Scribd
Upload
20 views

Notes

The document provides a comprehensive guide on using Podman for container management, including commands for running, starting, and managing containers, as well as user and group management in a Linux environment. It also covers networking concepts, AWS EC2 instance creation, VPC setup, and S3 and IAM configurations. Additionally, it includes command examples for various tasks related to storage services and security group management in AWS.

Uploaded by

joey joseph
Copyright
© © All Rights Reserved
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
20 views

Notes

The document provides a comprehensive guide on using Podman for container management, including commands for running, starting, and managing containers, as well as user and group management in a Linux environment. It also covers networking concepts, AWS EC2 instance creation, VPC setup, and S3 and IAM configurations. Additionally, it includes command examples for various tasks related to storage services and security group management in AWS.

Uploaded by

joey joseph
Copyright
© © All Rights Reserved
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 24

--To run a new container

podman run -it opensuse/leap


podman run --name <container new name> -it opensuse/leap

--To open an existing container


podman start <container id/ container name>
podman exec -it <container id/ container name> /bin
podman exec -it <container id/ container name> /bin/bash
podman exec -it <container id/ container name> /bin/sh #shell
--To see running containers
podman ps
ns lookup

--To see all containers


podman ps -a

--to rename container (first exit container)


podman rename <container name> <container new name>

--to delete non- empty directory


rm -r <directory name>
--To move file to another directory
mv <file name starting from>* /<directory name>
(example-- mv f* /newdir)

--to add a new group


groupadd <groupname>

--set new password


Passwd <user name>

--adding user to group


useradd -G users,<group name> <new user name>

--adding user without group


useradd <new user name>

--assigning group to users


usermod -aG <group name>,<if another group name> <user name>

--to ask the user to change password at first login


chage -d 0 <user name>

--
etc -- program config files
var -- freq changing content(log files)
home -- user accounts file
sbin --system binary files
bin -- user binary files
lib --shared libraries for
lib64 --libraries for 64 bit
usr -- third party binary
root --

Linux common navigation tools


ls, pwd, cd, cat, less, l, mkdir, rmdir, mv

ls -l | is long form
ls-lh | h stands for human readable
ls -R | recursive of all sub directories

-bash, shell are interpreters


-bash | unix commands
-shell | all user commands
-bash will give a much better view, so between shell and bash use bash
-for suse linux zipper is the package manager
-touch creates a empty file
ls -la
-if you touch again only the timestamp will be updated in ls -la the contents
won’t be changed
-text editor – nano
- to remove directory, use rmdir
-to create a directory, use mkdir
cat /etc/shadow
-sudo – super user do
-User types
-Root UID = 0
-System user UID = 1-999
-Regular users UID>999
-Groups
-Multiple users
-Primary Group
-Supplementry Group

-YAST tool will be used to manage groups


-In etc/shadow passwords are stored in hash format
-chage means changing the ageing information
tail /etc/passwd
cat /etc/group
chage -d 0 db1 here 0 indicate first login
chown is for changing permissions
chmod 0774 db_work/ here 0 means file
chmod 2774 web_work/ here 2 means directory
su web 1
rwxrwxrwx (first 3 for owner , next three for group, next three for others)
4 -read ,2 -write, 1-execute
-Managing permission with acls
-Getfacl (get detailed info on acls for file or directory)
-Setfacl(manage acls for a specified file or directory)

User del | to remove user from group

Popular virtualization software kvm

------------------------------------------------
xxxxxxxxxxx---------------------------------------------------------

Tcp ip layer
-application layer
-transport layer
-internet layer
-network layer
Osi 7 layers
Tcpip layer came first than osip
Session and presentation layer where used before but now they are not included
Tcp and udp
One question from picture of tcp ip 4 layers
For http default port is 80
For https default port is 443
Tls – transport layers security
Port no. for file transfer
FTP – 20/21
sFTP – 22
TFTP – 69 (uses udp base)
Difference between sFTP, FTP and TFTP
Email – POP3, IMAP, SMTP their port no.
POP3 – 110/995
IMAP – 143/993
SMPT – 25/465
Subnet mask is component used in ip addressing to identify the network portion
of the ip address
Classful addressing was done in 1995 or prior to create discreate barriers

------------------------------------------------
xxxxxxxxxxx---------------------------------------------------------
python -m podman_compose exec ubuntu1 /bin/bash
---------------------------------------------
xxxxxxxxxxxxxxxx-----------------------------------------------------
-StorageService
1. Block Storage: fixed sized chunks (EBS as EC2)
2. File Storage: EFS
3. 3. Object Storage: S3 (Flat File Structure) 99.9999%
(Buckets store object)
-Key Components of VPC (3-4 Questions) (Very Important)
1. IP Addressing
2. Subnets
3. Routetables
4. SecurityGroups : As a virtual firewall
5. NetworkAccessControlList
-Cross region vpc are not possible
-You can link vpc cross region but not create
-vpc security group will act as a STATEFULL firewall
-inbound traffic: ingress
-outbound traffic: egress
Versionfield gives language version and is very important
Route 53 is global in nature
Load balancers are regional in nature

