Data splitting Training and evaluating ML models are key tasks of the modeling pipeline. ML algorithms need data to find relationships among features in order to make inferences, but those inferences need to be validated before they are moved to production environments. The dataset used to train ML models is commonly called the training set. […]

Steps to Use AMIs in a Secure Manner If you look in AWS Marketplace or even search from the EC2 Launch page, you will see that there are lots of AMIs to choose from. Many of these AMIs are provided by community members or third-party providers. How are you to know that the AMI that […]

Examining Access Control In this section, you will investigate two different approaches organizations can take to control access, either based on a principal’s role or based on specific properties, also known as attributes, characterizing a principal. Role-Based Access Control (RBAC) This is the traditional access control approach where the permissions defining the actions that a […]

Network Services The network services allow the application’s components to interact with each other and also connect the application to the Internet and private networks. Examples of network services include  Amazon Virtual Private Cloud (VPC): This service allows you to connect applications with private network ranges, connect those private ranges with the Internet, and assign […]

Billing Billing is for the actual usage of CloudFront and does not require minimum charges or any time commitments. Billing is based on the amount of data you transmit out from the edge locations to the Internet and is charged by the gigabyte. Charges from the CloudFront services to the origins, either AWS or in […]

Cram Quiz Answer these questions. The answers follow the last question. If you cannot answer these questions correctly, consider reading this section again until you can. 1. Which of the following benefits of the AWS cloud allows AWS to provide a relatively low cost per unit of compute, storage, and networking? A. Massive economies of scale […]

Backing Up Amazon EC2 Instances If you want to back up your instance for either point-in-time recovery purposes or to use in a launch configuration with autoscaling, you need to create an AMI. Follow these steps to create an AMI: $ a ws ec2 run-instances \ –image-id ami-0f3c9c466bb525749 \ –instance-type t3.micro \ –region us-east-2 Note […]

CloudFront Security CloudFront supports multiple security options. Front-end Internet-based denial-of-service protection is included at no cost when deploying a CloudFront distribution. AWS uses its Shield service in front of all edge locations. Shield will protect the edge from distributed denial-of-service (DDoS) attacks. Shield includes automatic inline attack mitigation support to protect your site from common […]

Permissions Boundaries Permissions boundaries allow us to define the maximum permissions that identity-based policies can give to IAM entities (user or role). An entity can then only perform actions allowed by both its identity-based policies and its permissions boundaries. Setting a permissions boundary does not give permissions on its own but it limits what the […]

Edge Locations Edge locations are globally distributed locations that provide an additional latency reduction when delivering applications from AWS. Most of the capacity in an edge location is dedicated to CloudFront, a content delivery network that can help deliver static content with fast response times, usually in the double-digit millisecond range. You can also terminate […]