image
Service Limitations and Costs

Contents

ANS-C01 Introduction
1
AWS Network Management (ANS-C01)
PREVIEW2m 31s
AWS Config
2
What is AWS Config?
PREVIEW5m 51s
3
Key Components
PREVIEW32m 51s
AWS Logging Mechanisms
12
VPC Flow Logs
PREVIEW10m

The course is part of this learning path

AWS Advanced Networking – Specialty (ANS-C01) Certification Preparation for AWS
8
2
17
Start course
Overview
Difficulty
Intermediate
Duration
2h 39m
Students
154
Ratings
4.5/5
starstarstarstarstar-half
Description

In this section of the AWS Certified Advanced Networking - Specialty learning path, we introduce you to the various network management services currently available in AWS that are relevant to the ANS-C01 exam.

Learning Objectives

  • Identify and describe the various network management services available in AWS
  • Understand the use of AWS Config to assess network infrastructure
  • Describe how AWS CloudTrail is used to monitor and audit network infrastructure
  • Explain how Amazon Inspector is used to enhance AWS network security and compliance
  • Describe how VPC Flow Logs are used to capture IP traffic within the AWS Cloud
  • Identify strategies for solving common issues that occur when running cloud networking at scale

Prerequisites

The AWS Certified Advanced Networking - Specialty certification has been designed for anyone with experience designing, implementing, and operating complex AWS and hybrid networking architectures. Ideally, you’ll also have some exposure to the nuances of AWS networking regarding the integration of AWS services and AWS security best practices. Many exam questions will require advanced level knowledge of many AWS services, including AWS networking services. The AWS Cloud concepts introduced in this course will be explained and reinforced from the ground up.

Transcript

Hello and welcome to this lecture. We're going to explain the different service limitations of Amazon Inspector as well as how much it's going to cost to use and implement within your own environment.

Across the service there are a number of limitations that you'll need to be aware of.

Agents per assessment. When creating your target assessments the maximum number of agents that can be included is 500. Be aware that this limit can't be increased. The number of assessment runs.

There is a default limit of 50,000 assessment runs that you can have per account. If you need this limit to be increased then you need to contact the AWS Customer Support to do so.

The number of assessment templates. Again, by default, there is a limit of 500 assessment templates that can assist in an AWS account. If this limit needs to be increased, then again, you can contact AWS Customer Support.

The number of assessment targets. This has a default limit set to 50, which can also be increased if required to do so.

Although I mentioned this earlier in a previous lecture, it's worth noticing the limitation of rule packages against specific operating systems.

So how much will using Amazon Inspector cost you to gain all of this additional security information within your environment? Which is always an important factor for any service. For the benefit it brings to you and your environment, I think it's very cost-effective.

Essentially, Amazon Inspector is priced at per-agent, per-assessment run, which is an agent assessment per month. For example, if you were to run one agent against 20 assessments that would be 20 agent assessments, or two agents against five assessments, that would be 10 agent assessments. There are no other costs associated within Amazon Inspector so there are no up front or on-going maintenance costs.

The pricing for agent assessments per month starts at 30 cents but there is capacity for a discount with the more agent assessments run per month.

That now brings us to the end of this lecture. Coming up in the last lecture, I will summarize the main points that we have learned from each lecture.

About the Author
Avatar
Stuart Scott
AWS Content Director
Students
229133
Labs
1
Courses
216
Learning Paths
172

Stuart has been working within the IT industry for two decades covering a huge range of topic areas and technologies, from data center and network infrastructure design, to cloud architecture and implementation.

To date, Stuart has created 150+ courses relating to Cloud reaching over 180,000 students, mostly within the AWS category and with a heavy focus on security and compliance.

Stuart is a member of the AWS Community Builders Program for his contributions towards AWS.

He is AWS certified and accredited in addition to being a published author covering topics across the AWS landscape.

In January 2016 Stuart was awarded ‘Expert of the Year Award 2015’ from Experts Exchange for his knowledge share within cloud services to the community.

Stuart enjoys writing about cloud technologies and you will find many of his articles within our blog pages.