AWS Overview Flashcards
AWS
offers a broad set of global cloud-based products including compute, storage, databases, analytics, networking, mobile, developer tools, management tools, IoT, security, and enterprise applications: on-demand, available in seconds, with pay-as-you-go pricing. From data warehousing to deployment tools, directories to content delivery, over 140 AWS services are available
What is a key benefit of AWS?
One of the key benefits of cloud computing is the opportunity to replace upfront capital infrastructure expenses with low variable costs that scale with your business.
Cloud Computing
Cloud computing is the on-demand delivery of compute power, database storage, applications, and other IT resources through a cloud services platform via the Internet with pay-as-you-go pricing. With cloud computing, you don’t need to make large upfront investments in hardware and spend a lot of time on the heavy lifting of managing that hardware.
Who maintains the network connected hardware?
AWS
Who provisions and uses what they need via a web application?
The user
Six Advantages of Cloud Computing
- Trade capital expense for variable expense
- Benefit from massive economies of scale
- Stop guessing capacity
- Increase speed and agility
- Stop spending money running and maintaining data centers
- Go global in minutes
Explain: Trade capital expense for variable expense
Instead of having to invest heavily in data centers and servers before you know how you’re going to use them, you can pay only when you consume computing resources, and pay only for how much you consume.
Explain: Benefit from massive economies of scale
By using cloud computing, you can achieve a lower variable cost than you can get on your own. Because usage from hundreds of thousands of customers is aggregated in the cloud, providers such as AWS can achieve higher economies of scale, which translates into lower pay as-you-go prices.
Explain: Stop guessing capacity
Eliminate guessing on your infrastructure capacity needs. When you make a capacity decision prior to deploying
an application, you often end up either sitting on expensive idle resources or dealing with limited capacity. With cloud computing, these problems go away. You can access as much or as little capacity as you need, and scale up and down as required with only a few minutes’
notice.
Explain: Increase speed and agility
In a cloud computing environment, new IT resources are only a click away, which means that you reduce the time
to make those resources available to your developers from weeks to just minutes. This results in a dramatic increase in agility for the organization, since the cost and time it takes to experiment and develop is significantly lower.
Explain: Stop spending money running and maintaining data centers
Focus on projects that differentiate your business, not the infrastructure. Cloud computing lets you focus on your own customers, rather than on the heavy lifting of racking, stacking, and powering servers.
Explain: Go global in minutes
Easily deploy your application in multiple regions around the world with just a few clicks. This means you can provide lower latency and a better experience for your customers at minimal cost.
Name three types of Cloud Computing Models
Infrastructure as a Service (IaaS)
Platform as a Service (PaaS)
Software as a Service (SaaS)
Infrastructure as a Service (IaaS)
Infrastructure as a Service (IaaS) contains the basic building blocks for cloud IT and typically provides access to networking features, computers (virtual or on dedicated hardware), and data storage space. IaaS provides you with the highest level of flexibility and management control over your IT resources and is most similar to existing IT resources that many IT departments and developers are familiar with today.
Platform as a Service (PaaS)
Platform as a Service (PaaS) removes the need for your organization to manage the underlying infrastructure (usually hardware and operating systems) and allows you to focus on the deployment and management of your applications. This helps you be more efficient as you don’t need to worry about resource procurement, capacity planning, software maintenance, patching, or any of the other undifferentiated heavy lifting involved in running your application.
Software as a Service (SaaS)
Software as a Service (SaaS) provides you with a completed product that is run and managed by the service provider. In most cases, people referring to Software as a Service are referring to end-user applications. With a SaaS offering you do not have to think about how the service is maintained or how the underlying infrastructure is managed; you only need to think about how you will use that particular piece of software. A common example of a SaaS application is web-based email which you can use to send and receive email without having to manage feature additions to the email product or maintain the servers and operating systems that the email program is running on.
