AWS Notes - Tips
- Kinesis for social media, news feeds, logs.
- Redshift for Business intelligence.
-
Elastic Map Reduce for Big data processing
- Cloudtrail is per AWS account per region
-
Can consolidate logs using S3 bucket cross multiple accounts
-
AWS Organisation Service Control Policies will override individual account policies.
- To connect your data center with AWS, you will need a customer gateway on your side and a virtual private gateway on AWS.
- An internet gateway is to connect a VPC to the internet and NAT gateway connect the servers running in private subnet to the internet.
- A VPC endpoint enables you to privately connect your VPC to supported AWS services.
- You cannot do vpc peering cross region. But can do it cross accounts.
- You cannot creat VPC peering when the two VPCs have matching or overlapping CIDR blocks.
- VPC peering does not support transitive peering relationships.
- SSL certificates will only be useful to encrypt data in transit, not data at rest.
- ELB can span multiple AZs within a region. It cannot span multiple regions.
- The customer is responsible for the security of anything running on the hypervisor, and therefore the operating system and the security of data are the customer’s responsibility.