Scaling in the Cloud This section covers the following official AWS Certified SysOps Administrator – Associate (SOA-C02) exam domains: Domain 2: Reliability and Business Continuity Domain 3: Deployment, Provisioning, and Automation CramSaver If you can correctly answer these questions before going through this section, save time by skimming the Exam Alerts in this section and […]
Writing to Amazon Aurora with multi-master capabilities Amazon Aurora is the most reliable relational database engine developed by Amazon to deliver speed in a simple and cost-effective manner. Aurora uses a cluster of single primary instances and zero or more replicas. Aurora’s replicas can give you the advantage of both read replicas and Multi-AZ instances […]
DNS Overview DNS is a distributed service that operates globally in all IP-based networks. DNS clients run on networking devices such as smartphones, tablets, laptops, all the way to huge server clusters running in AWS. DNS services the client requests for information to connect to devices given a domain name and returning an IP address. […]
Routing with AWS Transit Gateway AWS Transit Gateway supports both dynamic and static routing. By default, the network elements (VPCs; VPN or DX connections; peered TGWs) attached to a TGW are associated with its default route table, unless otherwise specified. You naturally have the choice to organize routing as you please by creating additional routing […]
Mitigation for a Lack of Identity Federation Implementing a modern identity service or platform helps mitigate the risk of password compromise with multiple identities. AWS’s native IAM Identity Center allows you to connect with your existing SAML identity provider or create and manage your users and groups directly from the IAM service itself. This helps […]
CramQuiz Answer these questions. The answers follow the last question. If you cannot answer these questions correctly, consider reading this section again until you can. 1. Your company was recently a target of a malicious actor due to a misconfiguration of an S3 bucket ACL, making it publicly accessible. The CISO has instructed you that all […]
THE AWS CERTIFIED ADVANCED NETWORKING – SPECIALTY EXAM OBJECTIVES COVERED IN THIS CHAPTER MAY INCLUDE, BUT ARE NOT LIMITED TO, THE FOLLOWING: Objective 1.2: Design DNS solutions that meet public, private, and hybrid requirements. DNS and Route 53 Before we go into all of the details of DNS and Route 53 needed to ace the […]
Pricing Gateway endpoints are provided at no charge, other than the cost generated for using the service and transferring data. Endpoints powered by AWS PrivateLink—that is, interface endpoints and GWLB endpoints—are priced against two dimensions: the time the endpoint exists (per hour, for each AZ where the endpoint is deployed) and the amount of data […]
Taking automatic backups, RDS snapshots, and restore and read replicas In this section, you will see how RDS automatic backups and manual snapshots work. These features come with Amazon RDS. Let’s consider a database that is scheduled to take a backup at 5 A.M. every day. If the application fails at 11 A.M., then it […]
Integration with AWS Systems Manager Automation Systems Manager is a set of AWS tools that offers comprehensive configuration management of fleets of servers. We discuss AWS Systems Manager in more detail in Chapter 7, “Provisioning Resources.” An important part of Systems Manager is Systems Manager Automation, which allows you to perform the following common IT […]