AWS Classroomnotes 19/Aug/2022

JSON

  • Sample JSON
{
    "title": "Avengers End Game",
    "superheros": [ 
        "IronMan", 
        "Thor", 
        "Captain America", 
        "Hulk", 
        "SpiderMan",
        "Black Panther",
        "Wanda",
        "Vision",
        "Black Widow"
    ],
    "technical department" : {
            "directors": "Russo Brothers",
            "Production" : "Marvel"
    }
}
  • One more sample
{
    "course": "AWS",
    "topics": {
        "compute": {
            "Virtual Machines": "EC2",
            "Containers": "ECS",
            "Serverless": "Lambda",
            "K8s": "EKS",
            "Batch": "AWS Batch"
        },
        "storage" : {
            "disk": ["EBS", "Instance-store" ],
            "fileshare": "EFS",
            "blob": "S3",
            "Archive": "Glacier"

        }

    }
}
  • Try to write a JSON file which describes your schooling 
{
    "nursery": {
        "schoolname": "",
        "location": "",
        "year": 
    },
    "primary": [
        {
            "schoolname": "",
            "standard": {
                "from": "LKG",
                "to": "V"
            }, 
            "location": ""
        }
    ],
    "highschool": [
        {
            "schoolname": "",
            "standard": {
                "from": "VI",
                "to": "X"
            }, 
            "location": ""
        }
    ]
}

AWS IAM Policy

  • AWS IAM policies are defined in a JSON with a structure defined by AWS which is referred as Grammar of IAM Policy Refer Here
policy  = {
     <version_block?>
     <id_block?>
     <statement_block>
}

<version_block> = "Version" : ("2008-10-17" | "2012-10-17")

<id_block> = "Id" : <policy_id_string>

<statement_block> = "Statement" : [ <statement>, <statement>, ... ]

<statement> = { 
    <sid_block?>,
    <principal_block?>,
    <effect_block>,
    <action_block>,
    <resource_block>,
    <condition_block?>
}

<sid_block> = "Sid" : <sid_string>

<effect_block> = "Effect" : ("Allow" | "Deny")  

<principal_block> = ("Principal" | "NotPrincipal") : ("*" | <principal_map>)

<principal_map> = { <principal_map_entry>, <principal_map_entry>, ... }

<principal_map_entry> = ("AWS" | "Federated" | "Service" | "CanonicalUser") :   
    [<principal_id_string>, <principal_id_string>, ...]

<action_block> = ("Action" | "NotAction") : 
    ("*" | [<action_string>, <action_string>, ...])

<resource_block> = ("Resource" | "NotResource") : 
    ("*" | [<resource_string>, <resource_string>, ...])

<condition_block> = "Condition" : { <condition_map> }
<condition_map> = { 
  <condition_type_string> : { <condition_key_string> : <condition_value_list> },
  <condition_type_string> : { <condition_key_string> : <condition_value_list> }, ...
}  
<condition_value_list> = [<condition_value>, <condition_value>, ...]
<condition_value> = ("string" | "number" | "Boolean")
  • To be effective with AWS IAM Custom policies, we should know the different
    • resources
    • actions provided by individual resources
  • Refer Here for the actions, resources and conditonal keys from aws

Published
Categorized as Uncategorized Tagged

By continuous learner

devops & cloud enthusiastic learner

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Please turn AdBlock off
Animated Social Media Icons by Acurax Responsive Web Designing Company

Discover more from Direct DevOps from Quality Thought

Subscribe now to keep reading and get access to the full archive.

Continue reading

Visit Us On FacebookVisit Us On LinkedinVisit Us On Youtube