Category: AWS

Sharing AWS Encrypted RDS Snapshot Between Two Accounts.

Overview

  1. Login to the Source Account, Create a snapshot from RDS.
  2. Creating KMS Key (with details of the destination account)
  3. After the snapshot is created, Create a new copy of the snapshot & attach the KMS key.
  4. Share the newly created snapshot to the destination account.
  5. Log in to the Destination Account, head over to Shared with me snapshots, and create a new copy of the snapshot.
  6. Restore the copied Snapshot into a new RDS Instance.

Continue reading “Sharing AWS Encrypted RDS Snapshot Between Two Accounts.”

Blocking Web Traffic With WAF In AWS

 

Problem Statement:

Travel Triangle’s WhatsApp application was experiencing significant performance degradation due to harmful “User Agents,” leading to decreased business and reputational harm. The need to mitigate these risks prompted an exploration of various solutions, culminating in the selection of AWS WAF.

Solution:

AWS WAF was chosen for its ability to effectively block malicious traffic while being cost-efficient. This document outlines the specific steps taken to configure AWS WAF, detailing how it was used to filter and block the harmful “User Agents,” thus protecting the application’s performance and ensuring business continuity.

Continue reading “Blocking Web Traffic With WAF In AWS”

Uploading Files Using Pre-Signed URLs to a Specific Storage Class

Pre-signed URLs are unique web links designed to provide temporary access to a private resource, such as an Amazon S3 object, without requiring the user to provide their own security credentials.

This approach allows you to generate a URL that includes authentication details and permissions, so users or applications can upload files directly to cloud storage without needing to have credentials for the storage service.

Here’s a step-by-step guide on how to implement file uploads using pre-signed URLs to a specific storage class, specifically with AWS S3. I’ll cover how to generate a pre-signed URL in Python and how to use it in Postman.

Continue reading “Uploading Files Using Pre-Signed URLs to a Specific Storage Class”

Security Group Strategy for AWS

Introduction

When securing hosted resources in the cloud, it’s crucial to employ robust methods to protect against unauthorized access and potential threats. Among these methods, security groups play a pivotal role in safeguarding our EC2 instances.

Amazon Web Services (AWS), a leading cloud provider, offers a multitude of services, including EC2 (Elastic Cloud Compute), which allows us to create and manage instances. Continue reading “Security Group Strategy for AWS”

AWS Firewall- Samurai Warriors

Samurai are powerful warriors. We also need the same power in our infrastructure to get Control over Security threats over IP or URL Redirect attacks. So let me introduce to you the AWS Managed Firewall.

In MNCs, we have separate Network and Security teams – which is good by the way. They have the proper tool to block incoming or outgoing traffic. For this, they set up a firewall on their side which helps them establish a Network Control Centre. Continue reading “AWS Firewall- Samurai Warriors”