Ultimate AWS Guide with Interview Preparation

Explore identity and access management (IAM) in AWS, including creating users and groups, policies and roles, MFA, and practical hands-on guidance using official documentation and best practices.

Discover two ways to access IAM: the CLI with the allow utility and the SDK for Python or Java across Linux, Windows, and Mac.

Learn how to create and use IAM aliases for sign-in, switch from root access to IAM users, and use the account ID for AWS sign-in.

Create and manage IAM users and groups in AWS, configuring programmatic and console access, passwords, and policies, then assign permissions via groups or direct policies.

Configure IAM password policy to require at least eight characters, a mix of character types, and 90-day expiration. Enable administrator-assisted resets while allowing users to change their own passwords.

Explore how to create users and groups, attach permissions, and read and customize IAM policies with statements, actions, resources, and ARN in the AWS policy editor.

Set up multi-factor authentication by assigning an MFA device, scanning a QR code with an authenticator app, and entering the codes, and highlight best practice for root and IAM users.

Master the iam cli to manage aws services from the command line, configure access keys and region, and run commands like describe instances and describe security groups.

Explore the enterprise cloud chip to launch a preinstalled cloud environment with the easy tool, eliminating setup, and run a security groups command to verify consistent results.

Explore creating an IAM role with a trusted entity, attach policies for S3 access, connect to EC2 instances, and manage trust relationships with options to revoke sessions.

Explore IAM security tools with Access Advisor to review a test user's service access and last access dates, evaluate policies, and generate audit reports on credentials and MFA.

Learn iam best practices from official docs: create iam users in groups with least privilege, use fine-grained and customer managed policies, enable mfa, rotate credentials, and use roles for ec2.

Explore Amazon EC2, the secure, scalable cloud compute service to run your code as a server. Compare on-demand, spot, reserved instances, savings plans, and dedicated hosts across regions.

Launch an EC2 instance using a new key pair and a security group, choosing a free tier eligible type. Then connect to the running instance via SSH or session manager.

Learn to connect to an AWS EC2 instance using Instance Connect, view the instance ID and public IP, use the default user, and add or refresh a name tag.

Assign an IAM role to an EC2 instance to securely grant access to S3 buckets via an instance profile, enabling restricted, non-public resource access.

Explore EC2 placement groups in AWS, including cluster, partition, and spread strategies. Learn how these approaches impact latency, throughput, and correlated hardware failures for scalable workloads.

Create and manage EC2 placement groups by selecting cluster, spread, or partition strategies, attach instances for redundancy and throughput, set security groups, and note T2 micro is not supported.

Learn how EC2 hibernation suspends memory to the root volume, resumes ram contents and processes on restart, and the launch-time prerequisites for enabled hibernation.

Explore elastic network interfaces, a logical networking component in BBC that represents a network card with primary and secondary private IPs, IPv4 and IPv6 addresses, MAC address, and security groups.

Explore how to request spot instances, interpret pricing history, select instance types, configure network settings, and optimize savings relative to on-demand capacity.

Explore elastic block store (EBS) for EC2, covering pricing, snapshots, and volume types from ssd-based db two and gb three to i o two express and hdd sc1 sd1.

Learn how to create and manage elastic block storage (EBS) volumes, choose HDD, SSD, or magnetic options, encrypt when applicable, attach and snapshot volumes, and automate snapshots with lifecycle policies.

Learn how AMIs provide the template to launch instances, including EBS snapshots or instance-store backed images, with block device mappings and permissions to control usage.

Gain hands-on with ami by creating and capturing an instance as an amazon machine image, copy the ami across regions, then launch new instances with boot volumes and security groups.

Explore AWS elastic file system (EFS): a simple, shared file storage with standard and infrequent access tiers and regional pricing. Learn to create and mount EFS to optimize costs.

Create and configure an elastic file system (efs) in us-east-1, choose one zone, enable automatic backups, lifecycle management, and encryption, then mount it via dns or ip and update /etc/fstab.

