S.A.A. CH7 Flashcards
CH8
PG228
Lambda?
Severless?
Lambda = AWS Lambda is a compute service that runs you back end code in response to events such as object upload to Amazon S3 buckets, updates to Amazon DynamoDB tables, data in kinesis Data Streams, or in-app activity. You are charged for every 100ms and the number of times its triggered and memory used. Does not charge when its not running. 5mins run time
Severless = 1) No infrastructure to manage 2) Scalability 3) Build In Redundancy 4) Pay only for usage
Amazon S3
Dynamo DB
API Gateway
Lambda
SNS and SQS
Cloud Watch Event
Kinesis
CH8
PG231
Lambda Languages?
Lambda Resource Limit Per Invocation?
Lambda Languages = Java, Node.js, Python, C#
Lambda Resource Limit Per Invocation =
Resources: Limits:
Memory Allocation range Minimum =128 MB Max =3008MB (with 64MB increments)
Ephemeral disk capacity 512 MB
Number of file description 1024
Number of process and threads 1024
Max execution duration 300 seconds
Lambda function 50MB
Total Size of all the deployment 75GB
CH7
PG232
You can use API Gateway in the following way?
Benefits of Amazon API gateway?
You can use API Gateway in the following way =
to create, deploy, and manage a RESTful API to expose bac-end HTTP endpoints, AWS Lambda functions or other AWS
services
to invoke exposed API methods through the front-end HTTP endpoints
Benefits of Amazon API gateway =
resiliency and performance at any scale: can throttle so that back-end operations can withstand traffic spike
caching: reduces latency by caching the output of API calls so it doesnt have to do the process again
security: has several tools to authorize access to your API’s. Can also verify signed API calls
metering: helps limit and restrict third party developers access to your API’s
monitoring: helps keep track of latency, error rates, and so on
lifecycle management: allows you to run several versions of the same API dashboard at the same time.
Integration with other AWS products
Open API specification (Swagger) support
SDK generation for iOS, Android, and Javscript
CH7
PG235
Real time application scenarios
Evolving from batch to streaming analytics?
Building real-time applications?
Evolving from batch to streaming analytics = replaced batch analytics traditionally done with data warehouses or hadoop frameworks. The most common use cases in this category include data lakes, data science, and machine learning. You can use streaming data solutions to continuously load real-time data into your data lakes
Building real-time applications = You can use streaming data services for real-time applications such as application monitoring, fraud detection, and live leaderboards. For example netflix uses kinesis dat streams to monitor the communication between all its applications so it can detect and fix issues quickly ensuring high service uptime and availability to its customers
CH7
PH235
Amazon Kinesis Data Streams?
Amazon Kinesis Data Streams = can continuously capture and store terabytes of data per hour from hundreds of thousands of sources such as web site clickstreams, financial transactions, social media feeds, IT logs, and locations tracking events.
Benefits: use Kinesis Producer Library KPL to put dat into a stream another benefit it can also run in parallel with another kinesis
CH7
pg239
Reference architectures using serverless services
Real time-file processing?
Real time stream processing?
Extract, transformation and load (ETL) Processing?
IOT Back Ends?
Real time-file processing = Photo taken>> Uploaded to S3 bucket>>Lambda triggered>>Lambda runs image resizing code to generate web mobile and tablet sizes
Real time stream processing = Kinensis captures #trends>>Lambda triggered>>Lambda runs code that generates hashtag trend data and stored it in DynamoDB
Extract, transformation and load (ETL) Processing = online order is placed>> DynamoDB stored the data>>Lambda is triggered>>Lambda runs data transformation code and loads results into data warehouse
IOT Back Ends =Tractor sensor sends data to Kinesis>>Lambda Triggered>>Lambda runs code to detect trends in sensory data, identify anomalies and order replacements for faulty parts
CH7
CloudFront?
CloudFront key concepts?
CloudFront = attributes are Caching static asset, Accelerating dynamic content, helping protect against distributed denial-of-service (DDoS) attacks, Improving security, Accelerating API calls, Distributing software, Streaming videos
CloudFront key concepts = Origin>>Regional Edge Location>>Edge Location>>
- Edge locations - is a data center used to deliver the content to the end user. It is more than likely that an AWS region does not exist where this edge location is present.
