Amazon GuardDuty is a threat detection service that continuously monitors for malicious activity and unauthorized behaviour to protect your AWS accounts and workloads. You can enable it to enhance the security on your AWS account.
First log into your AWS account, then click services and search for GuardDuty.
A full blog post with all the steps listed out can be found here. Macs are built on Unix and as such, you can use the terminal to run commands. However, by default root is disabled. This video will show you how to enable root on mac so you can run commands as sudo.
Click the apple symbol the upper left of your screen.
Click System Preferences
In the screen that appears click Users and Groups.
Click login options and then click the lock to allow you to make changes.
In the screen that appears enter your username and password.
Click Join next to Network account Server.
Then click Open Directory Utility.
In the screen that appears click the lock to allow you to make changes.
Enter your username and password.
Now at the top of the screen click edit & then Enable Root User.
Enter your root password and then click ok.
You can now run commands as root from the Mac Terminal
Userdata on AWS allows you to run commands on start-up when you launch an EC2 instance on AWS. This is known as boot strapping your instance. In this example we will be boot strapping Amazon Linux with the Apache web server.
First log into you AWS portal and then click services and EC2
Next Click launch instance.
Select Amazon Linux
Leave the instance as mirco to get the free tier and click next Configure instance details
Leave the defaults and scroll down to advanced details and expand it – enter the following lines into the textbox:
#!/bin/bash yum install httpd -y systemctl start httpd systemctl stop firewalld cd /var/www/html echo "this is my test site" > index.html
The text in the code block above installs apache and adds an simple webpage that reads this is my test site. Finally click Next add storage
Leave the defaults and click next add tags
Give your machine a name and click Next Configure Security Group.
Allow port 80 from 0.0.0.0/0 on the security group and click review and launch
You can proceed without a keypair as we will not log into this instance
click your instance ID
Wait until your instance is running and then copy it’s pubic IP or dns name
Open a new browser and enter the pubic IP of your Linux instance into the address bar. You should now see the simple webpage we created.
You can create an Amazon Machine Image or AMI for your existing EC2 instance. The AMI will allow you to launch a fresh EC2 instance using the AMI as a template. You can also share the AMI with other AWS accounts.
To get started, it is best practise to stop your instance before you start. So right click your instance and click stop
When the instance has stopped, right click it again, click image and then create Image
Give your Image a name, a description and then click create Image
In the screen that appears click the ami ID.
You will now see your image creation as pending.
Once the ami is marked as available you can then launch it as an EC2 instance.