Chapter 12: Security on AWS (Part 5)
An "identity pool" (painting by Waterhouse)? see below.
Amazon ElastiCache
The next puzzling comment was:
Amazon ElastiCache for Redis provides backup and restore functionality.
I thought ElastiCache was a cache service? Why would you need to back it up? Surely this messes up the cache refresh mechanisms? I.e. if you save a cache and back it up later on it will be out of sync with the underlying data store???
Redis actually looks like it can function not just as a cache, but as as a in-memory database. Redis persistence explained here.
It can also work with durability!
So I guess that backup and restores only work if you are using Redis as the database with no backing data store...?
More AWS docs.
So now I'm confused again. Redis is just another AWS database option? How does it compare with open source NoSQL like Cassandra? DynamoDB etc?
A blog comparing Redis with Cassandra:
Following is point by point comparison of Cassandra and Redis. There are some great benefits of using Cassandra as it is an Apache product and has support for HiveQL (SQL like syntax). Cassandra is columner/tabular oriented database (goes well with the historical RDBMS) and is AP in the CAP analysis. As is mentioned in the following table, when you are writing more than you read, Cassandra is great. It is good for banking and financial industry where you are writing more than you are reading (not necessary for transaction data but other details).
Redis is really fast compared to Cassandra as it has disk-backed in memory database. Unlike Cassandra where all the nodes are similar, it has master slave architecture (in line with Hadoop architecture). It is CP in the CAP theorem and is a key-value based database system. It is great to use when you have the rapid changing data and have approx. data size estimate (which can fit in memory). It is good for analytics and real-time data communication.
My simple summary, Cassandra is good for lots of writes, but Redis is better for lots of reads and writes.
And on the magic CAP triangle:
And a comparison of Redis, Cassandra and DynamoDB.
Amazon EMR
If you do encrypt the data before it is uploaded you then need to add a decryption step when Amazon EMR fetches the data from S3.
Sounds tricky, where is this documented? Not sure but maybe here (nothing mentions a decryption step!)
The Amazon Kinesis API is only accessible via an SSL-encrypted endpoint (kinesis.us-east-
1.amazonaws.com) to help ensure secure transmission of your data to AWS. You must
connect to that endpoint to access Kinesis, but you can then use the API to direct AWS Kinesis
to create a stream in any AWS Region
Again this seems "odd" and is not mentioned in the AWS Kinesis documentation anywhere that a search can discover.
Amazon Cognito
To use Amazon Cognito Federated Identities in your app, you'll need to create an identity pool. An identity pool is a store of user identity data specific to your account. Using Amazon Cognito Sync, you can retrieve the data across client platforms, devices, and operating systems, so that if a user starts using your app on a phone and later switches to a tablet, the persisted app information is still available for that user.
A bit like Narcissus?
Every business require cloud DR solution to secure their data. AWS disaster recovery architecture provide complete solution to protect data. Thanks
ReplyDeleteWant to change your career in Selenium? Red Prism Group is one of the best training coaching for Selenium in Noida. Now start your career for Selenium Automation with Red Prism Group. Join training institute for selenium in noida.
ReplyDelete