All Section Flashcards
Regions
22 so far, cluster of data centers
Availability Zones
At least 2 per region; has at least 1 data center in it; creates no single point of failure
country-region-region number followed by availability zone
AZ naming scheme
Edge Locations
AWS endpoints; consists of CloudFront, Content Delivery Network (CDN), and Route 53
Capital Expenditure
upfront investments to obtain fixed asset
operating expenditure
day to day expenses
AWS Cost Explorer
- A tool that enables you to visualize, understand, and manage your AWS costs and usage over time
- breakdown by service or cost tag
- predictions for next three months
AWS Budgets
- gives you the ability to set custom budgets that alert you when your costs or usage exceed (or are forecasted to exceed) your budgeted amount
- play and track usage by service
AWS TCO Calculator
- Total Cost Ownership
- calculator for savings from data center to cloud
Resource tags
meta data to group projects when calculating costs
AWS Organizations
- An account management service that enables you to consolidate multiple AWS accounts
- multiple accounts under master for Consolidated Billing
AWS Pricing Calculator
- lets you explore AWS services, and create an estimate for the cost of your use cases on AWS.
- deprecated version known as Simple Monthly Calculator
AWS Support
- Has 2 services: AWS Personal Health Dashboard & AWS Trusted Advisor
- resource support
AWS Personal Health Dashboard
- service that provides alerts and remediation for impacting events
AWS Trusted Advisor
- service that compares usage against best practice; 7 core checks
- provides personalized recommendations
Trusted Advisor checks
5 checks:
- cost optimization
- performance
- security
- fault tolerance
- service limits
Basic, Developer, Business, Enterprise
4 tiers of support
Support differences
- Communication method
- Response time
- Cost
- Type of guidance offered
Basic Support
- Support plan with 7 trusted advisor checks, personal health dashboard, docs/support forms
- NO support engineers
- Free
Developer Support
- support plan that includes all in basic support
- 1 primary contact
- business hour email access to support engineers
- starts at $29/mo
Business Support
- support plan that includes all in basic and developer
- Full Trusted Advisor Checks
- 24/7 phone, email, chat access
- unlimited contacts
- third part software support
- starts at $100/mo
Enterprise Support
- support plan that includes all in basic, developer, and business
- designed Technical Account Manager (TAM)
- concierge support team
- starts at $15k/mo
Response Times for Developer Plan
- General Guidance: 24 business hours
- System Impaired: 12 business hours
- Prod System Impaired: NA
- Prod System Down: NA
- Business Critical System Down: NA
Response Times for Business Plan
- General Guidance: 24 total hours
- System Impaired: 12 total hours
- Prod System Impaired: 4 hours
- Prod System Down: 1 hour
- Business Critical System Down: NA
Response Times for Enterprise Plan
- General Guidance: 24 total hours
- System Impaired: 12 total hours
- Prod System Impaired: 4 hours
- Prod System Down: 1 hour
- Business Critical System Down: 15 min
AWS Quick Starts
Step by step deployment for common platform
AWS Partner Network Consulting Partners
Third party connection tool
AWS Professional Services
- a global team of experts that can help you with your desired business outcomes for AWS
- help directly with AWS resources
Console, CLI, SDK
3 ways to interact with AWS
Console
Interaction method good for testing out a service
CLI and SDK
Interaction method(s) good for automation
SDK
Interaction method for app integration
Root and IAM
2 types of AWS users
Compute Services
Service to use cloud based VMs; web, DB, data processing
EC2
- IaaS service
- Elastic Compute Cloud
Hosting web server, batch processing, API server, remote desktop
4 use cases for EC2
Instance Type
- Defines processor, memory, storage
- Cannot change without downtime
General purpose, compute, memory, or storage optimized, accelerated computing
3 categories of instance types
Root Device Types
- Instance store
- Elastic block store (EBS)
Instance Store
Ephemeral storage; Physically attached to host
Amazon Machine Image
- Provides the information required to launch an instance
- Template for EC2 instance like config, OS, data
- Can be shared across accounts
- Can be custom; commercial ones in AWS marketplace
5 types of EC2 purchases
- On-demand
- Reserved
- Savings plan
- Spot
- Dedicated
- Default is on-demand
Reserved
- EC2 purchase type for consistent instances
- Discount from on-demand when committing to a specific period of time
- Capacity reservation for specific instance type
Savings Plan
- Purchase types not limited to EC2
- Is used for EC2, Fargate, Lambda
