AWS Cloud Practitioner Essentials Created @October 14, 2022 4:55 PM Tags AWS Cloud Last edited time @November 7, 2022 1:36 AM Status Done Module 2: Compute in the cloud Amazon EC2 Amazon EC2 instance types Amazon EC2 pricing On-Demand Amazon EC2 Saving Plans Reserved Instances Spot Instances Dedicated Hosts Auto Scaling Elastic Load Balancing Messaging and queuing Amazon SQS Amazon Simple Queue Service AWS Cloud Practitioner Essentials 1 a service that enables you to send, store, and receive messages between software components through a queue. Amazon SNS Amazon Simple Notification Service Serverless computing AWS Lambda Amazon ECS Amazon EKS AWS Fargate serverless compute engine for containers. Module 3: Global infrastructure and reliability Region Factors Compliance Latency Available services Pricing Availability Zones AWS Cloud Practitioner Essentials 2 Edge locations Amazon CloudFront Content Delivery Network ,簡稱CDN Amazon CloudFront is a content delivery service. It uses a network of edge locations to cache content and deliver content to customers all over the world. When content is cached, it is stored locally as a copy. This content might be video files, photos, webpages, and so on. Amazon Route 53 , Domain Name System DNS Aws Outposts edge devices AWS Outposts is a service that enables you to run infrastructure in a hybrid cloud approach. How to provision AWS resources AWS Cloud Practitioner Essentials 3 AWS Elastic Beanstalk PaaS (platform as a service) provide code and configuration settings, and Elastic Beanstalk deploys the resources necessary to perform the following tasks: Adjust capacity Load balancing Automatic scaling Application health monitoring AWS CloudFormation infrastructure as code AWS CloudFormation provisions your resources in a safe, repeatable manner, enabling you to frequently build your infrastructure and applications Module 4: Networking Amazon Virtual Private Cloud Amazon VPC Internet gateway AWS Cloud Practitioner Essentials 4 IGW Virtual private gateway VGW A virtual private gateway enables you to establish a virtual private network (VPN) connection between your VPC and a private network, such as an on-premises data center or internal corporate network. A virtual private gateway allows traffic into the VPC only if it is coming from an approved network. AWS Direct Connect AWS Cloud Practitioner Essentials 5 enables you to establish a dedicated private connection between your data center and virtual private cloud (VPC) Network access control list (ACL) subnet level Security groups EC2 Module 5: Storage and Database AWS Cloud Practitioner Essentials 6 Storage Instances Store Volume temporary block-level storage An instance store is disk storage that is physically attached to the host computer for an EC2 instance Amazon EBS Amazon Elastic Block Store ,外接硬碟 availability zone level resource, volumes do not automatically scale Snapshots: Incremental backups Amazon S3 Amazon Simple Storage Service In object storage, each object consists of data, metadata, and a key. The data might be an image, video, text document, or any other type of file. Metadata contains information about what the data is, how it is used, the object size, and so on. An object’s key is its unique identifier. Amazon S3 Standard Amazon S3 Standard-Infrequent Access (S3 Standard-IA) Amazon S3 One Zone-Infrequent Access (S3 One Zone-IA) AWS Cloud Practitioner Essentials 7 Amazon S3 Intelligent-Tiering Amazon S3 Glacier Instant Retrival Amazon S3 Glacier Flexible Retrieval 幾分鐘到數⼩時不等的存取時間 Amazon S3 Glacier Deep Archive 最低成本的儲存類別,旨在⻑期保留將保留 7-10 年的資料 12 ⼩時內的擷取時間 Amazon S3 Outposts Amazon EFS 簡單、無伺服器、⼀勞永逸的彈性檔案系統 Amazon Elastic File System Linux file system, regional resource, auto-scales Database Amazon RDS Amazon Relational Database Service Amazon Aurora Amazon DynamoDB serverless. DynamoDB table Amazon Redshift data warehouse as a service for big data analytics It offers the ability to collect data from many sources and helps you to understand relationships and trends across your data. AWS Database migrate service (DMS) AWS Cloud Practitioner Essentials 8 enables you to migrate relational databases, nonrelational databases, and other types of data stores Additional database services Module 6: Security AWS Identity and Access Management (IAM) IAM users IAM groups An IAM group is a collection of IAM users. Roles temporary permissions to access IAM policy AWS Cloud Practitioner Essentials 9 MFA Multi-factor authentication AWS Organizations Suppose that your company has multiple AWS accounts. You can use AWS Organizations to consolidate and manage multiple AWS accounts within a central location. service control policies (SCPs) SCPs enable you to place restrictions on the AWS services, resources, and individual API actions that users and roles in each account can access. In AWS Organizations, you can apply service control policies (SCPs) to the organization root, an individual member account, or an OU. Organizational units organizational units (OUs) Hierarchical 垂直 groupings of accounts AWS Artifact compliable AWS Cloud Practitioner Essentials 10 AWS Artifact Agreement AWS Artifact Reports third-party auditors DDoS Distributed denial-of-service attacks AWS Security group AWS Shield AWS Shield Standard automatically protects all AWS customers at no cost. AWS Shield Advanced A paid service that provides