You're reading from AWS Certified DevOps Engineer - Professional Certification and Beyond Pass the DOP-C01 exam and prepare for the real world using case studies and real-life examples

Product type Paperback

Published in Nov 2021

Publisher Packt

ISBN-13 9781801074452

Length 638 pages

Edition 1st Edition

Tools

AWS

Concepts

DevOps

Author (1):

Adam Book

View More author details

Table of Contents (31) Chapters

Preface

1. Section 1: Establishing the Fundamentals

2. Chapter 1: Amazon Web Service Pillars FREE CHAPTER

3. Chapter 2: Fundamental AWS Services

4. Chapter 3: Identity and Access Management and Working with Secrets in AWS

5. Chapter 4: Amazon S3 Blob Storage

6. Chapter 5: Amazon DynamoDB

7. Section 2: Developing, Deploying, and Using Infrastructure as Code

8. Chapter 6: Understanding CI/CD and the SDLC

9. Chapter 7: Using CloudFormation Templates to Deploy Workloads

10. Chapter 8: Creating Workloads with CodeCommit and CodeBuild

11. Chapter 9: Deploying Workloads with CodeDeploy and CodePipeline

12. Chapter 10: Using AWS Opsworks to Manage and Deploy your Application Stack

13. Chapter 11: Using Elastic Beanstalk to Deploy your Application

14. Chapter 12: Lambda Deployments and Versioning

15. Chapter 13: Blue Green Deployments

16. Section 3: Monitoring and Logging Your Environment and Workloads

17. Chapter 14: CloudWatch and X-Ray's Role in DevOps

18. Chapter 15: CloudWatch Metrics and Amazon EventBridge

19. Chapter 16: Various Logs Generated (VPC Flow Logs, Load Balancer Logs, CloudTrail Logs)

20. Chapter 17: Advanced and Enterprise Logging Scenarios

21. Section 4: Enabling Highly Available Workloads, Fault Tolerance, and Implementing Standards and Policies

22. Chapter 18: Autoscaling and Lifecycle Hooks

23. Chapter 19: Protecting Data in Flight and at Rest

24. Chapter 20: Enforcing Standards and Compliance with System Manger's Role and AWS Config

25. Chapter 21: Using Amazon Inspector to Check your Environment

26. Chapter 22: Other Policy and Standards Services to Know

27. Section 5: Exam Tips and Tricks

28. Chapter 23: Overview of the DevOps Professional Certification Test

29. Chapter 24: Practice Exam 1

30. Other Books You May Enjoy

Authenticating and authorizing in DynamoDB

As with other services in AWS, Dynamo DB allows fine-grained access control via the IAM service. You can either allow or disallow users at the service, table, or attribute level, depending on how you have structured your IAM policies.

AWS recommends, as a best practice, that you use the principle of least privilege and only allow users to access the data in the tables that they require versus blanket access.

Web Identity Federation

DynamoDB is an especially popular backend database for mobile and game developers. This can result in thousands of users needing to access even a single table. In this use case scenario, it is impractical to try to create an IAM user for each and every user:

Figure 5.6 – Web Identity Federation to a DynamoDB table

The best way to understand how users who are authenticating via a web identity provider, such as Facebook or Google, gain access to data in a DynamoDB table...