- No reserved capacity
- Up to 72% savings compared to on-demand
- 1 or 3 year terms
Spot
- purchase type mostly used for batch processing
- up to 90% savings compared to on-demand
- like stock market for instance
- instances launch with highest bidder; otherwise, kicked off
- 2 minutes notify
Dedicated Host
- most expensive purchase type
- dedicated physical server
- good if you have per server license
Elastic Beanstalk
- service that automates deployment & scaling process on EC2
- leverages existing services; only pay for other services
- handles provisioning, load balancing, scaling, and monitoring
Supports Java, .NET, PHP, Node.js, Python, Ruby, Go, Docker - EC2 customization feature
- to deploy apps with minimal knowledge of other services
- reduces app maintenance
AWS Lambda
- compute service where you are charged on execution time
- enables event-driven workflows
- primary service for serverless architecture
Advantages: reduced maintenance, fault tolerance, scales based on demand
6 types of Content and Network Delivery Services
Amazon Route 53,
Amazon VPC, AWS Direct Connect, Amazon API Gateway, Amazon CloudFront, Elastic Load Balancing
Amazon VPC
- isolated section of the AWS Cloud
- supports IPv4 and IPv6; can configure network settings
- supports public and private subnets
- can utilize Network Address Translation (NAT) for private subnets
- enables connections to data center
- can connect to other VPCs
- supports private connection to other AWS Services
AWS Direct Connect
- service for dedicated network connection from data center to AWS
Amazon Route 53
- highly available and scalable DNS web service
- leverage edge locations
- global service; highly available and rare downtimes
- global resource routing
- can use server fail backups
Elastic Load Balancing
- Distributes traffic across multiple targets
- integrates with EC2, ECS (Docker Service), Lambda
- supports one of more AZs in a region
Application Load Balancer, Network Load Balancer, Classic Load Balancer
3 types of load balancers; default is classic (known as ELB)
Vertical and Horizontal
2 EC2 scaling types
Vertical Scaling
Scaling to better instance types
Horizontal scaling
Adding more of the same instance type
Amazon CloudFront
- CDN
- leverages edge locations
- for static and dynamic content
- Security features: AWS Shield for DDoS
- AWS Web Application Firewall (WAF)
Amazon API Gateway
- Fully managed API management service
- Can create and manage APIs
- Directly integrates with other AWS services
- API call monitoring and metrics
- Supports VPC and on-premise private applications
AWS Global Accelerator
- networking service that improves user performance up to 60%
- utilizes IP addresses instead of DNS like CloudFront
- once traffic reaches edge locations, traffic is routed through AWS network instead of public internet
- can route to AWS resources like load balancers and EC2 instances
Global Accelerator
performance improvements from this service by:
- minimizing distance between user and endpoint by using edge locations
- optimizing traffic using AWS network
- improvement of first byte latency, jitter, throughput
- superior fault tolerance by not relying on DNS resolution
Global Accelerator
use cases for this network service:
- using non-http protocols
- requiring static IP
- instant failover
6 types of file storage services
Amazon S3, Amazon S3 Glacier, Amazon Elastic Block Store, Amazon Elastic File System, AWS Snowball, AWS Snowmobile
Amazon S3
- storage service used to store files as objects in buckets
- storage classes for different use cases
- stores data across multiple AZs
- URL access for files
- configurable rules for data lifecycle
- can serve as static web host
4 types of S3 non-archival classes
Standard, Intelligent-tiering, Standard-IA, One Zone-IA
Standard
- S3 default non-archival storage class
- Used for frequently accessed data
Intelligent-Tiering
- S3 non-archival storage class
- moves data to storage class based on usage based on frequency access
Standard-IA
- S3 non-archival storage class
- for infrequently accessed data
- spread across multiple AZs
One Zone-IA
- S3 non-archival storage class
- for infrequently accessed data
- only in one AZ
Lifecycle Policies
For S3:
- bucket objects can transition or expire based on criteria
- transition based on time not usage
- expiration on age
- policies can account for versions of an object
Transfer Acceleration
Optimized data upload using edge location as a part of CloudFront
Glacier & Glacier Deep Archive
- 2 services for archiving data within S3 as separate storage classes
- offers configurable retrieval times
- can send files directly or through lifecycle rules
S3 Glacier
- Service for archival data
- 90 day min storage duration change
- Retrieved in minutes or hours
