General Flashcards
AWS Cloud Benefits
Security
Reliability
High Availability
Elasticity
Agility
Pay-as-you-go pricing
Scalability
Global Reach
Economy of scale
AWS API Gateway
AWS service for creating, publishing, maintaining, monitoring, and securing REST, HTTP, and WebSocket APIs at any scale.
Cost Explorer
An easy-to-use interface that lets you visualize, understand, and manage your AWS costs and usage over time.
It uses your past usage, not expected usage.
By default it provides reports about the utilization of Amazon EC2 Reserved Instances
It also provides Highly Accurate forecasts up to 12 months ahead.
Cost and Usage Report
Contains the most comprehensive set of cost and usage data available. You can use Cost and Usage Reports to publish your AWS billing reports to an Amazon Simple Storage Service (Amazon S3) bucket that you own. You can receive reports that break down your costs by the hour, day, or month, by product or product resource, or by tags that you define yourself. AWS updates the report in your bucket once a day in comma-separated value (CSV) format. You can view the reports using spreadsheet software such as Microsoft Excel or Apache OpenOffice Calc, or access them from an application using the Amazon S3 API.
AWS CLI
A unified tool to manage your AWS services. With just one tool to download and configure, you can control multiple AWS services from the command line and automate them through scripts.
Features: AWS Single Sign-On (SSO), and various interactive features.
Amazon EC2 instance types (for example, Reserved, On-Demand, Spot)
Is not designed with Multi-AZ Deployment in mind
On-Demand Instances – Pay, by the second, for the instances that you launch.Savings Plans,Reserved Instances – (term of 1 or 3 years), Spot Instances – (Request unused EC2 instances), Dedicated Hosts – (Pay for a physical host that is fully dedicated to running your instances), Dedicated Instances – limited version of D. Host,Capacity Reservations – (Reserve capacity for your EC2 instances in a specific Availability Zone for any duration)
User data - can be used to perform common automated configuration tasks and even run scripts after the instance starts.
Elastic Load Balancers
It automatically distributes incoming application traffic across multiple targets, such as Amazon EC2 instances, containers, and IP addresses. It can handle the varying load of your application traffic in a single Availability Zone or across multiple Availability Zones.
Application Load Balancer - (HTTP/HTTPS)
Network Load Balancer - (TCP/SSL)
Gateway Load Balancer - Open Systems Interconnection (OSI) model, the network layer.
Classic Load Balancer - A Classic Load Balancer makes routing decisions at either the transport layer (TCP/SSL) or the application layer (HTTP/HTTPS).
AWS Global Infrastructure
Amazon EC2 is hosted in multiple locations world-wide. These locations are composed of Regions, Availability Zones, Local Zones, AWS Outposts, and Wavelength Zones. Each Region is a separate geographic area.
Infrastructure as Code (IaC)
IaC is a key driver to automate the provisioning process and life cycle management for both the application and its environment.
AWS CloudFormation, AWS Cloud Development Kit (AWS CDK), AWS Cloud Development Kit for Kubernetes
Amazon Machine Images (AMI)
Provides the information required to launch an instance. You must specify an AMI when you launch an instance. You can launch multiple instances from a single AMI when you need multiple instances with the same configuration. You can use different AMIs to launch instances when you need instances with different configurations.
AWS Management Console
A graphical interface for accessing a wide range of AWS Cloud services and managing compute, storage, and other cloud resources. Let you create new RDS instances through a web-based user interface.
AWS Resource Groups
You can use tags or AWS CloudFormation stacks to create resource groups in AWS Resource Groups, and manage your AWS resources collectively.
AWS Marketplace
A non default - curated digital catalog that customers can use to find, buy, deploy, and manage third-party software, data, and services to build solutions and run their businesses.
AWS Professional Services
AWS Cloud can provide you with sustainable business advantages. Supplementing your team with specialized skills and experience that work together with your team and your chosen member of the AWS Partner Network (APN) to execute your enterprise cloud computing initiatives.
