Abhishek Hemant Sawant

I'm working as a cloud architect in Atos Global ID Services. So next, I'm currently working as a cloud architect in Global IT Services. And, currently, I'm getting this engineering team from India. So, in that, we are doing automation on private cloud as well as on public cloud. For doing the automation in private cloud, we are using Ansible as an automation tool and for doing public cloud automation in AWS and Azure using Terraform as a code. We are also using BICEP for Azure and cloud formation for AWS. I'm part of the infrastructure as a core, basically. I do the infrastructure deployment on a different customer environment. I gather requests from the customer end. And, based on the customer requirements, we develop our code, architect it, and deploy it on the customer environment like that.

How will we build an AWS Lambda function to proceed and respond to the API Gateway while maintaining it? So first of all, you have to, you know, enable the AWS Lambda function to enable the API Gateway, then you have to deploy the API Gateway. Then only you'll be able to build an AWS Lambda function and then reference it in the API Gateway.

How to implement a monitoring solution using AWS Cloud application is implemented. Then, these are 2 instances or any that will be created on your cloud formation template or landing zone for the data. You can integrate that with AWS CloudWatch, and you can implement API gateway and application server with them. And we can monitor your environment by using CloudWatch as a service.

What approach I will take to handle the state persistence like, in stateless and momentary environments like AWS, the process typically involves an external solution. Like, a database or if you want to integrate the Amazon DB or Amazon RDS or Amazon Aurora. So, Lambda functions are designed to be stateless, basically. So you don't have to retain memory between invocations. So any data that needs to persist between invocations, we can store that externally. Like, you can.

In Python based cloud automation task, how you'll ensure your code add her to the solid principle? so I don't have much expertise, you know, in Python, basically. But, I don't know. Like, there's very difficult questions in me because I don't have much expertise in, simple Python code adding to the solid principle, in that, basically, you know, you can create a simple responsibility principle or you can create a open close principle that, like, each class has the single responsibility. Like, for example, there are a rectangular class that is going to calculate your area and perimeter Like that, you can then, in open or close principle. The code is open for extension, but, closed for the modification. The new shapes by creating a new class that you narrate from the shapes. Or you can, you know, in interface that segregation principle concept right now I'm remembering.

To manage Kubernetes secrets in a CICD pipeline, Kubernetes take rates in and then there can be multiple methods to use that variable. Like, you can use any secret management tool, or a Docker secret vault, and then store that in a moment variable as a secret in the CICD tool configuration. This variable can be encrypted or masked to prevent exposure. Also, you can do so by using an encryption-encrypted file, such as an Ansible Vault or GitHub's built-in encryption mechanism, and decrypt that during the CICD pipeline acquisition. Also, you can set some access control, like limiting access to the secret by implementing rule-based access control. Or you can set some temporary credentials with limited permissions for accessing resources during the CICD process. And you can rotate those credentials regularly to enhance security. Like that, basically, you can use it. Also, for audit purposes, you can enable locking and auditing features with the CICD tool. So, like this, you can manage Kubernetes secrets securely in a CICD pipeline.

Okay. So review the AWS command used to modify I'm policy. If I see what is wrong or missing from the command that may cause issues while executing it. This is a very convenient command used to modify where what is missing or with the command that caused engineering to enable the input policy, role name, sample role, policy name, and whatever. The file name you mentioned is not the right way to do it because you are given slash files and slash policy dot JSON. So I don't know whether this will be the exact formulation. You can say the exact way to define that file because if you add JSON name, that file is there, and you want to access this content. So you typically need to specify the full file path on your local session. For example, if your file name is file my policy dot JSON. Look into current entity. You have to mention the path and the key, then the value. This is not the right way to mention the rules of that file. The command will not work.

What are the best practices for managing Docker images? Docker is a complex technology, and one bad manner of managing Docker images is not utilizing the full capabilities of the AWS cloud infrastructure. So, for Docker images, basically, use Amazon EKS, which is a capability service. This basically helps us to simplify the deployment, management, and scaling of Kubernetes applications. Okay? So, and if you want to deploy an EC2, like Elastic Compute Cloud, you can run a Docker container directly on an EC2 instance. This will give more control of the infrastructure, but we will need to manage tasks such as provisioning, scaling, and monitoring the EC2 instance ourselves. Also, you can go with an AWS service. This is a serverless compute engine for containers that basically allows you to run a Docker container without managing the underlying infrastructure. We use this service tool, only we have to specify the CPU and memory requirements for your container, and AWS will handle the rest.

illustrate a workflow from python based microservices to interface workflow for python this is very difficult like a micro service with how can i will describe this in this portal basically it's like so first of all i think we have to develop the microservices then you know you have to containerize that docker microservices by creating a docker file then we can install the necessary dependency files in docker libraries then we have to expose the appropriate port for the communication with the microservices then we will test that code locally to ensure that microservices is working as expected then we have to set up the aws account and we have to you know we need that amazon command line interface for interacting with the aws services then we can choose the deployment option like aws lambda aws ecs or aws fargate service or aws ec2 instance and deploy aws environment deployment on the options then we can configure your networking you can scale and monitor then you can create your cicd pipelines or if there are any security and you know security or access controls are there that we can implement it and testing and maintenance we can do in this way basically the python-based microservices again you can you know deploy on the aws environment by different settings

Demonstrating the knowledge of container security in containers, basically, deployment with AWS. So, like, there are different types of security that you set up. There are image security, runtime security, and you can set up isolation. You can implement some security measures to network security, access control, security management, logging and monitoring, then batch management, security auditing on complex systems. So these are the security measures you can set up on your AWS environment.

Crafting examples are where AWS KMS is used with Python. I never use AWS keys in Python to enter key resources for cloud. Right? I think for that, basically, first of all, you know, you can install Python. Python should be installed so that it will be easy to interact with your KMS service. So first of all, I will install Python, then I will configure it, and then I will set up Python to interact with the KMS service. So I will write my code and make sure that your key IDs or alias of your KMS are stored in a secure tool, basically. So in this way, KMS uses Python to manage encryption for your cloud resources.