Mitigation for Business Continuity and Resilience A business can often determine how to recover and protect a particular application much more easily than it can determine how quickly each application needs to be recovered. This can be resolved by setting a Recovery Time Objective (RTO) and a Recovery Point Objective (RPO) for each application. How […]

Written Lab Written Lab 1.1: Create an HTTP API by Using the AWS Management Console https://l030ogly41.execute-api.us-west-2.amazonaws.com (for example) curlhttps://l030ogly41.execute-api.us-west-2.amazonaws.com (for example) Note: Since there is not a live web server, you will not see any data. Review Questions The following questions are designed to test your understanding of this chapter’s material. For more information on how to […]

Using other types of data stores Elastic Block Store (EBS) is used to create volumes in an Availability Zone. The volume can only be attached to an EC2 instance in the same Availability Zone. Amazon EBS provides both Solid-State Drive (SSD) and Hard Disk Drive (HDD) types of volumes. For SSD-based volumes, the dominant performance […]

Exam Essentials Understand the architecture of AWS CloudFront. Know that cached data is stored at edge locations based on demand. Regional edge caches are intermediate data stores for the local edge location to refresh content without having to go back to the originating source. Know the details of CloudFront invalidations and the protocols supported. Know […]

Interface Endpoints Interface endpoints, powered by AWS PrivateLink, are entry points for the traffic targeting a supported AWS service or a VPC endpoint service. Concretely, an interface endpoint consists of an Elastic Network Interface (ENI) with a private IP address taken from the address range associated with the subnet in which it is created. It […]

With an outline of what you are responsible for from an AWS customer perspective and a refresher of the baseline services that will be discussed throughout the different scenarios in your journey, this first section will conclude with an examination of some of the top risks that your cloud environment can be exposed to. Even […]

CramQuiz Answer these questions. The answers follow the last question. If you cannot answer these questions correctly, consider reading this section again until you can. 1. You are the administrator of a hybrid-cloud application that uses S3 as the central store for all the data being shared across the platforms. The Internet users are always directed […]

Quotas As with any other AWS service, AWS Storage Gateway is bound by certain quotas. These quotas can be soft or hard limits constraining the service. Different quotas apply depending on the flavor of storage gateway that you implement. Here is an indication of the main quotas for each different type, but remember to check […]

Security Issues At the top layer of the monitoring and alerting stack are security issues. These issues also encompass a wide range of aspects that need to be determined for each application beforehand. A range of different alerts can be configured for security issues, including but not limited to Large numbers of failed login attempts: […]

Securing S3 objects at rest and in transit In the previous section, you learned about bucket default encryption, which is completely different from object-level encryption. Buckets are not encrypted, whereas objects are. A question may arise here: what is the default bucket encryption? You will learn these concepts in this section. Data during transmission can […]