AWS Certified Serucity Spacaility - SCS-C02 Study notes
From Cramsession
✍️ Verified Author: Mflavell • Click to view professional profile & credentials
Lambda
- Setup one role per Lambda function; don't reuse roles
- Use a function via an API gateway
- Don't store passwords - use AWS secrets manager
Route 53
- Most important features
- Registration
- DNS Service
- Health Checks
Domain vs Hosted Zone
- Domain is a construct of DNS servers that associates a name with a resource
- Domains have zone files
- Zone files are a text mapping of different resources.
Route 53 health checks
- Allows the checking of application health.
- Can be used to reroute traffic if a resource is unhealthy
Cheking Health of an endpoint
- Create a check from Route 53
- Checks can be done on an IP address or domain name
- Can also be a URL that contains data from services
- These can mirror the actions a user would normally perform
- Calculated health checks act as a root health check
- Monitor other health checks
- Can fail before the origin is considered unhealthy
- This will fail if any of it's alarms go off.
Route 53 Security Considerations
- Use Route 53 health checks with CloudWatch to monitor services
- Make sure DNS Entries have auto-renew enabled
- Famos cases of DNS getting forgotten: forgotten DNS names
