Architecture 101 Flashcards
Access Management Basics: Define the concepts of Principal, Authentication, Identity and Authorisation
o Principal: A person or application that can make an authenticated or anonymous request to perform an action on a system
o Authentication: The process of authenticating a principal against an identity. This could be via username & password or API keys
o Identity: Objects that require authentication and are authorised to access resources
o Authorisation: The process of checking and allowing or denying access to a resource for an identity
What is the Shared responsibility Model, and what are some examples?
o Overview of which part of the AWS ecosystem are responsibility of the Customer, and which of AWS
o AWS – Security OF the Cloud (regions, AZs, Edge Locations, HW / Global Infrastructure, Compute, Storage, Database, Network, Software)
o Customer – Security IN the Cloud (Encryption at rest and in transit, Network protection, OS, Network and Firewall configuration, Platform, Application, Identity and Access Management, Customer Data)
Define the 3 types of Service Models
o Service Models define how a service product is delivered, how you pay, and what you receive. They also define which part of the product is managed by you, and what by the vendor.
o IaaS: Infrastructure as a Service. EC2
AWS: Data Center, Network and Storage, Host/Servers, Virtualisation
Customer: OS, Runtime, Application, Data
o PaaS: Platform as a Service.
AWS: Data Center, Network and Storage, Host/Servers, Virtualisation, OS, Runtime
Customer: Application, Data
o SaaS: Software as a Service. Netflix, Amazon Prime, Office 365, Google Mail
AWS: Data Center, Network and Storage, Host/Servers, Virtualisation, OS, Runtime, Application
Customer: Data
What is the difference between High Availability and Fault Tolerance?
o High Availability: HW, SW and configuration allowing a system to recover quickly in the event of a failure
o Fault Tolerance: System designed to operate through a failure with no user impact. More expensive and complex to achieve
What is the difference between RPO (Recovery Point Objective and RTO (Recovery Time Objective)?
o RPO: How much a Business can tolerate to lose, expressed in time. In other words, the maximum time between a failure and the last succesfull backup
o RTO: The amount of time a system can be down. How long a solution takes to recover
What is Scaling, and what are the 2 main types of Scaling?
o Not a synonym with Elasticity. It is a system’s ability to scale with growing demand
o Vertical Scaling: achieved by adding additional resources (CPU, memory) to an existing machine. Max machine size will constrain ability to scale, either technically or financially
o Horizontal Scaling: achieved by adding additional machines into a pool of resources, each of which provide the same service. Can scale virtually infinitely, but requires application support to scale effectively
What is a Monolithic vs. Tiered Application Design?
o Presentation Tier: responsible for interacting with the consumer of the application
o Logic Tier: delivers the application functionality
o Data Tier: controls interaction with a database that stores all required data
o Monolithic application: if all 3 tiers are implemented in the same code base. Hard to scale, usually only vertically
What is Encryption, and what are the 2 types of encryption?
o The process of taking plaintext and converting it into ciphertext, and back. Plaintext can be text, images or other data
o Symmetrical if the same key is used for encryption and decryption, and asymmetrical if different keys (public and private) are used