- Regional edge location - the regional edge cache is located between you origin web server and the global edge locations that serve content directly to your viewers
- Origins - is the customers server that houses the original
- Behavior - allows you to have granular control of the CloudFront
CH7
PG245
Path Pattern Matching?
Headers?
Query Strings/Cookies?
Signed URL or Signed Cookies?
Path Pattern Matching = you can configure multiple cache behaviors based on URL path patterns for the web site or applications for which you are going to use Amazon Cloud Front
Headers = using headers you can forward request headers to the origin cache based on the header value. For example you can have a different response if the user is coming from a laptop or mobile device
Query Strings/Cookies = a query string is the part of a web request that appears after a “?”
Signed URL or Signed Cookies = A signed URL offers you temporary access to manage S3 content. a Cookies URL does the same but for HTTP.
CH7
PG245
Protocol Policy?
Time to Live?
Gzip Compression?
Protocol Policy = is used to manage HTTP or HTTP’s
Time to Live = is how long an object stays in CloudFront Cache. The time is specified in seconds and expires in 24 hours
Gzip Compression = can be done in 2 methods for distribution.
- Web: distribution is used for speeding up the distribution of static and dynamic content for example html., css, php, and graphics file
- RTMP: distribution is used to speed up the distribution of you streaming media files using Adobe Flash Media Servers
CH7
PG246
Geo Restrictions?
Error Handling?
Amazon Route 53?
Geo Restrictions = restricts content based on location of the request or location of the requestor
Error Handling = You can configure CloudFront to respond with an error code your origin returns an HTTP 4xx or 5xx
Amazon Route 53 = has 100% SLA. Supports zone Apex Support
- weighted round robin: when you distribute traffic in proportions like a quarter here and the other 3 quarters over there. You can also do testing: 10% to a server running new patching; 90% to the original sever
- Latency based routing: When you route traffic based on the data center with lowest latency
- FailOver routing: when you configure active-pass failover in which once resource takes all traffic when its available and the other resource takes all traffic when the first resource insnt available
- GEO DNS routing - when route 53 responds to the queries based on the location of the users.
CH7
PG248
AWS WEB Application Firewall?
AWS WEB Application Firewall =
- vulnerability protection - can use AWF to create custom rules that block common attack patterns, such as SQL injection or cross site scripting
- malicious request - Web crawlers can be used to overload a web server and bring a site down. AWS WAF protects against this.
- DDoS mitigations (HTTP./HTPPS floods) - this helps protect applications by blocking or monitor web request based on conditions that you define.
- Can block or allow request based on the following:
- cross site scripting match conditions
- IP match
- Geographic condition match
- Size constraints conditions
- SQL injections (malicious SQL code)
- string
- regex match
CH7
PG249
AWS WAF 2 Rules?
Amazon Simple Queue Service?
AWS WAF 2 Rules =
- regular rules: use only condition to target specific requests such as those coming from a specific IP address and request that inlclude SQL based code
- rate rule: measures the frequency with which the request occurred. Example block IP address that submits more than 2K request in 5 minutes.
Amazon Simple Queue Service = A message que allows different parts of a system to communicate and process operations asynchronously. A message provides a buffer, which temporarily stores messages and endpoints which allow software components to connect to the queue to send and receive messages. You can put messages into a queue, and you can retrieve messages from a queue.
CH7
PG252
Amazon Simple Queue Service Features?
Two Types of SQS?
Amazon Simple Queue Service Features=
- SQS is redundant across multiple AZs in each region
- Multiple copies of messages are stored across multiple AZ’s and messages are retained up to 14 days
- If your consumer or producer application fails, your messages wont be lost
- Because of the distributed architecture SQS scales without any pre provisioning
- Messages can contain up to 256KB in data
Standard - default type, supports almost unlimited transactions, provides best effort ordering that ensures
FIFO - limited to 300 messages per second. Duplicates are not delivered in this system. messages are delivered in the order received.
SQS facts =
- messages are kept: from 1 minute to 14 days
- maximum message size: between 1KB and 256KB
- delivery delay: this is the amount a message can be delayed that has been placed in the queue, 0 to 15 mins.
- receive message wait time: short polling is 0 seconds waits time, long polling is 1 second to 20s.
