Developing on AWS

IAM role and policy

or other you can create the policy aws policy generator

if you want to test you created role you can use the aws simulator policy

AWS EC2 Instance Metadata

• AWS EC2 Instance Metadata is powerful but one of the least known features to developers

• It allows AWS EC2 instances to ”learn about themselves” without using an IAM Role for that purpose.

• The URL is http://169.254.169.254/latest/meta-data

• You can retrieve the IAM Role name from the metadata, but you CANNOT retrieve the IAM Policy. • Metadata = Info about the EC2 instance

• Userdata = launch script of the EC2 instance

• Let’s practice and see what we can do with it!

AWS SDK Overview

• What if you want to perform actions on AWS directly from your applications code ? (without using the CLI).

• You can use an SDK (software development kit) !

• Official SDKs are…

• Java

• .NET

• Node.js

• PHP

• Python (named boto3 / botocore)

• Go

• Ruby

• C++

AWS SDK Overview

• We have to use the AWS SDK when coding against AWS Services such as DynamoDB

• Fun fact… the AWS CLI uses the Python SDK (boto3)

• The exam expects you to know when you should use an SDK

• We’ll practice the AWS SDK when we get to the Lambda functions

• Good to know: if you don’t specify or configure a default region, then us-east-1 will be chosen by default

Last updated 2 years ago