Explore auto scaling groups, launch configurations, and launch templates, and learn how health checks trigger scaling actions to create or terminate instances.

Create and customize a launch configuration for an auto scaling group, selecting a golden ami, instance type, ebs volumes, security group, and optional spot instances.

Create an auto scaling group using a launch configuration, select subnets, set min and max capacity, and apply a target tracking policy for average CPU utilization with optional load balancing.

Understand elastic load balancing in AWS, including application, network, and classic load balancers, and how they distribute traffic across EC2 instances, containers, IP addresses, Lambda functions, and target groups.

Learn to set up an AWS classic load balancer, including selecting the classic option, internal or public deployment, VPC configuration, subnets, security groups, health checks, cross-zone balancing, and connection draining.

Learn to create and configure ELB target groups, attach instances, IPs, or lambda functions, and configure health checks for application and network load balancers.

Learn how the network load balancer provides static IPs and UDP support, scales to millions of requests per second, and uses listeners, target groups, and health checks.

Configure an application load balancer (alb) with flexible routing for microservices and containers, configure listeners, subnets, security groups, target groups, and optional global accelerator for static IP and high availability.

Discover how a virtual private cloud provides a secure, customizable, logically isolated network to host resources, manage subnets and security groups, and connect to data centers for disaster recovery.

Create your first VPC in the VPC console, selecting templates (single public subnet, public and private subnets, or private subnet only), configure CIDR blocks, and review default VPC settings.

This lecture explains creating public and private subnets in a VPC, placing servers across availability zones, and how auto-assigning IPv4, internet gateways, and elastic IP affect reachability.

Learn how elastic IP addresses provide a static public IP for dynamic cloud computing, allowing allocation and association with an instance or network interface to preserve IP continuity.

Discover how VPC route tables direct traffic from subnets and gateways, configure public and private subnets, and manage destinations and targets such as internet gateways and virtual private gateways.

Discover how a NAT gateway enables private subnets to reach the internet while preventing inbound traffic, using public subnet routing, elastic IPs, and proper route tables.

Configure an IPv6 egress-only internet gateway to enable outbound traffic from the VPC to the internet and create an IPv6 route table that avoids anywhere-to-anywhere rules.

Explore how VPC ACL acts as an optional firewall in a VPC, detailing inbound and outbound rules, rule priority by number, and subnet associations to control traffic.

Establish a VPC peering connection between two VPCs, possibly across accounts or regions, to enable traffic via IPv4 or IPv6 and update routing for use cases like a VPN bastion.

Learn how a VPC internet gateway enables communication between your VPC and the internet, routes IPv4 and IPv6 traffic, and how to attach and configure it for a public subnet.

Explore Route53 overview as a dns provider for registering domains, routing traffic with latency-based routing, and managing hosted zones with health checks. Compare A and CNAME records and pricing.

Register a domain by selecting a top-level domain, entering contact details, and enabling privacy protection. Expect up to ten days for registration, while a hosted zone is created by default.

Explore creating and managing Route 53 hosted zones, public and private, using alias records to AWS services, and routing policies, with a private zone example for Jenkins.

Route53 health checks monitor your application endpoints worldwide, configured by endpoint type (IP or domain), path, and advanced options; view latency graphs and manage health status in hosted zones.

CloudWatch provides unified observability across applications and infrastructure, collecting metrics, logs, and events from on premises and cloud resources, enabling alarms, automated actions, and data retention up to 15 months.

Amazon CloudWatch default metrics, their graphs, and dashboards for EC2, EBS, and S3. Understand time frames, region selection, and 15 months of metric retention.

Publish and monitor CloudWatch custom metrics with standard or high resolution, using up to ten dimensions in a custom namespace, via CLI or API, and aggregate data with statistics set.

