This article provides key exam tips on Amazon EC2 Security Groups. A security group enables you to protect your resource in the AWS cloud by acting as a virtual firewall. When you launch instances, you can associate one or more security groups to the instance and add rules which explicitly allow traffic to and from the instance. Each security group can be associated to multiple instances. Security Groups and Network Access Control Lists enable you to protect your AWS environment and is a key topic to study for the AWS Certified Solutions Architect Exam.
You can launch Amazon EC2 instances with an encrypted Amazon Elastic Block Store (EBS) boot volume, which together with EBS data volume encryption means you can now encrypt all your EBS storage. The process of configuring encrypted boot volumes however is not straightforward and as an important exam tip, you should know that by default boot/root volumes are not encrypted during standard instance launch.
Amazon Elastic Compute Cloud, EC2 is one of the most important Exam topics on the AWS Certified Solutions Architect – Associate Exam. These exam tips are a must read before you enter the exam room and it is vital that you also get hands on experience in designing, configuring and supporting EC2 instances on the AWS platform. EC2 stands for Elastic Compute Cloud and is a web services that enables you to launch Compute Cloud instances (servers) in a matter of minutes. It enables you to scale your compute capacity without worrying about availability of underlying hardware or resources.
Amazon AWS IAM Identity Federation AWS IAM Identify Federation enables you to use third-party identity providers to authenticate to your AWS Account. This topic is known to be featured on the AWS Certified Solutions Architect Associate Exam and it is a good idea to...
This article discusses AWS S3 Transfer Acceleration Exam Tips. A fairly new service and likely to start coming up in the AWS Certified Solutions Architect – Associate Exam, Amazon S3 Transfer Acceleration is a web service which provides fast, easy, and secure transfers of files over long distances between AWS customers and their S3 bucket(s). Transfer Acceleration takes advantage of Amazon CloudFront’s globally distributed edge locations. As the data arrives at an edge location, data is routed to Amazon S3 over an optimized network path.
AWS Import Export comes in two version; AWS Import/Export Disk and AWS Snowball. Both options provide you with the capabilities to transfer very large amounts of data using physical disks and appliances to and from AWS without having to use the Internet. AWS Snowball is the newer version of the previously widely used Import/Exports Disk services and will feature in the AWS Certified Solutions Architect Associate Exam. Ensure you understand the difference in both versions of the service.
The AWS Storage Gateway is a service that enables you to connect an on-premise software appliance to the AWS cloud-based storage and provide you with storage options to connect to Amazon S3 and Amazon Glacier. The service allows you to securely store data in the AWS cloud for scalable and cost-effective storage. For the exam, we recommend you learn the three types of Storage Gateway configurations and understand which option to use under what scenario.
AWS offers data protection and encryption services for all data while in-transit (as it travels to and from Amazon S3) and at rest (while it is stored on disks in Amazon S3 data centers). You can protect data in transit by using SSL or by using client-side encryption. For the exam, we strongly recommend that you learn about the two encryption options available which are server side encryption and client side encryption as summarized in this short article.
Amazon CloudFront is a global content delivery network (CDN) service that accelerates delivery of your websites, images, video and other web objects. Amazon CloudFront is yet another important topic to master for the AWS Certified Solutions Architect – Associate Exam
Amazon Glacier is a low cost archival solutions from Amazon Web Services which has been optimized to provide provide durable storage for data archiving and backup. Data can be stored cost effectively for longer duration. In addition, Glacier is highly scalable and as such customers need not worry about capacity planning or hardware provisioning and AWS takes care of this. Amazon Glacier is part of Amazon Storage offering and will most certainly come up in the AWS Certified Solutions Architect – Associate exam.