This chapter covers the following official AWS Certified SysOps Administrator – Associate (SOA-C02) exam domains: Domain 1: Monitoring, Logging, and Remediation Domain 4: Security and Compliance (For more information on the official AWS Certified SysOps Administrator – Associate [SOA-C02] exam topics, see the Introduction.) As a general rule, you should consider the services, instances, and […]

REST API REST stands for Representational State Transfer. The REST architecture, or RESTful API, is a well-defined schema that allows dissimilar devices and services to interact with each other. The REST API makes calls to the API gateway, which, in turn, proxies the request to backend services in any format required. The REST API’s main […]

CramSaver If you can correctly answer these questions before going through this section, save time by completing the Cram Quiz at the end of the section. 1. What information is captured in a CloudTrail log? 2. What is the default retention of the default CloudTrail trail? Answers 1. Answer: CloudTrail logs record information about who requested the action, […]

Protecting data on Amazon S3 In this section, you will learn how to record every version of an object. Along with durability, Amazon provides several techniques to secure the data in S3. Some of those techniques involve enabling versioning and encrypting the objects. Versioning helps you to roll back to a previous version if any […]

Introducing AWS Storage Gateway AWS Storage Gateway is a service that provides a series of solutions to expand your storage infrastructure into the AWS cloud for purposes such as data migration, file shares, backup, and archiving. It uses standard protocols to access AWS storage services such as Amazon Simple Storage Service (S3), Amazon S3 Glacier, […]

Classic Load Balancers The classic load balancer is a legacy service from AWS that was used on the pre-VPC EC2 classic and Standard EC2 VPC instances. It was retired on August 15, 2022, and is no longer available. Pricing was based on the hours (or partial hour) that the load balancer was operational with an […]

Security Considerations for SQS Having gone over the functions of the SQS service along with how it differs from the SNS service, you can now examine some of the security best practices for SQS: Create a specific role for the administration of the queues that do not have access to consume or publish messages. This […]

Cram Quiz Answer these questions. The answers follow the last question. If you cannot answer these questions correctly, consider reading this section again until you can. 1. You have been put in charge of designing a monitoring platform for an application for a large enterprise. The monitoring system needs to be highly available and should allow […]

Security Considerations for SNS The following points present some of the security considerations and best practices when using SNS: Simple Queue Service (SQS) The managed queue example at the beginning of this section referenced a queueing system wherein requests could be held until they were ready to be processed. This type of queue enables you […]

Network Load Balancer The AWS network load balancer (NLB) is used for very high-performance use cases and operates at the network layer, layer 4, of the OSI model. The service has a lengthy list of features, as illustrated in Figure 1.15. The NLB can handle millions of connections per second and is used in very demanding […]