AWS Service/Personal Health Dashboard
Service: The AWS Health Dashboard is the single place to learn about the availability and operations of AWS services. You can view the overall status of AWS services, and you can sign in to view personalized communications about your particular AWS account or organization. Your account view provides deeper visibility into resource issues, upcoming changes, and important notifications.
Personal: Provides ongoing visibility into your resource performance and the availability of your AWS services and accounts. You can use AWS Health events to learn how service and resource changes might affect your applications running on AWS.
Security Groups
Inside a VPC a security group acts as a virtual firewall, using rules (based on protocols and port numbers) to control the traffic that is allowed to reach and leave the resources that it is associated with.
When you create a VPC, it comes with a default security group.
You can create additional security groups for each VPC.
You can associate a security group only with resources in the VPC for which it is created.
AWS Service Catalog
Enables organizations to create and manage catalogs of IT services that are approved for AWS. You can also use the end user console view to manage the computing resources (known collectively as a provisioned product) for those products.
Service Quotas
AWS account has default quotas, formerly referred to as limits, for each AWS service. Unless otherwise noted, each quota is Region-specific. You can request increases for some quotas, and other quotas cannot be increased. Along with looking up the quota values, you can also request a quota increase from the Service Quotas console. AWS Support might approve, deny, or partially approve your requests.
AWS software development kits(SDK’s)
Simplify using AWS services in your applications with an Application Program Interface (API) tailored to your programming language or platform.
AWS Support Center
A range of plans that provide access to tools and expertise that support the success and operational health of your AWS solutions. All support plans provide 24/7 access to customer service, AWS documentation, technical papers, and support forums. For technical support and more resources to plan, deploy, and improve your AWS environment, you can choose a support plan that best aligns with your AWS use case.
AWS Support Tiers
Basic -
Customer Service and Communities - 24x7 access to customer service, documentation, whitepapers, and AWS re:Post., AWS Trusted Advisor , AWS Personal Health Dashboard
Developer -
Greater of $29 / month* or 3% of monthly AWS usage
Business hours web access to Cloud Support Associates
Trusted Advisor Service Quota and basic Security checks
General Guidance < 24 hours,
System impaired: < 12 hours
Business - Trusted Advisor Full set of checks
Greater of $100 / month*
Production system impaired response time 4 hours, if down 1 hour . (Does not have Technical Support Manager)
24/7 phone, web, and chat access to Cloud Support Engineers
Access to AWS Managed Services (AMS) for an additional fee. AMS augments your existing teams with cloud advanced operations skills and capacity. Includes baseline operations, a designated Cloud Service Delivery Manager (CSDM), Cloud Architect (CA), and access to the AMS security team.
Enterprise Ramp Up - Trusted Advisor Full set of checks
Greater of $5,500/month or 10% AWS usage up to 10k
Production system impaired response time 4 hours, if down 1 hour
Business-critical system down: < 30 minutes (Has a pool of Technical Account Managers to provide proactive guidance, and coordinate access to programs and AWS experts and Concierge Support Team-billing and account experts)
Business hours web access to Cloud Support Associates
Access to AWS Managed Services (AMS) for an additional fee. AMS augments your existing teams with cloud advanced operations skills and capacity. Includes baseline operations, a designated Cloud Service Delivery Manager (CSDM), Cloud Architect (CA), and access to the AMS security team.
Enterprise - Trusted Advisor Full set of checks
Greater of $5,500/month or 10% AWS usage
Production system impaired response time 4 hours, if down 1 hour
Business-critical system down: < 15 minutes (Has Designated Technical Account Manager - to proactively monitor your environment and assist with optimization and coordinate access to programs and AWS experts and Concierge Support Team-billing and account experts)
Business hours** web access to Cloud Support Associates
Access to AWS Managed Services (AMS) for an additional fee. AMS augments your existing teams with cloud operations skills and capacity. It includes baseline operations, a designated Cloud Service Delivery Manager (CSDM), Cloud Architect (CA), and access to the AMS security team. AWS Incident Detection and Response is available at no additional charge in eligible regions for AWS Managed Services direct customers with AWS Enterprise Support.