---------------------------------------------------
xxxxxxxxxxxxx----------------------------------------------------

Diff in EFS - EBS - S3- instance store


Application load balancers support path based routing
---------------------------------------------------
xxxxxxxxxxxxx----------------------------------------------------

EC2 creation on cli


aws ec2 create-key-pair --key-name Mykey --query 'KeyMaterial' --output text >
Mykey.pem
aws ec2 create-security-group -–group-name Msg –description “my group”
aws ec2 authorize-security-group-ingress --group-id sg-0d02f7d19731ab955 --
protocol tcp --port 22 --cidr 0.0.0.0/0
aws ec2 authorize-security-group-ingress --group-id sg-0d02f7d19731ab955 --
protocol tcp --port 80 --cidr 0.0.0.0/0
aws ec2 authorize-security-group-ingress --group-id sg-0d02f7d19731ab955 --
protocol tcp --port 443 --cidr 0.0.0.0/0
aws ec2 run-instances --image-id ami-05716d7e60b53d380 --count 1 --instance-
type t2.micro --key-name Mykey --security-group-ids sg-0d02f7d19731ab955

S3 and IAM

aws s3api put-bucket-lifecycle-configuration --bucket mycola --lifecycle-


configuration file://lifecycle.json
aws s3api get-bucket-lifecycle-configuration --bucket mycola
aws iam create-user --user-name homie --permissions-boundary
arn:aws:iam::aws:policy/AmazonS3FullAccess
aws iam create-group --group-name groupie
aws iam add-user-to-group --group-name groupie --user-name homie
aws iam get-group --group-name groupie
aws iam create-access-key --user-name homie --output text > acckey.pem
aws iam create-access-key --user-name homie --output text > acckey.csv
aws iam create-policy --policy-name newtestpolicy --policy-document
file://policy.json
aws iam get-policy --policy-arn arn:aws:iam::767397794724:policy/newtestpolicy
aws iam attach-group-policy --group-name groupie --policy-arn
arn:aws:iam::767397794724:policy/newtestpolicy
aws get-group-policy --group-name groupie
aws iam get-group-policy --group-name groupie --policy-name newtestpolicy
aws get-group-policy --group-name groupie
aws iam list-entities-for-policy --policy-arn
arn:aws:iam::767397794724:policy/newtestpolicy
aws iam list-group-policies --group-name groupie
aws iam attach-group-policy --group-name groupie --policy-arn
arn:aws:iam::767397794724:policy/newtestpolicy
aws iam get-policy --policy-arn arn:aws:iam::767397794724:policy/newtestpolicy
aws iam create-role --role-name newtest --assume-role-policy-document
file://rolepolicy.json

vpc

C:\Users\VYOMSAXENA\Downloads>aws ec2 create-vpc --cidr-block 10.0.0.0/24 --


query Vpc.VpcId --output text
vpc-032b50f8db2d2d326

C:\Users\VYOMSAXENA\Downloads>aws ec2 describe-vpc --filters cidr

C:\Users\VYOMSAXENA\Downloads>aws ec2 describe-vpc

C:\Users\VYOMSAXENA\Downloads>aws ec2 * describe-vpc

C:\Users\VYOMSAXENA\Downloads>aws ec2 *describe-vpc

C:\Users\VYOMSAXENA\Downloads>aws ec2 describe-vpcs

C:\Users\VYOMSAXENA\Downloads>aws ec2 describe-vpcs vpc-ids vpc-


032b50f8db2d2d326
C:\Users\VYOMSAXENA\Downloads>aws ec2 describe-vpcs vpc-id vpc-
032b50f8db2d2d326

C:\Users\VYOMSAXENA\Downloads>aws ec2 describe-vpcs --vpc-id vpc-


032b50f8db2d2d326

C:\Users\VYOMSAXENA\Downloads>aws ec2 create-subnet --vpc-id vpc-


032b50f8db2d2d326 --cidr-block 10.0.0.0/25 --availability-zone us-east-2a --
query Subnet.SubnetId --output text

C:\Users\VYOMSAXENA\Downloads>aws ec2 delete-subnet --vpc-id vpc-


032b50f8db2d2d326 --subnet-id subnet-01d118ef602856aa8

C:\Users\VYOMSAXENA\Downloads>aws ec2 delete-subnet --subnet-id subnet-


01d118ef602856aa8

C:\Users\VYOMSAXENA\Downloads>aws ec2 create-subnet --vpc-id vpc-


032b50f8db2d2d326 --cidr-block 10.0.0.0/25 --availability-zone us-east-2a --
query Subnet.SubnetId --output text --tags Key=Name,Value=publicsubnet

C:\Users\VYOMSAXENA\Downloads>aws ec2 create-subnet --vpc-id vpc-


032b50f8db2d2d326 --cidr-block 10.0.1.0/24 --availability-zone us-east-2a --
query Subnet.SubnetId --output text

