SlideShare a Scribd company logo

2019-11-05 AWS Pretoria Meetup - Setting up your first environment and adding automation

Download as PPTX, PDF
Cobus Bernard, profile picture
Cobus Bernard

This document provides a guide for setting up AWS environments, covering topics such as VPC and EC2 overviews, multi-account setup, and automation practices. It emphasizes the benefits of using multiple accounts for security, infrastructure parity, and effective credential management. The document concludes by recommending the use of infrastructure-as-code tools like AWS CloudFormation, AWS CDK, and Terraform for automation.

Internet
1 of 35
Download to read offline
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. Setting up your first environment and adding automation Cobus Bernard AWS SENIORTECHNICAL EVANGELIST @cobusbernard cobusbernard cobusbernard
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. Agenda • VPC Overview • EC2 Overview • Multi-account setup • Automate!
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. Introduction • Benefits of multiple accounts • Security – role switching • Naming convention • Infrastructure as Code – infrastructure parity • Single credential set • Isolation
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. ~/.aws/credentials [meetup-main] aws_access_key_id = my_api_key aws_secret_access_key = my_api_secret
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. ~/.aws/config [profile meetup-main] region = eu-west-1 [profile meetup-dev] role_arn = arn:aws:iam::123456789012:role/terraform source_profile = webinar-main [profile meetup-prod] role_arn = arn:aws:iam::123456789013:role/terraform source_profile = webinar-main
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. Using theroles aws --profile meetup-main ec2 describe-vpcs { "Vpcs": [ { "VpcId": "vpc-a1a3bdc7", "InstanceTenancy": "default", "CidrBlockAssociationSet": [ { "AssociationId": "vpc-cidr-assoc-b28680d9", "CidrBlock": "172.31.0.0/16",
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. Using theroles aws --profile meetup-dev ec2 describe-vpcs { "Vpcs": [ { "VpcId": "vpc-035c4565", "InstanceTenancy": "default", "CidrBlockAssociationSet": [ { "AssociationId": "vpc-cidr-assoc-1c8e8877", "CidrBlock": "172.31.0.0/16”,
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. Automation • Use templates for IAM policies! • Use AWS profiles to execute in each environment • Use Infrastructure-as-Code (AWS Cloudformation, AWS CDK, Terraform)
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Thank you! © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. COBUS BERNARD AWS SENIORTECHNICAL EVANGELIST @cobusbernard cobusbernard cobusbernard

More Related Content

PPTX
2019-11-09 DevOpsNG - What I've learned from DevOps
Cobus Bernard
 
PPTX
DevConf 2020: Resiliency and availability design patterns for the cloud
Cobus Bernard
 
PPTX
DevConfZA 2020 : Automating your cloud: What are the building blocks
Cobus Bernard
 
PPTX
AWS SSA Webinar 4 - Building out your multi-account infrastructure
Cobus Bernard
 
PPTX
AWS SSA Webinar 7 - Getting Started on AWS
Cobus Bernard
 
PDF
20190911 AWS Black Belt Online Seminar AWS Batch
Amazon Web Services Japan
 
PPTX
AWS Startup Garage - Building your MVP on AWS
Cobus Bernard
 
PDF
e커머스 통합운영 자동화 사례 및 보안강화 방안 - 양수연 상무, 삼성SDS / 임선진 팀장, 삼성SDS :: AWS Summit Seou...
Amazon Web Services Korea
 
2019-11-09 DevOpsNG - What I've learned from DevOps
Cobus Bernard
 
DevConf 2020: Resiliency and availability design patterns for the cloud
Cobus Bernard
 
DevConfZA 2020 : Automating your cloud: What are the building blocks
Cobus Bernard
 
AWS SSA Webinar 4 - Building out your multi-account infrastructure
Cobus Bernard
 
AWS SSA Webinar 7 - Getting Started on AWS
Cobus Bernard
 
20190911 AWS Black Belt Online Seminar AWS Batch
Amazon Web Services Japan
 
AWS Startup Garage - Building your MVP on AWS
Cobus Bernard
 
e커머스 통합운영 자동화 사례 및 보안강화 방안 - 양수연 상무, 삼성SDS / 임선진 팀장, 삼성SDS :: AWS Summit Seou...
Amazon Web Services Korea
 

What's hot (15)

PDF
서버리스 기반 콘텐츠 추천 서비스 만들기 - 이상현, Vingle :: AWS Summit Seoul 2019
Amazon Web Services Korea
 
PDF
20191023 AWS Black Belt Online Seminar Amazon EMR
Amazon Web Services Japan
 
PDF
[AWS Container Service] Getting Started with Kubernetes on AWS
Amazon Web Services Korea
 
