AWS-Final-1 Flashcards
Final revision
Snowball Edge
- Compute Optimized (ML and data analytics) -
- Storage Optimized (large scale migrations, computing with higher capacity)
S3 Standard IA
- Disaster Recovery
One-zone IA
Backup for on premise data
EFS
- Pay per use
- IA
- No capacity planning
S3 Buckets replication
- Enable versioning
- Files are uploaded real time
- Reads only
Kinesis Firehose
- Goes to S3
- Redshift
- ElastiSearch
AWS system manager - parameter store
IAM, serverless, API keys, passwords and configuration
Global Accelerator
- Leverage the AWS internal network
- 2 anycast IPs are created and traffic sent to Edge location then to your application
- AWS Shield
- No caching, proxying packets at the edge to applications
- Good for HTTP that requires static IP address
- Good for HTTP that required deterministic, fast regional failover
CodeBuild
Run tests and produce packages
CloudFormation
Declerative way of outlining your infrastructure and provisioning
CDK: JSON, YAML
Developer Support plans
- Business Hour email contacts
- Unlimited Cases / 1 primary contact
- General Guidance (24h), System Impaired (12h)
AWS Basic Support plans
- 24/7 customer service, support forums, documentations, whitepapers and support forums
- AWS Trusted Advisor (core 7)
- Personal Health Dashboard
AWS Business Support Plan
- Production workloads
- Full access to trusted advisor
- 24/7 phone email contact with engineers
- Unlimited cases and contacts
- Access to infra event management for a few extra
- Production system impaired (4h), production system down (1h)
AWS Enterprise On-Ramp Support Plan
- Production and business critical workloads
- A pool of Technical Account Managers and concierge support team
- Business-critical system down (30m)
AWS Enterprise support Plan
- Mission critical workloads
- Dedicated Technical Account Manager, Concierge
- Infra event management, well architected and operations reviews
- Business-critical system down < 15m
Cost and usage
- Redshift, Athena and QuickSight
EBS Pricing
- GB per Month
- Storage Volume
- Snapshots
- IOPs
RDS Pricing
- Per Hour
- On-demand/RI
- Backup (additional)
- IOPs
- Deployment type
Compute Optimizer
- ML and utilize cloudwatch metrics
- Supported resources EC2, Lambda, EBS
- 25% discount
Compute savings plan
- 66% discount
- EC2, ECS, Fargate
EC2 Savings Plan
-75%
Commit to region
Trusted Advisor
- Cost Optimization, Operational Excellence, Service Limits, Security, Performance, Fault Tolerance
AWS Organizations
- Service Control Policies: Restrict User Access
- explicit Allow (Dency by default)
- enforce PCI compliance
Rehost
Lift and Shift
Move as is
-30% on cost
App Migration
Repurchase
Drop and shop
Replatform
Lift and Reshape
Config
Audit and recording compliance of your AWS resources,
Helps record configurations and changes over time,
possible to store into S3,
receive alerts for any change
CLI, SDK
CLI: Protected by Access Keys (Key ID: Usernames, Secret Access Key: Passwords)
SDK: Protected by access keys
AWS Batch
AWS Batch: Fully managed batch processing, Dynamically launch EC2 instances or Spot Instances, Provisions the right amount of compute / memory, defined as Docker images and run on ECS, Relies on EBS/instance store on Disk space.
Step Functions
Step Functions: Serverless workflow to orchestrate your lambda functions, integrated with EC2, ECS, On-premises, servers, API gateway, SQS queues
CloudTrail vs Config
AWS Cloudtrail: Account ACTIVITIES
AWS Config: Configuration of AWS resources
Elastic BeanStalk
Internet Gateway
Public Subnets
NAT Gateway (AWS-Managed) and NAT Instances
Internet Gateway: Helps our VPC instances connect with the internet
Public Subnets: Have a route to the Internet Gateway
NAT Gateway (AWS-Managed) and NAT Instances: Allow your pvt subnets access the internet while remaining private
NACL
- Automatically applied to all instances
Health Dashboard
- Your Account: AWS Goes through shit
- Service history: All regions, all accounts
Storage Gateway
Use AWS cloud on premises
