What you'll need to follow this guide: RDS database (Aurora clusters as well) EC2 instance IAM role & policy Concept: If the nightly backup snapshots are too far apart for your comfort, consider incremental snapshots using AWSCLI, leveraging the instance profile attached to an EC2 instance. We will be creating a snapshot that is 3hours old every 3 hours and replacing the prior snapshot so there is no clutter or pages of snapshots you need to weed through.

Continue reading

What you'll need to follow this guide AWS admin (or at least permissions to manage IAM policies and enforce for all users) AWSCLI Concept The AWS instance metadata service (IDMS) version 1 service has been found to produce sensitive information that can be far too easily accssed. We will disable the ability to launch instances with IDMSv1 going forward and use a simple bash script to modify the instance metadata service to version 2 for running instances.

Continue reading