Master AWS Certifications with Confidence

Spot Instances

Convertible Reserved Instances

Standard Reserved Instances

Dedicated Hosts

Embed an IAM user\u2019s access key and secret key in environment variables on the EC2 instance, then fetch the list.

Store the IAM user\u2019s credentials in a configuration file on the EC2 instance, read them during runtime, then access the bucket.

Assign an IAM role to the EC2 instance to grant temporary permissions for listing S3 objects.

Update the S3 bucket policy to allow public read access to the bucket contents indefinitely.

Create an AWS Lambda function to analyze AWS CloudTrail logs and trigger an Amazon Simple Notification Service (Amazon SNS) alert when a RunInstances API call is identified.

Configure AWS CloudTrail to send logs to Amazon S3 and enable an Amazon Simple Notification Service (Amazon SNS) notification for new log deliveries. Use Amazon Athena to query the logs for RunInstances API activity and trigger alerts.

Create an Amazon EventBridge (Amazon CloudWatch Events) rule to detect RunInstances API calls. Configure the rule to send alerts via an Amazon Simple Notification Service (Amazon SNS) topic when the event occurs.

Set up an Amazon Simple Queue Service (Amazon SQS) queue as a target for AWS CloudTrail logs. Develop an AWS Lambda function to process the logs and publish alerts to an Amazon SNS topic upon detecting RunInstances API calls.

Add an inbound rule to the private subnet's network ACL to allow traffic from the frontend tier's EC2 instances.

Update the VPC route table to include a route for traffic between the frontend tier's EC2 instances and the DocumentDB cluster.

Deploy the frontend tier's EC2 instances and the DocumentDB cluster in separate VPCs, then establish VPC peering.

Configure an inbound rule in the DocumentDB cluster's security group to allow traffic from the frontend tier's security group.

Develop an AWS CloudFormation template that defines the existing infrastructure, using parameters for Region-specific values. Deploy this template in the second Region.

Manually replicate the infrastructure in the second Region using the AWS Management Console, ensuring all configurations match the original Region.

Configure Route 53 to use geolocation routing, directing users to the nearest Region's ALB.

Update the Route 53 record to use latency-based routing, optimizing traffic distribution between the two ALBs.

Enable DynamoDB Streams on the existing table and add a replica in the second Region to create a global table.

Create a new DynamoDB table in the second Region, enable DynamoDB Streams, and set up a global table. Migrate data from the original table once.

Configure an AWS Site-to-Site VPN connection between the VPC and API Gateway. Generate unique API keys for each Lambda function and enforce API key usage in the API methods.

Create an interface VPC endpoint for API Gateway, configure an endpoint policy to restrict access to the specific API. Attach a resource policy to the API Gateway permitting access only from the VPC endpoint. Set the API Gateway endpoint type to private.

Enable IAM authentication for the API Gateway. Update the IAM role associated with the Lambda functions to include permissions for invoking the API. Migrate the API Gateway into the same VPC as the Lambda functions.

Deploy AWS Global Accelerator and route API Gateway traffic through it. Update the VPC route tables to direct API requests to the Global Accelerator IP addresses. Implement API keys for authentication.

Modify the AWS CloudFormation templates for eu-west-1 and ap-southeast-1 to use an AWS-provided AMI. Redeploy the stacks in both Regions.

Copy the custom AMI from eu-west-1 to ap-southeast-1. Update the AWS CloudFormation template for ap-southeast-1 to reference the copied AMI ID. Redeploy the stack.

Recreate the custom AMI in ap-southeast-1. Develop a new AWS CloudFormation template for ap-southeast-1 with the new AMI ID and deploy it.

Manually configure and deploy the application in ap-southeast-1 without using AWS CloudFormation.

Invoke the createDeployment method to redeploy the API and activate the new API keys.

Call the updateAuthorizer method to refresh the API's authorizer with the latest API keys.

Use the importApiKeys method to bulk import new API keys into the API's active stage.

Execute the createUsagePlanKey method to link the new API key to the appropriate usage plan.