- Retrieval fee per GB
- 5x LESS expensive than S3 standard storage class
S3 Glacier Deep Archive
- For archival data
- 180 day min storage duration change
- Retrieved in hours
- Retrieval free per GB
- 23x LESS expensive than S3 standard storage class
Elastic Block Store
- Persistent storage; separate from host
- Persistent block storage for use with a single EC2 instance
- Scales to support PB of data & multiple volume types
- Redundancy within AZ
- Allows snapshots of data
- Offers encryptions
EBS volume types
- General purpose SSD
- Provisioned IOPS SSD; high performance for low latency apps
- Throughput optimized HDD; frequently accessed data
- Cold HDD; less frequently accessed workloads
Elastic File System (EFS)
- Fully managed Network File System (NFS)
- Designed for Linux workloads
- Supports PB of data
- Stores data across multiple AZs
- Provides configurable lifecycles rules
Standard, Infrequent Access
2 EBS Storage Classes
Amazon FSx for Windows File Server
- fully managed native Windows file system
- Utilizes SSDs for low latency
- Native Windows features like:
- SMB (Server Message Block) support
- Active Directory Integration
- Windows NTFS
AWS Snowball
- large scale data transfer
- PB scale transfers
- physical device delivered by AWS to office location
- connect Snowball to your network and upload data
- Device is returned by local carrier to AWS
- AWS receives device and loads data into S3
AWS Snowmobile
- large scale data transfer
- EB scale transfers
- shipping container delivered to location
- AWS sets up connection to network
- loads data onto snowmobile
- AWS loads data into S3 when the container is at AWS location
- can do multiple trips
6 database and utility services
Amazon RDS, Amazon Aurora, Amazon DynamoDB, Amazon Redshift, Elasticache, AWS Database Migration Service
Amazon RDS
- Fully managed service for relational databases
- Handles provisioning, patching, backups, and recovery
- Can deploy across multiple AZs
- Supports read replicas for some platforms
- Launches into VPC
- Provides both GP SSD and provisioned IOPS SSDs
6 Amazon RDS supported platforms
MySQL, PostgresSQL, MariaDB, Oracle, SQL Server, Amazon Aurora
Amazon DMS (Data Migration Service)
- Service to move data into AWS from existing data
- supports one time and continual migration
- supports popular commercial and open source databases
- only pay for computation in migration process
Amazon DynamoDB
- fully managed NoSQL database service
- provides key-value and document DB
- low latency at any scale
- supports automated scaling based on config
- offers in-memory cache with DynamoDB Accelerator (DAX)
- Handles 20 mil reqs/sec and 10 tril reqs/day
Amazon DynamoDB
- NoSQL database service use cases:
- scaling without excessive maintenance
- serverless applications
- implementations that require low latency
- data models without BLOB (Binary Large Object) storage
Amazon ElastiCache
- fully managed in-memory data store
- supports both Memcached and Redis
- low latency
- enables scaling and replicas to meet demand
- handles common use cases:
- DB layer caching
- session storage
Amazon Redshift
- scalable data warehouse service
- supports PB scale warehousing
- high performance disks and columnar storage
- offers full encryption for content
- provides isolation with a VPC
- enables querying of EB of data in S3 using Redshift Spectrum
Amazon Aurora
- relational DB engine compatible with MySQL and PostgreSQL
3 app integration service
Amazon SNS (Simple Notification Service), Amazon SQS (Simple Queue Service), AWS Step Functions
Amazon SNS
- fully managed publish and subscribe messaging service
- can create decoupled application
- organized based on topics
- integrates with other AWS services
- provides end user notification via SMS, email, and push
- short lived messages; if not subbed, completely miss the info
Amazon SQS
- like a mailbox
- fully managed message queue service
- can create decoupled and fault tolerant apps
- up to 256KB per message
- message can be stored up to 14 days
2 types of SQS queues
Standard (cannot guarantee order), FIFO (guarantees order)
AWS Step Functions
- orchestration of workflows through fully managed service
- supports serverless architecture
- supports complex workflows including error handling
- charged per state transition and other AWS services used
- workflows defined using Amazon States Lanauge (kind of like JSON)
AWS Step Function Integrations
- Service integrates with:
- Compute services (like lambda)
- DB services (like dynamoDB)
- Messaging services (SNS & SQS)
- ML services
6 types of Management and Governance services
AWS CloudTrail, AWS CloudFormation, AWS CloudWatch, AWS Config, AWS Systems Manager, AWS Control Tower
AWS CloudTrail
- log, continuously monitor, retain account activity
