Using Route 53 Resolver Endpoints in Hybrid and AWS Architectures Resolvers in a VPC can be configured as either inbound, outbound, or both. Inbound allows queries from your internal DNS deployment to the DNS server in your VPC. Outbound enables VPC DNS queries to your on-premise DNS, and both enable queries in both directions. When […]

Unauthorized Activity in Your Account If you receive a notice from AWS support that there has been abuse in your account or if you suspect that there has been unauthorized activity in your account, the following steps can help you confirm that it was an actual unauthorized activity: What to Do if You Do Find […]

Cost Optimization Principles Cost optimization, for any and all workloads, is a continuous process of refinement and improvement. This section will discuss some key design principles that all solutions architects as well as cloud FinOps (which stands for financial operations) teams should keep in mind when optimizing costs for their workloads: Having explored the key […]

AWS Batch This is a managed batch-processing product. If you are using AWS Batch, then jobs can be run without end user interaction or can be scheduled to run: Note If you get a question in the exam on an event-style workload that requires flexible compute, a higher disk space, no time limit (more than […]

Multi-Region Route 53 Route 53 is a global AWS service and is not specific to any region. You can configure zone records that are hosted in any region or that are outside of the AWS cloud such as your own data center. Route 53 extensions allow Multi-Region failovers by enabling health checking. Multi-Region latency-based routing […]

Cram Quiz Answer these questions. The answers follow the last question. If you cannot answer these questions correctly, consider reading this section again until you can. 1. You have been instructed to eliminate any inefficiencies in the following deployment: Web tier: EC2 autoscaling group scaling on CPU usage, 30% floor, 70% ceiling, minimum 1, maximum 10. […]

Visibility Other services offered by AWS provide different visibility and insights into your accounts to help you understand where malicious activity or an incident could occur. Amazon Detective is a security service that helps simplify the investigative process for security teams by using machine learning and statistical analysis to show the interactions between users and […]

Summary You explored a number of key topics in this chapter—how to best organize and isolate your AWS resources, which billing strategy to implement, how to leverage AWS Organizations and OUs to structure your AWS environment, how to enforce security best practices and protect your AWS environment using SCPs, and finally, how to automate governance […]

Processing stored data on AWS There are several services for processing the data stored in AWS. You will learn about AWS Batch and AWS Elastic MapReduce (EMR) in this section. EMR is a product from AWS that primarily runs MapReduce jobs and Spark applications in a managed way. AWS Batch is used for long-running, compute-heavy […]

Route 53 Application Recovery Controller Application availability can be increased by using the Application Recovery Controller, which is a feature of Route 53 that monitors your endpoints and is used to determine if they have availability and are ready for recovery. You can use the routing control and readiness checking to manage failover using DNS […]