C:\Users\VYOMSAXENA\Downloads>aws ec2 create-subnet --vpc-id vpc-


032b50f8db2d2d326 --cidr-block 10.0.1.0/25 --availability-zone us-east-2a --
query Subnet.SubnetId --output text
C:\Users\VYOMSAXENA\Downloads>aws ec2 create-subnet --vpc-id vpc-
032b50f8db2d2d326 --cidr-block 10.0.0.0/25 --availability-zone us-east-2a --
query Subnet.SubnetId --output text

C:\Users\VYOMSAXENA\Downloads>aws ec2 create-tags --resources subnet-


09aec58438995b68f --tags Key=Name,Value=publicsubnet

C:\Users\VYOMSAXENA\Downloads>aws ec2 create-subnet --vpc-id vpc-


032b50f8db2d2d326 --cidr-block 10.0.0.1/25 --availability-zone us-east-2b --
query Subnet.SubnetId --output text

C:\Users\VYOMSAXENA\Downloads>aws ec2 create-subnet --vpc-id vpc-


032b50f8db2d2d326 --cidr-block 10.0.0.128/25 --availability-zone us-east-2b --
query Subnet.SubnetId --output text

C:\Users\VYOMSAXENA\Downloads>aws ec2 create-tags --resources subnet-


0aee369cf908d7625 --tags Key=Name,Value=privatesubnet

C:\Users\VYOMSAXENA\Downloads>aws ec2 modify-subnet-attribute --subnet-id


subnet-09aec58438995b68f --map-public-ip-on-launch

C:\Users\VYOMSAXENA\Downloads>aws ec2 create-internet-gateway --query


InternetGateway.InternetGatewayId --output text

C:\Users\VYOMSAXENA\Downloads>aws ec2 attach-internet-gateway --vpc-id


vpc-032b50f8db2d2d326 --internet-gateway-id igw-08ca9afef38352443

C:\Users\VYOMSAXENA\Downloads>aws ec2 create-route-table --vpc-id vpc-


032b50f8db2d2d326 --query RouteTable.RouteTableId --output text

C:\Users\VYOMSAXENA\Downloads>aws ec2 create-tags --resource --route-id rtb-


0d3aff6bc3d9502ec --tags Key=Name,Value=publicroutetest
C:\Users\VYOMSAXENA\Downloads>aws ec2 create-tags --resource --route-table-
id rtb-0d3aff6bc3d9502ec --tags Key=Name,Value=publicroutetest

C:\Users\VYOMSAXENA\Downloads>aws ec2 create-tags --resource rtb-


0d3aff6bc3d9502ec --tags Key=Name,Value=publicroutetest

C:\Users\VYOMSAXENA\Downloads>aws ec2 create-route-table rtb-


0d3aff6bc3d9502ec --destination-cidr-block 0.0.0.0/0 --gateway-id igw-
08ca9afef38352443

C:\Users\VYOMSAXENA\Downloads>aws ec2 create-route rtb-0d3aff6bc3d9502ec


--destination-cidr-block 0.0.0.0/0 --gateway-id igw-08ca9afef38352443

C:\Users\VYOMSAXENA\Downloads>aws ec2 create-route --create-route rtb-


0d3aff6bc3d9502ec --destination-cidr-block 0.0.0.0/0 --gateway-id igw-
08ca9afef38352443

C:\Users\VYOMSAXENA\Downloads>aws ec2 create-route --route-table-id rtb-


0d3aff6bc3d9502ec --destination-cidr-block 0.0.0.0/0 --gateway-id igw-
08ca9afef38352443

C:\Users\VYOMSAXENA\Downloads>aws ec2 associate-route-table --route-table-id


rtb-0d3aff6bc3d9502ec --subnet-id subnet-09aec58438995b68f

C:\Users\VYOMSAXENA\Downloads>aws ec2 associate-route-table --route-table-id


rtb-0d3aff6bc3d9502ec --subnet-id subnet-09aec58438995b68f
C:\Users\VYOMSAXENA\Downloads>aws ec2 describe-route-tables --route-table-
ids rtb-0d3aff6bc3d9502ec --query "RouteTables[*].Associations"

C:\Users\VYOMSAXENA\Downloads>aws ec2 create-route-table --vpc-id vpc-


032b50f8db2d2d326 --query RouteTable.RouteTableId --output text

C:\Users\VYOMSAXENA\Downloads>aws ec2 create-tags --resources rtb-


075eb167abb41596f --tags Key=Name,Value=privateroutetest

C:\Users\VYOMSAXENA\Downloads>aws ec2 associate-route-table route-table-id


rtb-075eb167abb41596f subnet-id

C:\Users\VYOMSAXENA\Downloads>aws ec2 associate-route-table route-table-id


rtb-075eb167abb41596f subnet-id

C:\Users\VYOMSAXENA\Downloads>aws ec2 associate-route-table --route-table-id


rtb-075eb167abb41596f subnet-id
C:\Users\VYOMSAXENA\Downloads>aws ec2 associate-route-table --route-table-id
rtb-075eb167abb41596f --subnet-id