- event history throughout all tools and services
- audit trails go to S3 bucket or into CloudWatch logs
- logs events in the regions they occur
- meets many compliance requirements for auditing
- should be enabled on every AWS account
- can consolidate into an Organizational trail using AWS Organizations
CloudTrail Use Cases
- Service’s use cases:
- Compliance requirement
- Forensic analysis
- Operational analysis
- Troubleshooting
3 services used to manage infrastructure
Amazon CloudWatch, AWS Config, AWS Systems Manager
Amazon CloudWatch
- first class citizen service, meaning it integrates by default
- monitoring and management service
- collects logs, metrics, and events from most AWS services
- enables alarms based on metrics
- provides visualization for metrics
- can create custom dashboards based on metrics
AWS Config
- Continuously monitors and records AWS resource configs
- Provides config history
- Works with custom rules and custom validation
- Has conformance packs for compliance standard including PCI-DSS (used for payment info)
- Works with AWS Organizations; both cross-region and cross-account
- Provides remediation steps for infrastructure not meeting criteria
AWS Systems Manager
- view operational data from AWS services and automate operational tasks across AWS resources
- to manage AWS infrastructure
- automation for common maintenance actions (like library updates on multiple servers)
- secure way to access servers using AWS credentials
- stores commonly used params securely for operational use
AWS CloudFormation
- service for provisioning infrastructure based on templates
- Free
- Templates: YAML, JSON
- enables infrastructure as code
- provides drift detection to find changes in the infrastructure
AWS OpsWorks
- configuration management service
- managed instances of Chef and Puppet
- config defined as code for servers
- Chef and Puppet manage lifecycles of config changes with servers
- works in hybrid cloud architecture for both cloud-based and on-premise servers
3 AWS OpsWorks subservices
Chef Automate, Puppet Enterprise, OpsWorks Stacks
AWS Control Tower (with Organizations)
- creates multi-account environments on AWS that follows best practices
- centralizes users across all AWS accounts
- provides creation of new accounts based on templates
- has Guardrails for account, which are like permissions
- include dashboard for operational insight
Acceptable Use Policy
- sending unsolicited mass emails is prohibited
- hosting or distributing harmful content
- pen tests are allowed for a list of specific services
Least Privilege Access
- only grant permissions to do task and no more
- Don’t use own root account for daily tasks
Shared Responsibility Model
- security and compliance is shared between AWS and user
- AWS has responsibility for security OF the cloud
- user has responsibility for security IN the cloud
AWS Responsibility
- access and training for Amazon employees
- global data enter and underlying network
- hardware for global infrastructure
- configuration management for infrastructure
- patching cloud infrastructure and services
Customer Responsibility
- individual access to cloud resources and training
- data security and encryption (in transit and rest)
- OS, network, and firewall config
- all code deployed onto cloud infrastrucutre
- patching guest OS and custom apps
AWS Well-Architected Framework
- collection of best practices across the five pillars:
1. Operation Excellence - running and monitoring systems for business value
2. Security - protecting info and assets
3. Reliability - recovery from disruptions
4. Performance Efficiency - using resources efficiently
5. cost Optimization - minimal costs
High Availability
- entire solution is running in an expected manner despite possible issues
Fault Tolerance
- supporting component failures
High Availability and Fault Tolerance
- Most managed AWS Services provide high availability out of the box
- EC2 fault tolerance must be implemented
- Multiple AZs should be leveraged
- Some services can enable fault tolerance in custom apps: SQS, Route 53
Compliance Common Standards
PCI-DSS, HIPAA, SOC 112/3, FedRamp, ISO 27018
PCI-DSS
- For processing credit cards
- Payment Card Industry Data Security Standard
HIPAA
- For healthcare data
- Health Insurance Portability and Accountability Act
SOC 112/3
- For operational processes
FedRamp
- For US government data
- Federal Risk and Authorization Management Program
ISO 27018
- For personally identifiable info
3 Compliance Services
AWS Config, AWS Artifact, Amazon GuardDuty
AWS Config
Service that provides conformance packs
AWS Artifact
- service that provides access to compliance reports
Amazon GuardDuty
- Intelligent threat detection service
AWS IAM
- Identity and Access Management
