week0.md

Week 0 — Billing and Architecture ☁️

Tasks to Complete

• MY NOTES
  

• MANDATORY CHALLENGES
  ✅ Recreate Conceptual Diagram in Lucid Chart or Napkin
  ✅ Recreate Logical Architectural Diagram in Lucid Chart
  ✅ Create an Admin User
  ✅ Using CloudShell
  ✅ Generating AWS Credentials
  ✅ Install AWS CLI
  ✅ Create a Billing Alarm
  ✅ Create a AWS Budget
  
  

• QUIZ
  ✅ Pricing & Security Quiz
  
  

• BROWNIE CHALLENGES
  ✅ Destroy your root account credentials, Set MFA, IAM role
  ✅ Use EventBridge to hookup Health Dashboard to SNS and Send Notification
  🔲 Review all the questions of each pillars in the Well Architected Tool (No specialized lens)
  🔲 Create an architectural diagram (to the best of your ability) the CI/CD logical pipeline in Lucid Charts
  🔲 Research the technical and service limits of specific services and how they could impact the technical path for technical flexibility.
  🔲 Open a support ticket and request a service limit
  
  

My Notes

Ephemeral Micro-blogging platform

• Me - Cloud Engineer
• Investers - Cost/Budget
• Web Dev Group
• Fractional CTO

iron triangle - Fast-cheap-good

The frontend application is written in Javascript using react and backend application should be written in Python using Flask Should take advantage of microserverice architecture

Architecture:

Requirements/Risks/Assumptions/Constraints

• requirements

  • Common dictionary between all people

  • requirements - project that must be achieved at the end

  • it should be measurable

  • feasible/monitorable/traceable/verifiable

• risks

  • that prevents the project from being successful

  • single point of failure

  • Late delivery

• assumptions

  • factors held as true for the planning and implementation phase

  • example - budget is approved, enough network bandwidth

• constraints

  • policy or technical limitations for the project

  • time/budget/vendor selection

  • £0 using free tier/14-16 weeks/

Initial Conceptual design - HLD

• understandable by business stakeholders - napkin design*

• organises and defines concepts and rules

Logical design

• defines how the system should be implemented

• Blueprint

• break large conceptual block to more logical blocks

physical design - LLD

• representing the actual thing that is build

• down to individual description

TOGAF - architecture framework

maps closely to WAF

C4 model for visualising software architecture

Install AWS CLI

• install the AWS CLI in Gitpod workspace

• Set AWS CLI to use partial auto-prompt mode (easier to debug CLI commands

• Update .gitpod.yml to include the following task

tasks:
  - name: aws-cli
    env:
      AWS_CLI_AUTO_PROMPT: on-partial
    init: |
      cd /workspace
      curl "https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip" -o "awscliv2.zip"
      unzip awscliv2.zip
      sudo ./aws/install
      cd $THEIA_WORKSPACE_ROOT

Set Environment Variables

It can be set in bash terminal or make Gitpod remember these credentials on relaunch

export AWS_ACCESS_KEY_ID=""
export AWS_SECRET_ACCESS_KEY=""
export AWS_DEFAULT_REGION=eu-west-2

gp env AWS_ACCESS_KEY_ID=""
gp env AWS_SECRET_ACCESS_KEY=""
gp env AWS_DEFAULT_REGION=eu-west-2

Command to check aws cli to get user identity

aws sts get-caller-identity

Mandatory Challenges

Recreate Conceptual Diagram in Lucid Chart or Napkin

I recreated the conceptual diagram from the bootcamp using Lucid Chart. First time, using this tool and it was a breeze to work with. I am able to understand on a high level what are the features and services that we will be using and how they are connected.

Click to View Conceptual diagram in Lucid Chart

Recreate Logical Architectural Diagram in Lucid Chart

Recreated the logical diagram created by Andrew,

Logical diagram helped me to understand the individual AWS services that will be used in this project. Click to View Logical Architectural diagram in Lucid Chart

Create an Admin User

I created a user and added it to Admin group which has all Administrative privileges attached to it. So all users in the group will inherit those privileges. By default an IAM user does not have any access.(Prinicple of least Privilege)

Using CloudShell

Used Cloudshell to try out various CLI commands.

Generating AWS Credentials

Created access credentials for IAM user. This credential can be used to access AWS CLI.

Install AWS CLI

Installed AWS ClI in Gitpod. Instead of running the install everytime the script was added to gitpod.yml file so it gets automatically executed when a new workspace is created.

Create a Billing Alarm

• Root Account under billing and Billing Preferences Choose Receive Billing Alerts

Create SNS Topic

• Create an SNS topic
• The SNS topic will deliver an alert when the bill exceeds the limit

Create a SNS Topic

aws sns create-topic --name billing-alarm

Create a subscription supply the TopicARN and Email

aws sns subscribe \
    --topic-arn TopicARN \
    --protocol email \
    --notification-endpoint your@email.com

Check email to confirm the subscription

Create Alarm

• Update the configuration json script with the TopicARN

aws cloudwatch put-metric-alarm --cli-input-json file://aws/json/alarm_config.json

Create a AWS Budget

Quiz

Pricing & Security Quiz

Brownie Challenges

Use EventBridge to hookup Health Dashboard to SNS and Send Notification