Terms Flashcards
- Ideal for compute-bound applications that benefit from high-preformancce processors
- Ideal for: high-performance web servers, compute-intensive applications servers, and dedicated gaming servers, and batch processing w/ many transactions in a single group
Compute Optimized Instances
- Provide a balance of compute, memory, and networking respources
- Ideal for: application servers, gaming servers, backend servers for enterprise applications, small and medium databases
General Purpose Instances
- Deliver fast performance for workloads that process large datasets in memory
- Ideal for: workloads that requires large amounts of data to be preloaded before running an application or workloads that involve real-time processing of large amounts of unstructed data
Memory Optimizeed Instances
- Use hardware accelerators, or coprocessors, to perform some functions more efficiently
- Ideal for: workloads such as graphics applications, game streaming, and application streaming
Accelerated Computing Instances
- Ideal for workloads that require high, sequential read and write access to large datasets on local storage
- Ideal for: distributed file systems, data warehousing applications, and high-frequency online transaction processing (OLTP) systems.
Storage Optimized Instances
- Ideal for short-term, irregular workloads that cannot be interrupted
- Ideal for: developing and testing applications and running applications that have unpredictable usage patterns
Not reccomended for workloads tht last a year or longer
On-Demand Instances
- A billing discount applied to the use of On-Demand Instances in your account
- 1-year of 3-year term
Reserved Instances
Ideal if you know the EC2 instance type and size you need for your steady-state applications and in which AWS Region you plan to run them
Require you to state: Instance type and size, platform description (OS), tenancy, and region
Standard Reserved Instances
Ideal if you need to run your EC2 instances in different Availability Zones or different instance types
Convertible Reserved Instances
- Reduce your EC2 instance costs when you make an hourly spend commitment to an instance family and Region for a 1-year or 3-year term
- A good option if you need flexibility in your Amazon EC2 usage over the duration of the commitment term
Don’t need to specify up front what EC2 instance type and size, OS, and tenancy to get discount (up to 72%)
EC2 Instance Savings Plan
Ideal for workloads with flexible start and end times, or that can withstand interruptions
Up to 90% discount
Spot Instances
Physical servers with Amazon EC2 instance capacity that is fully dedicated to your use
Most expensive
Dedicated Hosts
- Automatically add or remove Amazon EC2 instances in response to changing application demand
- Must state: minimum capacity, desired capacity, and maximum capacity
Two types:
Dynamiic scaling - responds to chaning demand
Predicitive scaling - automatically schedules the right number of Amazon EC2 instaances based on predicted demand
Amazon EC2 Auto Scaling
Automatically distributes incoming application traffic across multiple resources
Elastic Load Balancing
Suppose that you have an application with tightly coupled components. These components might include databases, servers, the user interface, business logic, and so on
if a single component fails, other components fail, and possibly the entire application fails
Monolithic Application
Applicaiton components are loosely coupled
if a single component fails, the other components continue to work because they are communicating with each other
Microserves Approach
- Publish/subscribe service
- A publisher publishes messages to subscribers
- Subscribers can be web servers, email addresses, AWS Lambda functions, or several other options
Amazon SNS (Amazon Simple Notification Service)
Is a message queing service
you can send, store, and receive messages between software components, without losing messages or requiring other services to be available
Amazon SQS (Amazon SImple Queue Service)
A service that lets you run code without needing to provision or manage servers
AWS service for serless computing
AWS Lambda
Provide you with a standard way to package your application’s code and dependencies into a single object
Containers
A highly scalable, high-performance container management system that enables you to run and scale containerized applications on AWS
Supports Docker containers
Amazon ECS (Amazon Elastic Container Service)
A fully managed service that you can use to run Kubernetes on AWS
Amazon EKS (Amazon Elastic Kubernetes Service)
- Serverless compute engine for containers
- No need to provision or manage servers
Works with both Amazon ECS and Amazon EKS
AWS Fargate
A single data center or a group of data centers within a Region
Availability Zone
a site that Amazon CloudFront uses to store cached copies of your content closer to your customers for faster delivery
Edge Location
- Web-based interface for accessing and managing AWS services
- Includes wizards and automated workflows that can simplify the process of completing tasks
AWS Management Console
- Enables you to control multiple AWS services directly from the command line within one tool
