Amazon Web Services SAP-C02 Online Access

Creating the Template:

Start by creating a CloudFormation template that includes all the VPC resources. This template should accurately reflect the current state and configuration of the VPC.

Using the CloudFormation Console:

Open the AWS Management Console and navigate to CloudFormation.

Choose " Create stack " and then select " With existing resources (import resources) " .

Specifying the Template:

Upload the previously created template or specify the Amazon S3 URL where the template is stored.

Identifying the Resources:

On the " Identify resources " page, provide the identifiers for each VPC resource you wish to import. For example, for anAWS::EC2::VPCresource, use the VPC ID as the identifier.

Creating the Stack:

Complete the stack creation process by providing stack details and reviewing the changes. This will create a change set that includes the import operation.

Executing the Change Set:

Execute the change set to import the resources into the CloudFormation stack, making them managed by CloudFormation.

Verification and Drift Detection:

After the import is complete, run drift detection to ensure the actual configuration matches the template configuration.

This approach allows the company to manage their VPC and other resources via CloudFormation without the need to recreate resources, ensuring a smooth transition to automated infrastructure management.

References

Creating a stack from existing resources - AWS CloudFormation​(AWS Documentation)​.

Generating templates for existing resources - AWS CloudFormation​(AWS Documentation)​.

Bringing existing resources into CloudFormation management​(AWS Documentation)​.

For a development environment that requires frequent resource recreation and connectivity to applications hosted in a shared services account, the most efficient solution involves using AWS Resource Access Manager (RAM) and the transit gateway in the shared services account. By turning on automatic acceptance for the transit gateway in the shared services account and sharing it with the development account through AWS RAM, the development team can easily recreate their connection as needed without manual intervention. This setup allows for scalable, flexible connectivity between accounts while minimizing operational overhead and ensuring consistent access to shared services.

AWS Documentation on AWS Resource Access Manager and Transit Gateway provides guidance on sharing network resources across AWS accounts and enabling automatic acceptance for transit gateway attachments. This approach is also supported by AWS best practices for multi-account strategies using AWS Organizations and network architecture.

Migrating the containers that run the application to AWS Fargate for Amazon Elastic Container Service (Amazon ECS) will meet the requirement of not administering the Docker hosting environment. AWS Fargate is a serverless compute engine that runs containerswithout requiring any infrastructure management3. Creating an Amazon Elastic File System (Amazon EFS) file system and adding a volume to the Fargate task definition to point to the EFS file system will meet the requirement of low-latency storage that will automatically scale throughput to meet increased demand. Amazon EFS is a fully managed file system service that provides shared access to data from multiple containers, supports NFSv4 protocol, and offers consistent performance and high availability4. Amazon EFS also supports automatic scaling of throughput based on the amount of data stored in the file system5.

Enabling S3 Transfer Acceleration on the S3 bucket and configuring the app to use the Transfer Acceleration endpoint for uploads will improve the app ' s performance for these uploads by leveraging Amazon CloudFront ' s globally distributed edge locations to accelerate the uploads. Breaking the video files into chunks and using a multipart upload to transfer files to Amazon S3 will also improve the app ' s performance by allowing parts of the file to be uploaded in parallel, reducing the overall upload time.