2024-04-05T03:28:12+03:00[Europe/Moscow] en true <p>...has deleted a Secrets Manager secret. Now, when the team tried to create a new secret with the same name, they ended up with an error - You can't create this secret because a secret with this name is already scheduled for deletion. The secret has to be created with the same name to avoid issues in their application.</p>, <p>As per the company's compliance guidelines, data has to be encrypted during data exchange, for all channels of communication.</p><p>An Amazon S3 bucket is configured as a website endpoint and this is now being added as a custom origin for CloudFront.</p><p></p><p>How will you secure this channel, as per the company's requirements?</p><p></p><p>Note: </p><p>When your origin is an Amazon S3 bucket, your options for using HTTPS for communications with CloudFront depend on how you're using the bucket. Amazon S3 bucket (S3api REST) supports HTTPS communication, and provides the SSL/TLS certificate, so you don't have to.</p> flashcards
StephaneSimuationTest

StephaneSimuationTest

Customize
collection saved
Share
Long Term Learning Spaced Repetition
Add to Long Term Learning Desk
Fast learning Repeat this set of flashcards
Preview Test Spell
Play
Match
Review

  • ...has deleted a Secrets Manager secret. Now, when the team tried to create a new secret with the same name, they ended up with an error - You can't create this secret because a secret with this name is already scheduled for deletion. The secret has to be created with the same name to avoid issues in their application.

    Use AWS Command Line Interface (AWS CLI) to permanently delete a secret without any recovery window, run the DeleteSecret API call with the ForceDeleteWithoutRecovery parameter

    When you delete a secret, the Secrets Manager deprecates it with a seven-day recovery window. This means that you can't recreate a secret using the same name using the AWS Management Console until seven days have passed. You can permanently delete a secret without any recovery window using the AWS Command Line Interface (AWS CLI).

    Run the DeleteSecret API call with the ForceDeleteWithoutRecovery parameter to delete the secret permanently. If you receive errors when running AWS CLI commands, make sure that you’re using the most recent version of the AWS CLI. Secrets deleted using the ForceDeleteWithoutRecovery parameter can't be recovered or restored.

  • As per the company's compliance guidelines, data has to be encrypted during data exchange, for all channels of communication.

    An Amazon S3 bucket is configured as a website endpoint and this is now being added as a custom origin for CloudFront.

    How will you secure this channel, as per the company's requirements?

    Note:

    When your origin is an Amazon S3 bucket, your options for using HTTPS for communications with CloudFront depend on how you're using the bucket. Amazon S3 bucket (S3api REST) supports HTTPS communication, and provides the SSL/TLS certificate, so you don't have to.

    If your Amazon S3 bucket is configured as a website endpoint, you can't configure CloudFront to use HTTPS to communicate with your origin because Amazon S3 doesn't support HTTPS connections in that configuration.

    When your origin is an Amazon S3 bucket that supports HTTPS communication, CloudFront always forwards requests to S3 by using the same protocol of viewers requests.The default Protocol (custom origins only) is Match Viewer and can't be changed.

    If require HTTPS between CloudFront and Amazon S3, you must change the value of Viewer Protocol Policy to Redirect HTTP to HTTPS or HTTPS Only.