This is place where I share my own experience learning AWS. Note that I am not favor of this infra or another like GCP, Azure. I just note for myself (and probably you) on using AWS, things I have learned. Remember that AWS is not something you want to master, it just a tool for us to build things. So don't expect to read this to become AWS architec, all you need to master is the concepts, ideas that you can apply broadly to cloud infrastructure in general.
I have completely no idea about this. All I do is blindly copying and following the tutorials/docs. I don’t understand what is
credentials fileconfig fileWhen writing this article, I have a chance to read more about this. And this is what I found.
Before we can use AWS CLI tool, we have to authenticate against AWS. There are some ways to do it.
config file. The credentials file is not used for this authentication method.aws_access_key_id, aws_secret_access_key and aws_session_token in crendentials file along with config file for storing profile configuarations.aws_session_token.Setup SSO:
aws configure ssoIt will prompts for:
After filling all the informations, a file named config will be created inside .aws directory.
Checking the file, we can see:
[default]
sso_session = your-sso-session
sso_account_id = id
sso_role_name = role-to-assumed
[sso-session nuoa-io]
sso_start_url = start-url
sso_region = us-east-1
sso_registration_scopes = sso:account:accessAfter this, we can use aws sso login --profile profile-name to request crendentials from IAM Identity Center Server. For me, always there is a browser pops up. Finally, we can use cli to interact with resources.
Long/short-term crendentials
Not experience yet :)
Useful resources:
I understand like this:
identity (User, Role, Account) and resource (S3, Lambda Function,…)Integration
API Gateway
Domain
Index
Search
API
Security