Full Access Amazon Web Services SOA-C02 Tutorials

To identify changes made by the compromised access key, the SysOps administrator should search the AWS CloudTrail event history:

AWS CloudTrail:

CloudTrail logs all API calls made in an AWS account, which includes events initiated by access keys. This makes it the ideal service to investigate changes made using the compromised access key.

To restrict resource creation in unapproved regions across multiple AWS accounts efficiently, combining SCPs and Control Tower settings is effective:

SCP for Regional Restrictions: Create and apply an SCP that explicitly denies access to AWS services in unapproved regions. This policy will enforce region-based restrictions at the organizational unit or account level.

Control Tower Regional Governance: Adjust the settings in AWS Control Tower's landing zone to include governance for approved regions. This helps in maintaining a standard configuration that aligns with organizational policies regarding AWS regions.

AWS Documentation Reference:

For more information, check the AWS documentation on SCPs and AWS Control Tower:

Service Control Policies

AWS Control Tower.

To improve the performance of the website with long loading times, leveraging Amazon CloudFront for caching static content and implementing EC2 Auto Scaling are effective strategies.

Add Amazon CloudFront Caching:

Navigate to the CloudFront console and create a new distribution.

For the origin, specify the S3 bucket where the static content is stored.

Configure caching settings to ensure that static content is cached at edge locations for faster delivery to end users.

Update the DNS settings in Amazon Route 53 to point to the CloudFront distribution for static content.

Implement EC2 Auto Scaling:

Go to the EC2 console and create a new launch configuration or launch template for the web servers.

Set up an Auto Scaling group using the launch configuration/template.

Configure the Auto Scaling group to use health checks, and specify the desired, minimum, and maximum number of instances.

Define scaling policies to add or remove instances based on CPU utilization or other metrics.

Distribute instances across multiple Availability Zones for high availability.

Amazon CloudFront Developer Guide

Amazon EC2 Auto Scaling

Here are the steps to configure Amazon EventBridge to meet the above requirements:

Log in to the AWS Management Console by using the AWS Management Console shortcut from the VM desktop. Make sure that you are logged in to the desired AWS account.

Go to the EventBridge service in the us-east-2 Region.

In the EventBridge service, navigate to the "Event buses" page.

Click on the "Create event bus" button.

Give a name to your event bus, and select "default" as the event source type.

Navigate to "Rules" page and create a new rule named "RunFunction"

In the "Event pattern" section, select "Schedule" as the event source and set the schedule to run every 15 minutes.

In the "Actions" section, select "Send to Lambda" and choose the existing AWS Lambda function named "LogEventFunction"

Create another rule named "SpotWarning"

In the "Event pattern" section, select "EC2" as the event source, and filter the events on "EC2 Spot Instance interruption"

In the "Actions" section, select "Send to SNS topic" and create a new standard Amazon SNS topic named "TopicEvents"

In the "Input Transformer" section, set the Input Path to {“instance” : “$.detail.instance-id”} and Input template to “The EC2 Spot Instance has been interrupted on account.

Now all Amazon EC2 events in the default event bus will be replayable for past 90 days.

Note:

You can use the AWS Management Console, AWS CLI, or SDKs to create and manage EventBridge resources.

You can use CloudTrail event history to replay events from the past 90 days.

You can refer to the AWS EventBridge documentation for more information on how to configure and use the service: