Updated Backup section with grammar and typo corrections. Updated all…

content/hands-on-labs/backups/on-demand-backup.en.md

@@ -16,23 +16,24 @@ table performance or availability.
 1.  First, go to the [DynamoDB Console](https://console.aws.amazon.com/dynamodbv2/) and click on *Tables* from the side menu.Choose ProductCatalog table.
     On the **Backups** tab of the ProductCatalog table, choose **Create backup**.
 
-![OD Backup 1](/static/images/hands-on-labs/backup/od_backup_1.png)
+:image[OD Backup 1]{src="/static/images/hands-on-labs/backup/od_backup_1.png" disableZoom=true width=950}
 
 2.  Make sure that ProductCatalog is the source table name. Choose **Customize settings** and then select **Backup with DynamoDB**. Enter the name `ProductCatalogBackup`. Click **Create backup** to create the backup.
 
-![OD Backup 2](/static/images/hands-on-labs/backup/od_backup_2.png)
+:image[OD Backup 2]{src="/static/images/hands-on-labs/backup/od_backup_2.png" disableZoom=true width=850}
+
 
 While the backup is being created, the backup status is set to
 **Creating**. After the backup is complete, the backup status changes to
 **Available**.
 
 ### Restore Backup
 
-1.  Go to the [DynamoDB Console](https://console.aws.amazon.com/dynamodbv2/) and click on *Tables* from the side menu.Choose ProductCatalog table.
-    Choose **Backups** tab. In the list of backups, choose ProductCatalogBackup.
+1.  Click on *Tables* from the side menu. Choose the ProductCatalog table.
+    Choose the **Backups** tab. In the list of backups, choose ProductCatalogBackup.
 	Choose **Restore**.
 
-![OD Backup 3](/static/images/hands-on-labs/backup/od_backup_3.png)
+:image[OD Backup 3]{src="/static/images/hands-on-labs/backup/od_backup_3.png" disableZoom=true width=850}
 
 2.  Enter `ProductCatalogODRestore` as the new table name. Confirm the
     backup name and other backup details. Choose **Restore**
@@ -41,7 +42,7 @@ While the backup is being created, the backup status is set to
     finished, the status of the `ProductCatalogODRestore` table changes to
     **Active**.
 
-![OD Backup 4](/static/images/hands-on-labs/backup/od_backup_4.png)
+:image[OD Backup 4]{src="/static/images/hands-on-labs/backup/od_backup_4.png" disableZoom=true width=850}
 
 ### To delete a backup
 
@@ -52,10 +53,11 @@ ProductCatalogBackup. You can only delete the backup after the table `ProductCat
 1. Choose ProductCatalog table.
 1. Choose **Backups** tab.
 1. In the list of backups, choose ProductCatalogBackup.
-1. Click **Delete**:
+1. Click **Delete**.
 
-![OD Backup 5](/static/images/hands-on-labs/backup/od_backup_5.png)
+:image[OD Backup 5]{src="/static/images/hands-on-labs/backup/od_backup_5.png" disableZoom=true width=850}
 
 Finally, type the world `Delete` and click **Delete** to delete the backup.
 
-![OD Backup 6](/static/images/hands-on-labs/backup/od_backup_6.png)
+:image[OD Backup 6]{src="/static/images/hands-on-labs/backup/od_backup_6.png" disableZoom=true width=550}
+

content/hands-on-labs/backups/pitr-backup.en.md

@@ -18,44 +18,43 @@ default, PITR is disabled.
 ### How to enable PITR
 
 1.  First, go to the [DynamoDB Console](https://console.aws.amazon.com/dynamodbv2/) and click on *Tables* from the side menu.
-In the list of tables, choose the ProductCatalog table.On the **Backups** tab of the ProductCatalog table in the  **Point-in-time recovery** section, choose **Edit**.
+In the list of tables, choose the ProductCatalog table. On the **Backups** tab of the ProductCatalog table in the **Point-in-time recovery** section, choose **Edit**.
 