Name three Cloud Computing Deployment Models
Cloud
Hybrid
On-premises
Describe: “Cloud” Computing Deployment Model
Cloud
A cloud-based application is fully deployed in the cloud and all parts of the application run in the cloud. Applications in the cloud have either been created in the cloud or have been migrated from an existing infrastructure to take advantage of the benefits of cloud computing. Cloud-based applications can be built on low-level infrastructure pieces or can use higher level services that provide abstraction from the management, architecting, and scaling requirements of core infrastructure.
“Hybrid” Computing Deployment Model
Hybrid
A hybrid deployment is a way to connect infrastructure and applications between cloud-based resources and existing resources that are not located in the cloud. The most common method of hybrid deployment is between the cloud and existing on-premises infrastructure to extend, and grow, an organization’s infrastructure into the cloud while connecting cloud resources to the internal system. For more information on how AWS can help you with your hybrid deployment, please visit our hybrid page.
“On-premises” Computing Deployment Model
On-premises
The deployment of resources on-premises, using virtualization and resource management tools, is sometimes called the “private cloud.” On-premises deployment doesn’t provide many of the benefits of cloud computing but is sometimes sought for its ability to provide dedicated resources. In most cases this deployment model is the same as legacy IT infrastructure while using application management and virtualization technologies to try and increase resource utilization.
AWS Region
The AWS Cloud infrastructure is built around AWS Regions and Availability Zones. An AWS Region is a physical location in the world where we have multiple Availability Zones. Each Amazon Region is designed to be completely isolated from the other Amazon Regions. This achieves the greatest possible fault tolerance and stability.
AWS Availability Zone
Availability Zones consist of one or more discrete data centers, each with redundant power, networking, and connectivity, housed in separate facilities. These Availability Zones offer you the ability to operate production applications and databases that are more highly available, fault tolerant, and scalable than would be possible from a single data center. Each Availability Zone is isolated, but the Availability Zones in a Region are connected through low-latency links.
AWS Cloud shared responsibilty model
While AWS manages security of the cloud, you are responsible for security in the cloud. This means that you retain control of the security you choose to implement to protect your own content, platform, applications, systems, and networks no differently than you would in an on-site data center.
Benefits of AWS Security
Keep your data safe
Meet Compliance Requirements
Save Money
Scale Quickly
AWS Cloud Compliance
enables you to understand the robust controls in place at AWS to maintain security and data protection in the cloud
Three was to access AWS services
AWS Management Console
AWS Command Line Interface
Software Development Kits
AWS Cost Explorer
an easy-to-use interface that lets you visualize, understand, and manage your AWS costs and usage over time
AWS Budgets
gives you the ability to set custom budgets that alert you when your costs or usage exceed (or are forecasted to exceed) your budgeted amount.
AWS Cost & Usage Report
a single location for accessing comprehensive information about your AWS costs and usage.
Reserved Instance (RI) Reporting
available in AWS Cost Explorer, you can visualize your RI data at an aggregate level or inspect a particular RI subscription.
Amazon EC2
is a web service that provides secure, resizable compute capacity in the cloud. It is designed to make web- scale computing easier for developers
What are three types of Amazon EC2 Instances?
On-Demand Instances
Reserved Instances
Spot Instances
EC2 “On-Demand Instances”
“On-Demand instances”, you pay for compute capacity by the hour with no long-term commitments. You can increase or decrease your compute capacity depending on the demands of your application and only pay the specified hourly rate for the instances you use
EC2 “Reserved Instances”
“Reserved Instances” provide you with a significant discount (up to 75%) compared to On-Demand instance pricing
EC2 “Spot Instances”
“Spot Instances” are available at up to a 90% discount compared to On-Demand prices and let you take advantage of unused EC2 capacity in the AWS Cloud
Amazon EC2 Auto Scaling
helps you maintain application availability and allows you to automatically add or remove EC2 instances according to conditions you define
Amazon Lightsail
designed to be the easiest way to launch and manage a virtual private server with AWS
AWS Batch
enables developers, scientists, and engineers to easily and efficiently run hundreds of thousands of batch computing jobs on AWS
AWS Elastic Beanstalk
an easy-to-use service for deploying and scaling web applications and services developed with Java, .NET, PHP, Node.js, Python, Ruby, Go, and Docker on familiar servers such as Apache, Nginx, Passenger, and Internet Information Services (IIS)
AWS Fargate
a compute engine for Amazon ECS that allows you to run containers without having to manage servers or clusters
AWS Lambda
lets you run code without provisioning or managing servers
AWS Serverless Application Repository
enables you to quickly deploy code samples, components, and complete applications for common use cases such as web and mobile back-ends, event and data processing, logging, monitoring, IoT, and more.
