AWS

AWS is Amazon’s cloud service. It is the cloud vendor with the most market share by date.

AWS setup

• AWS new account to-do’s
  • Create organization, add production, dev, staging accounts, and follow new account to-do for each. Also see AWS Control Tower.
  • new AWS account IAM to-do’s
• HA vs FT vs DR

AWS basics

• AWS account
• AWS CLI
• shared responsibility model
• ARN
• AWS Organization

Infrastructure

• AWS public vs private service
• AWS global infrastructure
• AWS VPC

Services

• IAM
• Compute
  • EC2
• Storage
  • S3
• IaC
  • AWS CloudFormation
  • CDK
  • Terraform (non-AWS); CDKTF
• Monitoring and Logging
  • CloudWatch
  • CloudWatch Logs
  • CloudTrail
  • AWS Control Tower
• Route 53
• Security
  • AWS Key Management Service
  • GuardDuty

Guides and resources

• best-practices
  • AWS Prescriptive Guidance
  • AWS Well-Architectured guides
    • AWS Well-Architected Tool (free)
  • AWS Security Survival Kit
  • AWS OU Best Practices
  • AWS Multi-account Best Practices
  • AWS Patterns for organizing AWS accounts
• Cloud Resume Challenge Docs
• see compliance
• free security controls to enable (and monitor on Security Hub)
  • AWS Foundational Security Best Practices v1.0.0
  • CIS AWS Foundations Benchmark v1.4.0
  • NIST Special Publication 800-53 Revision 5
• AWS Lambda Best Practices
• AWS Lambda TypeScript Best Practices
  • use esbuild for local testing since it’s used in AWS typescript distribution (but keep using tsc for typechecking)