certification
Multi account architecture
- AWS oraganisation
- Control tower
SSO
- IAM identity center
Can EFS attached to lambda?
GaurdRails -
-
Preventive
-
Detective
-
Proactive
Preventive - SCP Proactive - cloudformation Detective - config
Hybrid Connectivity
-
Site to site ○ Existing public network ○ 1 VPN - 2 tunnel § Active/ stand by § 1.25 Gbps
○ Slow / Not consistnet ○ Cost - Low ○ Setup - Easy & Fastest
-
Direct connect ○ Consistent network ○ High network throughtput ○ Private/direct connection ○ Cost - High ○ Setup - Take time
SSO
Hybrid connection
AWS Client VPN
- Managed service
- Remote access to AWS resources and On-Prem data centre in secure connection
IPSec protocal
BGP for dynamic routing
VPN ---> VGW (Active / standup mode) | ----> TGW (ECMP for double bandwidth + Accelertion (edge locations))
Vmvare on AWS
AWS outpost
- AWS within your datacenter
AWS Local zones
- Running near data center
- For low latency applications
AWS Wavelength - 5G
C (low latency and local connectivity)
Total VPC peering connection count - (n*(n-1)) / 2
Transit gateway
- Simple network connectivity
- Hub spoke network
- Control the communication between attachments
Hybrid connectivity with network management (DGW + TGW)
Resource access manager
False
Cost optimisation