-![PITR Backup 1](/static/images/hands-on-labs/backup/pitr_backup_1.png)
+:image[PITR Backup 1]{src="/static/images/hands-on-labs/backup/pitr_backup_1.png" disableZoom=true width=850}
 
 2.  Select **Enable Point-in-time-recovery** and choose **Save changes**.
 
-![PITR Backup 2](/static/images/hands-on-labs/backup/pitr_backup_2.png)
+:image[PITR Backup 2]{src="/static/images/hands-on-labs/backup/pitr_backup_2.png" disableZoom=true width=850}
 
 ### To restore a table to a point in time
 
 Now let us say we get some unwanted records in ProductCatalog table as highlighted below.
 
-![PITR Unwanted Records](/static/images/hands-on-labs/backup/pitr_unwanted_records.png)
+:image[PITR Unwanted Records]{src="/static/images/hands-on-labs/backup/pitr_unwanted_records.png" disableZoom=true width=1150}
 
-Follow the below steps to restore ProductCatalog using Point-in-time-recovery.
+Follow the steps below to restore the ProductCatalog table using Point-in-time-recovery.
 
-1.  Sign in to the AWS Management Console and open the DynamoDB console.
-    In the navigation pane on the left side of the console, choose
+1.  In the navigation pane on the left side of the console, choose
     **Tables**. In the list of tables, choose the ProductCatalog table.
     On the **Backups** tab of the ProductCatalog table, in the
     **Point-in-time recovery** section, choose **Restore to
     point-in-time**.
 
-![PITR Restore 1](/static/images/hands-on-labs/backup/pitr_restore_1.png)
+:image[PITR Restore 1]{src="/static/images/hands-on-labs/backup/pitr_restore_1.png" disableZoom=true width=950}
 
 2. For the new table name, enter ProductCatalogPITR. To confirm
-the restorable time, set the **Restore date and time** to the **Latest
+the restore time, set the **Restore date and time** to the **Latest
 restore date**. Choose **Restore** to start the restore process.
 
-![PITR Restore 2](/static/images/hands-on-labs/backup/pitr_restore_2.png)
+:image[PITR Restore 2]{src="/static/images/hands-on-labs/backup/pitr_restore_2.png" disableZoom=true width=950}
 
 *Note : You can restore the table to the same AWS Region or to a
-different Region from where the backup resides. You can also exclude
+different region from where the backup resides. You can also exclude
 secondary indexes from being created on the new restored table. In
 addition, you can specify a different encryption mode.*
 
 The table that is being restored is shown with the status **Restoring**.
 After the restore process is finished, the status of the
 *ProductCatalogPITR* table changes to **Active**.
 
-![PITR Restore 3](/static/images/hands-on-labs/backup/pitr_restore_3.png)
+:image[PITR Restore 3]{src="/static/images/hands-on-labs/backup/pitr_restore_3.png" disableZoom=true width=950}

content/hands-on-labs/backups/restrict-backup-deletion.en.md

@@ -5,13 +5,9 @@ date: 2020-04-21T07:38:58-05:00
 weight: 65
 ---
 
-Customer has a common ask when they want their developer/admin should be
-allowed to create and delete DynamoDB tables but they shouldn’t be
-allowed to delete the backups.
+Customers often request that their developers or administrators be allowed to create and delete DynamoDB tables, but not be permitted to delete the backups.
 
-You can achieve this by creating IAM policy. Following is an example of
-the AWS IAM policy which allow “Create Table”, “List Table”, “Create
-Backup” and “Delete Table” and denies “Delete Backup” of DynamoDB table.
+This can be achieved by creating an IAM policy. The following is an example of an AWS IAM policy that allows “Create Table,” “List Tables,” “Create Backup,” and “Delete Table”, while denying the “Delete Backup” action on DynamoDB tables.
 
 ```json
 
@@ -49,8 +45,7 @@ Backup” and “Delete Table” and denies “Delete Backup” of DynamoDB tabl
 
 
 
-You can restrict in AWS backup by denying as well by denying
-“DeleteBackupSelection” in IAM policy.
+You can also restrict backup deletion in AWS Backup by adding an explicit Deny statement for the “DeleteBackupSelection” Action in an IAM policy.
 