C:\Users\VYOMSAXENA\Downloads>aws ec2 create-network-acl --vcp-id vpc-


032b50f8db2d2d326

C:\Users\VYOMSAXENA\Downloads>aws ec2 create-network-acl --vpc-id vpc-


032b50f8db2d2d326

C:\Users\VYOMSAXENA\Downloads>aws ec2 create-network-acl-entry --network-


acl-id acl-092a68b541bcda947 --ingress --rule-number 100 --protocol tcp -port 22
--cidr-block 0.0.0.0/0 --rule-action allow
C:\Users\VYOMSAXENA\Downloads>aws ec2 create-network-acl-entry --network-
acl-id acl-092a68b541bcda947 --ingress --rule-number 100 --protocol tcp --port
22 --cidr-block 0.0.0.0/0 --rule-action allow

C:\Users\VYOMSAXENA\Downloads>aws ec2 create-network-acl-entry --network-


acl-id acl-092a68b541bcda947 --ingress --rule-number 100 --protocol tcp --port-
range From=22,To=22 --cidr-block 0.0.0.0/0 --rule-action allow

C:\Users\VYOMSAXENA\Downloads>aws ec2 create-network-acl-entry --network-


acl-id acl-092a68b541bcda947 --ingress --rule-number 110 --protocol tcp --port-
range From=80,To=80 --cidr-block 0.0.0.0/0 --rule-action allow

C:\Users\VYOMSAXENA\Downloads>aws ec2 create-network-acl-entry --network-


acl-id acl-092a68b541bcda947 --ingress --rule-number 110 --protocol tcp --port-
range From=443,To=443 --cidr-block 0.0.0.0/0 --rule-action allow

C:\Users\VYOMSAXENA\Downloads>aws ec2 create-network-acl-entry --network-


acl-id acl-092a68b541bcda947 --ingress --rule-number 120 --protocol tcp --port-
range From=443,To=443 --cidr-block 0.0.0.0/0 --rule-action allow

C:\Users\VYOMSAXENA\Downloads>aws ec2 create-network-acl-entry --network-


acl-id acl-092a68b541bcda947 --outgress --rule-number 100 --protocol -1 --port-
range From=0,To=65535 --cidr-block 0.0.0.0/0 --rule-action allow

C:\Users\VYOMSAXENA\Downloads>aws ec2 create-network-acl-entry --network-


acl-id acl-092a68b541bcda947 --egress --rule-number 100 --protocol -1 --port-
range From=0,To=65535 --cidr-block 0.0.0.0/0 --rule-action allow

C:\Users\VYOMSAXENA\Downloads>aws ec2 create-tags --resource acl-


092a68b541bcda947 --tags Key=Name,Value=publicnacl

C:\Users\VYOMSAXENA\Downloads>aws ec2 associate-network-acl --network-acl-


id acl-092a68b541bcda947 --subnet-id subnet-09aec58438995b68f
C:\Users\VYOMSAXENA\Downloads>aws ec2 replace-network-acl-associate --
network-acl-id acl-092a68b541bcda947 --subnet-id subnet-09aec58438995b68f

C:\Users\VYOMSAXENA\Downloads>aws ec2 replace-network-acl-association --


network-acl-id acl-092a68b541bcda947 --subnet-id subnet-09aec58438995b68f

C:\Users\VYOMSAXENA\Downloads>aws ec2 replace-network-acl-association --


association-id subnet-09aec58438995b68f --network-acl-id acl-
092a68b541bcda947

C:\Users\VYOMSAXENA\Downloads>aws ec2 describe-network-acls --query


"NetworkAcls[*].Associations"

C:\Users\VYOMSAXENA\Downloads>aws ec2 replace-network-acl-association --


association-id aclassoc-06e26072411f4548f --network-acl-id acl-
092a68b541bcda947

C:\Users\VYOMSAXENA\Downloads>aws ec2 create-network-acl --vpc-id vpc-


032b50f8db2d2d326

C:\Users\VYOMSAXENA\Downloads>aws ec2 create-network-acl-entry --ingress --


rule-number 100 --protocol tcp --port-range From=22,To=22 --cidr-block 0.0.0.0/0
--rule-action Deny

C:\Users\VYOMSAXENA\Downloads>aws ec2 create-network-acl-entry --network-


acl-id acl-03e6fd055ae68daa7 --ingress --rule-number 100 --protocol tcp --port-
range From=22,To=22 --cidr-block 0.0.0.0/0 --rule-action Deny
C:\Users\VYOMSAXENA\Downloads>aws ec2 create-network-acl-entry --network-
acl-id acl-03e6fd055ae68daa7 --ingress --rule-number 100 --protocol tcp --port-
range From=80,To=80 --cidr-block 0.0.0.0/0 --rule-action Deny

