CloudFront Design Considerations Design requirements for connecting to AWS CloudFront locations should take geography, technical, and political constraints into consideration. Global Internet connectivity is controlled by the BGP routing protocol that is widely distributed and divided into autonomous systems that are controlled by different entities. This leaves us with little influence on how traffic gets […]

Tape Gateway Tape Gateway offers a virtual tape library (VTL) service backed by storage on Amazon S3 and accessible on-premises through the standard iSCSI protocol. Concretely, Tape Gateway comes either as a preset hardware appliance or as a software appliance that you deploy in your on-premises environment. The software appliance consists of a VM that […]

Important note AWS best practices suggest adding another layer of protection through MFA delete. Accidental bucket deletions can be prevented, and the security of the objects in the bucket is ensured. MFA delete can be enabled or disabled via the console and CLI. As documented in AWS docs, MFA delete requires two forms of authentication together: […]

Reviewing Deviations Using Trusted Advisor As you use Trusted Advisor, over time, you will see that the service begins to highlight potential issues within your account. This section will cover how to review these deviations and how to interpret the severity of the issues found. From within the AWS Management Console, select Trusted Advisor from […]

Infrastructure Issues Generally, you should follow AWS best practices and deploy any unmanaged system across two availability zones, as discussed in Chapter 1, “Introduction to AWS.” Anytime you deploy, you expect the infrastructure to just work. If you have a deployment issue, you can easily resolve the issue by trying a redeployment. We call this […]

Volume Gateway Volume Gateway allows you to create storage volumes on S3 that offer a block storage interface accessible from your on-premises environment through the standard Internet Small Computer Systems Interface (iSCSI) protocol. Concretely, Volume Gateway comes either as a preset hardware appliance or as a software appliance that you deploy in your on-premises environment. […]

Applying encryption to buckets You also need to understand how enabling versioning on a bucket would help. There are use cases where a file is updated regularly, and versions will be created for the same file. To simulate this scenario, try the following example: $ echo “Version-1″>version-doc.txt$ aws s3 cp version-doc.txt s3://version-demo-mlpractice$ aws s3 cp […]

API Gateway Caching To reduce the number of calls to the endpoints and improve response times, caching can be configured to locally store frequent requests on the gateway. API Gateway will cache response for the TTL period. API Gateway will then first check the cache for the response before making an endpoint request if there […]

FSx File Gateway Amazon FSx File Gateway is a recent addition to the AWS Storage Gateway family to provide access to Amazon FSx for Windows File Server file shares on AWS from your on-premises environment. The idea is very similar to S3 File Gateway, which is that you can access the data on AWS through […]

API Gateway When trying to build RESTful and WebSocket APIs, AWS creates a fully managed service that is built around a simple interface. API Gateway can act as the entrance to other AWS services, such as data stored on RDS, or compute calls made by the EC2 or Lambda services, just as examples. API Gateway […]