Amazon Web Services Notes

Study notes on Pluralsight AWS Developer: Getting Started by Ryan Lewis




Using Putty to ssh:

AWS Policy Generator

echo "starting"
cd /home/ec2-user/pizza-luvrs
npm start

ssh -i "pizza-keys.pem" ec2-user@

#update ec3 server and install nodejs
sudo yum update

curl --location | sudo bash -

sudo yum install -y nodejs

node -v

#copy app to ec3 vm using scp
#In local folder remove node modules
 rm -r node_modules

#cd one folder above : _aws
#use scp to copy application files to ec2
scp -r -i pizza-keys.pem ./pizza-luvrs ec2-user@

#on server go to app folder
sudo npm cache clean -f
sudo npm install -g n
sudo n stable

npm start

Copying to s3

aws s3 cp ./assets/js s3://pizza-luvers-hb/js --recursive --exclude ".DS_Store"

aws s3 cp ./assets/css s3://pizza-luvers-hb/css --recursive --exclude ".DS_Store"

aws s3 cp ./assets/pizzas s3://pizza-luvers-hb/pizzas --recursive --exclude ".DS_Store"

CORS Configuration

CORS does not work on Chrome – use Firefox

(S3 bucket, CORS Configuration tab)


After making changes to application, to redeploy, copy to stand alone EC2 instance

note destination folder not included

 rm -r node_modules
scp -r -i pizza-keys.pem ./pizza-luvrs ec2-user@

Create a new Image (AMI) with this EC2 instance

Create a role to use with application that has access to s3


In Services/IAM create role

Service for role is EC2

Search for S3 in Permissions

Select AmazonS3FullAccess



Create a new Launch Configuration with modified s3 app & pizza-ec2-role


  1. Create a new Launch Configuration
  2. Select AMI (Image) created above
  3. In the IAM Role dropdown, select the pizza-ec2-role created above
  4. In advanced, enter the bash script to start the instance
echo "starting"
cd /home/ec2-user/pizza-luvrs
npm start
  1. In IP Address Type,select:

    Assign a public IP address to every instance.\

  2. In Security Group, select pizza-ec2-sg

Now Replace Launch Configuration in our Auto scaling group with this

In Auto Scaling Groups, Edit and change the launch configuration

In Instances, terminate existing instances

This will terminate and launch new instances based on our new image




Name: pizza-db

Credentials: postgres/ PassW0rd

Connectivity: select VPC: pizza-vpc

Additional connectivity configuration/Publically accessible: yes

Addition configuration/initial database name: pizza_luvrs

Once Database is created, create inbound rule for your ip

  1. RDS/Databases/pizza-db/connectivity & security tab/Security/click on default security group
  2. Inbound tab: Edit/Add Rule
    1. Type: PostgreSql
    2. Source: My IP
  3. Add Another rule to allow access from the pizza-ec2-sg secutity group (the EC2 launcher instance uses this so to connect from EC2, this rule is required )
    1. Type: PostgreSql
    2. Source: pizza-ec2-sg

Tools to connect to PostgreSQL



Postico (paid, Mac Only)

Connection Info

  1. Connectivity & Security Tab/Endpoint & Port:

​ endpoint:

​ port: 5432

  1. Username: postgres

    Pwd: PassW0rd

  2. database : pizza_luvrs

Cloud Formation templates

accessing output variables of a stack

#if name is not specified, all stacks are returned
aws cloudformation describe-stacks <name>

Cloud Formation Designer

Cloud Formation Designer

Pseudo Parameters Available

  1. AWS:: AccountId = AWS account Id
  2. AWS:: NotificationARNS = ARNS for notification topics
  3. AWS:: NoValue = Removes attribute
  4. AWS:: Region = Region of current stack
  5. AWS:: StackId = ID of current stack
  6. AWS::StackName = Name of current stack


"AvailabilityZone": {"Fn::Select": ["0", {"Fn::GetAZs": {"Ref": "AWS::Region"}}]}



Elastic Beanstalk

zip up files (zip up files not directory). cd into app directory (pizza-luvrs)

zip -r .
or use 7zip

More Configurations


  1. Select Pizza VPC

  2. Public IP address checked

  3. Select both subnets in Availability Zone


  1. EC2 security groups: select pizza-ec2-sg


Virtual machine permissions

  1. EC2 key pair: select pizza-keys

  2. IAM instance profile: pizza-ec2-role


  1. Environment Type : Load Balanced

Load Balancer:

Processes/default/Port: 3000

Elastic Beanstalk: Configuring permissions

IAM/Roles/pizza-ec2-role: Add roles

RDS should allow access to EC2 instance. Go to RDS dashboard,

…then databases and then select pizzadb

…then select Security Tab/VPC security groups/default link

2 Inbound Rule:

PostgresSQL MYIP

PostgresSQL pizza-ec2-sg

RDS Environment Properties

When you create a RDS with Beanstalk, your app can access these variables


Configuration Locations (in order of precedence)

Create/Update configuration

Saved Configuration

.ebextension files (in .ebextension folder)

Default Values