Aryan Computer Total IT Solutions

AWS Site to Site VPN Configuration:- 1.      Create VPC in Mumbai          Subnet: - 10.1.0.0/16   2.      Create VPC   US East (N. Virginia)            Subnet: - 10.2.0.0./16   3.      Create Customer Gateway dummy in Mumbai         Customer Gateway IP 100.64.0.1 4.      Create Virtual private gateways in Mumbai 5.      Attached Gateway in VPC 6. Go to Route tables and attached Route                     propagation all subnet 7.      Create VPN Connection in Mumbai      PreShare Key :-    bLx6QrEpLHnfp6yPo8Rqm 8.        Create Virtual private gateways i...

  Site-to-Site VPN Connection between Azure and AWS Demo Step 1: Configuring Azure Crate a resource group on Azure to deploy the resources on that Resource Group Name: Azure-Aws Region: East-US Create Virtual Network Resource Group Name: Azure-Aws Region: East-US VNet Name: vnet-azure VNet IPv4 Address Space: 172.20.0.0/16 Subnet Name: subnet-01 Subnet IPv4 Address Space: 172.20.1.0/24 Create the VPN Gateway VPN Gateway Name: VPN-Azure-Aws Region: East-US Gateway Type: VPN SKU: default Generation: Generation 1 Virtual Network: vnet-azure Public IP Address: pip-vpn-Azure-Aws Public IP Address Type: default Assignment: Staic Enable active-active mode: Disabled Configure BGP: Disabled Configuring AWS Create the Virtual Private Cloud (VPC) in AWS Name: my-awsvpc-01 IPv4 CIDR: 10.20.0.0/16 Create a subnet inside the VPC (Virtual Network) Name: my-awssubnet-01 VPC Name: my-vpc-01 VPC IPv...

 version: 0.2 phases:   install:     runtime-versions:       nodejs: 16     commands:       - npm install -g @angular/cli@9.0.6   pre_build:     commands:       - npm install   build:     commands:       - ng build --prod       - aws cloudfront create-invalidation --distribution-id {cloudfront id} --paths '/*' artifacts:   base-directory: dist/{project name}   files:     - '**/*' version: 0.2 phases:   install:     runtime-versions:       nodejs: 16     commands:       - npm install -g @angular/cli@9.0.6   pre_build:     commands:       - npm install   build:     commands:       - ng build --prod       - aws cloudfront create-invalidation --distribution-id EGVGG05FLOT0Z --paths '/*' artifacts:   base-d...

 {     "Version": "2012-10-17",     "Statement": [         {             "Sid": "VisualEditor0",             "Effect": "Allow",             "Action": "ec2:Describe*",             "Resource": "*"         },         {             "Sid": "VisualEditor1",             "Effect": "Allow",             "Action": [                 "ec2:RebootInstances",                 "ec2:StartInstances",                 "ec2:StopInstances"             ],             "Resource": [                 "arn:...

 Create a single IAM user to access only specific S3 bucket {   "Version": "2012-10-17",   "Statement": [     {       "Sid": "Stmt1528735049406",       "Action": [         "s3:DeleteObject",         "s3:GetObject",         "s3:HeadBucket",         "s3:ListBucket",         "s3:ListObjects",         "s3:PutObject"       ],       "Effect": "Allow",       "Resource": "arn:aws:s3:::YOURBUCKETNAME"     }   ] } {     "Version": "2012-10-17",     "Statement": [         {             "Sid": "BucketOperations",             "Effect": "Allow",             "Action": "s3:ListBucket*",             "Resource": "arn...

 AWS API Gateway private integration with HTTP API and a VPC Link A. Create the ALB:-  1.Create it as an INTERNAL facing ALB. We don’t want to expose it to the internet. 2.There is only one listener on port 80 (This is the default). 3.Security Group that is created/assigned to the ALB can be fairly open for now (accept HTTP on TCP port 80 from anywhere). 4.In Step 4 of the wizard, the Target Group should have a target type as INSTANCE. Assuming that your EC2 is handling requests on port 80,  you can keep the rest of the parameters as default.  5 you can register your EC2 instance. allow security group 80 port. B. Create a VPC Link:- 1.From the EC2 console, add Security Group for the VPC Link. this can be pretty open for now, with HTTP traffic on port 80 allowed from anywhere. 2.While you are there, alter the ALB SG to accept traffic only from the VPC Link SG, only on port 80. 3.From the API Gateway console, create a new VPC Link for HTTP APIs. Choose the subnets in b...

 {     "Version": "2012-10-17",     "Statement": [         {             "Effect": "Allow",             "Action": [                 "s3:GetBucketLocation",                 "s3:ListAllMyBuckets"             ],             "Resource": "arn:aws:s3:::*"         },         {             "Effect": "Allow",             "Action": "s3:*",             "Resource": [                 "arn:aws:s3:::my-data-s3",                 "arn:aws:s3:::my-data-s3-1",                 "arn:aws:s3:::my-data-s3-2",     ...