Showing posts from September, 2017

Create AWS Resources Conditionally

Cloud Formation is a powerful tool to create and manage AWS infrastructure. There are scenarios which may demand to create resources conditionally. For example, You may need to create a role and grant read access to bucket only if user passes bucket name as parameter. But if user does not pass bucket name as parameter, then scripts should not create the role. In a simple create role script, If user won't mention resource name then script execution will fail as resource name in policy cannot be blank. Cloud Formation Conditions are very handy in such scenarios. In the following script, role creation is dependent on condition IfBucketName and this condition returns true only when value of s3BucketARN parameter is not blank. { "Conditions" : { "IfBucketName" : { "Fn::Not" : [{ "Fn::Equals" : [ "" , { "Ref" : "s3BucketARN" }]}]} }, "Resources" : { "TestRole" : {

SFTP File System Backed by S3

These are instructions to set up SFTP file server backed by S3 and to restrict user access to their own bucket. There are pros and cons of storing your data in S3. For some use-cases it might make sense and for others it might not. Selecting appropriate storage is important for your file system to function properly. For example, one of the variable that matters is how frequently you will be updating the files e.t.c. Consider appropriate storage based on your needs. Launch EC2 Instance using Amazon Linux AMI and download the private key. (You can use any other OS, following instructions might vary depending on OS) The private key will be in ‘.pem’ format. If using windows, convert private key into ‘.ppk’ format using PuttyGen. Using PuttyGen, Generate Public key against the same private key and save on your file system. We will need it later. SSH into ec2-instance using putty. The username for Linux AMI is ‘ec2-user’. Create user which will be used to access SFTP server. sudo