Amazon Management & Governance Flashcards
AWS Cloudwatch
o Personal trainer for EC2 - Monitors
performance of AWS resources and
applications - collects and tracks
metrics
o Monitors: EC2 Instances (every 5
min), Autoscaling, Elastic Load
Balancers, Route 53 Health checks,
Storage, CloudFront
CloudWatch Permissions
&
Additional Functionality
o Cloudwatch will monitor EC2 every 5 mins by default • You can have up to 1 minute intervals by turning on detailed monitoring
o You can also create CloudWatch
alarms to trigger notifications
o Also monitors host level metrics:
CPU, Network, Disk, Status Check
o Send notifications/automatically
makes changes to the resources
being monitored based on rules
established
AWS Auto Scaling
o Enables you to configure automatic scaling in a matter of minutes for the scalable AWS resources tied to your application
o Uses the Auto Scaling and
Application Auto Scaling services
to configure scaling policies for
applicable AWS resources
o Ex: allows you to automatically
provision multiple EC2 instances
behind a load balancer depending
on demand
AWS Systems Manager
o Piece of software installed on
each virtual machine - allows you
to manage EC2 Fleet instances
and virtual machines at scale
o Run command is used to install,
patch, and uninstall software
o Integrates with CloudWatch to
provide a dashboard of all
systems (can be used on-prem or
on AWS
AWS CloudFormation
o Essentially turns your
infrastructure into code - outline
what you want, CloudFormation
takes care of provisioning and
configuring the resources for you
- Does this by creating template/code then deploys it into multiple regions
o Enables governance, compliance,
operational auditing, and risk
auditing of your AWS account and
saves all data in S3
o Lets you setup your AWS resources so that you can spend less time managing those resources and more time focusing on the apps running on AWS
o No need to individually create and
configure AWS resources to
determine dependencies - CF
handles all of that
o Free resource but resources
provisioned are not free
CloudTrail
o CCTV for AWS MGT Console & API
calls, SDKs & other AWS services -
lets you track & log acct activity,
location of IP, timing of call occurrence
o Enables governance, compliance,
operational & risk auditing while saving
all data in S3
o turn on for paying account to create
bucket policy that allows cross acct
access
AWS Config
o Provides detailed view into current & historical AWS resource configuration & relationships while monitoring the environment and providing warnings to potential configuration breaks
o Can set alerts, for when people
break policy, proactively monitor
changes to your environment
AWS Trusted Advisor
o Real-time guidance across AWS
environment on cost optimization,
performance, security, fault
tolerance & resource provisioning
o Meant for Security Optimization for
Infrastructure
o Two Types of Trusted Advisor
1. Core Checks & Recommendations
2. Full Trusted Advisor - for business
& enterprise customers ONLY
AWS Personal Health Dashboard
o provides alters & guidance when
AWS is experiencing events that may
impact you
o use dashboard to see if systems are
down
AWS Managed Services
o Customers enabling AWS to operate
their AWS instances on their behalf
AWS License Manager
o Makes it easy to manage your software
licenses from software vendors such as
MSFT, Oracle, SAP, and IBM across AWS
& on-prem environments