ustomer Managed Keys (CMKs) and AWS Managed Keys are both used for server-side encryption in AWS services, but there are key differences between them: In summary, the choice between Customer Managed Keys (CMKs) and AWS Managed Keys depends on your specific requirements. If you need more control, compliance, and customization over key management, CMKs are …
In an e-commerce company’s AWS setup, there’s a three-tier application: a web front end, a backend application, and a database storing transactions and user data. The database currently runs on an extra-large instance with 128 GB of memory. To meet the company’s disaster recovery requirements: What solution should the Solutions Architect implement to meet these …
By following these steps with the AWS CLI, you can set up patch management for your EC2 instances using AWS Systems Manager Patch Manager and Maintenance Windows. This automates the process of keeping your instances up to date with security patches based on the defined patch baselines.
Implementing the steps to offload SSL/TLS processing for your web servers using AWS CloudHSM and the AWS Command Line Interface (CLI) involves a combination of AWS CloudHSM CLI commands and configuring your web server’s SSL/TLS settings. Below are the general steps with sample commands to achieve this using the AWS CLI: Note: Please replace placeholders …
How to offload SSL/TLS processing for your web servers using AWS CloudHSM Read More »
AWS EventBridge is a serverless event bus service provided by Amazon Web Services (AWS). It allows you to connect different AWS services, as well as your own applications, using events. Events are generated by various AWS services, and EventBridge makes it easier to route, process, and react to these events in a flexible and scalable …
Replace <my-kms-key-id> with the ID of your pre-configured AWS KMS key. To deploy this template using the AWS CLI, you can use the create-stack command: aws cloudformation create-stack –stack-name MySageMakerStack –template-body file://sagemaker-stack.yaml AWS CLI: aws cloudformation deploy–template-file notebook-instance.yaml–stack-name notebook-instance-stack–parameters ParameterKey=InstanceType,ParameterValue=ml.t2.medium ParameterKey=KmsKeyId,ParameterValue=<my-kms-key-id> Boto3: Python Use code with caution. Learn morecontent_copy This code will create a new CloudFormation …
Rephrased: A photo-sharing app will be hosted on AWS. Users will upload photos to an S3 bucket and view/download them directly. The architect must ensure security and scalability for millions of users. Store user information in Amazon RDS and create IAM Roles with appropriate permissions. Create temporary credentials new times using the Token Service’s ‘AssumeRole’ …
A major incident occurred at our company when the web application we support unexpectedly went down in production. We found that a junior DevOps engineer accidentally terminated the production EC2 instance, causing the disruption. Only Solutions Architects should be able to stop or terminate production instances. We also found that many developers have full access …
A Seattle call center company’s corporate web portal is deployed on AWS. It uses a LAG to connect to the company’s data center and a VIF in its AWS VPC. The portal authenticates against the company’s on-premises LDAP server. Each S3 bucket is only accessible to logged-in users who own it.
Authenticate usingYour on-premises SAML 2.0- compliant identity provider (IDP)., retrieve temporary credentials withSTS and provide federated access to the AWS consolethrough the AWS single sign-on (SSO) endpoint usingBrowser. How to implement above ?