C:\Users\VYOMSAXENA\Downloads>aws ec2 create-network-acl-entry --network-


acl-id acl-03e6fd055ae68daa7 --ingress --rule-number 100 --protocol tcp --port-
range From=443,To=443 --cidr-block 0.0.0.0/0 --rule-action Deny

C:\Users\VYOMSAXENA\Downloads>aws ec2 create-network-acl-entry --network-


acl-id acl-03e6fd055ae68daa7 --ingress --rule-number 110 --protocol tcp --port-
range From=443,To=443 --cidr-block 0.0.0.0/0 --rule-action Deny

C:\Users\VYOMSAXENA\Downloads>aws ec2 create-network-acl-entry --network-


acl-id acl-03e6fd055ae68daa7 --ingress --rule-number 120 --protocol tcp --port-
range From=80,To=80 --cidr-block 0.0.0.0/0 --rule-action Deny

C:\Users\VYOMSAXENA\Downloads>aws ec2 create-network-acl-entry --network-


acl-id acl-03e6fd055ae68daa7 --egress --rule-number 100 --protocol -1 --port-
range From=0,To=65535 --cidr-block 0.0.0.0/0 --rule-action Deny

C:\Users\VYOMSAXENA\Downloads>aws ec2 create-network-acl-association --


query NetworkACL[*].Association

C:\Users\VYOMSAXENA\Downloads>aws ec2 describe-network-acls --query


"NetworkAcl[*].Association"
null

C:\Users\VYOMSAXENA\Downloads>aws ec2 describe-network-acls --query "acl-


03e6fd055ae68daa7.Association"

C:\Users\VYOMSAXENA\Downloads>aws ec2 describe-network-acls --query acl-


03e6fd055ae68daa7.Association
C:\Users\VYOMSAXENA\Downloads>aws ec2 describe-network-acls --query
"NetworkAcl[*].Association"
null

C:\Users\VYOMSAXENA\Downloads>aws ec2 describe-route-tables --query


"RouteTables[*].Associations"
C:\Users\VYOMSAXENA\Downloads>aws ec2 create-network-acl-association --
association-id rtbassoc-01196a809363c0a1e --network-acl acl-
03e6fd055ae68daa7

C:\Users\VYOMSAXENA\Downloads>aws ec2 replace-network-acl-association --


association-id rtbassoc-01196a809363c0a1e --network-acl acl-
03e6fd055ae68daa7

C:\Users\VYOMSAXENA\Downloads>aws ec2 describe-network-acls --query


"NetworkAcls[*].Associations"
C:\Users\VYOMSAXENA\Downloads>aws ec2 replace-network-acl-association --
association-id

C:\Users\VYOMSAXENA\Downloads>aws create-tags --resource acl-


03e6fd055ae68daa7 --tags Key=Name,Value=privatenacl

C:\Users\VYOMSAXENA\Downloads>aws ec2 create-tag --resource acl-


03e6fd055ae68daa7 --tags Key=Name,Value=privatenacl

C:\Users\VYOMSAXENA\Downloads>aws ec2 create-tags --resource acl-


03e6fd055ae68daa7 --tags
C:\Users\VYOMSAXENA\Downloads>aws ec2 describe-vpcs
C:\Users\VYOMSAXENA\Downloads>aws create-vpc-peering-connection --vpc-id
vpc-032b50f8db2d2d326 --peer-vpc-id vpc-08f406fc8b61da060

C:\Users\VYOMSAXENA\Downloads>aws ec2 create-vpc-peering-connection --


vpc-id vpc-032b50f8db2d2d326 --peer-vpc-id

C:\Users\VYOMSAXENA\Downloads>aws ec2 describe-vpc-peering-connections


C:\Users\VYOMSAXENA\Downloads>aws ec2 create-vpc --cidr-block 10.0.1.0/24

C:\Users\VYOMSAXENA\Downloads>aws ec2 describe-vpcs --query


"Vpcs[*].VpcId"

C:\Users\VYOMSAXENA\Downloads>aws ec2 create-vpc-peering-connection --


vpc-id vpc-032b50f8db2d2d326 --peer-vpc-id
C:\Users\VYOMSAXENA\Downloads>aws ec2 describe-vpcs --query
"Vpcs[*].VpcId"

C:\Users\VYOMSAXENA\Downloads>aws ec2 describe-vpc-peering-connections


C:\Users\VYOMSAXENA\Downloads>aws ec2 accept-vpc-peering-connection --
vpc-peering-connection-id C:\Users\VYOMSAXENA\Downloads>aws ec2 describe-
vpc-peering-connections
C:\Users\VYOMSAXENA\Downloads>aws ec2 create-route --destination-cidr-block
172.31.0.0/16 --vpc-peering-connection-id pcx-05c8982b6c771607e

