Master AWS Certifications with Confidence

Maintenance of the Lambda service's availability across regions.

Configuration of the Lambda function's execution role permissions.

Patching the runtime environment used by Lambda functions.

Physical security of the servers running Lambda functions.

AWS Lambda

Amazon Simple Notification Service (Amazon SNS)

Amazon CloudWatch

AWS CloudFormation

Create an Amazon EFS file system. Configure SMB access permissions and mount the file system to the workstations.

Launch an Amazon EC2 instance with Ubuntu OS. Install and configure Samba for file sharing. Connect the workstations to the Samba share.

Deploy an Amazon FSx for Windows File Server file system. Attach the file system to the editing servers and connect the workstations via SMB.

Use Amazon S3 with a third-party SMB gateway appliance hosted on EC2. Mount the SMB gateway to the workstations.

Create an SNS subscription that processes events using AWS Fargate containers before invoking the Lambda function.

Configure an SNS subscription to forward events to Amazon Kinesis Data Firehose, then trigger Lambda to process batched records.

Create an SNS subscription that sends events to Amazon Simple Queue Service (Amazon SQS). Configure the SQS queue to trigger the Lambda function.

Set up an SNS subscription to route events to AWS Step Functions, which orchestrate the Lambda execution workflow.

Configure AWS CloudTrail to log S3 data events.

Configure S3 server access logging for the S3 bucket.

Configure Amazon S3 to send object access events to Amazon Simple Email Service (Amazon SES).

Configure Amazon S3 to send object access events to an Amazon EventBridge event bus that publishes to an Amazon Simple Notification Service (Amazon SNS) topic.

Configure Amazon S3 to send the logs to Amazon Timestream with data storage tiering.

Configure a new S3 bucket to store the logs with an S3 Lifecycle policy.

Host a JSON file in Amazon S3 that lists the allowed domain names. Configure an Amazon SNS topic in each account to trigger an AWS Lambda function when the file is updated. The Lambda function updates the Network Firewall rules in all accounts with the new domains.

Create an AWS Config managed rule containing the allowed domain names. Use the rule to check and auto-remediate noncompliant Network Firewall policies in all accounts.

In the security account, create a Network Firewall rule group with the allowed domain names. Share the rule group with all other accounts via RAM. Reference the shared rule group in the Network Firewall policies of the other accounts.

In the security account, create a security group with rules allowing traffic to the allowed domain names. Configure the Network Firewall policies in other accounts to reference this security group using a nested security group reference.

Use a permissions boundary in the bucket policy to require HTTPS.

Configure the S3 bucket's default encryption to use an AWS KMS customer managed key.

Modify the application to specify server-side encryption with AWS KMS when uploading objects.

Enforce HTTPS by adding a bucket policy with the aws:SecureTransport condition.

Enable S3 Block Public Access to restrict access to HTTPS connections.

Use Amazon CloudFront with signed URLs for Amazon S3.

Deploy a separate Amazon CloudFront distribution for each authorized user.

Use Amazon CloudFront with AWS Lambda@Edge to validate user tokens.

Use Amazon API Gateway with AWS IAM policies to restrict access to an S3 bucket.