KMS)</p>
<ul>
<li>Created a symmetric <strong class="yellow-text">customer managed key</strong> by enabling encryption for the S3 bucket <em>adamonaws.com</em></li>
</ul>
<p class="service">AWS Command Line Interface (CLI)</p>
<ul>
<li>Installed the AWS CLI v2.1.23 using macOS terminal.</li>
<li>Updated access key after deleting the old one as directed by AWS support using <strong class="yellow-text">aws configure</strong> command.</li>
<li>Set up <strong class="yellow-text">S3 sync</strong> to sync <em>index.html</em> file with the S3 bucket.</li>
<li>Repeated S3 sync command to sync contents of css and images folders with corresponding directories in S3. I'm now looking into <strong class="yellow-text">Circle CI</strong> because the AWS CLI doesn't actually monitor files, which means I have to run the command manually every time I make a change. That's only slightly better than manually uploading it in the S3 console.</li>
<li>Added <strong class="yellow-text">--exclude</strong> and <strong class="yellow-text">--delete</strong> flags to exclude <em>.github/workflow</em> and make sure only files in my local repository are in the S3 bucket.
</ul>
<p class="service">AWS CodeCommit</p>
<ul>
<li>Set up repo called <em>adamonaws</em>.</li>
<li>Generated HTTPS credentials and attached CodeCommitFullAccess policy to the admins group.</li>
<li>Used clone command to clone the CodeCommit repository.</li>
<li>Used copy commands to copy all files from <em>main</em> GitHub repository to <em>adamonaws</em> CodeCommit repository.</li>
<li>Pushed all new files to repo, now called <em>master</em> instead of <em>main</em>. </li>
</ul>
<p class="service">Personal Health Dashboard</p>
<ul>
<li>A review of my Personal Health dashboard revealed a potential issue with Network Load Balancers.</li>
</ul>
</div>
</div>
</body>
</html>