Cloud Essentials Flashcards
What is Cloud
On demand IT resources
Consumption based
You must be connected to the internet
Cloud deployment models
On-premise: private cloud, want my own data Center using virtual machines
Hybrid: have some of your own info but new apps migrated to Cloud
Cloud
Benefits of the cloud
- Trade CAPEX for OPEX: data Center investment are based on forecasts vs pay for only of what you consume, savings from DC run & maintain costs can be used for innovation
- Massive economies of scale: AWS aggregate usage of customer to achieve economies of scale, savings passed onto customer, more than 80X price reductions
- Stop guessing capacity: pay as you go model, elasticity. Over / under estimating capacity vs scaling on demand.
- Increase speed and capacity: weeks vs minutes between wanting/needing resources, no need to wait to procure resources
- Stop spending $ for run & maintain data Center: moving run & maintain $ into biz innovation
- Go global in minutes: expanding biz into more counties and regions, higher availability, lower latency, regulation compliance
AWS security benefits
Keep your data safe Meet compliance requirements Save money Scale quickly Customer retains complete control and ownership of your data region Uses MFA
AWS service categories
Total of 23 service categories
- Analytics, Services supporting business intelligence
- Application integration, Services supporting distributed applications
- AR and VR, The fastest and easiest way to create augmented reality (AR), virtual reality (VR), and 3D experiences
- AWS Cost Management, Tools to help you to access, organize, understand, control, and optimize your AWS costs and usage
- Blockchain, Create and manage scalable blockchain networks and managed ledger databases
- Business Applications, Productivity applications
- Compute, Virtual server hosting, container management, and serverless computing
- Customer engagement, Services supporting customer engagement
- Database, Purpose-built databases for all your application needs
- Developer tools, Host code and automatically build, test, and deploy your applications to AWS
- End User Computing, Provision virtual, cloud-based Microsoft Windows desktops for your users
- Game Tech, Support for game development and multiplayer game hosting
- Internet of Things (IoT), Connect devices and collect, store, and analyze data from them
- Machine learning, Machine learning in the hands of every developer and data scientist
- Management & Governance, Complete control for your cloud environment
- Media services, Build video workflows in the cloud
- Migration & Transfer, Features to assist with migration of data, applications and databases
- Mobile, The fastest way to build apps that scale
- Networking and content delivery! Content delivery network, virtual private cloud, direct connections, load balancing, and DNS
- Robotics, Develop, test, and deploy intelligent robotics applications at scale
- Satellite, Fully managed ground stations as a service
- Security, Identity, & Compliance! Secure your environment and achieve compliance
- Storage, A reliable, scalable, and secure place for your data
Global infrastructure
25 regions
76 availability zones
216 points of presence
AWS region
Physician location of where AWS has their data centres with multiple availability zones
One or more discreet DCs with redundant power, networking, connectivity houses in diff facilities
Each region is located in a separate geographical area
Not all services are replicated in AZ or Region by default
Compliance with regulations, proximity to customers, services in the region, pricing
Point of presence
AKA cache servers or Edge locations
Lower latency at users at any location
Route53, CDN (cache domain name service), LambdaH, Cloud Front
Edge locations are located in North America, Europe, Asia, Australia, South America, Africa, and the Middle East. Edge locations cache copies of your content for faster delivery to users at any location. They support AWS services like Amazon Route 53 and Amazon CloudFront.
Regional edge caches, used by default with CloudFront, are used when you have content that is not accessed frequently enough to remain in an edge location. Regional edge caches absorb this content and provide an alternative to fetching that content from the origin server.
Selecting a region
- Data governance, legal requirements
- Proximity to customers (latency)
- Services available within the region
- Costs (vary by region)
3 ways to interact with AWS
AWS management console
Command line interface (AWS CLI)
Software development kits (SDKs)
AWS management console
Easy to use graphical interface
The console provides a rich graphical interface to a majority of the features offered by AWS. (Note: From time to time, new features may not have all of their capabilities baked into the console when the feature initially launches.)
Administer your AWS account
The console facilitates cloud management for all aspects of your AWS account, including monitoring your monthly spending by service, managing security credentials, and even setting up new IAM Users.
Finding services in the console
There are several ways for you to locate and navigate to the services you need. On the AWS Console Home page, use the search functionality, select services from the Recently Visited Services section, or expand the All Services section to browse through the list of all the services offered by AWS.
At any time, you can also select the Services menu in the top-level navigation bar, which includes the search functionality and the list of all services, either grouped or arranged alphabetically.
Learn more About AWS
The AWS Console Home page features various types of resources to help you learn about the services and features AWS has to offer and get started with building your solutions faster.
The Build a Solution section features various simple automated wizards and workflows that help you create the resources you need for the solution you are seeking.
The Learn to Build section shows you various aggregated learning and training resources, organized by solution type and use case. These resources include tutorials, videos, self-paced labs, project guides, and documentation.
Pin service shortcuts
Personalize your console experience by creating shortcuts to the services you visit most often. Clicking the ”pin” icon in the global navigation bar (top-level toolbar) will allow you to drag and drop service links onto the toolbar to create your shortcuts.
Resource Groups
With Resource Groups, you can view collections of resources that share common tags. Streamline your use of the console by creating a resource group for each application, service, or collection of related resources that you work with regularly.
Quickly navigate to each saved resource group using the AWS menu. Resource Groups are specific to each identity, so each user in an account can create unique Resource Groups for frequently accessed resources and common tasks. Users can also use a URL to share Resource Group definitions with others in the same account.
Tag Editor
Use the Tag Editor to easily manage tags for all resource types that support tags in any Region. Apply tag keys and values to multiple resources at once. The Tag Editor supports global tag search and bulk editing, so it’s easy to find all resources with a particular tag or make tag changes across multiple resources with just a few clicks.