AWS Outposts
bring native AWS services, infrastructure, and operating models to virtually any data center, co-location space, or on-premises facility
VMware Cloud on AWS
an integrated cloud offering jointly developed by AWS and VMware delivering a highly scalable, secure and innovative service that allows organizations to seamlessly migrate and extend their on-premises VMware vSphere-based environments to the AWS Cloud running on next- generation Amazon Elastic Compute Cloud (Amazon EC2) bare metal infrastructure
Amazon Connect
a self-service, cloud-based contact center service that makes it easy for any business to deliver better customer service at lower cost. Amazon Connect is based on the same contact center technology used by Amazon customer service associates around the world to power millions of customer conversations
Amazon SES
Amazon Simple Email Service (Amazon SES) is a cloud-based email sending service designed to help digital marketers and application developers send marketing, notification, and transactional emails
Amazon Aurora
Amazon Aurora is a MySQL and PostgreSQL compatible relational database engine that combines the speed and availability of high-end commercial databases with the simplicity and cost-effectiveness of open source databases.
Amazon Aurora is up to five times faster than standard MySQL databases and three times faster than standard PostgreSQL databases. It provides the security, availability, and reliability of commercial databases at 1/10th the cost. Amazon Aurora is fully managed by Amazon Relational Database Service (RDS), which automates time-consuming administration tasks like hardware provisioning, database setup, patching, and backups.
Amazon Aurora features a distributed, fault-tolerant, self-healing storage system that auto-scales up to 64TB per database instance. It delivers high performance and availability with up to 15 low-latency read replicas, point-in- time recovery, continuous backup to Amazon S3, and replication across three Availability Zones (AZs).
Amazon RDS
Amazon Relational Database Service (Amazon RDS) makes it easy to set up, operate, and scale a relational database in the cloud. It provides cost-efficient and resizable capacity while automating time-consuming administration tasks such as hardware provisioning, database setup, patching and backups. It frees you to focus on your applications so you can give them the fast performance, high availability, security and compatibility they need. Amazon RDS is available on several database instance types - optimized for memory, performance or I/O - and provides you with six familiar database engines to choose from, including Amazon Aurora, PostgreSQL, MySQL, MariaDB, Oracle Database, and SQL Server. You can use the AWS Database Migration Service to easily migrate or replicate your existing databases to Amazon RDS.
Amazon DynamoDB
Amazon DynamoDB is a key-value and document database that delivers single- digit millisecond performance at any scale. It’s a fully managed, multiregion, multimaster database with built-in security, backup and restore, and in-memory caching for internet-scale applications. DynamoDB can handle more than 10 trillion requests per day and support peaks of more than 20 million requests per second. More than 100,000 AWS customers have chosen DynamoDB as their key-value and document database for mobile, web, gaming, ad tech, IoT, and other applications that need low-latency data access at any scale. Create a new table for your application and let DynamoDB handle the rest.
