AWS Automation Case Study

What is Config Rule? -- A config rule, also known as an AWS Config rule, is a customizable, automated process that evaluates the configuration of resources within an Amazon Web Services (AWS) account. The rule checks whether the resources conform to the desired configuration, and reports back on any discrepancies. Config rules can be used to ensure compliance with industry standards, security best practices, and company policies. -- To create a config rule, the user defines a set of conditions or constraints that must be met for the resource to be considered compliant. These conditions are specified using AWS Lambda functions, which can be written in Python. -- The Lambda function is triggered by the AWS Config service, which calls the function whenever a new resource is created, modified, or deleted. The function then performs the necessary checks, and returns a response indicating whether the resource is compliant or not. What are the functionality of the Config Rule? -- Config rules

-- A security bunch controls the traffic that is permitted to reach and leave the assets it is related with. For instance, after a security bunch with an EC2 occurrence, it controls inbound and outbound traffic for that case. We can relate a security bunch just with the assets in the VPC for which it was made. -- At the point when we make a VPC, it accompanies a default security bunch. We can make extra security bunches for each VPC. -- There is no extra charge for utilizing security gatherings. -- The accompanying outline a VPC with subnets in two Accessibility Zones, a Web Passage, and an Application Burden Balancer. Every accessibility zone has a public subnet for web servers and a private subnet for data set servers. There are isolated security bunches for the heap balancer, web servers, and information base servers. We can add rules to the heap balancer security gathering to permit HTTP and HTTPS traffic from the Web. We can add rules to a security bunch for web servers to permit

Tags are used in every AWS resource we use it for the proper identification. To identify the resources which are only used in some particular environment for that we use environment tag. These tags can give us the information about the resource for example whether it is in production environment or test environment. We can identify that by environment tags. Boto3 is a module which is used for the API references of the AWS services. We can implement it using python as it is a faster and less complex way to handle but this module is also available across programmatic languages. There are two or three ways we implement Boto3.  By client, resources or paginator. We can use used clients but to take individual resources we can use the Boto3 resource object.  We can find boto3 documentation in this link. Link - https://boto3.amazonaws.com/v1/documentation/api/latest/index.html Let's take an example of boto3 scripting. Case: to print the EC2 instance present in roles accounts– impo