Book Image

AWS Certified Database – Specialty (DBS-C01) Certification Guide

By : Kate Gawron
5 (1)
Book Image

AWS Certified Database – Specialty (DBS-C01) Certification Guide

5 (1)
By: Kate Gawron

Overview of this book

The AWS Certified Database – Specialty certification is one of the most challenging AWS certifications. It validates your comprehensive understanding of databases, including the concepts of design, migration, deployment, access, maintenance, automation, monitoring, security, and troubleshooting. With this guide, you'll understand how to use various AWS databases, such as Aurora Serverless and Global Database, and even services such as Redshift and Neptune. You’ll start with an introduction to the AWS databases, and then delve into workload-specific database design. As you advance through the chapters, you'll learn about migrating and deploying the databases, along with database security techniques such as encryption, auditing, and access controls. This AWS book will also cover monitoring, troubleshooting, and disaster recovery techniques, before testing all the knowledge you've gained throughout the book with the help of mock tests. By the end of this book, you'll have covered everything you need to pass the DBS-C01 AWS certification exam and have a handy, on-the-job desk reference guide.
Table of Contents (24 chapters)
1
Part 1: Introduction to Databases on AWS
Free Chapter
2
Chapter 1: AWS Certified Database – Specialty Overview
5
Part 2: Workload-Specific Database Design
12
Part 3: Deployment and Migration and Database Security
16
Part 4: Monitoring and Optimization
20
Part 5: Assessment
21
Chapter 16: Exam Practice

Introducing AWS identity and access management

Identity and access management (IAM) is a service that controls users, roles, and access mechanisms for all your AWS services. Security groups secure services at the VPC resource or instance level; IAM secures services at the account level.

IAM has three main areas, called identities:

  • Users: A user is a person who needs to access your AWS services. You can grant a user permission to control what they can and cannot access.
  • Groups: A group is a collection of users who will have the same permissions. This is often used to make administration easier.
  • Roles: A role is used to define a set of permissions and who can use it. However, it is not assigned directly to a person or a service, but rather a service or person can utilize it when needed. Roles are temporary and, therefore, offer greater protection than granting permanent permissions via groups or users.

To define the access controls, which you will then give...