- You can automate the actions that your services and applications perfrom throguh scripts
AWS CLI (AWS Command Line Interface)
Make it easier for you to use AWS services through an API designed for your programming language or platform
SDKs (Software Development Kits)
You provide code and configuration settings and __ __ __ deploys the resources nessary to preform the following tasks:
Adjust capacity
Load Balancing
Automatic Scaling
Application health monitoring
AWS Elastic Beanstalk
Allows you to build an enviorment by writing lines of code instead of using the AWS Management Console to individually provision resources
AWS CloudFormation
Enables you to provision an isolated section of the AWS Cloud
Amazon VPC (Amazon Virtual Private Cloud)
A section of a VPC in which you can group resources based on security or operational needs
Subnet
A connection between a VPC and the internet
Internet Gateway
Allows you to access private resources in a VPC
Use: enables you to establish a virtual private network connection between your VPC and a private network
Virtual Private Gateway
A service that lets you to establish a dedicated private connection between your data center and a VPC
AWS Direct Connect
Contains resources that need to be accessible by the public, such as an online store’s website
Public Subnets
Contains resources that should be accessible only through your private network, such as a database that contains customers’ personal information and order histories
Private Subnets
A virtural firewall that controls inbound and outbound traffic at the subnet level
Preform stateless packet filtering
By default, allows all inbound and outbound
By custom default, all inbound and outbound is denied
Network ACL
Packet filtering that remembers nothing and check packets that cross the subnet border each way
Stateless packet filtering
A virtual firewall that controls inbound and outbound traffic for an Amazon EC2 instance
Preforms stateful packet filtering
By default, denies all inbound traffic and allows all outbound traffic
Security Group
Pakcet filtering that remembers previous decisions made from incoming packets
Stateful Packet Filitering
Customers enter the web address into their browser, and they are able to access the website
Phone book of the internet
DNS (Domain Name System) Resolution
AWS DNS web service
A reliable way to route end users to internet applicaitons hosted in AWS
Amazon Route 53
Provides tempory block-level storage for an Amazon EC2 instance
Disk storage that is physically attached to the host computer for an EC2 instance and therefore has the same lifespan as the instance
Instance Store
A service that provides block-level storage volumes that you can use with Amazon EC2 instances
If you stop or terminate an Amazon EC2 instance, all the data on the attached volume remains available
Amazon EBS (Amazon Elastic Block Store)
Incremental backup
EBS Snapshot
consists of data, metadata, and a key
Data: a type of file
Metadata: info aboutwhat the data is, how it’s used, the object size, etc
Key: a unique identifier
Object Storage
A service that provides object-level storage
Stores data as objects in buckets
Amazon S3 (Amazon Simple Storage Service)
- Designed for frequently accessed data
- Stores in a minimum of three Availability Zones
S3 Standard
- Ideal for infrequently accessed data
- Similar to Amazon S3 but has a lower price and higher retrieval price
S3 Standard-Infrequent Access (S3 Standard-IA)
- Stores data in a single Availabilty Zone
- Has a lower storage price than Amazon S3 Standard-IA
S3 One Zone-Infrequent Access (s3 One Zone-IA)
- Ideal for data with unknown or changing access patterns
- Requires a small monthly monitoring and automation fee per object
S3 Intelligent Tiering
- Works well for archived data that requires immediate access
- Can retreieve objects within a few milliseconds
S3 Glacier Instnat Retrieval
- Low-cost storage designed for data archiving
- Able to retrieve objects within a few minutes
S3 Glacier Flexible Retrieval
- Lowest-cost object storage class ideal for archiving
- Able to retrieve objects within 12 hours
S3 Glacier Deep Archive
- Creats S3 buckets on Amazon S3 Outposts
- Makes it easier to retrieve, store, and access data on AWS Outposts
S3 Outposts
Multiple clients can access data that is stored in shared file folders
Ideal when a large number of services and resources need to access the same data at the same time
File Storage
A scalable file system used with Aws Cloud services and on-premises resources
Grows and shrinks automatically
Amazon EFS (Amazon Elastic File System)
A managed service that enables you to run relational databases in the AWS Cloud
Automates tasks such as hardware provisioning, database setup, patching, and backups
Amzon RDS (Amzon Relational Database Service)
Amazon RDS database engines
6 engines
- AmazonAurora
- PortgreSQL
- MySQL
- MariaDB
- Oracle Database
- Microsoft SQL Server
An enterprise-class relational database
Amazon Aurora
You create tables
No SQL database
Nonrelational Database
Key-value databse service
Serverless
Automatic Scaling
Amazon DynamoDB
Enabled you to migrate DATA from relational databases, nonrelational databases, and other types of data stores.
