Tips and tricks AWS Solutions Architect Associate #5
VPC
- Security group is stateful, NACL is stateless
- NACL needs inbound and outbound rules
- Default SG is not enought
- A public subnet does not imply a public IP
Bastion Host
Similar Posts
Tips and tricks AWS Solutions Architect Associate #12
Big Data & Analytics Services EMR (Elastic MapReduce): Managed Hadoop/Spark for big data. Glue: ETL service (extract, transform, load). DataBrew: No-code data cleaning/transformations. Streaming ETL: Real-time processing. Bookmarks: Avoid reprocessing, track processed data. QuickSight: BI (dashboards, analytics), integrates with Spectrum for querying data in S3. AWS Well-Architected 6 Pillars Sustainability – efficient use of resources….
Tips and tricks AWS Solutions Architect Associate #9
User Pool: Provides built-in user management and authentication extensions. Identity Pool: Issues credentials and ephemeral identities for accessing AWS services. User Groups: Belonging to a group is optional. IAM Policy: Defined by version, ID, statement (with ID, effect, principal, action, resource). Certificate: Managed via AWS Certificate Manager. Cognito: Supports federated users (e.g., social or enterprise…
Tips and tricks AWS Solutions Architect Associate #15
AI / ML & Data Processing Lex: Build chatbots (natural language). Kendra: Enterprise search in unstructured data. Translate: Machine translation (text ↔ text). (⚠️ tu as noté “speed to text” → en fait c’est Transcribe qui fait Speech-to-Text). Polly: Text-to-Speech (TTS). Security & Customer Data Macie: Detects sensitive data (PII) in S3. Pinpoint: Customer engagement…
Solution Architect handbook
One of a the best book about Solution Architecture AWS oriented. AWS Solution Architect Handbook 1. Core Concepts Global Infrastructure: Regions, Availability Zones (AZs), Edge Locations. Shared Responsibility Model: AWS → Security of the cloud (infra, services). Customer → Security in the cloud (data, IAM, configs). Well-Architected Framework → 6 Pillars: Operational Excellence Security Reliability…
Tips and tricks AWS Solutions Architect Associate #16
Snow Family (Offline Data Transfer) Snowcone: Small device (~8 TB) → data transfer to S3/EC2. Snowball Edge: Larger device (~20–80 TB), with compute/storage options. Snowmobile: Truck-sized (up to 100 PB) for massive data migration. FSx (Managed File Systems) FSx for Windows Server: Supports AD integration, SQL Server, SMB protocol. ❌ No NFS. ✅ Multi-AZ. FSx…
Tips and tricks AWS Solutions Architect Associate #3
Cloud Front CloudFront Functions These two types of functions can be executed during the processing of incoming or outgoing requests in AWS, and are integrated within CloudFront. cloud functions javascript < 1 ms cache key header rewrite no access to resource like subnet, database lambda edge functions change request and response 5-10s access to…