- service that controls access to AWS resources
- FREE
- manages authentication (login) & authorization (permissions)
- supports identity federation through SAML provides including Active Directory (external identity provider)
3 IAM Identities
Users, Groups, Roles
IAM User
A person or application that can authenticate with an AWS account
IAM Group
- A collection of users under one set of permissions
- Permission per group
IAM Role
- Enables user or AWS service to assume permission for a task
IAM Policies
- JSON that defines permissions for an AWS IAM Identity
- defines accessible services and actions for that service
- can be customer managed or AWS managed
2 IAM Best Practices
MFA, Least Privilege Access
Amazon Cognito
- like IAM but for own apps
- service that enables handling of authentication and aspects of authorization for apps via AWS
- provides UI for many platforms
- provides security features to control account access
- enabled controlled access to AWS resources; like IAM
- works with social and enterprise identity providers:
like Google, Amazon, Facebook, Microsoft Active Directory, SAML 2.0 Provider
2 On-Premise Data Integration Services
AWS Storage Gateway, AWS DataSync
AWS Storage Gateway
- integrates cloud storage into local network
- deployed as VM or specific hardware appliance
- integrates with S3 and EBS
3 AWS Storage Gateway types
Tape, File, Volume
Tape Gateway
- Tape backups process store data in cloud on virtual tapes
File Gateway
Stores files on S3 while providing cache low latency local access
Volume Gateway
iSCSI (Internet Small Computer System Interface) volumes on cloud to local applications
AWS DataSync
- Agent is deployed as VM on local network
- Integrates with S3, EFS, FSx for Windows File Server on AWS
- Improved transfer speed due to custom protocols and optimizations
- Charged per GB of transferred data
3 AWS Data Processing Services
AWS Glue, Amazon EMR, AWS Pipeline
AWS Glue
- Fully managed Extract, Transform, Load (ETL) service
- Supports data in RDS, DynamoDB, Redshift, S3
- Serverless model of execution (manages infrastructure automatically)
Amazon EMR
- Elastic Map Reduce
- big-data processing on EC2 and S3
- supports popular open-source frameworks and tools
- Operates in a clustered environment without additional config
- Supports many use cases
AWS Data Pipeline
- managed ETL service
- manages data workflow through AWS services
- support S3, EMR, Redshift, DynamoDB, RDS
- able to integrate on-premise data stores
3 Data Analysis Services
Amazon Athena, Amazon Quicksight, Amazon CloudSearch
Amazon Athena
- fully managed serverless service
- enables querying of large-scale data stored in S3
- queries are written in standard SQL
- charged based on data scanned for query
Amazon Quicksight
- Fully managed BI service
- Enables dynamic data dashboard based on stored data
- Charged on a per-user & per-session pricing model
- Multiple versions provided based on needs
Amazon CloudSearch
- fully managed search service
- supports scaling of search infrastructure to meet demand
- charged per hour and instance type of search infrastructure
*- enables developers to integrate search in custom apps
3 AI/ML Services
Amazon Rekognition, Amazon Translate, Amazon Transcribe
Amazon Rekognition
- fully managed image and video deep learning service
- identifies objects in images
- identifies objects and actions in videos
- can detect specific people using facial recognition
- supports custom labels for business objects (cashier-less shopping)
Amazon Translate
- fully managed test translator service
- currently support 54 languages
- language identification both batch and real time
Amazon Transcribe
- fully managed speech recognition service
- recorded speech converted into text
- has sub-service for medical use
- supports batch and real time transcription
- currently supports 31 languages
4 Disaster Recovery Architectures
Backup and Restore, Pilot light, Warm Standby, Multisite
Backup and Restore
- production data is backed up into S3
- standard or archival storage class
- EBS data can be stored as snapshots in S3
- Disaster Recovery event uses process of launching a new environment
- longest recovery time; cheapest
Pilot light
- key infrastructure components are kept running in the cloud
- to reduce recovery time compared to B&R
- cost builds up for running in the cloud
- AMIs (Amazon Machine Image) prepared for additional systems and can be launched quickly
*- core pieces of the system are always running
Warm Standby
- scaled down version of full environment in the cloud
- critical systems can run on less capable instance types
- instance types and other systems can be upgraded for disaster recovery
- cost builds up for running infrastructure in the cloud
Multisite
- Full environment running at all times in the cloud
