aws-is-how
- aws-is-how
常见故障排除及支持手册
AWS Skill builder
AI/ML
ML Study
SageMaker
-
Install External Libraries and Kernels in SageMaker Notebook Instances
-
CloudFormation to launch SageMaker Notebook on Glue Dev Endpoint
-
Save costs by automatically shutting down idle resources within Amazon SageMaker Studio
Jupyter Notebooks
Compute vision
NLP
-
Use AWS SageMaker BlazingText to process un-balance data for text multiple classification The git repo
Translate, Text to speech, Speeck to Text
Forecasting
Fraud Detection
Recommandation
Labeling
-
[CV Labeling]
Federated ML
Prediction Maintenance
Using AWS IoT and Amazon SageMaker to do IoT Devices Predictive Maintenance
IoT Time-series Forecasting for Predictive Maintenance
ML Hardware
Cost
Cost Explorer
Network cost
Tagging
-
[Tagging when instance and object created]
Sustainablity
Computing
EC2
-
How to build Graphics Workstation on Amazon EC2 G4 Instances
-
How can I connect to my Amazon EC2 instance if I lost my SSH key pair after its initial launch
-
How can I set up a CloudWatch alarm to automatically recover my EC2 instance?
-
[Graviton]
-
Check if a reboot is required after installing Linux updates
-
[EC2 detected degradation]
Load Balancer
System Manager
aws ssm get-parameters-by-path --path /aws/service/global-infrastructure/regions --output json --profile us-east-1 --region us-east-1 | jq '.Parameters[].Name'
aws ssm get-parameters-by-path --path /aws/service/global-infrastructure/regions --output json --profile us-east-1 --region us-east-1 | jq '.Parameters[].Name' | wc -l
HPC
-
Orchestrating high performance computing with AWS Step Functions and AWS Batch
-
[NICE DCV]
- NICE DCV Guide
- NICE DCV Connection Gateway - enables users to access a fleet of NICE DCV servers through a single access point to a LAN or VPC
- NICE DCV Session Manager - the Agents, a Broker and API that makes it easy to build front-end applications that programmatically create and manage the lifecycle of NICE DCV sessions across a fleet of NICE DCV servers
Analytics
High Level Data Engineering and Data Analytics
-
Harness the power of your data with AWS Analytics with Lake House
-
BMW Cloud Data Hub: A reference implementation of the modern data architecture on AWS
-
Develop and deploy a customized workflow using Autonomous Driving Data Framework (ADDF) on AWS
Data integration service: Glue
-
[ETL]
-
[Glue Crawler]
-
[Workflow]
-
[Catalogs]
-
[Delta Lake]
Analysis: EMR
-
[Develop Code]
- EMR Notebooks and SageMaker Use EMR notebooks to prepare data for machine learning and call SageMaker from the notebook to train and deploy a machine learning model.
