Use AWS Certificate Manager (ACM) to import an SSL/TLS certificate. Apply the certificate to the ALB. Use Amazon EventBridge (Amazon CloudWatch Events) to send a notification when the certificate is nearing expiration. Rotate the certificate manually. – Due to certificate validation process, manual intervention is required.
Other manual intervention scenarios:
- Imported Certificates: These certificates are not managed by ACM and therefore require manual renewal and import.
- ACM-Managed Certificates Facing Issues: If ACM faces any issues renewing a certificate automatically, the EventBridge events serve as a notification system to alert you to take action. This allows you to address whatever issues prevented the automatic renewal (such as revalidating domain ownership or updating contact information) and to manually renew the certificate if necessary.
Amazon FSx File Gateway optimizes on-premises access to fully managed, highly reliable file shares in Amazon FSx for Windows File Server. Customers with unstructured or file data, whether from SMB-based group shares, or business applications, may require on-premises access to meet low-latency requirements.Β Amazon FSx File Gateway helps accelerate your file-based storage migrationΒ to the cloud to enable faster performance, improved data protection, and reduced cost.
https://aws.amazon.com/storagegateway/file/fsx/
SMB stands for Server Message Block. It is a network communication protocol used for providing shared access to files, printers, and serial ports between nodes on a network. Most commonly used in Microsoft Windows operating systems, SMB facilitates network communication so that users can access resources on a remote server as easily as if they were connected to their own computer. SMB can operate over the network’s transport layer, using TCP (Transmission Control Protocol) port 445 for direct TCP/IP connections without needing the NetBIOS layer.
Deploy and configure Amazon FSx for Windows File Server on AWS. Deploy and configure an Amazon FSx File Gateway on premises. Move the on-premises file data to the FSx File Gateway. Configure the cloud workloads to use FSx for Windows File Server on AWS. Configure the on-premises workloads to use the FSx File Gateway.
Deploying Amazon FSx for Windows File Server on AWS alongside an Amazon FSx File Gateway on premises provides a cohesive solution that aligns closely with the requirements. This setup allows for low-latency access to file storage both in AWS and on-premises. The FSx File Gateway caches frequently accessed data on-premises, reducing latency for local users and applications. Simultaneously, cloud workloads benefit from direct FSx for Windows File Server access. This solution minimizes operational overhead by leveraging managed services and requires no significant changes to existing file access patterns, as it supports native Windows file sharing protocols.
Storage gateway types
Amazon S3 File Gateway – Native file access to Amazon S3 for backups, archives, and ingest for data lakes.
Amazon FSx File Gateway – Native access to Amazon FSx for on-premises group file shares and home directories
Tape Gateway – Replace physical tape infrastructure leveraging Amazon S3 archive tiers for long-term retention
Volume Gateway – Block storage volumes with snapshots, AWS Backup integration, and cloud recovery
Amazon Comprehend Medical – Amazon Comprehend Medical is a natural language processing (NLP) service that uses machine learning to extract health data in unstructured medical text.
The ChangeMessageVisibility API is a part of Amazon Simple Queue Service (SQS) that allows you to change the visibility timeout of a specific message in a queue. This timeout determines how long the message is invisible to other queue consumers after a message has been retrieved. Essentially, when a consumer receives a message from an SQS queue, that message is “hidden” from other consumers for the duration of the visibility timeout period to prevent multiple consumers from processing the same message simultaneously.
A highly available connection with consistent low latency = AWS Direct Connect
Minimize costs and accept slower traffic if the primary connection fails = VPN connection
Amazon RDS Proxy is a fully managed, highly available database proxy for Amazon Relational Database Service (RDS) that makes applications more scalable, more resilient to database failures, and more secure. Essentially, it sits between your application and the database to efficiently manage connections to the database and improve the scalability of the application.