AWS DMS (Amazon Database Migration Service)
A document database service that supports MongoDB workloads
Amazon DocumentDB
A graph database service
Amazon Neptune
A ledger database service
Amazon QLDB
A serice that can be used to create and manage blockchain netowrks with open-source frameworks
Aamzon Managed Blockchain
A service that adds caching layers on top of your databases to help improve the read times of common requests
Amazon ElastiCache
In-memory cache for DynamoDB
DAX (Amazon DynamoDB Accelerator)
Shared Responsibility Model
Customers: Security in the cloud
AWS: Security of the cloud
Allows you to manage access to AWS services and reources securely
control who is authenticated (signed in) and authorized (has permissions) to use resource
IAM (AWS Identity and Access Management)
An idenitity that you create in AWS
Represnets the persons or application that interacts with AWS services and resources
IAM User
Default: No premissions
A document that allows or denies premissions to AWS services and resources
IAM Policies
A collection of IAM users
IAM Groups
An Identity that you can assume to get temporary access to premissions
IAM Role
Can be used to consolidate and manage multiple AWS accounts within a central location
AWS Organizations
In AWS Organizations you can centrally control premissions for the accounts in your organization by using…
SCPs (Service Control Policies)
A service that provides on-demand access to AWS security and compliance reports and select online aggrements
AWS Artifact
Consists of AWS Artifact Agreements and AWS Artifact Reports
Contains resources to help you learn more about AWS compliance
Customer Compliance Center
A service that protects applications against DDoS attacks
AWS Shield
Review, accept, and manage agreements for an individual account and for all your accounts in AWS Organizations
AWS Artifact Agreements
Provides compliance reports from third party auditors
AWS Artifact Reports
Enables you to preform encryption operations through the use of crytographic keys
Can be used to create,manage, and use cryptographic keys
AWS KMS (AWS Key Management Service)
A web applications firewall that lets you monitor networks requests that come into your web applications
Works to block or allow traffic using a web access control list (ACL)
AWS WAF
A web service that enables you to monitor and manage various metrics and configure alarm actions based on data from those metrics
Amazon CloudWatch
Records API calls for your account
Recorded Information includes the identity of the API caller, the time of the API call, the source IP address of the API caller, and more
AWS CloudTrail
Optional feature that allows CloudTrail to automaticallly detect unusual API activity in your AWS account
CloudTrail Insights
A web service that inspects your AWS envioronment and provides real-time recommendations in accordance with AWS best practices
AWS Trusted Advisor
Lets you explore AWS services and create an estimate for the cost of your use cases on AWS
AWS Pricing Calculator
You are charged based on the number of requests for your functions and the time that it takes for them to run
AWS Lambda Pricing
You pay for only the compute time that you use while your instances are running
Amazon EC2 Pricing
Pricing absed off of:
Storage
Requests and data retrieval
Data transfer
management and replication
Amazon S3 Pricing
Used to pay your AWS bill, monitor your usage and analyze and control your costs
AWS Billing & Cost Management dashboard
Create budgets to plan your service usage, service costs, and instance reservations
AWS Budgets
A tool that lets you visualizel, understand, and manage your AWS costs and usage over time
AWS Cost Explorer
- Free for all
- Limited selections of Trusted Advisor checks
Basic Support
- Limited selections of Trusted Advisor checks
- Best practice guidance
- Client-side diagonstic tools
- Building-block architecture support, which consists of guidence for how to use AWS offerings, features, and services together
Developer Support
- Use-case guidence to identify AWS offerings, features, and services that can best support your specific needs
- All AWS Trusted Advisor checks
- Limited support for third-party software, such as common operating systems and application stack components
Business Support
- A pool of Technical Account Mnagers to provide proactive guidance and coordinate access to programs and AWS experts
- A Cost Optimozation workshop (1/year)
- A concierge support team for billing and account assistance
- Tools to monitor costs and performance through Trusted Advisor and Health API/Dashboard
Enterprise On-Ramp Support
- A designated Technical Account Manager to provide proactive guidance and coordinate access to programs and AWS experts
- A Consierge support team for billing and account assistance
- Operations Reviews and tools to monitor health
- Training and Game Day to drive innovation
- Tools to monitor costs and performance through Trusted Advisor and Health API/Dashboard
Enterprise Support
Primary point of contact at AWS
Provide expert engineering guidance, help you design solutions that efficiently integrate AWS services, assist with cost-effective and resilient architectures, and provide direct access to AWS programs and a broad community of experts
Technical Account Manager (TAM)
A digital catalog that includes thousands of software listings from independent software vendors
AWS Marketplace
Organizes guidence into six areas of focus called perspectives
AWS CAF (AWS Cloud Adoption Framework)
Ensures that IT aligns with business needs and that IT investments link to key business results
Ensure that your business strategies and goals align with your IT strategies and goals
Business Perspective
Supports development of an organization-wide change management strategy for successful cloud adoption
