Levering the AWS Global Infrastructure

Question 1

Why a Global application

Answer 1

• Global application is an application deployed in multiple geographies
• It could be region or Edge location
• Disaster recovery(DR)
• Attack protection:

Question 2

Global application in AWS

Answer 2

Global DNS:Routes 53

• Route53 a managed DNS(Domain name system)
• Great to route users to the closet deployment with last latency
• For disaster recovery strategies

Route 53 features are (non exhaustive list): Domain Registration, DNS, Health Checks, Routing Policy

Question 3

Routing 53 routing policies:

Answer 3

Simple routing policy

• no health checks
• Web browser go to our DNS system
• DNS query and get IPV4 as a result

Question 4

Weight routing Policies :

Answer 4

• Some kind of load balancing
• can used health check
• Allow us to disturbing the traffic across multiple instances
• Which Route 53 Routing Policies would you use to route traffic to multiple resources in proportions that you specify?

Question 5

Latency routing Policy:

Answer 5

• minimized latency
• Health check
• Route53 will be used to minimize latency between the user and server by making the user connect to server close to them

Question 6

Failover Routing policy:

Answer 6

• disaster recovery
• Health check
• We have a client and a primary ec2 instance and a failover> DNS do an health check on the primary ec2 if the primary instance fail, then will be redirected to the the failover

Question 7

Global content Delivery Network (CDN):

CloudFront

Answer 7

• Replicate part of your application to AWS edge location - decrease latency
• Cache common requests- improve user experience and decreased latency
• Improve read performance, content is cached at the edge
• DDoS protection because worldwide, integration with shield AWS web application firewall
• What does AWS CloudFront use to improve read performance?
  ( caching content in edge locations)
• With which services does CloudFront integrate to protect against web attacks? AWS WAF , and AWS Shield Advanced.
  You can use AWS WAF web access control lists (web ACLs) to help minimize the effects of a distributed denial of service (DDoS) attack. For additional protection against DDoS attacks, AWS also provides AWS Shield Standard and AWS Shield Advanced.

Question 8

Cloudfront - S3 bucket origins

Answer 8

• For distributing files and caching them at the edge
• Enhanced security with cloudfront origin access identity (OAI)
• cloud front can be used as an ingress (to upload files to S3)

Question 9

Custom origin (HTTP)

Answer 9

• Application load balancer
• EC2 instance
• S3 website ( must first enable the bucket as static S3 website)
• Any HTTP backend you want

Question 10

Cloudfront works

Answer 10

Cloudfront edge location(allover the world) connected to origin and when the client connect and make an http request to your edge location, the edge location will see if it has it in the cache, if not it will go to the origin to get the request result, and when it retrieve the result, it will cache it to a local cache so if another client want the same content, from the same edge location, then the edge location does not need to go to the origin.

Question 11

How to use: S3 as an origin

Answer 11

using cloudfront and edge location we can see that the content of our s3 block in one region can be be distributed all around the world through the edge location or point of present

Question 12

S3 transfer Acceleration

Answer 12

• Accelerate global upload & downloads into Amazon s3: that is far always from you
• Increase transfer speed by transferring files to an AWS edge location which will forward the data to the S3 Bucket in the target region
• You need to enable fast, easy, and secure transfers of files over long distances on S3. Which service would you use?

Question 13

AWS global Accelerator:

Answer 13

• Improve global application availability and performance using the AWS global network
• 2 Anycast IP
• The Edge location send the traffic to your application

Question 14

AWS outposts

Answer 14

• are server racks
• AWS will setup and manage “outposts Racks”
• Deploy outposts Racks in your own bata centers to extend AWS service
• Which service can be used to run AWS infrastructure and services on-premises for a hybrid cloud architecture?

Question 15

AWS outposts : Benefit

Answer 15

• Low latency access to on-prem system
• Local data processing
• Data residency
• Easier migration from on-prem to the cloud
• Fully managed service
• Service that work on outposts:
  Ec2, EBS, S3, EKS, ECS, RDS, EMR

Question 16

AWS Wavelength

Answer 16

• Bring AWS service to the edge of the 5G networks
• Ultra-low latency application
• are infrastructure deployments embedded within the telecommunication provider datacenter at the edge of the 5G network
• Which service is optimized to deploy ultra-low latency applications to 5G devices?

Question 17

AWS local Zones

Answer 17

• Bring AWS resource (compute, database, storage,..) closer to end user to run latency-sensitive applications
• good for latency-sensitive application
• Extend your VPC to more locations- “Extension of an AWS region”
• Compatible with EC2, RDS ECS EBS, ElastiCache, DIRECT CONNECT.