Resource Relationship AWS Config allows you to find, for any of your resources, what other AWS resources they are connected to or associated with. You can obtain this information from either the AWS Management Console or via commands from the CLI. Since you are already in the Management Console looking at the dashboard, try viewing […]

Protecting the Compute What should you do to ensure the protection of your application’s Amazon EC2 instances, containers, AWS Lambda functions, databases, and so on? Well, to start with, you want to design an AWS environment that has proper resource isolation. There are multiple means of achieving this isolation, as we have seen in Chapter […]

Important note Although, in real scenarios, you usually need to treat missing data via exclusion or imputation, never forget that you can always try to look at the source process and check if you can retrieve (or, at least, better understand) the missing data. You may face this option in the exam. If you don’t […]

Note Did you notice the StringLike and StringEquals operators in the policies contained in the condition statements? Knowing how to parse these out will be essential for deciphering the policies on the test. This will be covered in more detail in Chapter 14, Working with Access Policies. aws iam create-policy –policy-name cr-policy –policy-document file://iam_config_policy.json aws iam attach-role-policy […]

Forwarding Rules Conditional forwarding rules are required to tell the Route 53 Resolver what domain names you want to forward to remote resolvers such as an on-premise DNS server. A forwarding rule is needed for each domain to which you want queries to be forwarded. In the Route 53 console dashboard, select Rules in the […]

Amazon DynamoDB DynamoDB is a serverless NoSQL solution that uses a standard HTTPS access model to access table data. A table in DynamoDB is a collection of items that is regionally bound. A table must also have a unique name in the region where it was created. DynamoDB supports storing any amount of data and […]

Protecting the Network You may now be wondering why protecting the network is important even though it was just mentioned that zero-trust concepts recommend not to trust systems based on their location. Now while zero trust advocates not to solely use the location of a system to decide whether it can be trusted or not, […]

The Config Role During the setup of the configuration recorder, you will create and specify the IAM role that the recorder will need to gain read-only access to the resources to record the configuration items. The role also needs read and write permissions for the designated S3 bucket in order to publish the configuration snapshots. […]

Handling missing values As the name suggests, missing values refer to the absence of data. Such absences are usually represented by tokens, which may or may not be implemented in a standard way. Although using tokens is standard, the way those tokens are displayed may vary across different platforms. For example, relational databases represent missing […]

Health Checking Health checking for Route 53 is used to test that the endpoints are reachable and responding to application requests before returning the IP address in response to a query. Route 53 will send a test connection at regular intervals to either an IP address or domain name that you specify. If a resource […]