Manage AWS resources from your mobile device
With the AWS Management Console mobile app, you can quickly and easily view your existing resources, including CloudWatch alarms, and perform operational tasks from your mobile device. Download our mobile app from Amazon Appstore, Google Play, or iTunes
AWS CLI
Command line interface
Access to services by discreet command
The CLI provides a suite of utilities that can be launched from a command program in Linux, Mac or Windows
The CLI is an open-source tool built on top of the AWS SDK for Python (Boto) that provides commands for interacting with AWS services. With minimal configuration (just one tool to download and configure), you can start using all of the functionality provided by the console from your favorite terminal program.
Linux shells – Use common shell programs such as Bash, Zsh, and tsch to run commands in Linux, macOS, or Unix.
Windows command line – On Microsoft Windows, run commands in either PowerShell or the Windows Command Processor.
SDKs (software developer kits)
Software development kits
Access to services in your code
AWS provides packages that enable accessing AWS in a large variety of popular programming languages. This not only makes it easy to use AWS in your existing applications but also enables creating applications to deploy and monitor complex systems entirely through code.
AWS manages infrastructure as code by using the AWS SDKs and the APIs that underlie them. The concept of infrastructure as code (IaC) is powerful and disruptive and sets the cloud apart from the old IT world. These language-specific SDKs contain APIs that allow you to easily incorporate the wide range of AWS Cloud services into your code without writing the functions yourself. There are extensive notes and documentation on how to use the SDKs listed on the slide. Some of the examples of documentation provided for you include guides on how to get started, developer guides, API references, and community forums or developer blogs.
Providing language specific APIS for AWS services
Fault tolerant
Ability for a system to remain operational even if some of the compensates fail
High durability
Low risk of losing data
High availability
Low risk of services being unavailable
Scaling up vs scaling out
Scaling up: create a single point of failure, involves adding more resources to a particular instance to meet demand
Scaling out: uses auto scaling groups to increase processing capacity in response to changes in preset thresholds parameters, could involve adding more EC2 instances of a web server
Cloud trail
Enables governance, compliance, operating auditing, and risk auditing of your AWS account
Log, continuously monitor and retain account activities related to actions across your AWS Infra with history of account activity, actions taken,
Who has done what, user and API activity tracking
enables governance, compliance, operational auditing, and risk auditing of your AWS account. CloudTrail can be used to record AWS API calls and other activity for your AWS account and save the recorded information to log files in an Amazon Simple Storage Service (Amazon S3) bucket that you choose. By default, the log files delivered by CloudTrail to your S3 bucket are encrypted using server-side encryption with Amazon S3–managed encryption keys (SSE-S3
Cloud watch
Log repository for all AWS services! Store and keep the logs
Monitoring NOT debugging
Code guru
Developer tool power3d by ML that provides intelligent recommendations for improving quality of code and applications most expensive lines of code
AWS codebuild
Fully managed continuous integration service that compiles source code, runs tests, produces software packages that are ready to deploy
AWS code artifacts
Fully managed artifacts repository service that makes it easy for orgs to securely store, publish, and share software packages used In their software development process
AWS Code star
Develop, build, deploy applications on AWS quickly. AWS code star provides a unified user interface, enabling you to manage your software development activities in one place easily
Athena
Serverless query service that does not need to build databases on dedicated elastic block store (EBS) volumes, builds tables from data read directly from Amazon S3 buckets
Does not store any of the data
Compatible with regular data formats ie CSV, JSON, ORC, AVRO, parquet
No additional data storage commitments beyond the object storage
Can query big data complex analysis to such as large joins, window functions, and arrays
Only uses SQL
Amazon machine image (AMI)
Provides info required to Launch an instance/ virtual server in the cloud
You specify am AMI when you launch an instance, and you can launch as many instances the AMI as you need,
AWS trusted advisor
Checks for service usage for all resources within AWS cloud and provides notifications
AWS Codepipeline
Typically utilised when orchestrating and automating the various phases involved in the release of applications updates in line with a release model that the developers defines
Codedeploy
Compiling and deploying micro services on Amazon EC2 instances or AWS lambda functions
Automates code deployments to any instance including EC2 and also instances running on premise
Rapidly release new features and avoid downtime during app development
Code commmit
Securely Sharing code, collaborating on source code, version control and storing binaries on an AWS fully managed platform
Data sync
Simple and fast way to move huge amounts of data (hundreds of terabytes) between on premise storage to S3, EFS, FSx
AWS direct connect
Run workloads that are heavy in bandwidth in AWS, ENABLING private and decided connections between the onpremise network and AWS. DATA SYNC can be used over the internet or Direct Connect
Simplifies setting up dedicated network connectivity between AWS and on premise infrastructure
AWS Data Pipeline
Web service that facilitates data processing and movement between various AWS Services like compute and storage
Works well with data sources that are on premis
AWS MIGRATION Hub
FOR APPS
Service that facilitates discovery of the existing applicants and IT assets and provides a view to better plan and track application migrations
AWS global accelerator
Networking service that utilises AWS global network to optimise the user to application path.
Can be tested using a speed comparison tool provided by AWS
Differs from S3 transfer acceleration and dynamo DB accelerator
S3 transfer accelerator
Accelerates transfer of files to the S3 bucket by utulizimg edged locations
DynamoDB accelerator (Dax)
Fully managed, Highly available in memory cache for DynamoDB
AWS web application firewall (WAF)
Helps protect your web apps or APIs against common web exploits that may affected availability, compromise security, or consume excessive resources. Not an access management system, cloudtrail cannot be us3d to manage privledges.
Layer 7
AWS Polly
Turns text into life like speech