detailed attack diagnostics and the ability to detect and mitigate sophisticated DDoS attacks It also integrates with other services such as Amazon CloudFront, Amazon Route 53, and Elastic Load Balancing AWS WAF web application firewall to filter inconing traffic ML for recognize new threats as they evolve Additional security services AWS KMS AWS Key Management Service (AWS KMS) 加密 encryption operations through the use of cryptographic keys. A cryptographic key is a random string of digits used for locking (encrypting) and unlocking (decrypting) data. You can use AWS KMS to create, manage, and use cryptographic keys. AWS WAF AWS Cloud Practitioner Essentials 11 Web 應⽤程式防⽕牆 can be used to prevent SQL injection attacts Amazon Inspector automated security assessments. It checks applications for security vulnerabilities and deviations from security best practices, such as open access to Amazon EC2 instances and installations of vulnerable software versions. Amazon GuardDuty AWS Cloud Practitioner Essentials 12 Module 7: Monitoring and Analytics Amazon CloudWatch dashboard that enables you to monitor matrics and alarm Metrics EC2 count, memery and cpu utilizaion, number of requests to Amazon S3 bucket, etc. Alarms automatically perform actions if the value of your metric has gone above or below a predefined threshold Dashboard AWS Cloud Practitioner Essentials 13 AWS CloudTrial records all API calls. Informations includes the identity of the API caller, the time of the API call, the source IP address of the API caller, and more. ⽅便審計,證明資料以及應⽤符合Compliance,並且沒有被中途更改過 CloudTrail Insights optional feature allows CloudTrail to automatically detect unusual API activities in your AWS account. AWS Cloud Practitioner Essentials 14 AWS Trusted Advisor automated advisor Module 8: Pricing and Support AWS organizations and consolidate billing AWS Budgets AWS Cost Explorer AWS Cloud Practitioner Essentials 15 AWS Pricing Calculator AWS Support Plans AWS Marketplace AWS Marketplace is a digital catalog that includes thousands of software listings from independent software vendors. You can use AWS Marketplace to find, test, and buy software that runs on AWS. Module 9: Migration and Innovation AWS CAF AWS Cloud Adoption Framework (AWS CAF). Adoption guidelines AWS Cloud Practitioner Essentials 16 Business Perspective People Perspective Governance Perspective Platform Perspective Security Perspective Operations Perspective Migration strategies The 6 R’s migration strategies Rehosting Rehosting also known as “lift-and-shift” involves moving applications without changes. In the scenario of a large legacy migration, in which the company is looking to implement its migration and scale quickly to meet a business case, the majority of applications are rehosted. Replatforming Replatforming, also known as “lift, tinker, and shift,” involves making a few cloud optimizations to realize a tangible benefit. Optimization is achieved without changing the core architecture of the application. Refactoring/re-architecting Refactoring (also known as re-architecting) involves reimagining how an application is architected and developed by using cloud-native features. Refactoring is driven by a strong business need to add features, scale, or performance that would otherwise be difficult to achieve in the application’s existing environment. Repurchasing Repurchasing involves moving from a traditional license to a software-as-aservice model. AWS Cloud Practitioner Essentials 17 For example, a business might choose to implement the repurchasing strategy by migrating from a customer relationship management (CRM) system to Salesforce.com. Retaining Retaining consists of keeping applications that are critical for the business in the source environment. This might include applications that require major refactoring before they can be migrated, or, work that can be postponed until a later time. Retiring Retiring is the process of removing applications that are no longer needed. AWS data migration solutions AWS Snowcone features 2 CPUs, 4 GB of memory, and 8 TB of usable storage AWS Snowball Snowball Edge Storage Optimized 80 TB Snowball Edge Compute Optimized 42-TB AWS Snowmobile 100 PB Innovation with AWS Serverless applications that don’t require you to provision, maintain, or administer servers AWS Cloud Practitioner Essentials 18 Artificial intelligence Convert speech to text with Amazon Transcribe. Amazon Textract is a machine learning service that automatically extracts text and data from scanned documents. Discover patterns in text with Amazon Comprehend. Identify potentially fraudulent online activities with Amazon Fraud Detector. Build voice and text chatbots with Amazon Lex. Machine learning AWS offers Amazon SageMaker to remove the difficult work from the process and empower you to build, train, and deploy ML models quickly. AWS DeepRacer is an autonomous 1/18 scale race car that you can use to test reinforcement learning models. Module 10: Well-Architected Framework AWS Cloud Practitioner Essentials 19 Something More AWS Elastic Beanstalk AWS Elastic Beanstalk deploys web applications so that you can focus on your business. capacity provisioning, load balancing, and auto scaling to application health monitoring. AWS CloudFormation Provision resources by using programming languages or a text file AWS Cloud Practitioner Essentials 20