When evaluating access to the topic, a combination of all policies is going to be considered for each individual accessing the topic. If a user, group, or role does not have permission to access SNS, the service will implicitly deny all access. But once access to SNS is allowed, a combination of the IAM SNS policy and the topic's own access policy will be applied. Be careful when setting explicit denies in either the IAM policy or the access policy, as any explicit denies will of course override any explicit allows, thereby potentially causing valid actions to be unavailable.
- Title Page
- Copyright and Credits
- About Packt
- Contributors
- Preface
- Overview of AWS Certified SysOps Administrators and Associated Certification
- The Fundamentals of Amazon Web Services
- Managing AWS Security with Identity and Access Management
- Networking with the Virtual Private Cloud
- Managing Servers on AWS with Elastic Compute Cloud
- Handling Server Traffic with Elastic Load Balancing
- Understanding Simple Storage Service and Glacier
- Understanding Content Distribution with CloudFront
- AWS Storage Options
- Working with the Route 53 Domain Name System
- Working with Relational Database Services
- Introduction to ElastiCache
- Amazon DynamoDB - A NoSQL Database Service
- Technical requirements
- Introduction to DynamoDB
- ACID versus BASE
- Relational versus non-relational DB
- DynamoDB core concepts
- Read consistency
- Creating a DynamoDB table
- DynamoDB provisioned throughput
- DynamoDB partitions and distribution
- Accessing DynamoDB
- User authentication and access control
- DynamoDB service ceiling
- Summary
- Questions
- Further reading
- Working with Simple Queue Service
- Handling Messaging with Simple Notification Service
- Getting Started with Simple Workflow Service
- Overview of AWS Lambda
- Monitoring Resources with Amazon CloudWatch
- Technical requirements
- Introduction to Amazon CloudWatch
- How CloudWatch works
- Elements of CloudWatch
- CloudWatch dashboards
- Monitoring EC2
- Monitoring RDS
- Monitoring ElastiCache
- SQS monitoring and logging
- Monitoring SNS with CloudWatch
- Monitoring Elastic Beanstalk environments
- Billing alerts
- Summary
- Questions
- Further reading
- Understanding Elastic Beanstalk
- Automation with the CloudFormation Service
- Cloud Orchestration with OpsWorks
- Exam Tips and Tricks
- Mock Tests
- Assessments
- Chapter 2 – The Fundamentals of Amazon Web Services
- Chapter 3 – Managing AWS Security with Identity and Access Management 
- Chapter 4 – Networking with Virtual Private Cloud
- Chapter 5 – Managing Servers on AWS with Elastic Compute Cloud
- Chapter 6 – Handling Server Traffic with Elastic Load Balancing
- Chapter 7 – Understanding Simple Storage Service and Glacier
- Chapter 8 – Understanding Content Distribution with CloudFront
- Chapter 9 – AWS Storage Options
- Chapter 10 – Working with Route 53 Domain Name System
- Chapter 11 – Working with Relational Database Services
- Chapter 12 – Introduction to ElastiCache
- Chapter 13 – Amazon DynamoDB – a NoSQL Database Service
- Chapter 14 – Working with Simple Queue Service
- Chapter 15 – Handling Messaging with SNS
- Chapter 16 – Getting Started with Simple Workflow Service
- Chapter 17 – Overview of AWS Lambda
- Chapter 18 – Monitoring Resources with Amazon CloudWatch
- Chapter 19 – Understanding Elastic Beanstalk
- Chapter 20 – Automation with CloudFormation service
- Chapter 21 – Cloud Orchestration with OpsWorks
- Chapter 23 – Mock Test
- Other Books You May Enjoy
Access request evaluation logic
-
No Comment
..................Content has been hidden....................
You can't read the all page of ebook, please click here login for view all page.