Explore configuring CloudWatch alarms, including metric and composite alarms, with thresholds, evaluation periods, and missing data handling, and automate responses via SNS notifications and Auto Scaling actions.

Learn how to set up cloudwatch billing alarms to monitor estimated charges, configure currency and thresholds, and receive alerts across consolidated accounts with required permissions and APN restrictions.

Learn how Amazon CloudWatch Logs monitor, store, and access EC2 logs, centralizing logs from all systems for easy viewing, searching, filtering, and secure archiving.

Install and configure the CloudWatch agent to push Apache access and error logs and monitor memory and disk metrics from EC2 or on-prem, with custom log groups and streams.

Create a metric filter in CloudWatch logs and define a metric and namespace. Set an alarm with a threshold of three or more occurrences to notify security and DevOps teams.

Explore how CloudWatch events, now Amazon EventBridge, deliver near-real-time system events using rules and targets to automate DevOps workflows.

Create and customize CloudWatch dashboards to monitor multi-region EC2 metrics with graphs and widgets, share with teams, and manage access under free-tier limits of five dashboards.

Explore infrastructure as code, a process that manages and provisions data centers via machine readable definitions. Compare cloud formation and Terraform, highlighting cloud agnostic capabilities and use cases like Netflix.

Explore how CloudFormation treats infrastructure as code to model, provision, and manage resources with templates and stacks. Learn automation benefits, drift detection, and cross-region deployment.

Learn yaml syntax basics, including key value pairs, the three dashes start, and two-space indentation for resources, type, and properties. Explore examples with parameters, security groups, and lists using dashes, and understand how descriptions, image id, and availability zone appear within nested structures.

Create a CloudFormation stack from a template, uploading via S3 or using a ready template, and configure image ID and region. Explore the designer to visualize infrastructure as code.

Learn how to update a CloudFormation stack by replacing the template, adding an elastic IP and security groups, and reviewing a change set, then see stack update and delete processes.

Discover how CloudFormation parameters let you customize templates by defining up to 60 parameters with logical IDs, types, defaults, and allowed values, referenced via ref.

This lecture explains CloudFormation resources: how to declare a resources section in a template, specify a logical ID, type, and properties, and review supported AWS resource types.

Discover how to use CloudFormation mappings to define region-based, named values, and retrieve them with find in map or the exclamation mark syntax, with hardcoded region-specific AMI values.

Master CloudFormation outputs and cross-stack references by exporting values like an S3 bucket name and importing them in other stacks, while honoring region uniqueness, security cautions, and importValue rules.

Explains how CloudFormation conditions control resource and output creation for environment-specific deployments, notes that you cannot update conditions by themselves and that changes to resources are required.

Explore CloudFormation intrinsic functions, learning how to assign runtime values in templates and conditionally create stack resources using functions like equals, if, and, join, select, split, and import value.

Learn how to implement user data in CloudFormation, encode with base64, and view output in /var/log/cloud-init-output.log as you configure a sample Apache setup.

Learn how cfn-init in CloudFormation reads template metadata, installs packages, writes files, and controls services for complex user data, with a hands-on Apache server setup example.

Learn how to use CloudFormation signals with creation policies and wait conditions to confirm instance creation and script-driven success or failure signals, ensuring reliable stack deployment.

Explore CloudFormation rollback: restore the previous template and delete resources on failure, and control rollback on failure, timeouts, and termination protection for investigation.

Create nested stacks in cloud formation with the stack resource, using dedicated templates to avoid repetition. Understand root and child stacks, parameters, outputs, and deletion behavior.

CloudFormation change sets let you preview proposed changes to a stack before execution, showing whether resources will be replaced or deleted and enabling safe updates.

Explore how CloudFormation's dependsOn attribute enforces creation order between resources, such as an instance depending on the my db resource, with a deletion policy and region considerations.

Learn to detect CloudFormation drift on stacks, view drift results, and identify drifted resources such as security group rules, enabling automated failure detection and corrective actions.