- Tool to convert spark-submit to StartJobRun EMR on EKS API
- Submit EMR Job remotely
-
[Workflow]
-
[Install and Delopyment]
-
[EMR on Kubernetes]
-
[Performance and HA]
-
[Security]
Stream - Flink and Spark Streaming
- [Flink on EMR]
Stream - Kinesis
Stream - Kafka
Ad-hoc and Interactive query: Athena
-
How to use the Athena to create the complex embeded table and query the table
-
[Athena Perfomrance]
-
Use CTAS statements with Amazon Athena to reduce cost and improve performance
Data Warehouse: Redshfit
-
[Usage]
-
[Redshift performance]
-
[CDC to Redshift]
-
[ClickHouse and S3]
-
[Streaming datawarehouse]
Search and analytics: Elasticsearch Service
Governance
-
Sending Data to an Amazon Kinesis Data Firehose Delivery Stream
-
[Data Quality with Deequ]
-
[Data Quality with Great Expectations]
BI
IOT
IoT Core
IoT Timeseries
OEE
IoT anaytics
Edge
OTA
AIOT
Security
- AWS Security Hands on Lab - URL need whitelist
- AWS Security Hands on Lab2
- Public Access Consideration
- Curated list of links, references, books videos, tutorials, Exploit, CTFs, Hacking Practices etc. which are related to AWS Security
- An AWS Pentesting tool that lets you use one-liner commands to backdoor an AWS account's resources
Encryption - KMS
Credential - Secret Manager
Certificate - Certificate Manager
-
[Validate the ACM certificate]
Asset Management and Compliance
AuthN and AuthZ
-
Summary the Single-Sign-On cases
- Enabling Federation to AWS console using Windows Active Directory, ADFS, and SAML 2.0
- Using IAM federation and Switch role to implement the Single Sign On multiple AWS Accounts
- Okta-OpenID-AWS-in-the-Browser
- Enabling custom identity broker access to the AWS console
- Grant my Active Directory users access to the API or AWS CLI with AD FS
- Using-temporary-credentials-with-AWS-resources
- Okta - AWS China multi-account console integration
- Keycloak on aws
Sentitive Data
Threat detection - GuardDuty
WAF
Permission - IAM Policy, S3 Policy, RAM Policy
Multi accounts structure
SIEM and SOC
Network
VPC
Keep private - VPC Endpoint and PrivateLink
NAT and proxy
Load balancers
Cross data center and cloud Leasing Line - Direct Connect and VPN
-
Amazon Direct Connect inter-region routing for public access resources
-
How to achieve active-active/active-passive Direct Connect connection
Cross board transfer
Cross accounts and Cross VPCs - TGW
Acceleration network
-
Using Amazon Global Accelerator to improve cross board request improvement
-
Optimizing performance for users in China with Amazon Route 53 and Amazon CloudFront
Edge
Network Secuirty
-
[Traffic Mirror]
DNS
Route 53
Serverless
Serverless Workshop
Function as Service - Lambda
-
Lambda integration
- Using AWS Lambda with Amazon Kinesis
- How to put the S3 event to Kafka using lambda
- Demo how to send the Lambda logs to S3 and ElasticSearch by using Kiensis Firehose
- Run the serverless wordpress with AWS Lambda and AWS EFS
- AWS 告警通知到微信
- Lambda write PostgreSQL
- Lambda sent email
- 使用 Lambda 函数URL + CloudFront 实现S3镜像回源
-
Lambda usage
- Schedule-Invoke-Lambda
- AWS Lambda Custom Runtime for PHP
- How to clean up the elastic network interface created by Lambda in VPC mode
- How to get the lambda public IP address
- How to retrieve the System Manager Parameter Store from lambda
- Understanding the Different Ways to Invoke Lambda Functions
- Run web applications on AWS Lambda without changing code
-
Lambda cost
-
Lambda performance
API Gateway
Step function
Build the serverless - SAM, Chalice, Serverless framwork, CDK
Serverless with AI/ML
Migration
Journey to Adopt Cloud-Native Architecture
- #1 – Preparing your Applications for Hypergrowth
- #2 – Maximizing System Throughput
- #3 – Improved Resilience and Standardized Observability
- #4 – Governing Security at Scale and IAM Baselining
- #5 – Enhancing Threat Detection, Data Protection, and Incident Response
Active Directory
Database
-
Migrating SQL Server to Amazon RDS using native backup and restore
-
Best practices for migrating PostgreSQL databases to Amazon RDS and Amazon Aurora
Data migration tool - DMS
Data migration tool - 3rd party tool
- Migration-Data-From-AliCloud
- [XData])migration/DataMigration/XData.md
Cross Cloud Migration
File migration
Storage
S3 cross region or cross cloud OSS
-
How to sync S3 bucket data between global region and China region
-
Synchronize S3 bucket contents with Amazon S3 Batch Replication
S3
-
Uploading to Amazon S3 directly from a web or mobile application
-
S3 disale TLS1.1 access or enforce TLS1.2 for in-transit encryption
-
How Trend Micro uses Amazon S3 Object Lambda to help keep sensitive data secure
-
通过 STS Session Tags 来对 AWS 资源进行更灵活的权限控制 - 但是需要一个认证机制去确保userid可信的
EBS
Storage Gatewway
- storage-gateway-demo and performance testing
- How can I troubleshoot an S3AccessDenied error from my file gateway
- How can I set up a private network connection between a file gateway and Amazon S3
- Resolve an internal error when activating my Storage Gateway
EFS and FSx or other shared file system
-
Amazon FSx for Lustre or Amazon FSx for Windows File Server Workshop
-
Amazon FSx for Windows File Server file share on an Amazon EC2 Linux instance You can mount an Amazon FSx for Windows File Server file share on an Amazon EC2 Linux instance that is either joined to your Active Directory or not joined.
