Week 5 Worklog

Week 5 Objectives:

  • Understand basic AWS services, how to use the console & CLI.

Tasks to be carried out this week:

DayTaskStart DateCompletion DateReference Material
2- Optimizing EC2 Costs with Lambda
- Practice:
  + Create VPC
  + Create Security Group
  + Create EC2 instance
  + Incoming Web-hooks slack
  + Create Tag for Instance
  + Create Role for Lambda Function
  + Create Lambda Function
  + Function stop instance
  + Function start instance
  + Check the result
  + Clean up resources		10/06/202510/06/2025https://000022.awsstudygroup.com/
3- Manage Resources Using Tags and Resource Groups
- Practice:
  + Create EC2 Instance with Tags
  + Managing Tags in AWS Resources
  + Filter resources by tag
  + Using tags with CLI
  + Create a Resource Group
  + Clean up resources		10/07/202510/07/2025https://000027.awsstudygroup.com/
4- Manage access to EC2 services with resoucres tags through IAM services
- Practice:
  + Create IAM user
  + Create IAM Policy
  + Create IAM Role
  + Switch Role
  + Initiating access to EC2 console in AWS Region - Tokyo
  + Initiating access to EC2 console in AWS Region - North Virginia
  + Edit Resource Tag on EC2 Instance
  + Policy Check
  + Clean up resources		10/08/202510/08/2025https://000028.awsstudygroup.com/
5- Limitation of user rights with IAM permission boundary
- Practice:
  + Create Restriction Policy
  + Create IAM Limited User
  + Test IAM User Limit
  + Clean up resources		10/09/202510/09/2025https://000030.awsstudygroup.com/
6- Encrypt at rest with AWS KMS
- Practice:
  + Create Policy and Role
  + Create Group and User
  + Create Key Management Service
  + Create Bucket
  + Upload data to S3
  + Create CloudTrail
  + Logging to CloudTrail
  + Create Amazon Athena
  + Retrieve data with Athena
  + Test and share encrypted data on S3
  + Clean up resources		10/10/202510/10/2025https://000033.awsstudygroup.com/

Week 5 Achievements:

  • Automated EC2 cost optimization using Lambda functions (start/stop automation, tagging strategy, Slack notifications).

  • Improved resource organization by effectively using tags and creating Resource Groups for better visibility and management.

  • Enhanced access control skills by applying IAM policies tied to resource tags and validating permissions across multiple AWS Regions.

  • Strengthened IAM governance through implementing permission boundaries to enforce strict user limitations.

  • Gained strong hands-on experience with AWS KMS encryption, S3 secure storage, CloudTrail auditing, and Athena log analysis.