Course Hive
Search

Welcome

Sign in or create your account

Continue with Google
or
❓Pregunta examen AWS Solutions Architect Associate #11
Play lesson

Preguntas AWS Solutions Architect Associate - ❓Pregunta examen AWS Solutions Architect Associate #11

5.0 (1)
11 learners

What you'll learn

This course includes

  • 1.3 hours of video
  • Certificate of completion
  • Access on mobile and TV

Summary

Keywords

Full Transcript

Aqui esta la pregunta del examen AWS Solutions Architect Associate ✳️ A web-application deployed on Amazon EC2 Instance launched in VPC A needs to connect with AWS KMS for data encryption. This traffic should preferably flow over the AWS network. Access to the AWS KMS keys should be controlled by granting permissions only to specific entities and ensuring the least privileged security practice is followed. The proposed solution should be cost-effective and should be set up effectively. What design can be proposed? 1️⃣ Deploy a firewall proxy server on an Amazon EC2 instance for internet access to AWS KMS. Create policies on proxy servers to control access to AWS KMS only from the Instance IP address 2️⃣ Attach a NAT Gateway to VPC A to access AWS KMS. Create a Network ACL allowing communication with AWS KMS only from the Instance IP address 3️⃣ Create a VPC endpoint from VPC A for AWS KMS. Create a key policy matching 'aws: SourceVpc' condition key which will match VPC A 4️⃣ Create a VPC endpoint from VPC A for AWS KMS. Create a key policy matching 'aws: SourceVpce' condition key which will match VPC endpoint ID En el video encontraras la respuesta con la explicacion ✅ Hazte MIEMBRO del canal para conseguir mas ventajas ✅ ➡️ https://www.youtube.com/channel/UCO8o2MP-i4jLXEuLmMQGFeA/join 🔷 Para estar al día de todo ahora también puedes encontrarme en Telegram ➡️ https://t.me/rubenjgarciacloud

Course Hive

Continue this lesson in the app

Install CourseHive on Android or iOS to keep learning while you move.

Related Courses

FAQs

Course Hive
Download CourseHive
Keep learning anywhere