You're reading from AWS Certified Database – Specialty (DBS-C01) Certification Guide A comprehensive guide to becoming an AWS Certified Database specialist

Product type Paperback

Published in May 2022

Publisher Packt

ISBN-13 9781803243108

Length 472 pages

Edition 1st Edition

Tools

AWS

Concepts

IT Certification

Author (1):

Kate Gawron

Preface

1. Part 1: Introduction to Databases on AWS

2. Chapter 1: AWS Certified Database – Specialty Overview FREE CHAPTER

3. Chapter 2: Understanding Database Fundamentals

4. Chapter 3: Understanding AWS Infrastructure

5. Part 2: Workload-Specific Database Design

6. Chapter 4: Relational Database Service

7. Chapter 5: Amazon Aurora

8. Chapter 6: Amazon DynamoDB

9. Chapter 7: Redshift and DocumentDB

10. Chapter 8: Neptune, Quantum Ledger Database, and Timestream

11. Chapter 9: Amazon ElastiCache

12. Part 3: Deployment and Migration and Database Security

13. Chapter 10: The AWS Schema Conversion Tool and AWS Database Migration Service

14. Chapter 11: Database Task Automation

15. Chapter 12: AWS Database Security

16. Part 4: Monitoring and Optimization

17. Chapter 13: CloudWatch and Logging

18. Chapter 14: Backup and Restore

19. Chapter 15: Troubleshooting Tools and Techniques

20. Part 5: Assessment

21. Chapter 16: Exam Practice

22. Chapter 17: Answers

23. Other Books You May Enjoy

Cheat sheet

This cheat sheet summarizes the key points from this chapter:

AWS databases such as RDS and DynamoDB can be encrypted at rest and in transit.
RDS uses SSL/TLS to encrypt data in transit, so you will need to download and install the right certificate in your application to allow it to connect.
Databases should be placed in a private subnet within your VPC.
You should use security groups to tightly control which source IPs are allowed to connect to the database. They should not be left as 0.0.0.0/0 (everywhere).
Bastion hosts or jump boxes can be used to allow administrative traffic to the databases while maintaining a private subnet for the database.
AWS Secrets Manager can store database credentials securely and rotate them on a schedule.
Your applications can be written to request the password from AWS Secrets Manager rather than requiring the database password to be hardcoded within the application configuration files.
Database auditing...