AWS Cheat Sheets

Home » AWS Cheat Sheets » Page 15

IP Blocking: Use AWS WAF or NACL?

2023-08-14T02:45:24+00:00

What should you do if you identified a series of malicious attacks on your application coming from a specific IP address? Will you use AWS WAF to block that IP address or create a rule in your Network Access Control List to deny traffic from that IP? It is true that AWS WAF can filter web requests based on IP addresses, HTTP headers, HTTP body, or URI strings, to block common attack patterns, such as SQL injection or cross-site scripting. NACL, on the other hand, acts like a firewall for controlling traffic in and out of your subnets. If the [...]

IP Blocking: Use AWS WAF or NACL?2023-08-14T02:45:24+00:00

Longest Prefix Match: Understanding Advanced Concepts in VPC Peering

2023-08-14T02:40:31+00:00

VPC Peering Basics In AWS, a Virtual Private Cloud (VPC) peering connection is a networking connection between two VPCs which allows you to route specific traffic between them using either private IPv4 addresses or IPv6 addresses. A VPC peering connection can be created between your own VPCs, or alternatively, a VPC in another AWS account. You can also create an inter-region VPC peering connection where the VPCs are located in different AWS Regions. Amazon EC2 Instances in either VPC can communicate with each other freely as if they are within the same network. One example of VPC Peering is the [...]

Longest Prefix Match: Understanding Advanced Concepts in VPC Peering2023-08-14T02:40:31+00:00

How to invalidate API Gateway Cache

2021-05-03T13:34:08+00:00

To invalidate an existing cache entry of a request and retrieve the latest data from the integration endpoint, one must send the request together with the Cache-Control: max-age=0 header. If the recipient is authorized to communicate directly to the integration endpoint, then the integration endpoint will respond with the latest data for the request. This also replaces the existing cache entry with the new response. The IAM Policy that grants a client to invalidate the cache follows: {   "Version": "2012-10-17",   "Statement": [     {       "Effect": "Allow",       "Action": [         "execute-api:InvalidateCache"       ],       "Resource": [ "arn:aws:execute-api:region:account-id:api-id/stage-name/GET/resource-path-specifier"       ]     }   ] }    An alternative option [...]

How to invalidate API Gateway Cache2021-05-03T13:34:08+00:00

Instrumenting your Application with AWS X-Ray

2023-08-14T02:52:58+00:00

Bookmarks Instrumenting your Node.js application Instrumenting your Java application Instrumenting your C# .Net application Instrumenting your Python application Instrumenting your Go application Instrumenting your Node.js application The AWS X-Ray SDK for Node.js provides middleware that you can use to instrument incoming HTTP requests. You need to add the SDK to your application’s dependencies, usually via package.json. Initialize the SDK client and add it to your application prior to declaring routes. var AWSXRay = require('aws-xray-sdk'); AWSXRay.setDaemonAddress('host:port'); app.use(AWSXRay.express.openSegment('MyApp'));       3. Lastly, use the SDK exceptions after declaring routes. app.get('/', function (req, res) [...]

Instrumenting your Application with AWS X-Ray2023-08-14T02:52:58+00:00

Calculating the Required Read and Write Capacity Unit for your DynamoDB Table

2021-05-04T09:10:25+00:00

Read Capacity Unit On-Demand Mode When you choose on-demand mode, DynamoDB instantly accommodates your workloads as they ramp up or down to any previously reached traffic level. If a workload’s traffic level hits a new peak, DynamoDB adapts rapidly to accommodate the workload. The request rate is only limited by the DynamoDB throughput default table limits, but it can be raised upon request. For on-demand mode tables, you don't need to specify how much read throughput you expect your application to perform. DynamoDB charges you for the reads that your application performs on your tables in terms of read request [...]

Calculating the Required Read and Write Capacity Unit for your DynamoDB Table2021-05-04T09:10:25+00:00

AWS Lambda Integration with Amazon DynamoDB Streams

2021-05-03T13:23:37+00:00

Amazon DynamoDB is integrated with AWS Lambda so that you can create triggers, which are pieces of code that automatically respond to events in DynamoDB Streams. With triggers, you can build applications that react to data modifications in DynamoDB tables. After you enable DynamoDB Streams on a table, associate the DynamoDB table with a Lambda function. AWS Lambda polls the stream and invokes your Lambda function synchronously when it detects new stream records.  Configure the StreamSpecification you want for your DynamoDB Streams: StreamEnabled (Boolean) - indicates whether DynamoDB Streams is enabled (true) or disabled (false) on the table. StreamViewType (string) [...]

AWS Lambda Integration with Amazon DynamoDB Streams2021-05-03T13:23:37+00:00

Kinesis Scaling, Resharding and Parallel Processing

2023-03-20T03:29:22+00:00

Kinesis Resharding enables you to increase or decrease the number of shards in a stream in order to adapt to changes in the rate of data flowing through the stream. Resharding is always pairwise. You cannot split into more than two shards in a single operation, and you cannot merge more than two shards in a single operation. The Kinesis Client Library (KCL) tracks the shards in the stream using an Amazon DynamoDB table, and adapts to changes in the number of shards that result from resharding. When new shards are created as a result of resharding, the KCL discovers [...]

Kinesis Scaling, Resharding and Parallel Processing2023-03-20T03:29:22+00:00

DynamoDB Scan vs Query

2023-01-30T13:33:00+00:00

Scan The Scan operation returns one or more items and item attributes by accessing every item in a table or a secondary index. The total number of scanned items has a maximum size limit of 1 MB. Scan operations proceed sequentially; however, for faster performance on a large table or secondary index, applications can request a parallel Scan operation. Scan uses eventually consistent reads when accessing the data in a table; therefore, the result set might not include the changes to data in the table immediately before the operation began. If you need a consistent copy of the data, as [...]

DynamoDB Scan vs Query2023-01-30T13:33:00+00:00

ECS Task Placement Strategies

2023-02-17T06:36:28+00:00

A task placement strategy is an algorithm for selecting instances for task placement or tasks for termination. When a task that uses the EC2 launch type is launched, Amazon ECS must determine where to place the task based on the requirements specified in the task definition, such as CPU and memory. Similarly, when you scale down the task count, Amazon ECS must determine which tasks to terminate.  A task placement constraint is a rule that is considered during task placement. You can use constraints to place tasks based on Availability Zone or instance type.  You can also associate attributes, which [...]

ECS Task Placement Strategies2023-02-17T06:36:28+00:00

AWS Serverless Application Model (SAM)

2023-06-06T07:36:32+00:00

AWS Serverless Application Model (SAM) Cheat Sheet An open-source framework for building serverless applications. It provides shorthand syntax to express functions, APIs, databases, and event source mappings.  You create a JSON or YAML configuration template to model your applications.  During deployment, SAM transforms and expands the SAM syntax into AWS CloudFormation syntax. Any resource that you can declare in an AWS CloudFormation template you can also declare in an AWS SAM template. The SAM CLI provides a Lambda-like execution environment that lets you locally build, test, and debug applications defined by SAM templates. You can also use the SAM CLI [...]

AWS Serverless Application Model (SAM)2023-06-06T07:36:32+00:00

AWS, Azure, and GCP Certifications are consistently among the top-paying IT certifications in the world, considering that most companies have now shifted to the cloud. Upskill and earn over $150,000 per year with an AWS, Azure, or GCP certification!

Follow us on LinkedIn, Facebook, or join our Slack study group. More importantly, answer as many practice exams as you can to help increase your chances of passing your certification exams on your first try!