I assume you already knew what the EC2 instance profile is. Basically, the instance profile defines the permissions that a EC instance has. As it is associated with an IAM role which has a bunch of IAM policies attached. And the AWS credential in the EC2 metadata is automatically rotated by the instance profile. In … Continue reading Setup AWS “Instance Profile” for on-prem servers
Category: Cloud
When KMS key grant is created for Lambda execution role?
I was working on a new Lambda function a couple days ago. It took me a while to deploy it successfully via CloudFormation. It was all due to some required IAM policies were missed in the deployment role. So I had to delete the stack then create again for a couple of times. When I … Continue reading When KMS key grant is created for Lambda execution role?
How ACM protects the private key?
Simply speaking ACM (AWS Certificate Manager) uses KMS (Key Management Service) to protects the private key. What drew my attention into this topic is that a user get denied (no permission to describe kms key) when trying to request a ACM certificate in a region where KMS is explicitly denied. This diagrams explains how ACM … Continue reading How ACM protects the private key?
AWS Learning Resources
AWS has produced lots of good learning resources, but they are bits and pieces here and there. So I created a Github project to collect those resources. The collection list starts with some AWS offical resources. Later on I will add more from third-parties and individuals. Libraries AWS InfrastructureAWS HistoryAWS DocumentationAWS Learning LibraryAWS Whitepapers & … Continue reading AWS Learning Resources
Run Jira on AWS – Challenges vs Solutions
Overview With the increasing demands and the advantages of Cloud technologies, moving Jira to Cloud is definitely inevitable regardless it is self-hosted Jira in Cloud (IaaS) or Atlassian Jira Cloud (SaaS). As our current project is to migrate Jira to AWS cloud, I will be focus on the challenges vs solutions to run Jira in … Continue reading Run Jira on AWS – Challenges vs Solutions