Preview 3 out of 40 Flashcards
Which AWS Systems Manager feature provides a centralized store to manage your configuration data such as database strings or secrets such as passwords?
Which AWS Systems Manager feature provides a centralized store to manage your configuration data suc...
Parameter Store. is correct.
AWS Systems Manager provides a centralized store to manage your configuration data, whether plain-text data such as database strings or secrets such as passwords. This allows you to separate your secrets and configuration data from your code. Parameters can be tagged and organized into hierarchies, helping you manage parameters more easily. For example, you can use the same parameter name, "db-string", with a different hierarchical path, "dev/db-string” or “prod/db-string", to store different values.
Ref: https://aws.amazon.com/systems-manager/features/
You want to protect the contents of messages in Amazon SQS queues using encryption. Which SQS queueing mechanism should you use for this requirement?
You want to protect the contents of messages in Amazon SQS queues using encryption. Which SQS queuei...
Server-side encryption (SSE). is correct.
Server-side encryption (SSE): Protect the contents of messages in Amazon SQS queues using keys managed in the AWS Key Management Service (AWS KMS). SSE encrypts messages as soon as Amazon SQS receives them. The messages are stored in encrypted form and Amazon SQS decrypts messages only when they are sent to an authorized consumer.
Ref: https://aws.amazon.com/sqs/features/
You want to establish connectivity between your on-premise data centerand AWS while maintaining network separation between the public AWS services and private environments in VPC. Which AWS Service should you use?
You want to establish connectivity between your on-premise data centerand AWS while maintaining netw...
AWS Direct Connect. is correct.
AWS Direct Connect is a cloud service solution that makes it easy to establish a dedicated network connection from your premises to AWS. Using AWS Direct Connect, you can establish private connectivity between AWS and your datacenter, office, or colocation environment, which in many cases can reduce your network costs, increase bandwidth throughput, and provide a more consistent network experience than Internet-based connections. Using industry standard 802.1q VLANs, this dedicated connection can be partitioned into multiple virtual interfaces. This allows you to use the same connection to access public resources such as objects stored in Amazon S3 using public IP address space, and private resources such as Amazon EC2 instances running within an Amazon Virtual Private Cloud (VPC) using private IP space, while maintaining network separation between the public and private environments.
Ref: https://aws.amazon.com/directconnect/