 ```json
 
@@ -61,7 +56,6 @@ You can restrict in AWS backup by denying as well by denying
             "Sid": "VisualEditor0",
             "Effect": "Allow",
             "Action": [
-                "backup:DeleteBackupSelection",
                 "backup:CreateBackupSelection",
                 "backup:StartBackupJob",
                 "backup:CreateBackupPlan",
@@ -86,14 +80,11 @@ You can restrict in AWS backup by denying as well by denying
 
 
 ```
-You can apply the policy to role and assign the role to IAM group. Now
-users belonging to this IAM group will inherit the permission.
+You can apply the policy to a role and assign the role to an IAM group, so users belonging to the IAM group inherit the permission.
 
-Let’s say now the user tries to delete the backup in AWS backup.
-
-![Restrict Backup Deletion 1](/static/images/hands-on-labs/backup/restrict_delete_1.png)
-
-User gets the access denied error due to insufficient permission to
+If a user now tries to delete the backup in AWS backup, they will received an access denied error due to insufficient permissions to
 delete the backup.
 
-![Restrict Backup Deletion 2](/static/images/hands-on-labs/backup/restrict_delete_2.png)
+:image[Restrict Backup Deletion 1]{src="/static/images/hands-on-labs/backup/restrict_delete_1.png" disableZoom=true width=1150}
+
+:image[Restrict Backup Deletion 2]{src="/static/images/hands-on-labs/backup/restrict_delete_2.png" disableZoom=true width=1050}

content/hands-on-labs/backups/schedule-backup.en.md

@@ -12,103 +12,97 @@ starting a backup job.
 1.  In the AWS Management Console, navigate to **Services -> AWS
     Backup.** Click on **Create Backup vault** under **Backup vaults**.
 
-![Scheduled Backup 1](/static/images/hands-on-labs/backup/sched_backup_1.png)
+:image[Scheduled Backup 1]{src="/static/images/hands-on-labs/backup/sched_backup_1.png" disableZoom=true width=950}
+
 
 2.  Provide Backup vault name of your choice. AWS KMS encryption master
     key. By default, AWS Backup creates a master key with the alias
     aws/backup for you. You can choose that key or choose any other key
-    in your account. Click on **Create Backup vault**
+    in your account. Click on **Create Backup vault**.
 
-![Scheduled Backup 2](/static/images/hands-on-labs/backup/sched_backup_2.png)
+:image[Scheduled Backup 2]{src="/static/images/hands-on-labs/backup/sched_backup_2.png" disableZoom=true width=650}
 
-You can see Backup vault is created successfully
+After a few moments, you will see the Backup vault has been created successfully.
 
-![Scheduled Backup 3](/static/images/hands-on-labs/backup/sched_backup_3.png)
+:image[Scheduled Backup 3]{src="/static/images/hands-on-labs/backup/sched_backup_3.png" disableZoom=true width=650}
 
 Now, we need to create backup plan.
 
 3.  Click on **Create Backup plan** under **Backup plans**.
 
-![Scheduled Backup 4](/static/images/hands-on-labs/backup/sched_backup_4.png)
+:image[Scheduled Backup 4]{src="/static/images/hands-on-labs/backup/sched_backup_4.png" disableZoom=true width=950}
 
 4.  Select **Build a new plan**. Provide **backup plan name** and **rule
     name**.
 
-![Scheduled Backup 5](/static/images/hands-on-labs/backup/sched_backup_5.png)
+:image[Scheduled Backup 5]{src="/static/images/hands-on-labs/backup/sched_backup_5.png" disableZoom=true width=650}
 
-5.  Select **backup frequency.** The backup frequency determines how
+5.  Select the **backup vault** we created earlier. Next, select **backup frequency.** The backup frequency determines how
     often a backup is created. Using the console, you can choose a
     **frequency** of every 12 hours, daily, weekly, or monthly. Choose a
-    **backup window**. Backup window consists of the time that the
-    backup window begins and the duration of the window in hours. Backup
-    jobs are started within this window. I am configuring backup at 6 PM
