Cloud Architecture Flashcards
AWS Well-Architected Framework
Guide for designing infrastructures
Well-Architected Framework: Operational Excellence
Run/monitor systems to deliver business value
Principles:
- Perform operations as code
- Annotate documentation
- Make frequent, small, reversible changes
- refine operations procedures frequently
- anticipate failure
- learn from all operational events and failures
Best Practice Areas
- Prepare
- Operate
- Evolve
Well-Architected Framework: Security
Protect information, systems, and assets
Principles:
- Implement a strong identity foundation
- Enable traceability
- Apply security at all layers
- Automate security best practices
- Protect data in transit and at rest
- Keep people away from data
- Prepare for security events
Best Practice Areas:
- Identity and Access Management
- Detective controls
- Infrastructure protection
- Data protection
- Incident response
Well-Architected Framework: Reliability
Prevent and quickly recover from failures
Design Principles:
- test recovery procedures
- automatically recover from failure
- scale horizontally to increase aggregate system availability
- stop guessing capacity
- manage change in automation
Best Practices:
- Foundations
- Change Management
- Failure Management
Well-Architected Framework: Performance Efficiency
Use IT/Computing resources efficiently to meet system requirements
Design Principles
- Democratize advanced technologies
- go global in minutes
- use serverless architectures
- experiment more often
- have mechanical sympathy
Best Practices
- Selection
- Review
- Monitoring
- Tradeoffs
Well-Architected Framework: Cost Optimization
run systems to deliver business value at lowest price point
Design Principles
- adopt a consumption model
- measure overall efficiency
- stop spending money on data center operations
- analyze and attribute expenditure
- use managed and applicaiton-level services to reduce cost of ownership
Best Practices
- Expenditure awareness
- Cost-effective resources
- Matching supply and demand
- Optimizing over time
Reliability
Measure of system’s ability to provide functionality when desired by the user.
MTBF = Mean Time Between Failures MTTR = Mean Time To Repair MTTF = Mean Time To Failure
MTBF
Mean Time Between Failures
MTTR
Mean Time To Repair
MTTF
Mean Time To Failure
Highly Available System
- can withstand some measure of degradation while still remaining available
- downtime is minimized
- minimal human intervention is required
Fault Tolerance
Built in redundancy - ability to remain operational
- does not address software failures
Key factor in Availability
Scalability
Ability of an application to accommodate increases in capacity needs without changing design.
- Does not guarantee availability
Key Factor in Availability
Recoverability
Process, Policies, and Procedures related to restoring service after a catastrophic event.
Factors Affecting Availability
- Fault Tolerance
- Scalability
- Recoverabilty
AWS Trusted Advisor
Online tool, real-time guidance on your resources; Entire AWS environment
- Cost optimization
- Performance
- Security
- Fault tolerance
- Service limits (> 80% of limit; could lag by 24h)
AWS X-Ray
helps developers analyze and debug production, distributed applications, such as those built using a microservices architecture
AWS Inspector
automated vulnerability management service that continually scans AWS workloads for software vulnerabilities and unintended network exposure
CloudHSM
cloud-based hardware security module (HSM) that enables you to easily generate and use your own encryption keys on the AWS Cloud
CloudEndure
CloudEndure Disaster Recovery is an automated IT resilience solution that lets you recover your environment from unexpected infrastructure or application outages, data corruption, ransomware, or other malicious attacks
AWS OpsWorks
- configuration management service that provides managed instances of Chef and Puppet
- Chef and Puppet are automation platforms that allow you to use code to automate the configurations of your servers
- OpsWorks lets you use Chef and Puppet to automate how servers are configured, deployed, and managed across your Amazon EC2 instances or on-premises compute environments
AWS Service Catalog
- allows organizations to create and manage catalogs of IT services that are approved for use on AWS
- centrally manage deployed IT services and your applications, resources, and metadata
AWS Elastic Beanstalk
AWS Elastic Beanstalk is an easy-to-use service for deploying and scaling web applications and services developed with Java, .NET, PHP, Node.js, Python, Ruby, Go, and Docker on familiar servers such as Apache, Nginx, Passenger, and IIS.
PaaS
AWS Partner Network
global community of partners that leverages programs, expertise, and resources to build, market, and sell customer offerings.
100,000 partners from more than 150 countries
Consulting Partners are professional services firms that help customers design, architect, build, migrate, and manage their workloads and applications on AWS
Technology Partners provide software solutions that are either hosted on, or integrated with, the AWS platform. APN Technology Partners include Independent Software Vendors (ISVs), SaaS, PaaS, Developer Tools, Management and Security Vendors.
Load Balancing (Application vs. Network)
Network: For traffic coming in via TCP and TLS
Application: for traffic coming in via HTTP/HTTPS
Amazon Connect
set up a contact center in minutes that can scale to support millions of customers.
