Site Reliability Engineer

  stateless / add or remove rules/ inbound rules , by CIDR private ip  public ipo cannot reuse  and elastic ip can be reused to another instance create ec2 key pair 1. vpc--> your vpc--> create vpc-->vpc only--name vpc--> add ip 10.0.0.0/24  (ipv4) --create vpc is created. 2. vpc console--> network acls--> nacl01(nameit) select vpc(just createdone) -->crtea n/w acl. 3. vpc flow log feature is to capture ip traffic from (vpc) .. pubclished cloud watch/s3 and retrieve (diaglotics, security group stoping traffic, more inbound /or outbound) 4. flow log for sub net / vpc  aws consule -- s3 console--giveabucketname--createbucket-->vpc console-->selectecrtedone-->createflow-->defaultoptions..>find arn of s3bckt --> internet gateway--> if ipv4 public address --> egress-only igway. is a scalable for ipv6 -- vpc--> canot talk to ec2 from internet. NAT-- pvt subnet--outside vpc--cannot initate connection to instances. private...

Service Reliability Engineer (SRE): Primarily responsible for improving the reliability of services through collaboration with development, proactive monitoring, and optimization of redundancies in operations. SRE is an integral part of modern cloud development teams who are involved in proactive testing, observability, service reliability, and speed Shift left security – from DevOps to DevSecOps With a move from just a few releases a year to weekly feature releases, security can no longer be ensured manually. Security needs to be part of the DevOps pipeline and be automated. There are plenty of security tools out there from various vendors than can integrate with the pipeline. The key things to be addressed in a DevSecOps pipeline include security tools that address the following. Securing cloud-native development and operations Securing the DevOps pipeline involves catching security errors early in the cycle and addressing the vulnerabilities of deployable artifacts, as well as perfo...