C:\Users\VYOMSAXENA\Downloads>aws ec2 create-route --route-table-id rtb-


0d3aff6bc3d9502ec rtb-075eb167abb41596f --destination-cidr-block
172.31.0.0/16 --vpc-peering-connection-id pcx-05c8982b6c771607e
C:\Users\VYOMSAXENA\Downloads>aws ec2 create-route --route-table-id rtb-
0d3aff6bc3d9502ec,rtb-075eb167abb41596f --destination-cidr-block
172.31.0.0/16 --vpc-peering-connection-id pcx-05c8982b6c771607e

C:\Users\VYOMSAXENA\Downloads>aws ec2 create-route --route-table-id rtb-


0d3aff6bc3d9502ec --destination-cidr-block 172.31.0.0/16 --vpc-peering-
connection-id pcx-05c8982b6c771607e

C:\Users\VYOMSAXENA\Downloads>aws ec2 create-key-pair --key-name kep --


output text > kep.pem

C:\Users\VYOMSAXENA\Downloads>aws ec2 create-security-group --security-


group-name sgi

C:\Users\VYOMSAXENA\Downloads>aws ec2 create-security-group --group-name


sgi

C:\Users\VYOMSAXENA\Downloads>aws ec2 create-security-group --group-name


sgi --description "vpc security group"

C:\Users\VYOMSAXENA\Downloads>aws ec2 run-instance --image-id ami-


05716d7e60b53d380 --instance-type t2.micro --subnet-id subnet-
09aec58438995b68f --key-name kep --security-group-ids sg-0420fca373593c319

C:\Users\VYOMSAXENA\Downloads>aws ec2 run-instances --image-id ami-


05716d7e60b53d380 --instance-type t2.micro --subnet-id subnet-
09aec58438995b68f --key-name kep --security-group-ids sg-0420fca373593c319
C:\Users\VYOMSAXENA\Downloads>aws ec2 delete-security-group --group-name
sgi

C:\Users\VYOMSAXENA\Downloads>aws ec2 create-security-group --group-name


sgi --description "vpc security group" --vpc-id vpc-032b50f8db2d2d326

C:\Users\VYOMSAXENA\Downloads>aws ec2 run-instances --image-id ami-


05716d7e60b53d380 --instance-type t2.micro --subnet-id subnet-
09aec58438995b68f --key-name kep --security-group-ids sg-0881e066e09e656f2
C:\Users\VYOMSAXENA\Downloads>aws ec2 authorize-security-group-ingress --
group-name sgi --protocol tcp --port 22 --cidr 0.0.0.0/0

C:\Users\VYOMSAXENA\Downloads>aws ec2 authorize-security-group-ingress --


vpc-id vpc-032b50f8db2d2d326 --group-name sgi --protocol tcp --port 22 --cidr
0.0.0.0/0

C:\Users\VYOMSAXENA\Downloads>aws ec2 authorize-security-group-ingress --


group-id sg-0881e066e09e656f2 --protocol tcp --port 22 --cidr 0.0.0.0/0

C:\Users\VYOMSAXENA\Downloads>aws ec2 authorize-security-group-ingress --


group-id sg-0881e066e09e656f2 --protocol tcp --port 80 --cidr 0.0.0.0/0

C:\Users\VYOMSAXENA\Downloads>aws ec2 authorize-security-group-ingress --


group-id sg-0881e066e09e656f2 --protocol tcp --port 443 --cidr 0.0.0.0/0

C:\Users\VYOMSAXENA\Downloads>aws ec2 authorize-security-group-engress --


group-id sg-0881e066e09e656f2 --protocol -1 --cidr 0.0.0.0/0

C:\Users\VYOMSAXENA\Downloads>aws ec2 authorize-security-group-egress --


group-id sg-0881e066e09e656f2 --protocol -1 --cidr 0.0.0.0/0
C:\Users\VYOMSAXENA\Downloads>aws ec2 create-security-group --group-name
sgip --description "sg of priv for vpc" --vpc-id vpc-032b50f8db2d2d326

C:\Users\VYOMSAXENA\Downloads>aws ec2 run-instances --image-id ami-


05716d7e60b53d380 --instance-type t2.micro --subnet-id subnet-
0aee369cf908d7625 --key-name kep --security-group-ids sg-0d7caf54a00f762d7
C:\Users\VYOMSAXENA\Downloads>aws ec2 create-tags --resource i-
02c8522c1f63c4c2e --tag Key=Name,Value=privinstance

C:\Users\VYOMSAXENA\Downloads>aws ec2 create-tags --resource i-


0539883d65818a714 --tag Key=Name,Value=pubinstance

C:\Users\VYOMSAXENA\Downloads>aws ec2 describe-instances --instance-id i-


0539883d65818a714
C:\Users\VYOMSAXENA\Downloads>ssh 18.191.32.90

C:\Users\VYOMSAXENA\Downloads>ssh -i "kep.pem" [email protected]

C:\Users\VYOMSAXENA\Downloads>ssh -i "kep.pem" [email protected]

C:\Users\VYOMSAXENA\Downloads>ssh -i "kep.pem" [email protected]