- Utilizes instance types needed for production, not just recovery
- Near seamless recovery; expensive
2 Considerations when selecting a Backup Architecture
Recovery Time Objective (RTO), Recovery Point Objective (RPO)
RTO
- Time is takes to get systems back up and running
RPO
- Amount of data loss (in terms of time) during disaster recovery
2 EC2 Scaling Services
Auto Scaling Group, Elastic Load Balancer
Auto Scaling Group
- launch template for the group’s instance configuration
- define the min, max, and desired number of instances
- performs health checks on each instance; status codes
- exists within one of more AZs in a region
- works with on-demand and spot instances
AWS Secrets Manager
- secure way to integrate credentials, API keys, tokens, and other secret content
- integrates natively with RDS, DocumentDB, and Redshift
- can auto-rotate credentials with integrated services
- enables fine-grained access control to secrets
3 VPC securities
Security Groups, Network ACLs, AWS VPN
Security Groups
- Serves as a firewall for EC2 instances
- Control inbound and outbound traffic
- Works at instance level; not subnet level
- EC2 instances can belong to multiple security groups
- VPCs have default security group
- Must be explicitly associated with an EC2 instance
- Defaulted to allow all outbound traffic
Network ACL
- Access Control List
- works at subnet level within a VPC
- enables you to allow and deny traffic
- each VPC has default ACL, which allows all inbound and outbound
- custom ACLs deny all traffic until rules are added
AWS VPN
- goes over public internet; DirectConnect uses AWS network
- encrypted tunnel into VPC
- used to connect own data center or individual client machines
- support services: Site-to-site VPN, Client VPN
3 infrastructure protection services
AWS Shield, Amazon Macie, Amazon Inspector
AWS Shield
- Provides protection against DDoS for apps running on AWS
- Enables on-going threat detection and mitigation
- 2 service levels: standard and advanced
Amazon Macie
- Utilizes ML to analyze data stored in S3
- Detects personal info and intellectual property in S3
- Provides dashboards that show how data is being stored and accessed
- Alerts if it detects anything unusual about data access
Amazon Inspector
- Scanning of EC2 instances for security vulnerabilities
- Charged by instance per assessment run
Amazon Inspector 2 rules packages
Network Reachability Assessment, Host Assessment
Network Reachability Assessment
- Determines what servers provide to the internet
Host Assessment
- Vulnerability and config scanning
2 Pre-defined Deployment Services
AWS Service Catalog, AWS Marketplace
AWS Service Catalog
- Serves as an organizational service catalog for the cloud
- Can be single server image to multi-tier custom app
- Enables organizations to use services that meet compliance
- Supports lifecycles for services in catalog (update notification)
AWS Marketplace
- Curated catalog of third-party solutions for customer to run on AWS
- Provides AMIs, CloudFormation stacks, and SaaS solutions
- Enables different pricing options to overcome licensing in the cloud
- Charges appear on AWS bill (but some are free)
5 AWS Developer Tools
AWS CodeCommit, AWS CodeBuild, AWS CodeDeploy, AWS CodePipeline, AWS CodeStar
AWS CodeCommit
- Managed source control service that utilizes Git for repos
- Control access with IAM policies
- Alternative to GitHub and Bitbucket
AWS CodeBuild
- Managed build and continuous integration service on AWS
- No worries about infrastructure maintenance
- Charged per minute for compute resources utilized
AWS CodeDeploy
- Managed deployment service for deploying custom apps
-Deploys to EC2, Fargate (container service), Lambda, and on-premise servers - Provides dashboard for deployments in AWS console
AWS CodePipeline
- Fully managed continuous delivery service on AWS
- Provides capabilities to automate building, testing, and deploying
- Integrates with other dev tools and GitHub
AWS CodeStar
- Workflow tool that automates the use of the other dev services
- Create complete continuous delivery toolchain for custom apps
- Charged for the other leveraged services
Traditional Data Centers
Cons:
- Large investment
- difficult demand forecasting
- slow to deploy
- expensive maintenance
- own all security burden
Cloud Computing
- On-demand delivery of comp power, db, apps, and IT through internet
Pros:
- Variable expense not capital
- Economies of scale
Elasticity
Ability to acquire and release resources efficiently
IaaS
The full application and dependencies on the cloud
SaaS
Cloud services like email
PaaS
Wordpress, Elastic Beanstalks
Deployment Models
Public, Private, Hybrid are types of…
The 3 elements of the AWS Global Infrastructure
Regions, Availability Zones, Edge Locations