Virtual Private Networks (VPNs)
Establish secure connections over the internet between your on-premises networks, remote offices, client devices, and the AWS global network. Provides a highly-available, managed, and elastic cloud VPN solution to protect your network traffic.
AWS Site-to-Site VPN creates encrypted tunnels between your network and your Amazon Virtual Private Clouds or AWS Transit Gateways. For managing remote access, AWS Client VPN connects your users to AWS or on-premises resources using a VPN software client.
Site-to-site VPN offers a fixed VPN connection between your AWS VPC and an on-premise location. This will require a static IP to maintain the connection, with all traffic routed over the public internet via IPSec and IKE.
Client VPN is similar to the site-to-site but will allow the client connection from anywhere. Using OpenVPN software you establish the connection with AWS which is maintained for as long as the connection is alive. This again uses the internet for all communication.
Less secure than Direct Connect
Amazon Athena
Analytics:
A serverless interactive query service that makes it easy to analyze data in Amazon S3 using standard SQL
Amazon Kinesis
It makes it easy to collect, process, and analyze real-time, streaming data so you can get timely insights and react quickly to new information. With Amazon Kinesis, you can ingest real-time data such as video, audio, application logs, website clickstreams, and IoT telemetry data for machine learning, analytics, and other applications.
Amazon Kinesis Data Firehose, Data Analytics, Data Streams ,Video Streams, OpenSearch Service.
Quicksight
It is a fast, cloud-powered business intelligence (BI) service that makes it easy for you to deliver insights to everyone in your organization. QuickSight lets you create and publish interactive dashboards that can be accessed from browsers or mobile devices. You can embed dashboards into your applications, providing your customers with powerful self-service analytics.
Amazon Simple Notification Service (Amazon SNS)
Application Integration:
A fully managed messaging service for both application-to-application (A2A) and application-to-person (A2P) communication.
The A2A pub/sub functionality provides topics for high-throughput, push-based, many-to-many messaging between distributed systems, microservices, and event-driven serverless applications. Using Amazon SNS topics, your publisher systems can fanout messages to a large number of subscriber systems, including Amazon SQS queues, AWS Lambda functions, HTTPS endpoints, and Amazon Kinesis Data Firehose, for parallel processing. The A2P functionality enables you to send messages to users at scale via SMS, mobile push, and email.
Amazon Simple Queue Service (Amazon SQS)
Application Integration:
A fully managed message queuing service that makes it easy to decouple and scale microservices, distributed systems, and serverless applications. Amazon SQS moves data between distributed application components and helps you decouple these components.
AWS Batch
Compute and Serverless:
It enables developers, scientists, and engineers to easily and efficiently run hundreds of thousands of batch computing jobs on AWS. AWS Batch dynamically provisions the optimal quantity and type of compute resources (e.g., CPU or memory-optimized instances) based on the volume and specific resource requirements of the batch jobs submitted. With AWS Batch, there is no need to install and manage batch computing software or server clusters that you use to run your jobs, allowing you to focus on analyzing results and solving problems. AWS Batch plans, schedules, and runs your batch computing workloads across the full range of AWS compute services and features, such as Amazon EC2 and Spot Instances
Amazon EC2
Compute and Serverless:
It is a web service that provides secure, resizable compute capacity in the cloud. It is designed to make web-scale computing easier for developers.Automated backups
On-Demand Instances – Pay, by the second, for the instances that you launch.
Savings Plans – Reduce your Amazon EC2 costs by making a commitment to a consistent amount of usage, in USD per hour, for a term of 1 or 3 years.
Reserved Instances – Reduce your Amazon EC2 costs by making a commitment to a consistent instance configuration, including instance type and Region, for a term of 1 or 3 years. The offering class of a Reserved Instance is either Standard or Convertible.
