As the name suggests, AWS CodeBuild is a build service in the cloud. It is fully managed so there is no need to provision, manage, and scale your own build servers. It compiles your source code, runs unit tests, and produces artifacts that are ready to deploy.

You can use the AWS CodeBuild or AWS CodePipeline console to run CodeBuild. You can also automate the running of CodeBuild by using the AWS Command Line Interface (AWS CLI) or the AWS SDKs. In this blog, we will use the AWS CodeBuild console.

How it works:

  • We need to provide CodeBuild with a build project…


Image Source

In this blog, we will discuss Service Control policies and Session policies as well as the overall IAM Policy evaluation logic. We will also try to decipher the surprisingly easy JSON policy document structure (yes, it does look a bit intimidating initially). To understand the basic concepts and working of AWS IAM, read part 1 of my AWS IAM series of blogs. Read part 2 to further understand authorisation in IAM.

If you manage permissions across multiple accounts, you can use IAM roles, resource-based policies, or access control lists (ACLs) for cross-account permissions. …


Now that we understand the basic concepts and working of AWS IAM (Part 1 of this series), let us understand policies and permissions in IAM, a vital part of access management or authorisation.

For access management in AWS, we create policies and attach them to IAM identities (users/ groups/ roles) or AWS resources. When you associate or attach a policy to an identity or resource, it defines their permissions. Permissions in the policies determine whether the request made by the IAM principal (user or role) is allowed or denied.

Most policies are stored in AWS as JSON documents.

Types of policies:

A policy…


AWS IAM working

AWS IAM helps you securely control access to AWS resources, it helps in controlling authentication (signing into the AWS account, which is the Identity part of IAM) and authorisation (giving permissions to use resources, which is the access management part of IAM).

With IAM, you can grant other people permission to use resources in your AWS account without having to share your password or access key. You can grant different permissions to different people for different resources.

For example, you might allow some users complete access to Amazon EC2, Amazon S3, etc. For some other users, you might allow read-only…


If you are new to Docker, I would recommend you to read my Understanding Docker blog first.

Dockerfile: A text file that contains all commands needed to build a docker image. The commands are run in the same order as they appear in the Dockerfile. Think of Dockerfile commands as a step-by-step recipe on how to build your docker image.

You ‘build’ the Dockerfile to get an image and you ‘run’ the image to get a container.


  • Just like VM virtualizes/abstracts server hardware, Containers virtualise the Operating system of the server.
  • Docker packages software into standardized units called containers. A container is a standard unit of software that packages up code and all its dependencies so the application runs quickly and reliably from one computing environment to another. Docker containers can run on physical hosts or on VM like EC2 instances.
  • VM can run on different Operating systems on the same physical host, unlike containers, which run on the same host OS instance. Containers are portable and efficient as their size is smaller than VM. Containers are…


  • Fully managed AWS service.
  • AWS supported RDS engines: MS SQL server, Oracle, Postgre SQL, Maria DB, AWS Aurora, mySQL
  • Every DB instance will have a weekly maintenance window which you can specify while creating the DB instance. If you don’t, AWS will choose one randomly for you (30 min long)
  • Limit : Upto 40 DB instances per account. 10 out of 40 can be Oracle or MS SQL server under license included model OR all 40 can be any DB engine under BYOL model.
  • Maximum storage capacity : upto 4 TB for MS SQL, 6 TB for other RDS.
  • RDS…


  • API Gateway is a fully managed service that makes it easy for developers to create, publish, maintain, monitor, and secure APIs at any scale.
  • APIs act as the “front door” for applications to access data, business logic, or functionality from your backend services.
  • You can use API Gateway for building serverless applications, for integrating with legacy applications, or for proxying HTTP requests directly to other AWS services.

3 Basic parts of API Gateway

  1. Request flow: It contains everything before the HTTP request hits the backing integration and is concerned with validating and preparing your request for your integration.
  2. Integration: It is outside of API Gateway itself…

Prafulla Ashtikar

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store