PDF
20190402 AWS Black Belt Online Seminar Let's Dive Deep into AWS Lambda Part1 ...
Amazon Web Services Japan
 
PDF
20190206 AWS Black Belt Online Seminar Amazon SageMaker Basic Session
Amazon Web Services Japan
 
PDF
AWS 기반 지속 가능한 데이터 분석 플랫폼 구축하기 - 소성운, 지그재그 :: AWS Summit Seoul 2019
Amazon Web Services Korea
 
PDF
신입 개발자가 스타트업에서 AWS로 살아남는 이야기 - 조용진, 모두의 캠퍼스 :: AWS Summit Seoul 2019
Amazon Web Services Korea
 
PDF
20190731 Black Belt Online Seminar Amazon ECS Deep Dive
Amazon Web Services Japan
 
PDF
KINX와 함께 하는 AWS Direct Connect 도입 - 남시우 매니저, KINX :: AWS Summit Seoul 2019
Amazon Web Services Korea
 
PPTX
Secure and Fast microVM for Serverless Computing using Firecracker
Arun Gupta
 
PDF
Orchestrating containers on AWS | AWS Summit Tel Aviv 2019
AWS Summits
 
PDF
20191105 AWS Black Belt Online Seminar Amazon Route 53 Hosted Zone
Amazon Web Services Japan
 
PPTX
AWS SSA Webinar 9 - Getting Started on AWS: Storage
Cobus Bernard
 
PDF
20190306 AWS Black Belt Online Seminar Amazon EC2 スポットインスタンス
Amazon Web Services Japan
 
PDF
The Next Wave of Retailing, An AWS Perspective - Tom Litchford 월드와이드 리테일 사업 개...
Amazon Web Services Korea
 
서버리스 기반 콘텐츠 추천 서비스 만들기 - 이상현, Vingle :: AWS Summit Seoul 2019
Amazon Web Services Korea
 
20191023 AWS Black Belt Online Seminar Amazon EMR
Amazon Web Services Japan
 
[AWS Container Service] Getting Started with Kubernetes on AWS
Amazon Web Services Korea
 
20190402 AWS Black Belt Online Seminar Let's Dive Deep into AWS Lambda Part1 ...
Amazon Web Services Japan
 
20190206 AWS Black Belt Online Seminar Amazon SageMaker Basic Session
Amazon Web Services Japan
 
AWS 기반 지속 가능한 데이터 분석 플랫폼 구축하기 - 소성운, 지그재그 :: AWS Summit Seoul 2019
Amazon Web Services Korea
 
신입 개발자가 스타트업에서 AWS로 살아남는 이야기 - 조용진, 모두의 캠퍼스 :: AWS Summit Seoul 2019
Amazon Web Services Korea
 
20190731 Black Belt Online Seminar Amazon ECS Deep Dive
Amazon Web Services Japan
 
KINX와 함께 하는 AWS Direct Connect 도입 - 남시우 매니저, KINX :: AWS Summit Seoul 2019
Amazon Web Services Korea
 
Secure and Fast microVM for Serverless Computing using Firecracker
Arun Gupta
 
Orchestrating containers on AWS | AWS Summit Tel Aviv 2019
AWS Summits
 
20191105 AWS Black Belt Online Seminar Amazon Route 53 Hosted Zone
Amazon Web Services Japan
 
AWS SSA Webinar 9 - Getting Started on AWS: Storage
Cobus Bernard
 
20190306 AWS Black Belt Online Seminar Amazon EC2 スポットインスタンス
Amazon Web Services Japan
 
The Next Wave of Retailing, An AWS Perspective - Tom Litchford 월드와이드 리테일 사업 개...
Amazon Web Services Korea
 
Ad

Similar to 2019-11-05 AWS Pretoria Meetup - Setting up your first environment and adding automation (20)

PDF
AWS System Administration Best Practices for Sysadmins in the Amazon Cloud 1s...
koidemoreaqb
 
PPTX
Aws principle services: IAM,VPC, EC2, Cloudwatch
sawsan slii
 
PPTX
Modernizing your AWS Deployment
CloudHesive
 
PDF
20190223 JAWSDAYS 2019 AWS の Management Tools を使ったハイブリッドアーキテクチャ
Yukitaka Ohmura
 
PPTX
Modernizing your AWS Deployment - January 2017
CloudHesive
 
PDF
AWS System Administration Best Practices for Sysadmins in the Amazon Cloud 1s...
pulbzlod930
 