Spot Instances – Request unused EC2 instances, which can reduce your Amazon EC2 costs significantly.
Dedicated Hosts – Pay for a physical host that is fully dedicated to running your instances, and bring your existing per-socket, per-core, or per-VM software licenses to reduce costs.
Dedicated Instances – Pay, by the hour, for instances that run on single-tenant hardware.
Capacity Reservations – Reserve capacity for your EC2 instances in a specific Availability Zone for any duration.
AWS Elastic Beanstalk
Compute and Serverless: Paas
Under the hood, it uses Cloud Formation
A free service you can quickly deploy and manage applications in the AWS Cloud without worrying about the infrastructure that runs those applications. AWS Elastic Beanstalk reduces management complexity without restricting choice or control. You simply upload your application, and AWS Elastic Beanstalk automatically handles the details of capacity provisioning, load balancing, scaling, and application health monitoring, auto-scaling to application health monitoring. Everything runs on EC2,
does not have serverless option
It can also work with EFS.
Can have one EC2 per container.
No advanced container features, and exposes to a load balancer. (no network policies etc)
Complete resource control, it can also use ECS
AWS Elastic Beanstalk is an easy-to-use service for deploying and scaling web applications and services developed with Java, .NET, PHP, Node.js, Python, Ruby, Go, and Docker on familiar servers such as Apache, Nginx, Passenger, and IIS.
AWS Lambda
Compute and Serverless: Faas
Costs come from “number of requests to your function”, Compute time Consumed.
It lets you run code without provisioning or managing servers. You pay only for the compute time you consume—there is no charge when your code is not running
AWS Lightsail
Compute and Serverless:
Lightsail plans include everything you need to jumpstart your project – a virtual machine, SSDbased storage, data transfer, DNS management, and a static IP address – for a low, predictable price.
Offers pre-packaged tech stacks on top of easy-to-use virtual private server (VPS) instances, containers, storage, databases, and more
Mainly for making websites fast (word press etc)
Lacks flexibility
Automatic instance scalability isn’t supported in Lightsail.
Instances can’t be modified after launch. You must launch a new instance to change your plan.
Databases can scale independent of virtual servers
As your cloud ideas expand, you can easily move to EC2 with a simple, guided experience.
You can integrate your Lightsail project with some of the 90+ other services in AWS through Amazon VPC peering
Lightsail Containers enables customers to run Docker containers on the cloud right from their developer workflows. Lightsail creates containers from the Docker images pushed by the developers, while we take care of the infrastructure management complexities.
Lightsail load balancers include integrated certificate management, providing free SSL/TLS certificates you can provision and add to a load balancer in just a few clicks. You can request and manage certificates directly from the Lightsail console – and we manage renewals on your behalf.
Lightsail offers a fully configured MySQL or PostgreSQL database.
AWS Workspaces
Compute and Serverless:
Offers an easy way to provide a cloud-based desktop experience to your end users. Select from a choice of bundles that offer a range of different amounts of CPU, memory, storage, and a choice of applications. Users can connect from a PC, Mac desktop computer, iPad, Kindle, or Android tablet.
AWS Elastic Container Service (ECS)
Containers:
More fine grain control of containers than Beanstalk
A highly scalable and fast container management service. You can use it to run, stop, and manage containers on a cluster. With Amazon ECS, your containers are defined in a task definition that you use to run individual tasks or tasks within a service. In this context, a service is a configuration that you can use to run and maintain a specified number of tasks simultaneously in a cluster.
Amazon Elastic Kubernetes Service (Amazon EKS)
Containers:
A managed service that you can use to run Kubernetes on AWS without needing to install, operate, and maintain your own Kubernetes control plane or nodes. Kubernetes is an open-source system for automating the deployment, scaling, and management of containerized applications. Amazon EKS:
AWS Fargate
Serverless compute for containers:
A serverless, pay-as-you-go compute engine that lets you focus on building applications without managing servers.
