Cloud Basics Flashcards
What is cloud computing?
The practice of using a network of remove servers hosted on the Internet to store, manage, and process data, rather than a local server or personal computer
What is On-Premise
You own the servers, hire the IT people, pay or rent the real estate, and take all the risk
What is Cloud Providers
Someone else owns the servers, hires the It people, pays for the real estate. You are responsible for configuring cloud services and code, someone else takes care of the rest
Six advantages of cloud computing
- Trade capital expense for variable expense
- Benefit from massive economies of scale
- Stop guessing capacity
- Increase speed and agility
- Stop spending money on running and maintaining data centers
- Go global in minutes
Trade Box Stickers Increase Sales Goal
Types of cloud computing
SaaS, PaaS, IaaS
Saas
Software as a service, a completed product that is run and managed by the service provider. Like gmail
PasS
Platform as a service removes the need for your organization to manage the underlying infrastructure. Focus on deployment and management of your application. Like heroku
IaaS
Infrastructure as a serivce. The basic building blocks for cloud IT. Provides access to networking features, computers, and data storage space. Like AWS
Cloud Computing Deployment Models
- Cloud, fully utilizing cloud computing
- Hybrid, using both cloud and on-premise
- On-Premise, deploying resources on-premises, using virtualization and resource management tools, is sometimes called private cloud
What is AZ?
Availability zone
How many AZ?
80
How many geographic regions?
25
Region
A geographically distinct location in the world with multiple availability zones.
Every region is physically isolated from and independent of every other region in terms of location, power, and water supply.
Has at least 2 AZs
Availability zones
A datacenter owned and operated by AWS in which AWS services run
Edge location
Datacenter owned by a trusted partner of AWS
Where is AWS largest region?
US-EAST
Which region to services first become available?
US-EAST
What region do you see your billing information?
US-EAST-1
How are AZs represented?
Region Code followed by a letter identifier eg. us-east-1
What is Multi-AZ
Distributing your instances across multiple AZs allows failover configuration for handing requests when one goes down
What is latency between AZs?
<10 ms
What is an edge location?
A datacenter owned by a trusted partner of AWS which has a direct connection to the AWS network. Allows low latency no matter where the end user is geographically.
Outnumber AZ
What do edge locations serve requests for?
CloudFront and Route53. Requests going to either of these services will be routed to the nearest edge location automatically
S3 Transer Acceleration traffic and API Gateway traffic also use Edge Network
What is GovCloud Regions?
Allow customers to host sensitive Controlled Unclassified Information and other types of regulated workloads.
Only operated by employees who are US citizens on US soil
Who is GovCloud accessible by?
Only US entities and root account holders who pass a screening process
What are examples of policies/regulations GovCloud complies with?
- FedRAMP High baseline
- DOJ’s Criminal Justice Information Systems (CJIS) Security Policy
- US International Traffic in Arms Regulations(ITAR)
- Export Administration Regulations (EAR)
Department of Defense (DoD) Cloud Computing Security Requirements Guide
How to add billing preferences?
Hover over account, my billing dashboard, billing preferences
How to get to budget page?
Search budget in services (also part of the billing dashboard)
How many free budgets do you get?
60 free budget days per month (essentially two active budgets on every day of the month), and each subsequent budget will incur a cost of $0.02 per day.
How to set a budget alarm?
- In services search cloudwatch.
- Click billing and switch to US-EAST-1 region.
- Create alarms
- Confirm
How many free alarms?
10 free alarms and 1000 free email-notifications each month in free tier
Where do you change path to login to AWS?
Identity and Access Management
Why add MFA to root account?
If someone gains access, they could do some serious damage
How to add MFA for root account?
- In Identity and Access Management, hit Manage MFA
- Under MFA tab hit activate MFA
- Choose virtual for mobile devices
- Choose a compatible app
- Scan QR code with app
- Enter in the 2 codes that are provided from the app
Should you use root account often?
No, create a user account and only use root when you need to
How to add user?
- In Identity And Access Management under users tab, hit manage users
- Hit add user
- Can allow programmatic access and AWS Managemtn console access, auto generate password, need to reset password on next login
Creating groups
Can do when creating first user. Can give administrative access if self. Don’t give admin power to many. Most will need PowerUserAccount
How to create a new access key for user?
Go to IAM, users, select user, go to security credentials tab, make other inactive, create a new one
How to set a password policy?
In IAM, hit manage password policy, then hit password policy, set preferences
Where is US-EAST-1
North Virginia
What service do you use to launch a server?
EC2
How to launch a server with EC2?
Search EC2, hit Launch Instance, choose Amazon Machine Image (AMI), choose Instance Type (size of server), configure instance details, want to set an IAM role if none, hit next add storage, choose size and volume type (general purpose is a good default), hit review and launch, it will ask for you to use or create a new key pair but since we are using ssm can proceed without a key pair
Steps to create IAM role when configuring ec2 server
From IAM console, hit create role, select ec2 (since creating for ec2), hit next permissions, type ssm and select AmazonEC2RoleforSSM, name role, hit create role
How to shut down an ec2 server?
From viewing instance, actions, instance stats, terminate
What is the difference between stopping and terminating an ec2 server?
If you stop you don’t destroy it, but it does not cost money since it is not running.
What is the AWS preferred way to access an ec2 server? Key pair or SSM?
SSM (Simple Systems Manager)
How to access ec2 server through ssm?
- Go to SSM
- Go to Session Manager
- Hit Start Session
- Hit Start Session (different button)
What role does SSM log you in through?
Root
How to change to a regular user after logging in through SSM?
- sudo su - ec2-user
2. pwd to check
What does AMI stand for?
Amazon Machine Image
What is AMI?
is a master image for the creation of virtual servers
Steps to create AMI?
- Go to ec2 instances
- Hit Actions
- Hit Image => Create Image
- Only need a name
- Hit Create Image
Can you create an AMI off of a stopped ec2 instance?
Yes
What is Auto Scaling used for?
to manage Amazon EC2 capacity automatically, maintain the right number of instances for your application, operate a healthy group of instances, and scale it according to your needs.
How to create auto scaling group?
- In EC2 dashboard on side go to Auto Scaling
- Hit Create Auto Scaling Group
- Hit My AMIs and select one
- Choose launch configuration
- Name the launch configuration
- Choose an IAM role
- Allow default storage and security groups
- Hit Create Launch Configuration
- Proceed without a keypair
- Create auto-scaling group with a name, size, a network (vpc), a couple (2+ subnets)
- Hit configure scaling policies
- Optionally set scaling policies
- Can skip over notifications and tags
- Review / Create
What is the minimum number of servers an auto-scaling group will try to have?
1 (can have 0 at a given moment if one is still spinning up)
Will auto-scaling group instances be terminated if the group is terminated?
Yes
What does ELB stand for?
Elastic Load Balancer
What does ELB do?
Automatically distributes incoming application traffic and scales resources to meet traffic demands
Is load balancer in front of or behind instances?
In front of