PDF
AWS Certified Solutions Architect Associate Notes.pdf
fayoyiwababajide
 
PDF
Cloud patterns applied
Lars Fronius
 
PPTX
Introduction to DevOps on AWS
Shiva Narayanaswamy
 
PPTX
Red Team vs. Blue Team on AWS ~ re:Invent 2018
2nd Sight Lab
 
PDF
Amazan Ec2
Aaara9787
 
PPTX
AWS AWSome Day 2018 - Technical Track
Tom Woodyer
 
PDF
Amazon EC2 notes.pdf
yididya3
 
PPTX
AWS Fundamentals @Back2School by CloudZone
Idan Tohami
 
PDF
AWS Certified Solutions Architect Associate Exam Guide 1st Edition 2024_KIRAN...
Kiran Kumar Malik
 
PDF
Automating Security in Cloud Workloads with DevSecOps
Kristana Kane
 
PDF
Infrastructure as Code with Terraform
Pedro J. Molina
 
PDF
AWS BaseCamp: AWS Architecture Fundamentals
Nicole Maus
 
PDF
AWS Systems manager 2019
John Varghese
 
PPTX
best aws training in bangalore
rajkamal560066
 
AWS System Administration Best Practices for Sysadmins in the Amazon Cloud 1s...
koidemoreaqb
 
Aws principle services: IAM,VPC, EC2, Cloudwatch
sawsan slii
 
Modernizing your AWS Deployment
CloudHesive
 
20190223 JAWSDAYS 2019 AWS の Management Tools を使ったハイブリッドアーキテクチャ
Yukitaka Ohmura
 
Modernizing your AWS Deployment - January 2017
CloudHesive
 
AWS System Administration Best Practices for Sysadmins in the Amazon Cloud 1s...
pulbzlod930
 
AWS Certified Solutions Architect Associate Notes.pdf
fayoyiwababajide
 
Cloud patterns applied
Lars Fronius
 
Introduction to DevOps on AWS
Shiva Narayanaswamy
 
Red Team vs. Blue Team on AWS ~ re:Invent 2018
2nd Sight Lab
 
Amazan Ec2
Aaara9787
 
AWS AWSome Day 2018 - Technical Track
Tom Woodyer
 
Amazon EC2 notes.pdf
yididya3
 
AWS Fundamentals @Back2School by CloudZone
Idan Tohami
 
AWS Certified Solutions Architect Associate Exam Guide 1st Edition 2024_KIRAN...
Kiran Kumar Malik
 
Automating Security in Cloud Workloads with DevSecOps
Kristana Kane
 
Infrastructure as Code with Terraform
Pedro J. Molina
 
AWS BaseCamp: AWS Architecture Fundamentals
Nicole Maus
 
AWS Systems manager 2019
John Varghese
 
best aws training in bangalore
rajkamal560066
 
Ad

More from Cobus Bernard (20)

PPTX
London Microservices Meetup: Lessons learnt adopting microservices
Cobus Bernard
 
PPTX
AWS SSA Webinar 34 - Getting started with databases on AWS - Managing DBs wit...
Cobus Bernard
 
PPTX
AWS SSA Webinar 33 - Getting started with databases on AWS Amazon DynamoDB
Cobus Bernard
 
PPTX
AWS SSA Webinar 32 - Getting Started with databases on AWS: Choosing the righ...
Cobus Bernard
 
PPTX
AWS SSA Webinar 30 - Getting Started with AWS - Infrastructure as Code - Terr...
Cobus Bernard
 
PPTX
AWS SSA Webinar 28 - Getting Started with AWS - Infrastructure as Code
Cobus Bernard
 
PPTX
AWS Webinar 24 - Getting Started with AWS - Understanding DR
Cobus Bernard
 
PPTX
AWS Webinar 23 - Getting Started with AWS - Understanding total cost of owner...
Cobus Bernard
 
PPTX
AWS SSA Webinar 21 - Getting Started with Data lakes on AWS
Cobus Bernard
 
PDF
AWS SSA Webinar 20 - Getting Started with Data Warehouses on AWS
Cobus Bernard
 
PPTX
AWS SSA Webinar 19 - Getting Started with Multi-Region Architecture: Services
Cobus Bernard
 
PPTX
AWS SSA Webinar 18 - Getting Started with Multi-Region Architecture: Data
Cobus Bernard
 
PPTX
AWS EMEA Online Summit - Live coding with containers
Cobus Bernard
 
PPTX
AWS EMEA Online Summit - Blending Spot and On-Demand instances to optimizing ...
Cobus Bernard
 
