Implementation Steps for AWS DynamoDB Security and Performance
Question
A company is planning on using AWS DynamoDB for storing around 10 TB of data.
They need to have single-digit milliseconds to data in the table.
They also need to ensure that the application sitting on Amazon EC2 Instance uses the right security credentials to access the DynamoDB table.
Which of the following implementation steps will help fulfil this requirement.
Choose 2 answers from the options given below.
Answers
Explanations
Click on the arrows to vote for the correct answer
A. B. C. D.Answer - B and D.
The AWS Documentation mentions the following.
Amazon DynamoDB is designed for scale and performance.
In most cases, the DynamoDB response times can be measured in single-digit milliseconds.
However, there are certain use cases that require response times in microseconds.
For these use cases, DynamoDB Accelerator (DAX)delivers fast response times for accessing eventually consistent data.
Instead, you can and should use an IAM role to manage temporary credentials for applications that run on an EC2 instance.
When you use a role, you don't have to distribute long-term credentials (such as a user name and password or access keys) to an EC2 instance.
Instead, the role supplies temporary permissions that applications can use when they make calls to other AWS resources.
When you launch an EC2 instance, you specify an IAM role to associate with the instance.
Applications that run on the instance can then use the role-supplied temporary credentials to sign API requests.
Option A is partially correct, but you would want to use DAX instead of ElastiCache.
Option C is incorrect since Access Keys are a security risk for allowing access.
For more information on working with DAX and IAM Roles, please refer to the below URL.
https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/DAX.html https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_use_switch-role-ec2.htmlTo meet the requirement of fast data access and secure access to DynamoDB table, we can implement the following steps:
Use the DAX in-memory cache: DynamoDB Accelerator (DAX) is a fully managed in-memory cache that can speed up DynamoDB response times from single-digit milliseconds to microseconds, with high throughput and low latency. DAX can also reduce the number of read requests sent to DynamoDB by caching frequently accessed data in the cache, which can further reduce latency and costs. By using DAX, the application can retrieve data faster, which will meet the requirement of single-digit milliseconds response time.
Attach an IAM Role to the EC2 Instance for accessing the DynamoDB table: To ensure secure access to the DynamoDB table, we can attach an IAM role to the EC2 instance. IAM roles allow an EC2 instance to access AWS services securely without the need for hard-coded credentials, such as access keys. We can create an IAM role that has permissions to access the DynamoDB table and attach it to the EC2 instance. This way, the application running on the EC2 instance can access the DynamoDB table securely using the IAM role. This eliminates the need to store and manage access keys on the EC2 instance, which can be a security risk.
Hence, the correct answers to this question are: B. Use the DAX in memory cache D. Attach an IAM Role to the EC2 Instance for accessing the DynamoDB table.
