Book Image

AWS Tools for PowerShell 6

By : Ramesh Waghmare
Book Image

AWS Tools for PowerShell 6

By: Ramesh Waghmare

Overview of this book

AWS Tools for PowerShell 6 shows you exactly how to automate all the aspects of AWS. You can take advantage of the amazing power of the cloud, yet add powerful scripts and mechanisms to perform common tasks faster than ever before. This book expands on the Amazon documentation with real-world, useful examples and production-ready scripts to automate all the aspects of your new cloud platform. It will cover topics such as managing Windows with PowerShell, setting up security services, administering database services, and deploying and managing networking. You will also explore advanced topics such as PowerShell authoring techniques, and configuring and managing storage and content delivery. By the end of this book, you will be able to use Amazon Web Services to automate and manage Windows servers. You will also have gained a good understanding of automating the AWS infrastructure using simple coding.

Related Content you might be interested in

Current Title:

Small book image
AWS Tools for PowerShell 6
Ramesh Waghmare
Aug, 2017 | 372 pages
Small book image
AWS Certified Developer - Associate Guide
Bhavin Parmar | Vipul Tankariya
Sep, 2017 | 600 pages
Small book image
Mastering AWS Security
Albert Anthony
Oct, 2017 | 252 pages
Small book image
AWS: Security Best Practices on AWS
Albert Anthony
Mar, 2018 | 118 pages
Table of Contents (17 chapters)
Preface
Preface
What this book covers
What you need for this book
Who this book is for
Conventions
Reader feedback
Customer support
Free Chapter
1
PowerShell Essentials
PowerShell Essentials
Why PowerShell?
Running PowerShell
Reading the PowerShell language
Getting and exploring help options
Discovering cmdlets and aliases
Learning cmdlets
Risk mitigation parameters
Working with output
Running PowerShell remotely
Building parameterized script
Comment-based help
Summary
2
The AWS Overview
The AWS Overview
Disruptive innovations - AWS Cloud
The benefits of AWS cloud computing
Common challenges of shifting to the cloud
The AWS global infrastructure
Security and compliance
AWS services
Laying out foundations
The AWS sign up
Get supported
Summary
3
Installing PowerShell Core and AWS Tools
Installing PowerShell Core and AWS Tools
AWS Tools for PowerShell
Installing PowerShell 6 On Windows
Installing PowerShell 6 on Linux
Prerequisites for AWS Tools
Downloading and installing AWS Tools
Enabling script execution
Finding the AWS Tool version
Updating AWS Tools for PowerShell
Summary
4
AWS Identity and Access Management
AWS Identity and Access Management
The AWS-shared responsibility model
Setting up AWS Tools for access
Managing AWS credentials
The AWS credential search order
Creating IAM users
Creating IAM groups
Accessing the AWS console
Accessing AWS via CLI
Removing a policy from the group
Revoking a policy from the user
What are IAM roles?
IAM policies
Dropping groups, roles, and users
Dropping PowerShell AWS profiles
The use case - access key rotation
Summary
5
AWS Virtual Private Cloud
AWS Virtual Private Cloud
Laying the foundation
Virtual Private Cloud
Internet Gateways
Route Tables
Subnets
NAT Gateway
Network Access List
Security Groups
Summary
6
AWS Elastic Compute Cloud
AWS Elastic Compute Cloud
The characteristics of AWS EC2
The EC2 instance purchasing options
Understanding IP addresses on EC2
Storage options on EC2
Spinning up an EC2 instance
Accessing the EC2 instance
The EC2 instance metadata service
Stopping the EC2 instance
Starting the EC2 instance
The Elastic IP address
Terminating the EC2 instance
Placement Groups
Assigning an IAM role to the EC2 instance
The types of EBS
Amazon Machine Images
EBS snapshots
Summary
7
AWS Simple Storage Service
AWS Simple Storage Service
AWS Glacier
Storage classes on S3
The S3 bucket