-    UTC start within 1 hour and completes within 4 hours.
-
-	Further, select **lifecycle**. The lifecycle defines when a backup is
-	transitioned to cold storage and when it expires. I am configuring
-	backup to move cold storage after 31 days and expire after 366 days.
+    **backup window**. The backup window consists of the time when the
+    backup begins and the duration of the window in hours. Backup
+    jobs are started within this window. Here, we are configuring the backup to start within 1 hour of 18:00 UTC and to complete within 4 hours.
 
-![Scheduled Backup 6](/static/images/hands-on-labs/backup/sched_backup_6.png)
+:image[Scheduled Backup 6]{src="/static/images/hands-on-labs/backup/sched_backup_6.png" disableZoom=true width=650}
 
+6. Select **Lifecycle**. The lifecycle defines when a backup is transitioned to cold storage and when it expires. Here, we are configuring the backup to move cold storage after 31 days and to expire after 365 days.
 
-6.  Select **backup vault** we created earlier. Click on **Create
-    plan**.
+:image[Scheduled Backup 7]{src="/static/images/hands-on-labs/backup/sched_backup_7.png" disableZoom=true width=650}
 
-![Scheduled Backup 7](/static/images/hands-on-labs/backup/sched_backup_7.png)
+7.   At the bottom of the page, click on **Create plan**.
 
 *Note: Backups that are transitioned to cold storage must be stored in
 cold storage for a minimum of 90 days*
 
-Now assign the resource to backup plan. When you assign a resource to a
+Next, assign the resource to backup plan. When you assign a resource to a
 backup plan, that resource is backed up automatically according to the
 backup plan.
 
-7. Give Resource a assignment name. Choose the default role. Select **Include specific resource types** under "1. Define resource selection"
+8. Give Resource a assignment name. Choose the default role. Under "**1. Define resource selection**", select **Include specific resource types**.
 
-![Scheduled Backup 8](/static/images/hands-on-labs/backup/sched_backup_8.png)
+:image[Scheduled Backup 8]{src="/static/images/hands-on-labs/backup/sched_backup_8.png" disableZoom=true width=650}
 
-8.   Under "2. Select specific resource types" select the resource type **DynamoDB** in the drop down. Click choose resources, uncheck All, and select the **ProductCatalog** table. Click **Assign resources**
+9.   Under "**2. Select specific resource types**", select the resource type **DynamoDB** in the dropdown. Click choose resources, uncheck **All Tables**, and select the **ProductCatalog** table. Click **Assign resources**.
 
-![Scheduled Backup 9](/static/images/hands-on-labs/backup/sched_backup_9.png)
+:image[Scheduled Backup 9]{src="/static/images/hands-on-labs/backup/sched_backup_9.png" disableZoom=true width=650}
 
-9.  You can see the status of your backup job under jobs section after
-    your scheduled backup window timeframe. You can see your DynamoDB
-    backup is completed.
+10.  You will only be able to see the status of your backup job under the jobs section after your scheduled backup window timeframe has passed. You will be able to see that your DynamoDB backup completed successfully.
 
-![Scheduled Backup 10](/static/images/hands-on-labs/backup/sched_backup_10.png)
 
-### Restore a Backup:
+### Restore a Backup
 
 After a resource has been backed up at least once, it is considered
-protected and is available to be restored using AWS Backup. In your account a backup may not yet be available. If this is the case, review the screenshots in lieu of doing this in your own account.
+protected and is available to be restored using AWS Backup. A backup may not yet be available in your account. If this is the case, simply review the process below. 
 
 1.  On the **Protected resources** page, you can explore details of the
     resources that are backed up in AWS Backup. Choose our DynamoDB