Database
RDS
RDS usage
-
Amazon Aurora MySQL Database Quick Start Reference Deployment
-
Use Proxysql for RDS for MySQL or Aurora databases connection pool and Read/Write Split
-
[PostgreSQL Logging]
-
rds-postgresql ERROR: <module/extension> must be loaded via shared_preload_libraries
-
[MySQL 手工分库分表]
RDS Cross region, cross account, data replication and backup
RDS upgrade
-
Achieving minimum downtime for major version upgrades in Amazon RDS PostgreSQL
-
How to Migrate from Amazon RDS Aurora or MySQL to Amazon Aurora Serverless
RDS Security
RDS Performance
Graph Database
ElastiCache
Key-Value and Document
DynamoDB
-
[Migration and Replication]
-
[Security]
-
[Performance]
MongoDB and DocumentDB
Time series
Container
EKS
EKS networking
-
[How do I use multiple CIDR ranges with Amazon EKS]
EKS practice
-
[EKS Managed Group]
- Overview
- Quotas
- Official doc
- Cluster autoscaler Managed node groups are managed using Amazon EC2 Auto Scaling groups, and are compatible with the Cluster Autoscaler. You can deploy the Cluster Autoscaler to your Amazon EKS cluster and configure it to modify your Amazon EC2 Auto Scaling groups.
- Vertical Pod Autoscaler
- Horizontal Pod Autoscaler
Data On EKS
DevOps on EKS
-
Install SSM Agent on Amazon EKS worker nodes by using Kubernetes DaemonSet
-
How can I check, scale, delete, or drain my worker nodes on EKS
ECS
-
ECR Sync up from global from China and ECS Service Discovery
-
How can I create an Application Load Balancer and then register Amazon ECS tasks automatically
-
[Amazon ECS firelens]
Fargate
Istio, Envoy, App Mesh, Service discovery
-
Running microservices in Amazon EKS with AWS App Mesh and Kong
-
[EKS and CloudMap]
ECR
DevOps
Management
[AWS Well-Architected]
[Organizing Your AWS Environment Using Multiple Accounts]
CI/CD
Serverless CICD
Container CICD
Monitoring and Tracing
-
Monitor using Prometheus and Grafana Here is how to deploy Grafana on EKS
-
[Grafana and CloudWatch integration]
Logging
-
[Log Hub]
Change configuration
Developer
Infra as Code
Integration
Quque, notification
Call Center
MQ
- AmazonMQ-Workshop
- Automate RabbitMQ configuration in Amazon MQ
- consumer_timeout Amazon RabbitMQ 不支持修改
- [Jenkins 与 RabbitMQ集成]
Media
Video on Demand
Video Streaming
Mobile
Moible app development
GraphQL - AppSync
Business continuity
Backup
DR
-
Understand resiliency patterns and trade-offs to architect efficiently in the cloud
-
[Building a disaster recovery site on AWS for workloads on Google Cloud]
RDS HA/DR
Game
GameLift
- [unreal engine game server]