Master AWS Certifications with Confidence

Physical security of data centers

Encryption of customer-stored data

Configuration of guest operating systems

Maintenance of network infrastructure

Management of IAM user policies

Spot Instances

On-Demand Instances

Reserved Instances

Dedicated Hosts

Extract data from the tapes on premises, store it temporarily in a local SMB file share, and use AWS DataSync to transfer the data to Amazon S3 Glacier Deep Archive.

Use an on-premises backup application to read the tapes and write the data directly to Amazon S3 Glacier Flexible Retrieval.

Order several AWS Snowball Edge devices with Tape Gateway. Copy the physical tapes to virtual tapes on Snowball, ship the devices to AWS, and apply a lifecycle policy to transition the data to Amazon S3 Glacier Deep Archive.

Set up an on-premises Tape Gateway and create virtual tapes in AWS. Use backup software to migrate the physical tapes to the virtual tapes.

Deploy AWS WAF in front of the ALB and configure appropriate web ACL rules to filter SQL injection attempts.

Modify the ALB's listener rules to inspect SQL queries and block malicious requests.

Enable AWS Shield Standard to protect against SQL injection attacks at the network layer.

Use AWS Config to monitor and automatically remediate SQL injection vulnerabilities.

Upload the static maintenance page to the S3 bucket.

Create a new CloudFront distribution with the S3 bucket as the origin and update DNS records to point to the new distribution during maintenance.

Add the S3 bucket as a secondary origin in the existing CloudFront distribution and configure an origin access identity (OAI) for the bucket.

Modify the default cache behavior in the CloudFront distribution to point to the S3 origin during maintenance, then revert it afterward.

Create a new cache behavior in the existing distribution with a path pattern '*' and precedence 0 during maintenance, then delete it afterward.

Configure Elastic Beanstalk to redirect traffic to the S3 bucket during maintenance using a .htaccess file.

Create an AWS CodeCommit repository for each package that the data scientists need to access. Configure code synchronization between the npm registry and the CodeCommit repository. Create a VPC endpoint for CodeCommit.

Create a NAT gateway in the VPC. Configure VPC routes to allow access to the internet with a network ACL that allows access to only the npm registry endpoint.

Create a NAT instance in the VPC. Configure VPC routes to allow access to the internet. Configure SageMaker notebook instance firewall rules that allow access to only the npm registry endpoint.

Create an AWS CodeArtifact domain and repository. Add an external connection for public:npm to the CodeArtifact repository. Configure the npm client to use the CodeArtifact repository. Create a VPC endpoint for CodeArtifact.

The IAM role lacks permissions to access the LSI.

The partition key values in the table are unevenly distributed, causing hot partitions.

The LSI's provisioned throughput is lower than the table's.

The application does not use jitter when retrying failed requests.

Use a custom query parameter to specify the API version and configure the Lambda function to process requests accordingly.

Implement an API Gateway canary release deployment to split traffic between the two versions based on a percentage.

Apply an API Gateway resource policy that routes incoming requests to the appropriate version based on the client's IP address.

Deploy each API version as a separate stage with distinct endpoints and utilize stage variables to manage environment-specific configurations.