S3 - Security & Encryption

By default, all newly created buckets are private. You can setup access control to you buckets by using: Bucket policies. Access Control Lists. S3 buckets can be configured to create access logs which log all the requests made to the S3 bucket. This can be done to another bucket. In Transit Encryption: SSL/TLS At Rest Encryption: Server Side Encryption: SSE-S3: S3 Managed Keys SSE-KMS: AWS...

AWS - Elastic Container Service (ECS)

ECS allows you to manage Docker containers on a cluster of EC2 instances. Containers are lightweight OS virtualizations that allow you to run applications and its dependencies in resource isolated processes. Containers are created from read-only templates called images. Images are stored in public or private registries like Docker Hub or AWS Elastic Container Registry (ECR). A task definition...

AWS - Workspaces

Workspaces provides remote desktops to the users. Users can access their Workspaces desktop by using Amazon Workspaces client and credentials given by the administrator or Active Directory credentials. Uses Windows 7 experience provided by Windows Server 2008 R2. Users can personalize their workspaces. But this can be locked down by Administrator. By default users have Local Administrator access,...

AWS - Security Token Service (STS)

Grants users temporary limited access to AWS resources. Supports users from following 3 sources: Federation with Active Directory Uses Security Assertion Markup Language (SAML) Grants access based on users Active Directory credentials. User does not need to be IAM user. Single Sign On allows user to login to AWS console with using an IAM account. Federation in Mobile App Use Facebook/Google/Amazon...

AWS - Direct Connect

Makes it easy to create a dedicated private connection from on premise datacenter to AWS. Benefits: Reduced cost when using large volumes of traffic. Increased bandwidth. Increased reliability. Bandwidth: 10 Gbps 1 Gbps < 1Gbps: Can be purchased through AWS partners. ...