C:\Users\VYOMSAXENA\Downloads>nano kep.pem

C:\Users\VYOMSAXENA\Downloads>ssh -i "kep.pem" [email protected]

C:\Users\VYOMSAXENA\Downloads>ssh -i "kep.pem" [email protected]

C:\Users\VYOMSAXENA\Downloads>aws ec2 create-network-acl-entry --network-


acl-id acl-03e6fd055ae68daa7 --ingress --rule-number 100 --protocol tcp --port-
range From=22,To=22 --cidr-block 10.0.0.70 --rule-action allow
C:\Users\VYOMSAXENA\Downloads>aws ec2 create-network-acl-entry --network-
acl-id acl-03e6fd055ae68daa7 --ingress --rule-number 100 --protocol tcp --port-
range From=22,To=22 --cidr-block 10.0.0.70/32 --rule-action allow

C:\Users\VYOMSAXENA\Downloads>aws ec2 create-network-acl-entry --network-


acl-id acl-03e6fd055ae68daa7 --ingress --rule-number 130 --protocol tcp --port-
range From=22,To=22 --cidr-block 10.0.0.70/32 --rule-action allow

C:\Users\VYOMSAXENA\Downloads>aws ec2 authorize-security-group-ingress --


group-id sg-0d7caf54a00f762d7 --protocol tcp --port 22 --cidr 10.0.0.70/32

C:\Users\VYOMSAXENA\Downloads>ssh -i "kep.pem" [email protected]


Last login: Thu Mar 20 08:18:12 2025 from 129.41.58.0

C:\Users\VYOMSAXENA\Downloads>aws ec2 describe-instances --instance-id i-


02c8522c1f63c4c2e
C:\Users\VYOMSAXENA\Downloads>ssh -i "kep.pem" [email protected]
[ec2-user@ip-10-0-0-70 ~]$ ssh -i "kem.pem" [email protected]
[ec2-user@ip-10-0-0-70 ~]$ nano kem.pem
[ec2-user@ip-10-0-0-70 ~]$ chmod 400 kem.pem
[ec2-user@ip-10-0-0-70 ~]$ ssh -i "kem.pem" [email protected]

C:\Users\VYOMSAXENA\Downloads>aws ec2 authorize-security-group-egress --


group-id sg-0d7caf54a00f762d7 --protocol -1 --cidr 0.0.0.0/0r

C:\Users\VYOMSAXENA\Downloads>aws ec2 authorize-security-group-egress --


group-id sg-0d7caf54a00f762d7 --protocol -1 --cidr 0.0.0.0/0

C:\Users\VYOMSAXENA\Downloads>aws ec2 create-network-acl-entry --network-


acl-id acl-03e6fd055ae68daa7 --egress --rule-number 110 --protocol -1 --port-
range From=0,To=65535 --cidr-block 0.0.0.0/0 --rule-action allow

C:\Users\VYOMSAXENA\Downloads>ssh -i "kep.pem" [email protected]


Last login: Thu Mar 20 08:31:37 2025 from 129.41.58.0
[ec2-user@ip-10-0-0-70 ~]$ curl http://169.254.169.254/latest/meta-data/local-
ipv4
10.0.0.70[ec2-user@ip-10-0-0-70 ~]$ aws ec2 describe-security-groups --group-
ids sg-0d7caf54a00f762d7
[ec2-user@ip-10-0-0-70 ~]$ exit
C:\Users\VYOMSAXENA\Downloads>aws ec2 describe-security-groups --group-ids
sg-0d7caf54a00f762d7
C:\Users\VYOMSAXENA\Downloads>aws ec2 describe-route-tables --filters
Name=vpc-id,Values=vpc-032b50f8db2d2d326
C:\Users\VYOMSAXENA\Downloads>aws ec2 create-route --route-table-id rtb-
075eb167abb41596f --destination-cidr-block 0.0.0.0/0 --instance-id i-
02c8522c1f63c4c2e

C:\Users\VYOMSAXENA\Downloads>ssh -i "kep.pem" [email protected]

C:\Users\VYOMSAXENA\Downloads>aws ec2 create-route --route-table-id rtb-


075eb167abb41596f --destination-cidr-block

C:\Users\VYOMSAXENA\Downloads>aws ec2 describe-subnets --subnet-ids


<BASTION_SUBNET_ID> --query
C:\Users\VYOMSAXENA\Downloads>aws ec2 describe-subnets --subnet-ids
subnet-09aec58438995b68f --query "Subnets[*].CidrBlock" --output text

C:\Users\VYOMSAXENA\Downloads>aws ec2 create-route --route-table-id rtb-


075eb167abb41596f --destination-cidr-block 10.0.0.0/25 --instance-id i-
0539883d65818a714

C:\Users\VYOMSAXENA\Downloads>ssh -i "kep.pem" [email protected]