Evalute organizational structures and roles, new skill and process requirements, and identify gaps
People Perspective
Focuses on the skills and processes to align IT stragety with business strategy
Understand how to update the staff skills and processes necessary to ensure business governance in the cloud
Governance Perspective
Includes principles and patterns for implementing new solutions on the cloud, and migrating on-premises workloads to the cloud
Use a variety of architectural models to undersrand and communicate the structure of IT systems and their relationships
Platform Perspective
Ensures that the organization meets security objectives for visibility, auditability, control, and agility
Security Perspective
Helps you to enable, run, use, operate, and recover IT workloads to the level agreed upon with your business stakeholders
Define how day-to-day, quarter-to-quarter, adn year-to-year business is conducted. Algin with and support the operations of the buisness
Operations Perspective
Migration Strategies (6)
Rehosting
Replatforming
Refactoring/Re-architecting
Repurchasing
Retaining
Retiring
Lift-and-shift
Rehosting
Lift, tinker, and shift
Involves making a few cloud optimizations to realize a tnagible benefit
Replatforming
Reimagining how an application is architected and developed by using cloud-native features
Refactoring/re-architecting
Moving from a traditional license to a software-as-a-service model
Repurchasing
Keeping applicaitons that are critical for the business in the source enviornment
Retaining
The process of removing applicaitons that are no longer needed
Retiring
A collection of physicaol devices that help to physically transport up to exabytes of data into and out of AWS
AWS Snow Family
Small data transfer device featuring 2 CPUs, 4GB of memory, and up to 14TB of usuable storage
AWS Snowcone
Data migration device featuring:
- Storage: 80 TB of HDD and 1 TB of STATA SSD
- Compute: 40 vCPUs and 80 GiB of memory
AWS Snowball Sedge Storage Optimized
Data migration device featuring:
- 80 TB of HDD and 28 TB of usuable NVMe SSD
- Compute: 104 vCPUs, 416 GiB of memory, and an optional NVIDIA Tesla V100 GPU
AWS Snowball Edge Compute Optimized
An exabyte-scale data transfer service
Up to 100 pertabytes of data in a 45-foot ruggedized shipping container, pulled by a semi trailer truck
AWS Snowmobile
Enables you to quickly build, train, and adeploy machine learning models
Amazon SageMaker
A mechine learning learning service that automatically extracts text and data from scanned documents
Amazon Textract
A service that enables you to build conversational interfaces using voice and text
Amazon Lex
An autonomous 1/18 scale race car that you can use to test reinforcement learning models
AWs DeepRacer
AWS Well-Architected Framework (6)
Helps you understand how to design and operate reliable, secure, efficient, and cost-effecitive systems in the AWS Cloud
Operational excellence
Security
Reliability
Performance efficiency
Cost optimization
Sustainability
Advantages of Cloud Computing (6)
- Trade upfront costs for variable expense
- Benefit from massive exonomies of scale
- Stop guessing capacity
- Increase speed and agility
- Stop spending money running and maintaining data centers
- Go global in minutes
Automated security assesment service that helps improve the security and compliance of applicaitons deployed on AWS
Amazon Macie
An automated security assessment service that helps improve the security and compliance of applications deployed on Amazon EC2 instances
Amazon Inspector
A threat detection service that continuously monitors for malicious activity and unauthorized behavior to protect your AWS accounts and workloads
Amazon GuardDuty
Helps you protect secrets needed to access your applications, services, and IT resources
AWS Secrets Manager
Helps users store and manage developers’ source code in AWS
AWS CodeCommit
A service that manages the movement of code between the individual services
AWS CodePipeline
A service that helps users to automatically compile source code, run unit tests, and produce software packages that are ready for deployment
AWS CodeBuild
A managed artifact repository service that stores and shares software that is ready for deployment
CodeArtifact
A web service that speeds up the distribution of your static and dynamic web content to your users.
This service delivers your content through a worldwide network of data centers known as edge locations
CloudFront
A natural language processing (NLP) service that uses machine learning to find insights and relationships in text
Amazon Comprehend
Amazon Connect
Creates an encrypted network path between your on-premises network and your AWS Cloud network
AWS Site-to-Site VPN
A service that uses machine learning to convert audio data to text
Amazon Transcribe
A machine learning service that converts text to speech. This service provides the ability to read text out loud
Amazon Polly
A machine learning language translation service
Amazon Translate
You can use __________ to assess, audit, and evaluate the configurations of your AWS resources
AWS Config
A managed client-based VPN service that gives you the ability to securely access your AWS resources and the resources in your on-premises network
You can access your resources from any location through an OpenVPN-based VPN client
AWS Client VPN
A service that helps plan and track application migrations.
AWS Migration Hub
Can migrate physical servers and any databases or applications that run on them to EC2 instances in AWS
AWS MGN (Applicaiton Migration Service)
Collects information about the usage and configuration of on-premises servers to help plan a migration to AWS
AWS Applicaiton Discovery Service
A networking service that improves the performance of your users’ network traffic by up to 60%
AWS Global Accelerator
Creates and maintains a map of backend services
AWS Cloud Map