     table resource.
 
-![Scheduled Backup 11](/static/images/hands-on-labs/backup/sched_backup_11.png)
+:image[Scheduled Backup 11]{src="/static/images/hands-on-labs/backup/sched_backup_11.png" disableZoom=true width=650}
 
 2.  Choose the recovery point ID of the resource. Click on **Restore**. _Note: If you do not see a recovery point, you can click "Create an on-demand backup" and complete the backup. For the purposes of this lab, you need a completed backup to continue, and you may not want to wait for your backup plan's scheduled backup._
 
-![Scheduled Backup 12](/static/images/hands-on-labs/backup/sched_backup_12.png)
+:image[Scheduled Backup 12]{src="/static/images/hands-on-labs/backup/sched_backup_12.png" disableZoom=true width=650}
 
 3.  Provide new DynamoDB table name. Leave all the settings on the defaults and click
     **Restore backup**
 
-![Scheduled Backup 13](/static/images/hands-on-labs/backup/sched_backup_13.png)
+:image[Scheduled Backup 13]{src="/static/images/hands-on-labs/backup/sched_backup_13.png" disableZoom=true width=650}
 
 The **Restore jobs** pane appears. A message at the top of the page
 provides information about the restore job. You can see job status is
 running.After some time you can see status changes to completed
 
-![Scheduled Backup 14](/static/images/hands-on-labs/backup/sched_backup_14.png)
+
+:image[Scheduled Backup 14]{src="/static/images/hands-on-labs/backup/sched_backup_14.png" disableZoom=true width=650}
 
 You can also monitor the all backup and restore jobs in central
 dashboard.
 
-![Scheduled Backup 15](/static/images/hands-on-labs/backup/sched_backup_15.png)
+:image[Scheduled Backup 15]{src="/static/images/hands-on-labs/backup/sched_backup_15.png" disableZoom=true width=650}
 
 To see the restored table,  go to the [DynamoDB Console](https://console.aws.amazon.com/dynamodbv2/) and click on *Tables* from the side menu.Choose
 *ProductCatalogRestored* table. You can see the table is restored along with data.
 
-![Scheduled Backup 16](/static/images/hands-on-labs/backup/sched_backup_16.png)
+:image[Scheduled Backup 16]{src="/static/images/hands-on-labs/backup/sched_backup_16.png" disableZoom=true width=650}

content/hands-on-labs/explore-console/console-gsi.en.md

@@ -14,7 +14,7 @@ Armed with this knowledge of GSIs, we can now create a GSI on the **Reply** tabl
 
 Navigate to the **Reply** table, switch to the **Indexes** tab and click `Create Index`.
 
-![Console Create GSI 1](/static/images/hands-on-labs/explore-console/console_create_gsi_1.png)
+:image[Console Create GSI 1]{src="/static/images/hands-on-labs/explore-console/console_create_gsi_1.png" disableZoom=true width=850}
 
 Enter `PostedBy` as the Partition key, `ReplyDateTime` as the Sort key, and `PostedBy-ReplyDateTime-gsi` as the Index name.  Leave the other settings as defaults and click `Create Index`.  Once the index leaves the `Creating` state you can continue on to the exercise below.
 
@@ -34,11 +34,11 @@ The solution is expandable below but try to figure it out yourself before moving
 
 Even if the table has a billion **Reply** items authored by other Users, this query will only cost us to read the exact 3 items we're hoping to return (unlike a `Scan`).
 
-![Console Create GSI 2](/static/images/hands-on-labs/explore-console/console_create_gsi_2.png)
+:image[Console Create GSI 2]{src="/static/images/hands-on-labs/explore-console/console_create_gsi_2.png" disableZoom=true width=850}
 ::::
 
 ### Cleanup
 
 When you're done, make sure to remove the GSI. Return to the Indexes tab, select the `PostedBy-ReplyDateTime-gsi` index and click `Delete`.
 
-![Console Delete GSI](/static/images/hands-on-labs/explore-console/console_delete_gsi.png)
+:image[Console Delete GSI]{src="/static/images/hands-on-labs/explore-console/console_delete_gsi.png" disableZoom=true width=850}