Folders and objects
Downloading folders and objects from the S3 bucket
Managing S3 permissions
Building S3 VPC endpoints
S3 Transfer Acceleration
S3 versioning
S3 lifecycle policies
Cross-region replication
Removing the S3 bucket
Summary
8
Elastic Load Balancer
Elastic Load Balancer
Why load balancer?
Types of Elastic Load Balancers
Application Load Balancer components
Creating Classic Load Balancer
Creating Application Load Balancer
Deleting Elastic Load Balancer
Summary
9
Auto Scaling
Auto Scaling
Auto Scaling components
Auto Scaling lifecycle
Fleet management
Dynamic scaling
Creating launch configuration
Creating an Auto Scaling Group
Increasing a fleet manually
Scaling-Out and Scaling-In dynamically
Scaling on schedule
Lifecycle hooks and cooldown
Termination policies
Termination protection
Suspending the Auto Scaling process
Standby mode
Deleting an Auto Scaling Group
Summary
10
Laying Foundation for RDS Databases
Laying Foundation for RDS Databases
Database engines on RDS
Deployment consideration
DB instance classes
Multi-AZ and standby
Read replicas
Compliance
Data encryption
Database access and IAM
DB Security Groups
DB Subnet Groups
DB Parameter Groups
DB Option Groups
Summary
11
DB Instance Administration and Management
DB Instance Administration and Management
RDS storage type
Licensing models on RDS
Understanding maintenance windows
Spinning up RDS DB instances
Multi-AZ deployment
Enabling encryption on RDS
Connecting to an RDS instance with and without SSL
Stop, start, and restart of a DB instance
Adding space to a DB instance
RDS backup
RDS restore
Manual snapshot of the RDS instance
Deleting an RDS instance
Checking account limit and attributes
Summary
12
Working with RDS Read Replicas
Working with RDS Read Replicas
Creating read replicas
Rebooting read replicas
Connecting to a read replica
Promoting read replicas to primary
Deleting read replicas
Use case - balancing traffic between read replicas
Summary
13
AWS Elastic Beanstalk
AWS Elastic Beanstalk
What is Elastic Beanstalk?
Elastic Beanstalk components
Environment types
Understanding deployment models on Elastic Beanstalk
Creating application
Creating a configuration template
Deploying a popular WordPress application
Cloning an environment
Swapping an environment CNAME
Deleting an environment and application
Summary
14
AWS CloudFormation
AWS CloudFormation
What is CloudFormation?
Authoring and template anatomy
Intrinsic functions
Cross stack references
Creating a base network using CloudFormation
Validating a base network template
Running a base network template
Creating an EC2 instance using CloudFormation
Nested stack
Stack policies
Helper scripts
Dropping the template
Summary
15
AWS CloudWatch
AWS CloudWatch
CloudWatch
Simple Notification Service
Monitoring EC2 instances
Creating an alarm for an EC2 instance
Custom monitoring for an EC2 instance
Monitoring RDS DB instances
CloudWatch logs
Summary
16
AWS Resource Auditing
AWS Resource Auditing
Introduction to CloudTrail
AWS Config
Removing the delivery channel and recorder
Summary

Enabling encryption on RDS

Enabling encryption on an RDS DB instance is a simple task. There are just a couple of additional switches that need to be passed on to the New-RDSDBInstance cmdlet. But, before you enable encryption on the DB instance, you need to have a key created in KMS. For key creation, you need to write a policy document in JSON format first.

I have created a sample policy document, as follows, which indicates that the role WorldPressAppRole can administer the key in my account. I saved the JSON document as D:\data\Policies\KMSPolicy.txt on my desktop.

{
  "Id": "key-consolepolicy-3",
  "Version": "2012-10-17",
  "Statement": [
    {
      "Sid": "Enable IAM User Permissions",
      "Effect": "Allow",
      "Principal": {
        "AWS": [
          "arn:aws...
Previous Section
End of Section 7
Next Section