Amazon CloudWatch
Amazon CloudWatch is a monitoring and management service built for developers, system operators, site reliability engineers (SRE), and IT manager
AWS Auto Scaling
AWS Auto Scaling monitors your applications and automatically adjusts capacity to maintain steady, predictable performance at the lowest possible cost
AWS Control Tower
AWS Control Tower automates the set-up of a baseline environment, or landing zone, that is a secure, well-architected multi-account AWS environment
AWS Systems Manager
AWS Systems Manager gives you visibility and control of your infrastructure on AWS. Systems Manager provides a unified user interface so you can view operational data from multiple AWS services and allows you to automate
operational tasks across your AWS resources
AWS Systems Manager tools: Resource Groups
Resource groups:
Lets you create a logical group of resources associated with a particular workload such as different layers of an application stack, or production versus development environments
AWS Systems Manager tools:
Insights Dashboard
Insights Dashboard:
Displays operational data that the AWS Systems
Manager automatically aggregates for each resource group
AWS Systems Manager tools:
Run Command
Run Command:
Provides a simple way of automating common administrative tasks like remotely executing shell scripts or PowerShell commands, installing software updates, or making changes to the configuration of OS, software, EC2 and instances and servers in your on- premises data center
AWS Systems Manager tools:
State Manager
State Manager:
Helps you define and maintain consistent OS
configurations such as firewall settings and anti-malware definitions to comply with your policies
AWS Systems Manager tools:
Inventory
Inventory:
Helps you collect and query configuration and inventory
information about your instances and the software installed on them
AWS Systems Manager tools:
Maintenance Window
Maintenance Window:
Lets you define a recurring window of time to run
administrative and maintenance tasks across your instances
AWS Systems Manager tools:
Patch Manager
Patch Manager:
Helps you select and deploy operating system and software patches automatically across large groups of instances
AWS Systems Manager tools:
Automation
Automation:
Simplifies common maintenance and deployment tasks, such as updating Amazon Machine Images (AMIs)
AWS Systems Manager tools:
Parameter Store
Parameter Store: Provides an encrypted location to store important administrative information such as passwords and database strings.
AWS Systems Manager tools:
Distributor
Distributor:
Helps you securely distribute and install software packages,
such as software agents. Systems Manager Distributor allows you to centrally store and systematically distribute software packages while you maintain control over versioning.
AWS Systems Manager tools:
Session Manager
Session Manager:
Provides a browser-based interactive shell and CLI for managing Windows and Linux EC2 instances, without the need to open inbound ports, manage SSH keys, or use bastion hosts.
AWS CloudFormation
AWS CloudFormation gives developers and systems administrators an easy way to create and manage a collection of related AWS resources, provisioning and updating them in an orderly and predictable fashion
AWS CloudTrail
AWS CloudTrail is a web service that records AWS API calls for your account and delivers log files to you
AWS Config
AWS Config is a fully managed service that provides you with an AWS resource inventory, configuration history, and configuration change notifications to enable security and governance
AWS OpsWorks
AWS OpsWorks is a configuration management service that provides managed instances of Chef and Puppet. Chef and Puppet are automation platforms that allow you to use code to automate the configurations of your servers
AWS Service Catalog
AWS Service Catalog allows organizations to create and manage catalogs of IT services that are approved for use on AWS. These IT services can include everything from virtual machine images, servers, software, and databases to complete multi-tier application architectures
AWS Trusted Advisor
AWS Trusted Advisor is an online resource to help you reduce cost, increase performance, and improve security by optimizing your AWS environment. Trusted Advisor provides real-time guidance to help you provision your resources following AWS best practices
AWS Personal Health Dashboard
AWS Personal Health Dashboard provides alerts and remediation guidance when AWS is experiencing events that might affect you
AWS Managed Services
AWS Managed Services provides ongoing management of your AWS infrastructure so you can focus on your applications. By implementing best practices to maintain your infrastructure, AWS Managed Services helps to reduce your operational overhead and risk. AWS Managed Services automates common activities such as change requests, monitoring, patch management, security, and backup services, and provides full-lifecycle services to provision, run, and support your infrastructure
