CloudFormation Ref & GetAtt cheatsheet
After joining my current company Sourced Group, and I need to deal a lot with CloudFormation in my daily working life, I manage to find a full list of Ref and GetAtt cheatsheet which help me a lot when I working on CloudFormation. Please bear in mind that difference resources type in AWS, there will…
Former2 – A tools for you to generate Infrastructure as code from your existing resources
Former2 is a reverse engineering tools that allow you to generate Infrastructure-as-Code from your existing resources within your AWS account. By using the AWS JavaScript SDK, Former2 will scan across your infrastructure and present you with the list of resources for you to choose which one to generate outputs for. This is very helpful tools…
Pushing EC2 logs to CloudWatch
AWS CloudWatch is a centralized logs aggregation services what provided by AWS with the high availability and unlimited storage capacity. It’s a default log location for most of the AWS services and you may also manually push the log from your EC2 to the CloudWatch for storage. To push your log from EC2 to CloudWatch…
Terraform generate subnet CIDR using network function
Need an easy and simple way to create the subnet CIDR that adhere the specific pattern such as even number for public subnet, odd number for private subnet. Look no further than the cidrsubnet() function along with a for loop and the range function! By providing a range to the cidrsubnet() function, the function automatically…
Terraform workspace to deploy multiple environment stack
When working with infrastructure, we always have to deal multiple environment such as development, staging, production or UAT, as a system engineer or infrastructure engineer, we always want to make sure that all our deployed environment should work the same and can be repeatedly deploy without any code changing or complicated logic required. Terraform is…
Importing AWS EC2 resources back to Terraform
Terraform is a great Infrastructure as Code tools where it allow you to define and deploy all your resources to the public cloud such as AWS, Azure, GCP and more. Terraform is a stateful IAC tools where it will use a state file call terraform.tfstate store the state of your resources, keep track the metadata,…
Installing OpenVPN server in AWS EC2 with User data and Terraform
This is the terraform version of installing OpenVPN in the EC2 with user data, and it’s the 2nd part from the previous post to install the OpenVPN using the AWS EC2 console. Everything will be work the same but I’m using the terraform script to deploy the resources. I will use the terraform script to…
Installing OpenVPN server in AWS EC2 with User data
OpenVPN Server is one of the common and popular VPN server available in the market, I will share the installation of the OpenVPN with EC2 using the user-data to automate the installation during the boot up of the server. You may refer to the official AWS user guide about what’s User Data at https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instancedata-add-user-data.html. With…
S3 bucket policy & IAM policy
AWS S3 provide a lot of flexibility on the permission control, you can either attach the policy on the IAM user, buckets or use the pre-canned ACL. That’s no right or wrong way to attach the policy on either IAM or resource level, it’s depend on your use case and you can use both side…
Data encryption using AWS KMS Key
Security always a top priority when come to the system design and development, encryption is vital when deal with sensitive data which prevent the access by any unauthorized user. AWS KMS (Key Management Service) is the service that manages encryption keys on AWS. These encryption keys are called “Customer Master Keys” or CMKs for short. KMS…