General Flashcards
6 Benefits of the Cloud
- Trade Capex for variable expense (OPEX)
- Benefit from massive economies of scale
- Stop Guessing Capacity
- Increase Speed and Agility
- Stop spending money running and maintaining data centers
- Go Global in minutes
A service that checks applications for security vulnerabilities and deviations from best practices
Amazon Inspector
A service that provides intelligent threat detection for your AWS infrastructure and resources.
Amazon GuardDuty
Which compute option reduces costs when you commit to a consistent amount of compute usage for a 1-year or 3-year term?
Savings Plans. Note Reserved instances do not require a commitment. Key word is consistent amount of compute
ElastiCache
Amazon ElastiCache is a service that adds caching layers on top of your databases to help improve the read times of common request
EC2 Instance stores
Instance stores are ideal for temporary data that does not need to be kept long term. When an Amazon EC2 instance is stopped or terminated, all the data that has been written to the attached instance store is deleted.
EC2 Instance Store has a better I/O performance, but data is lost if: the EC2 instance is stopped or terminated, or when the underlying disk drive fails.
AWS Direct Connect
AWS Direct Connect is a service that enables you to establish a dedicated private connection between your data center and VPC (virtual private cloud).
The private connection that AWS Direct Connect provides helps you to reduce network costs and increase the amount of bandwidth that can travel through your network.
Virtual Private Gateway
A virtual private gateway enables you to establish a virtual private network (VPN) connection between your VPC and a private network, such as an on-premises data center or internal corporate network. A virtual private gateway allows traffic into the VPC only if it is coming from an approved network.
Amazon SageMaker
Amazon SageMaker is a service that enables you to quickly build, train, and deploy machine learning models
DeepRacer
AWS DeepRacer is an autonomous 1/18 scale race car that you can use to test reinforcement learning models.
Availability Zone (AZ)
An AZ consists of one or more discrete data centers, each with redundant power, networking, and connectivity housed in separate facilities. Each AZ is isolated but the AZs in a region are connected through low-latency links.
AWS Cost Explorer
Easy to use interface that lets you visualize, understand and manage your AWS costs and usage over time
5 Characteristics of Cloud Computing
- On-demand Self Service
- Broad Network Access
- Multi-Tenancy and Resource Pooling
- Rapid elasticity and Scalability
- Measured Service
IAM Roles
Some AWS service will need to perform actions on your behalf. To do so, you assign permissions to AWS services with IAM Roles.
Elastic File Share
Amazon EFS is a fully managed service that makes it easy to set up, scale, and cost-optimize file storage in the Amazon Cloud
Glue
AWS Glue is a fully managed extract, transform, and load (ETL) service that makes it easy for customers to prepare and load their data for analytics.
Fargate
Fargate allows you to launch Docker containers on AWS, and you don’t need to provision and maintain the infrastructure (=no EC2 instances to manage). It is serverless.
AWS CloudFormation
AWS CloudFormation gives developers and systems administrators an easy way to create and manage a collection of related AWS resources, provisioning and updating them in an orderly and predictable fashion.
WaveLength
AWS Wavelength is an AWS Infrastructure offering optimized for mobile edge computing applications. Wavelength combines the high bandwidth and ultra-low latency of 5G networks with AWS compute and storage services to enable developers to innovate and build a whole new class of applications.
Cloud Development Kit (AWS CDK)
The AWS Cloud Development Kit (AWS CDK) is an open source software development framework to define your cloud application resources using familiar programming languages.
CloudFormation
AWS CloudFormation provides a common language for you to model and provision AWS and third party application resources in your cloud environment. It allows you to deploy Infrastructure as a Code.
AWS CloudFormation templates are JSON or YAML-formatted text files. They are declarations of the AWS resources that make up a stack.
Elastic Beanstalk
Elastic Beanstalk is a Platform as a Service (PaaS). You only manage data and applications. AWS Elastic Beanstalk makes it even easier for developers to quickly deploy and manage applications in the AWS Cloud
CodeArtifact
AWS CodeArtifact is a fully managed artifact repository (also called code dependencies) service that makes it easy for organizations of any size to securely store, publish, and share software packages used in their software development process.