AWS Console Mobile Application
The AWS Console Mobile Application lets customers view and manage a select set of resources to support incident response while on-the-go
AWS License Manager
AWS License Manager makes it easier to manage licenses in AWS and on- premises servers from software vendors such as Microsoft, SAP, Oracle, and IBM
AWS Well-Architected Tool
The AWS Well-Architected Tool helps you review the state of your workloads and compares them to the latest AWS architectural best practices
Amazon VPC
Amazon Virtual Private Cloud (Amazon VPC) lets you provision a logically isolated section of the AWS Cloud where you can launch AWS resources in a virtual network that you define
Amazon CloudFront
Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds, all within a developer-friendly environment
Amazon Route 53
Amazon Route 53 is a highly available and scalable cloud Domain Name System (DNS) web service
AWS PrivateLink
AWS PrivateLink simplifies the security of data shared with cloud-based applications by eliminating the exposure of data to the public Internet
AWS Direct Connect
AWS Direct Connect makes it easy to establish a dedicated network connection from your premises to AWS
AWS Global Accelerator
AWS Global Accelerator is a networking service that improves the availability and performance of the applications that you offer to your global users
Amazon API Gateway
Amazon API Gateway is a fully managed service that makes it easy for developers to create, publish, maintain, monitor, and secure APIs at any scale
AWS Transit Gateway
AWS Transit Gateway is a service that enables customers to connect their Amazon Virtual Private Clouds (VPCs) and their on-premises networks to a single gateway
AWS App Mesh
AWS App Mesh makes it easy to monitor and control microservices running on AWS
AWS Cloud Map
AWS Cloud Map is a cloud resource discovery service
Elastic Load Balancing
Elastic Load Balancing (ELB) automatically distributes incoming application traffic across multiple targets, such as Amazon EC2 instances, containers, and IP addresses
Elastic Load Balancing: Application Load Balancer
Application Load Balancer is best suited for load balancing of HTTP and HTTPS traffic and provides advanced request routing targeted at the delivery of modern application architectures, including microservices and containers
Elastic Load Balancing:
Network Load Balancer
Network Load Balancer is best suited for load balancing of TCP traffic where extreme performance is required
Elastic Load Balancing:
Classic Load Balancer
Classic Load Balancer provides basic load balancing across multiple Amazon EC2 instances and operates at both the request level and connection level
AWS Security Hub
AWS Security Hub gives you a comprehensive view of your high-priority security alerts and compliance status across AWS accounts
Amazon Cloud Directory
Amazon Cloud Directory enables you to build flexible, cloud-native directories for organizing hierarchies of data along multiple dimensions
AWS Identity and Access Management (IAM)
AWS Identity and Access Management (IAM) enables you to securely control access to AWS services and resources for your users
Amazon GuardDuty
Amazon GuardDuty is a threat detection service that continuously monitors for malicious or unauthorized behavior to help you protect your AWS accounts and workloads
Amazon Inspector
Amazon Inspector is an automated security assessment service that helps improve the security and compliance of applications deployed on AWS
Amazon S3
Amazon Simple Storage Service (Amazon S3) is an object storage service that offers industry-leading scalability, data availability, security, and performance
Amazon Elastic Block Store
Amazon Elastic Block Store (Amazon EBS) provides persistent block storage volumes for use with Amazon EC2 instances in the AWS Cloud. Each Amazon EBS volume is automatically replicated within its Availability Zone to protect you from component failure, offering high availability and durability. Amazon EBS volumes offer the consistent and low-latency performance needed to run your workloads. With Amazon EBS, you can scale your usage up or down within minutes—all while paying a low price for only what you provision
Amazon Elastic File System
Amazon Elastic File System (Amazon EFS) provides a simple, scalable, elastic file system for Linux-based workloads for use with AWS Cloud services and on- premises resources
Amazon S3 Glacier
Amazon S3 Glacier is a secure, durable, and extremely low-cost storage service for data archiving and long-term backup
AWS Storage Gateway
AWS Storage Gateway is a hybrid storage service that enables your on- premises applications to seamlessly use AWS cloud storage