AWS Logging Mechanisms
Advanced networking at scale
The course is part of this learning path
In this section of the AWS Certified Advanced Networking - Specialty learning path, we introduce you to the various network management services currently available in AWS that are relevant to the ANS-C01 exam.
- Identify and describe the various network management services available in AWS
- Understand the use of AWS Config to assess network infrastructure
- Describe how AWS CloudTrail is used to monitor and audit network infrastructure
- Explain how Amazon Inspector is used to enhance AWS network security and compliance
- Describe how VPC Flow Logs are used to capture IP traffic within the AWS Cloud
- Identify strategies for solving common issues that occur when running cloud networking at scale
The AWS Certified Advanced Networking - Specialty certification has been designed for anyone with experience designing, implementing, and operating complex AWS and hybrid networking architectures. Ideally, you’ll also have some exposure to the nuances of AWS networking regarding the integration of AWS services and AWS security best practices. Many exam questions will require advanced level knowledge of many AWS services, including AWS networking services. The AWS Cloud concepts introduced in this course will be explained and reinforced from the ground up.
- [Mike] Hi there, my name is Mike McLaughlin. I'm a system architect with Aviatrix. And in this video, I'm gonna show you how to set up an Aviatrix controller within your AWS account. We're gonna start off by looking for VPC, where your tools are. Typically, it's called something like shared services, things like Splunk, Active Directory, Jenkins. Those kinds of tools are all within this VPC. That's where we're gonna put the Aviatrix controller. We're gonna create a separate public subnet, and drop the Aviatrix controller within that subnet. We're gonna start that process by going to docs.aviatrix.com. In this website, you're gonna find all the documentation and guides on how to set up Aviatrix, along with tools and techniques, best practices, and so on. We're going to go to AWS start-up guide, and go to step 2: launch the controller with CloudFormation. If we click on the first link, it's gonna take us right to CloudFormation, creating a new stack, and pre-populating the template URL with the right URL to create the controller itself. The stack name's pre-populated. You're welcome to change that, or keep it as AviatrixController. Then, select your shared services VPC, along with a public subnet. Pick a keypair, and the controller size. Well leave that at all defaults. And finally, we're gonna create a couple of roles, and policies, to go with this controller. So leave that at new, since you don't have an existing role or policies yet. Finally, do a quick verification. Just make sure you select the right VPC and subnet, and so on. Check the box that you're acknowledging you're creating some new roles and policies. And then, click create. If you wait a few minutes, you'll see that the creation of the controller is complete, along with the policies and the roles. Once it's complete, click around on the outputs tab. And let's look at the outputs. Let's start with the first one. AviatrixControllerEIP is gonna tell you where the controller's external address is. It has a web interface, so we're gonna go ahead and go to https in that EIP. When you go to that EIP, you're gonna be presented with a log-in prompt. Notice that the password defaults to the private IP address of the controller. That's contained within the outputs as well. So let's head over, grab the private IP address, copy it, and paste it into the password field. Quick sign-in, with the user name, admin, and it'll prompt you for an email address for password recovery, notifications, and other needs. I'm gonna use my own address here. And then, I'm gonna click save. And it's gonna save that on a controller. I'm then gonna change my password to something else. Confirm that password, and click save. Once you do this, you're gonna then be prompted for the proxy settings. If you don't have a web proxy, just click skip. Finally, you're gonna upgrade the version of software to the latest. This'll take a couple minutes. And then, once you have the latest version, it's gonna prompt you to log in. So now, we're gonna log in again, with our username admin, and the password that I just changed it to. We are presented with an onboarding screen. Let's get started by setting up our first AWS account. We're gonna give it a friendly account name. Here, I'm gonna just pick SharedServices as my name. And then, I'm gonna put in the account number that I created this controller in. Well, you can see it's in the outputs back on the CloudFormation template. So, we're gonna copy it from there, paste it in, and then click create. This is actually gonna connect you, the controller, to that account. And we're gonna use the friendly name SharedServices to show you what that account within the Aviatrix controller. Finally, you can get started with any one of our use cases. There's a Next-Ten Transit, Egress Security, Remote User VPN, Encrypted Peering, MultiCloud Peering, as well as Site to Cloud VPN. Each one of these will have its own video that you can watch separately. Thanks for your time. And thanks for trying out Aviatrix.
Stuart has been working within the IT industry for two decades covering a huge range of topic areas and technologies, from data center and network infrastructure design, to cloud architecture and implementation.
To date, Stuart has created 150+ courses relating to Cloud reaching over 180,000 students, mostly within the AWS category and with a heavy focus on security and compliance.
Stuart is a member of the AWS Community Builders Program for his contributions towards AWS.
He is AWS certified and accredited in addition to being a published author covering topics across the AWS landscape.
In January 2016 Stuart was awarded ‘Expert of the Year Award 2015’ from Experts Exchange for his knowledge share within cloud services to the community.
Stuart enjoys writing about cloud technologies and you will find many of his articles within our blog pages.