PPTX
AWS SSA Webinar 17 - Getting Started on AWS with Amazon RDS
Cobus Bernard
 
PPTX
AWS SSA Webinar 16 - Getting Started on AWS with Amazon EC2
Cobus Bernard
 
PPTX
AWS SSA Webinar 15 - Getting started on AWS with Containers: Amazon EKS
Cobus Bernard
 
PPTX
AWS SSA Webinar 13 - Getting started on AWS with Containers: Amazon ECS
Cobus Bernard
 
PPTX
AWS SSA Webinar 11 - Getting started on AWS: Security
Cobus Bernard
 
PPTX
AWS SSA Webinar 12 - Getting started on AWS with Containers
Cobus Bernard
 
London Microservices Meetup: Lessons learnt adopting microservices
Cobus Bernard
 
AWS SSA Webinar 34 - Getting started with databases on AWS - Managing DBs wit...
Cobus Bernard
 
AWS SSA Webinar 33 - Getting started with databases on AWS Amazon DynamoDB
Cobus Bernard
 
AWS SSA Webinar 32 - Getting Started with databases on AWS: Choosing the righ...
Cobus Bernard
 
AWS SSA Webinar 30 - Getting Started with AWS - Infrastructure as Code - Terr...
Cobus Bernard
 
AWS SSA Webinar 28 - Getting Started with AWS - Infrastructure as Code
Cobus Bernard
 
AWS Webinar 24 - Getting Started with AWS - Understanding DR
Cobus Bernard
 
AWS Webinar 23 - Getting Started with AWS - Understanding total cost of owner...
Cobus Bernard
 
AWS SSA Webinar 21 - Getting Started with Data lakes on AWS
Cobus Bernard
 
AWS SSA Webinar 20 - Getting Started with Data Warehouses on AWS
Cobus Bernard
 
AWS SSA Webinar 19 - Getting Started with Multi-Region Architecture: Services
Cobus Bernard
 
AWS SSA Webinar 18 - Getting Started with Multi-Region Architecture: Data
Cobus Bernard
 
AWS EMEA Online Summit - Live coding with containers
Cobus Bernard
 
AWS EMEA Online Summit - Blending Spot and On-Demand instances to optimizing ...
Cobus Bernard
 
AWS SSA Webinar 17 - Getting Started on AWS with Amazon RDS
Cobus Bernard
 
AWS SSA Webinar 16 - Getting Started on AWS with Amazon EC2
Cobus Bernard
 
AWS SSA Webinar 15 - Getting started on AWS with Containers: Amazon EKS
Cobus Bernard
 
AWS SSA Webinar 13 - Getting started on AWS with Containers: Amazon ECS
Cobus Bernard
 
AWS SSA Webinar 11 - Getting started on AWS: Security
Cobus Bernard
 
AWS SSA Webinar 12 - Getting started on AWS with Containers
Cobus Bernard
 

Recently uploaded (20)

DOCX
Unit-3 cyber security network security of internet system
shivangisharma636228
 
PDF
The Internet -By the Numbers, Sri Lanka Edition
APNIC
 
PPTX
Power Point - Lesson 3_2.pptx grad school presentation
JoyPPD
 
PDF
The New Creative Director: How AI Tools for Social Media Content Creation Are...
SageTitans
 
PPTX
Introduction about ICD -10 and ICD11 on 5.8.25.pptx
naveenithkrishnan
 
PDF
Slides PDF The World Game (s) Eco Economic Epochs.pdf
Steven McGee
 
PDF
FINAL CALL-6th International Conference on Networks & IOT (NeTIOT 2025)
IJMIT JOURNAL
 
PPT
isotopes_sddsadsaadasdasdasdasdsa1213.ppt
Kenneth James Alamillo
 
PPTX
artificial intelligence overview of it and more
yafotin445
 
PDF
Decoding a Decade: 10 Years of Applied CTI Discipline
Andreas Sfakianakis
 
PDF
Cloud-Scale Log Monitoring _ Datadog.pdf
MuhammadDhomanhuriMa
 
PDF
RPKI Status Update, presented by Makito Lay at IDNOG 10
APNIC
 
PPTX
Job_Card_System_Styled_lorem_ipsum_.pptx
Jeffkigen
 
PPTX
E -tech empowerment technologies PowerPoint
kylebalatero12
 
PDF
Paper PDF World Game (s) Great Redesign.pdf
Steven McGee
 
PDF
Introduction to the IoT system, how the IoT system works
TinBinh
 
PDF
Vigrab.top – Online Tool for Downloading and Converting Social Media Videos a...
Vigrab Top
 