CodeCommit
CodeCommit is a secure, highly scalable, managed source control service that makes it easier for teams to collaborate on code. It also provides software version control.
CodeBuild
CodeBuild is a fully managed continuous integration service that compiles source code, runs tests, and produces software packages that are ready to deploy. With CodeBuild, you don’t need to provision, manage, and scale your own build servers, it is serverless.
S3 Transfer Acceleration
Amazon S3 Transfer Acceleration enables fast, easy, and secure transfers of files over long distances between your client and an S3 bucket. Transfer Acceleration takes advantage of Amazon CloudFront’s globally distributed edge locations. As the data arrives at an edge location, data is routed to Amazon S3 over an optimized network path.
Route53
Route 53 features are (non exhaustive list): Domain Registration, DNS, Health Checks, Routing Policy.
DOES NOT DO DDOS
5 pillars of Well Architected Frameworks
- Operational Excellence
- Security
- Reliability
- Performance Efficiency
- Cost Optimization
Origin
The server from which Amazon CloudFront gets your files
CloudTrail
With CloudTrail, you can view a complete history of user activity and API calls for your applications and resources.
Events are typically updated in CloudTrail within 15 minutes after an API call was made. You can filter events by specifying the time and date that an API call occurred, the user who requested the action, the type of resource that was involved in the API call, and more.
CloudTrail Insights
AWS CloudTrail Insights helps AWS users identify and respond to unusual activity associated with write API calls by continuously analyzing CloudTrail management events.
CloudTrail
CloudTrail can record the history of events/API calls made within you AWS account, which will help determine who or what deleted the resource. You should investigate it first.
VPC
virtual private cloud (VPC) is a virtual network dedicated to your AWS account. It is logically isolated from other virtual networks in the AWS Cloud. You can launch your AWS resources, such as Amazon EC2 instances, into your VPC.
Directory Services (Microsoft Active Directory)
AWS Directory Service makes it easy for you to setup and run directories in the AWS cloud, or connect your AWS resources with an existing on-premises Microsoft Active Directory.
Security Token Services (STS)
AWS Security Token Service (AWS STS) is a web service that enables you to request temporary, limited-privilege credentials for AWS Identity and Access Management (IAM) users or for users that you authenticate (federated users).
Cognito
Amazon Cognito lets you add user sign-up, sign-in, and access control to your web and mobile apps quickly and easily
SSO (Single Sign on)
One log in to access multiple accounts. Integreted with AWS Organizations
Inspector
Automated Security for EC2 instances
SCP - Service Control Policies
Service control policies (SCPs) are a type of organization policy that you can use to manage permissions in your organization. An SCP spans all IAM users, groups, and roles, including the AWS account root user.
Control Tower
AWS Control Tower offers the easiest way to set up and govern a new, secure, multi-account AWS environment. It establishes a landing zone that is based on best-practices blueprints, and enables governance using guardrails you can choose from a pre-packaged list.
Elastic Transcoder
Amazon Elastic Transcoder is media transcoding in the cloud. It is used to convert media files from their source format into versions that will play back on devices like smartphones, tablets, and PCs.
AppStream
Amazon AppStream 2.0 is a fully managed non-persistent application and desktop streaming service that provides users instant access to their desktop applications from anywhere.
Device Farm
AWS Device Farm is an application testing service that lets you improve the quality of your web and mobile apps by testing them across an extensive range of desktop browsers and real mobile devices; without having to provision and manage any testing infrastructure.
Sumerian
Amazon Sumerian is a managed service that lets you create and run 3D, Augmented Reality (AR) and Virtual Reality (VR) applications. You can build immersive and interactive scenes that run on AR and VR, mobile devices, and your web browser.
WorkSpaces
Amazon WorkSpaces is a fully managed, secure cloud desktop service. You can use Amazon WorkSpaces to provision either Windows or Linux desktops in just a few minutes and quickly scale to provide thousands of desktops to workers across the globe.
CloudEndure
Disaster Recovery to recover your servers into AWS
Continuous block-level replication of your servers
