Grappling with the various concepts surrounding AWS can be a tough task. There is some documentation around each service that’s available to you but nothing that shows how everything hangs together. Additionally, with the speed at which AWS update their environment, many of the books are already out dated.
AWS Zero to Hero provides you with a detailed understanding of the core AWS services & features. While it’s not going to be a silver bullet to passing the exam, it does provide you with the core concepts that you need which, once augmented with some hands-on experience in AWS, will put you in a good position to become a solutions architect for AWS [...]
Cloud HSM is a dedicated hardware security module (HSM) which is used to securely (to levels accepted by government organizations) generate, secure and manage cryptographic keys for data encryption.
CloudHSM can be deployed in a cluster of up to 32 individual HSM, spread across multiple availability zones. Keys are automatically synchronised & load balanced between each node in the cluster.
The cloud HSM must be part of a VPC in order to benefit from the additional layer of isolation and security. Within the VPC, you can configure a client on your EC2 instances that allows applications to use the HSM cluster over a secure, authenticated network [...]
AWS has a shared security model, meaning they commit to looking after part of the environment while you must look after the rest. We can generalize & say that AWS look after all of the bits of the environment that they can touch.
AWS are responsible for the physical security in their own facilities. This includes controlling the movements of individuals, restricting access to only those people that absolutely require access and keeping exact AWS data centre locations a closely guarded secret.
They’re responsible for the physical security of the underlying hardware and host operating system of EC2 and non-managed database instances. They [...]
Kinesis is a real time data processing service provided by AWS. It continuously captures and stores large amounts of data that power real time streaming dashboards.
A benefit of Kinesis is that in addition to real-time processing, we can also enable parallel processing which enables multiple Kinesis apps to process the same stream of data at the same time.
Kinesis is scalable as all AWS services are, durable as it replicates data to three availability zones and stores it for 24 hours by default (can be increased to 7 days).
Kinesis can be used for:Gaming: taking user input, processing them in real-time and providing live feedback to those inputs Real time [...]