A technology that you can use with Amazon ECS or EKS to run containers without having to manage servers or clusters of Amazon EC2 instances. With Fargate, you no longer have to provision, configure, or scale clusters of virtual machines to run containers. This removes the need to choose server types, decide when to scale your clusters, or optimize cluster packing.
AWS Aurora
Database:
- automatically replicate data across Availability Zones
- Amazon Aurora is up to five times faster than standard MySQL databases and three times faster than standard PostgreSQL databases
It is a MySQL and PostgreSQL compatible relational database engine that combines the speed and availability of high-end commercial databases with the simplicity and cost-effectiveness of open source databases.. It provides the security, availability, and reliability of commercial databases at 1/10th the cost. Amazon Aurora is fully managed by Amazon Relational Database Service (Amazon RDS). It delivers high performance and availability with up to 15 low-latency read replicas, point-in-time recovery, continuous backup to Amazon S3, and replication across three Availability Zones (AZs).
AWS DynamoDB
Database:
-Designed with multi-AZ deployment in mind
-Amazon Aurora is up to five times faster than standard MySQL databases and three times faster than standard PostgreSQL databases
It is a key-value and document database that delivers single-digit millisecond performance at any scale. It’s NoSQL. Which service is used for caching data
AWS operates the infrastructure layer, the operating system, and platforms, and customers access the endpoints to store and retrieve data.
Customers are responsible for managing their data (including encryption options), classifying their assets, and using IAM tools to apply the appropriate permissions.
Lightsail plans include everything you need to jumpstart your project – a virtual machine, SSDbased storage, data transfer, DNS management, and a static IP address – for a low, predictable price.
Elasticache
Database:
It is a web service for caching that makes it easy to deploy, operate, and scale an in-memory cache in the cloud. The service improves the performance of web applications by allowing you to retrieve information from fast, managed, in-memory caches, instead of relying entirely on slower disk-based databases.
You can use ElastiCache for caching, which accelerates application and database performance, or as a primary data store for use cases that don’t require durability like session stores, gaming leaderboards, streaming, and analytics. ElastiCache is compatible with Redis and Memcached.
Boost application performance, reducing latency to microseconds.
RDS
Database:
Provides you with six familiar database engines to choose from, including Amazon Aurora, PostgreSQL, MySQL, MariaDB, Oracle Database, and SQL Server. You can use the AWS DMS (Database Migration Service) to easily migrate or replicate your existing databases to Amazon RDS.Available on several database instance types - optimized for memory, performance or I/O
Benefits:
automated backup allows you to restore the database with a granularity of as little as 5 minutes
No need to manage operating system
Can have read replicas for high throughput. (read replicas provide enhanced performance and durability for RDS database (DB) instances. (They make it easy to elastically scale out beyond the capacity constraints of a single DB instance for read-heavy database workloads. You can create one or more replicas of a given source DB Instance and serve high-volume application read traffic from multiple copies of your data, thereby increasing aggregate read throughput. )
Read replicas can also be promoted when needed to become standalone DB instances)
Redshift
Database: (has serverless and server options)
It makes it fast, simple and cost effective to analyze all your data using standard SQL and your existing Business Intelligence (BI) tools. It allows you to run complex analytic queries against terabytes to petabytes of structured and semistructured data, using sophisticated query optimization, columnar. Also known as a Data Warehouse
Amazon Redshift Spectrum
Can query S3
CodeBuild
Developer Tools:
A fully managed continuous integration service in the cloud. CodeBuild compiles your source code, runs unit tests, and produces artifacts that are ready to deploy. CodeBuild eliminates the need to provision, manage, and scale your own build servers. It provides prepackaged build environments for popular programming languages and build tools such as Apache Maven, Gradle, and more. You can also customize build environments in CodeBuild to use your own build tools. CodeBuild scales automatically to meet peak build requests.