PPTX
522797556-Unit-2-Temperature-measurement-1-1.pptx
msar8888
 
PPTX
PptxGenJS_Demo_Chart_20250317130215833.pptx
itruongva
 
PPTX
CHE NAA, , b,mn,mblblblbljb jb jlb ,j , ,C PPT.pptx
sumodmjohn3
 
Unit-3 cyber security network security of internet system
shivangisharma636228
 
The Internet -By the Numbers, Sri Lanka Edition
APNIC
 
Power Point - Lesson 3_2.pptx grad school presentation
JoyPPD
 
The New Creative Director: How AI Tools for Social Media Content Creation Are...
SageTitans
 
Introduction about ICD -10 and ICD11 on 5.8.25.pptx
naveenithkrishnan
 
Slides PDF The World Game (s) Eco Economic Epochs.pdf
Steven McGee
 
FINAL CALL-6th International Conference on Networks & IOT (NeTIOT 2025)
IJMIT JOURNAL
 
isotopes_sddsadsaadasdasdasdasdsa1213.ppt
Kenneth James Alamillo
 
artificial intelligence overview of it and more
yafotin445
 
Decoding a Decade: 10 Years of Applied CTI Discipline
Andreas Sfakianakis
 
Cloud-Scale Log Monitoring _ Datadog.pdf
MuhammadDhomanhuriMa
 
RPKI Status Update, presented by Makito Lay at IDNOG 10
APNIC
 
Job_Card_System_Styled_lorem_ipsum_.pptx
Jeffkigen
 
E -tech empowerment technologies PowerPoint
kylebalatero12
 
Paper PDF World Game (s) Great Redesign.pdf
Steven McGee
 
Introduction to the IoT system, how the IoT system works
TinBinh
 
Vigrab.top – Online Tool for Downloading and Converting Social Media Videos a...
Vigrab Top
 
522797556-Unit-2-Temperature-measurement-1-1.pptx
msar8888
 
PptxGenJS_Demo_Chart_20250317130215833.pptx
itruongva
 
CHE NAA, , b,mn,mblblblbljb jb jlb ,j , ,C PPT.pptx
sumodmjohn3
 

2019-11-05 AWS Pretoria Meetup - Setting up your first environment and adding automation

  • 1. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. Setting up your first environment and adding automation Cobus Bernard AWS SENIORTECHNICAL EVANGELIST @cobusbernard cobusbernard cobusbernard
  • 2. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. Agenda • VPC Overview • EC2 Overview • Multi-account setup • Automate!
  • 3. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. Introduction • Benefits of multiple accounts • Security – role switching • Naming convention • Infrastructure as Code – infrastructure parity • Single credential set • Isolation
  • 4. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.
  • 5. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.
  • 6. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.
  • 7. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.
  • 8. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.
  • 9. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.
  • 10. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.
  • 11. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.
  • 12. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.
  • 13. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.
  • 14. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.
  • 15. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.
  • 16. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.
  • 17. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.
  • 18. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.
  • 19. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.
  • 20. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.
  • 21. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.
  • 22. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.
  • 23. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.
  • 24. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. ~/.aws/credentials [meetup-main] aws_access_key_id = my_api_key aws_secret_access_key = my_api_secret
  • 25. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. ~/.aws/config [profile meetup-main] region = eu-west-1 [profile meetup-dev] role_arn = arn:aws:iam::123456789012:role/terraform source_profile = webinar-main [profile meetup-prod] role_arn = arn:aws:iam::123456789013:role/terraform source_profile = webinar-main
  • 26. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. Using theroles aws --profile meetup-main ec2 describe-vpcs { "Vpcs": [ { "VpcId": "vpc-a1a3bdc7", "InstanceTenancy": "default", "CidrBlockAssociationSet": [ { "AssociationId": "vpc-cidr-assoc-b28680d9", "CidrBlock": "172.31.0.0/16",
  • 27. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. Using theroles aws --profile meetup-dev ec2 describe-vpcs { "Vpcs": [ { "VpcId": "vpc-035c4565", "InstanceTenancy": "default", "CidrBlockAssociationSet": [ { "AssociationId": "vpc-cidr-assoc-1c8e8877", "CidrBlock": "172.31.0.0/16”,
  • 28. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.
  • 29. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.
  • 30. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. Automation • Use templates for IAM policies! • Use AWS profiles to execute in each environment • Use Infrastructure-as-Code (AWS Cloudformation, AWS CDK, Terraform)
  • 31. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.
  • 32. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.
  • 33. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.
  • 34. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.
  • 35. Thank you! © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. COBUS BERNARD AWS SENIORTECHNICAL EVANGELIST @cobusbernard cobusbernard cobusbernard