C:\Users\VYOMSAXENA\Downloads>aws ec2 describe-security-groups --group-ids


sg-0d7caf54a00f762d7
C:\Users\VYOMSAXENA\Downloads>aws ec2 describe-network-acls --filters
"Name=vpc-id,Values=vpc-032b50f8db2d2d326"
C:\Users\VYOMSAXENA\Downloads>aws ec2 create-network-acl-entry --network-
acl-id acl-03e6fd055ae68daa7 \

C:\Users\VYOMSAXENA\Downloads>--rule-number 120 --protocol 6 --rule-action


allow --egress \

C:\Users\VYOMSAXENA\Downloads>--cidr-block 10.0.0.70/32 --port-range


From=22,To=22

C:\Users\VYOMSAXENA\Downloads>aws ec2 create-network-acl-entry --network-


acl-id acl-03e6fd055ae68daa7 --rule-number 120 --protocol tcp --rule-action
allow --egress --cidr-block 10.0.0.70/32 --port-range From=22,To=22

C:\Users\VYOMSAXENA\Downloads>ssh -i "kep.pem" [email protected]


-------------------------------------
xxxxxxxxxxxxxx------------------------------------------------------

1 az group create --name test


2 az group create --name test --location eastus2
3 az group list
4 az tag create --resource-id /subscriptions/d7619cc8-6b26-4135-95d4-
8c9e70110d7a/resourceGroups/test --tags Department=Engineering
Environment=Production Owner=Nuvepro
5 az lock create --name Read-Lock --lock-type read-only --resource-group test
6 az lock create --name Read-Lock --lock-type readonly --resource-group test
7 az lock create --name Delete-Lock --lock-type delete --resource-group test
8 az lock create --name Delete-Lock --lock-type CanNotDelete --resource-
group test
9 az policy assignment create --policy Azure Backup should be enabled for
Virtual Machines --description Azure Backup should be enabled for Virtual
Machines
10 az policy assignment create --name mypolicy --policy Azure Backup should
be enabled for Virtual Machines --description Azure Backup should be enabled for
Virtual Machines
11 az policy assignment create --name mypolicy --scope $rgid --policy Azure
Backup should be enabled for Virtual Machines --description Azure Backup should
be enabled for Virtual Machines
12 az policy assignment create --name mypolicy --scope $rgid --policy Azure
Backup should be enabled for Virtual Machines --description Azure Backup should
be enabled for Virtual Machines --role Contributer
13 az policy assignment create --name mypolicy --scope $rgid --policy Azure-
Backup-should-be-enabled-for-Virtual-Machines --description Azure Backup
should be enabled for Virtual Machines --role Contributer
14 HISTORY
15 doskey /history
16 history
17 az policy assignment create --name mypolicy --policy Azure-Backup-should-
be-enabled-for-Virtual-Machines --description Azure Backup should be enabled for
Virtual Machines --role Contributer
18 az policy assignment create --name mypolicy --policy Azure-Backup-should-
be-enabled-for-Virtual-Machines --description Azure Backup should be enabled for
Virtual Machine
19 az policy assignment create --name mypolicy --policy Azure-Backup-should-
be-enabled-for-Virtual-Machines --description "Azure Backup should be enabled
for Virtual Machine"
20 az policy assignment create --name mypolicy --policy Azure Backup should
be enabled for Virtual Machines --description "Azure Backup should be enabled
for Virtual Machine"
21 az policy assignment create --name mypolicy --policy "Azure Backup should
be enabled for Virtual Machines" --description "Azure Backup should be enabled
for Virtual Machine"
22 az policy assignment create --name mypolicy --policy Azure Backup should
be enabled for Virtual Machines --description "Azure Backup should be enabled
for Virtual Machine"
23 az policy defination list --query
24 az policy definition list --query
25 az policy definition list --query "[?contains(displayName, 'Backup')].
{Name:name, DisplayName:displayName, ID:id}" --output table
26 az policy assignment create --name mypolicy --policy 013e242c-8828-
4970-87b3-ab247555486d
27 az ad sp list --all --filter "servicePrincipalType eq 'ManagedIdentity'"
28 az identity list
29 az ad sp list --all --query "[].{displayName:displayName, id:id}" --output tsv
30 az ad sp list --display-name "{displayName}"
31 az ad signed-in-user show
32 az account show --query id
33 az role assignment create --assignee 2cc94dcf-2f07-4125-9b93-
552a5aa4084b --role Reader --scope /subscriptions/d7619cc8-6b26-4135-95d4-
8c9e70110d7a/resourceGroups/test
34 az role delete --name Delete-Lock
35 az role delete --name Delete-Lock --resource-group test
36 az lock delete --name Delete-Lock --resource-group test
37 az lock delete --name Read-Lock --resource-group test
38 az login --scope https://management.core.windows.net//.default
39 az login
40 az lock delete --name Read-Lock --resource-group test
41 az role assignment create --assignee 2cc94dcf-2f07-4125-9b93-
552a5aa4084b --role Reader --scope /subscriptions/d7619cc8-6b26-4135-95d4-
8c9e70110d7a/resourceGroups/test
42 history

You might also like