2qov3b[Web 2][AWS] IAM MFA
Your company has decided that certain users should have Multi-Factor Authentication (MFA) enabled for their sign-in credentials. A newly hired manager has a Gemalto MFA device that he used in his earlier company. He has approached you to configure it for his AWS account. How will you configure his existing Gemalto MFA device so he can seamlessly connect with AWS services in the new company?Ref: https://aws.amazon.com/iam/faqs/ Ans: AWS MFA does not support the use of your existing Gemalto dev...
2qov3b[Web 2][AWS] Capacity Reservations
A startup has reserved On-Demand Capacity Reservations for the Amazon EC2 instances they use for running analytics. Once the billing report was generated, the company was surprised to see that the costs were much higher than expected. The startup has hired you as a SysOps Administrator to bridge this knowledge gap. Can you identify the important points to remember when considering On-Demand Capacity Reservations?Ref: https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-capacity-reservation...
I just don't know what to do w/ myself in Tokyo...
2qov3b[Web 2][AWS] IAM MFA
Your company has decided that certain users should have Multi-Factor Authentication (MFA) enabled for their sign-in credentials. A newly hired manager has a Gemalto MFA device that he used in his earlier company. He has approached you to configure it for his AWS account. How will you configure his existing Gemalto MFA device so he can seamlessly connect with AWS services in the new company?Ref: https://aws.amazon.com/iam/faqs/ Ans: AWS MFA does not support the use of your existing Gemalto dev...
2qov3b[Web 2][AWS] Capacity Reservations
A startup has reserved On-Demand Capacity Reservations for the Amazon EC2 instances they use for running analytics. Once the billing report was generated, the company was surprised to see that the costs were much higher than expected. The startup has hired you as a SysOps Administrator to bridge this knowledge gap. Can you identify the important points to remember when considering On-Demand Capacity Reservations?Ref: https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-capacity-reservation...
Share Dialog
Share Dialog
I just don't know what to do w/ myself in Tokyo...
Subscribe to 2qov3b
Subscribe to 2qov3b
<100 subscribers
<100 subscribers
An automobile company uses a hybrid environment to run its technology infrastructure using a mix of on-premises instances and AWS Cloud. The company has a few managed instances in Amazon VPC. The company wants to avoid using the internet for accessing AWS Systems Manager APIs from this VPC.
As a Systems Administrator, which of the following would you recommend to address this requirement?
Ref:
https://docs.aws.amazon.com/vpc/latest/userguide/how-it-works.html#what-is-privatelink
https://docs.aws.amazon.com/systems-manager/latest/userguide/setup-create-vpc.html
Ans:
You can privately access AWS Systems Manager APIs from Amazon VPC by creating VPC Endpoint - A managed instance is any machine configured for AWS Systems Manager. You can configure EC2 instances or on-premises machines in a hybrid environment as managed instances.
You can improve the security posture of your managed instances (including managed instances in your hybrid environment) by configuring AWS Systems Manager to use an interface VPC endpoint in Amazon Virtual Private Cloud (Amazon VPC). An interface VPC endpoint (interface endpoint) enables you to connect to services powered by AWS PrivateLink, a technology that enables you to privately access Amazon EC2 and Systems Manager APIs by using private IP addresses. PrivateLink restricts all network traffic between your managed instances, Systems Manager, and Amazon EC2 to the Amazon network. This means that your managed instances don't have access to the Internet. If you use PrivateLink, you don't need an Internet gateway, a NAT device, or a virtual private gateway.
An automobile company uses a hybrid environment to run its technology infrastructure using a mix of on-premises instances and AWS Cloud. The company has a few managed instances in Amazon VPC. The company wants to avoid using the internet for accessing AWS Systems Manager APIs from this VPC.
As a Systems Administrator, which of the following would you recommend to address this requirement?
Ref:
https://docs.aws.amazon.com/vpc/latest/userguide/how-it-works.html#what-is-privatelink
https://docs.aws.amazon.com/systems-manager/latest/userguide/setup-create-vpc.html
Ans:
You can privately access AWS Systems Manager APIs from Amazon VPC by creating VPC Endpoint - A managed instance is any machine configured for AWS Systems Manager. You can configure EC2 instances or on-premises machines in a hybrid environment as managed instances.
You can improve the security posture of your managed instances (including managed instances in your hybrid environment) by configuring AWS Systems Manager to use an interface VPC endpoint in Amazon Virtual Private Cloud (Amazon VPC). An interface VPC endpoint (interface endpoint) enables you to connect to services powered by AWS PrivateLink, a technology that enables you to privately access Amazon EC2 and Systems Manager APIs by using private IP addresses. PrivateLink restricts all network traffic between your managed instances, Systems Manager, and Amazon EC2 to the Amazon network. This means that your managed instances don't have access to the Internet. If you use PrivateLink, you don't need an Internet gateway, a NAT device, or a virtual private gateway.
No activity yet