#separator:tab
#html:true
Benifits of Cloud1. Pay on Demand<br>2. Sharing cost with other customers<br>3. Scale up or down<br>4. Launch Recources quickly<br>5. Focus on customers (No Configuration)<br>6. Deploy in multiple regions
Fault LevelCollection of Fault Domains
Fault DomainsLimiting damages to only its domain and not allowing cascades to other domains
Edge Locationson and off ramps to the global aws network
AWS Global Networkprivate expressway where things can move very fast between datacenters
Point of PresenceEdge Locations and Regional Edge Caches<br>Intermediate location between region and user for content delivery or expediated upload
Regional Edge Locationsholder largers caches for less popular files
Amazon CloudfrontContent Delivery Network Service that&nbsp;<br><ul><li>routes to the nearest Edge Location cache</li><li>caches the contents of an origin to different edge location</li></ul>
Amazon S3 Transfer Accelerationgenerates special URL that can be used by users to upload files to nearby edge location. once uploaded it can move much faster within aws network to reach s3
AWS Global Accelerationcan find optimal path from user to web servers. sends user traffic to edge location
AWS Direct Connectprivate/dedicated connection between datacenter, office and AWS<br><ul><li>helps reduce network costs and increase bandwith throughput</li><li>consistent network expreience</li></ul>
AWS Wavelength Zonesedge computing on 5G Networks
Data Residencyphysical or geographic location where cloud recources reside
Compliance Boundariesregulatory compliance by a gov or org that describrs where recources are allowed to reside
Data Sovereigntycontrol over data bc of its physical location
AWS ConfigPolicy as Code Service<br>create rules to continously check aws recources config
AWS Outposts&nbsp;physical rack of servers
AWS Ground Stationlerts you control satellite communications
AvailabilityEnsure a service remains availible
ScalibilityGrow rapidly or impeded
Elasticityshrink and grow to meet demand
Fault toleranceability to prevent failure
Disaster recoveryability to recover&nbsp;
Recovery Point Objective RPOmax acceptable amount of time of data loss
Recovery Time Objective RTOmax of downtime to tolerate of failure without financial loss
Disaster Recovery Options1. Back &amp; Restore<br>2. Pilot Light<br>3. Warm Standby<br>4. MultiSite Active
AWS Cloudshellbrowser based shell built into AWS Management Console
Infrastracture as Code IaCautomate creating, updating, or destroying cloud infrastructure
AWS Cloud Formation CFNDeclarative IaC tool, EXPLICIT configuration
AWS Cloud Development kit CDKImperative IaC tool, Implicit Confugration using programming languages
AWS Shared Responsibility ModelCustomers<br><ul><li>Configuration</li><li>Security Configuration</li></ul><div>AWS</div><div><ul><li>Software</li><li>Hardware / Global Infrastracture</li></ul></div>
Elastic Compute Cloud EC2allows you to launch virtual machines<br>server virtualization allows create copy resize or migrate your server and can run multiple vms on the same physical server and highly configurable
Amazon Lightsailmanaged virtual server service. friendly version of ec2
Containersvirtualizing on os to run multiple workloads o a single os instance
Elastic Container Service ECScontainer orhestration service and launches a cluster of servers on ec2 instances
ECS Fargateserverless orchestration container service, aws manages underlying server
Elastic Container Registry ECRrepositoryu for container images, saved copies for version control
Elastic Kubernetes Servers EKSfully managed kubernetes service
AWS Lambdaserverless functions service for uploading and running code
Nitro Systemdedicated hardware and lightweight hypervisor enabnling faster innovatioon and nehanced security
Edge Computingpushes computing workload outside of your network close to destination location
Hybrid Computingrun workloads on premise and aws virtual private cloud vpc
AWS Wavelengthbuild and launch application in a telecom datecenter and pushed over 5g network
VMWare Cloud on AWSmanage on premise virtual maching
AWS Local Zonesedge datacenter located outside of an aws region
AWS Batchplans schedules and executes your batch computing workloads&nbsp;
AWS Compute Optimizer&nbsp;suggests how to reduce costs and improbve performance using ML
EC2 Autoscaling groups ASGautomatically adds or remove ec2 servers to meet current demand of traffic
Elastic Load Balancer ELBdistrubtes traffic to muiltiple instances, and can reroute traffic&nbsp;
AWS Elastic Beanstalk EBeasy deploying web applications&nbsp;
Storage Services1. Elastic Block Store EBS - BLOCKS<br>2. AWS Elastic File Storage - FILE<br>3. Amazon Simple Storage Service - Object
Elastic Block Store EBSData is split evenly into blocks, directly accesed by os, supports single write volume
AWS Elastic File Storage EFSFile is stored with data and metadata<br>mutliple connectiions via network share<br>supports multiple reads, writing locks<br>multiple users access same drive
Amazon Simple Storage Service S3object stored with data, metadatam anbd id<br>0 to 5tb of object size<br>unlimited storage<br>supports multiple reads and writes
Storage Gatewayhybrid cloud storage to extend on premise to cloud
AWS Snow Family&nbsp;physically migrate large amounts of data to cloud
AWS Backupfully managed backup service to make centralized and automate backup data
CloudEndure Disaster Recoveryreplicates machines into low cost staging area
AWS FSxfile system
DynamoDBNoSQL flagship database service, cost effective, scales, fast
DocumentDBNoSQL Document, mongoDB compatible
Amazon Keyspacesapache cassandra database
Relational Database Service RDSrelation database supports multiple sql engines
Auroradatabase of MySQL or PSQL
Redshiftdatawarehouse, keeps large amounts of data hot and get it back very fast
ElastiCachedatabase of the in memory and chaching of open source databases
Database Migration Service DMSmigrate from on premise to aws, two databases, or sql to nosql
NeptuneGraph database
Amazon Timestreamstime series database
Amazon Quantum Ledger Databaserecord history of inancial activities that can be trusted, cryptographically variable transatcion logs
Virtual Private Cloud VPCisolated section of AWS Network wher you launch AWS Recources
Subnetspartition ip network into smaller segments&nbsp;
Public subnetpartition of ip network that can reach the internet
Private subnetpartition of ip network that cant reach the internet
Network Access Control Lists NACLsvirual firewall at subnet level, create allow and deny rules
Security Groupsfirewall at instance level, implicitly denies all trafic, you create only allow rules
Dedicated Hostssingle tenant instance of ec2 instances allows your to have machine characteristsics, such as sockets cores, hostid and phyiscal server isoltation
EC2 PricingOn Demand, Spot, Reserved, Dedicated
IAM Policiesgrant permisions for a specific user, group or roless
IAM Usersusers who interact with AWS
IAM Groupsgroup of IAM users
IAM Rolesroles grant recources permissions to specific api actions
Principle of Least Priviledge PoLPgive only what is needed
Application Integegrationtwo independent applciations communicating and work with each other<br><ul><li>queueing</li><li>streaming</li><li>pubsub</li><li>api gateways</li><li>state machine</li></ul>
Queueing Systemdelete messages once consumed. not real time
Simple Queueing Service SQSqueueing service&nbsp;
Streamingmultiple consumers react to events. realtime
Amazon Kinesiscollecting processing and analyzing streaming data in the cloud
PubSubpublishers send messages to subscribers that is managed through an event bus
Simple Notification Service SNSpub sub messaging service
API Gatewaysits between entry point and backends, manges request and response
Amazon API Gatewaycreating secure apis
State Machinesdecides how one state moves to another based on conditions like a flow chart
AWS Step Functionsstate machine , coordinate multiple aws services into serverless workflow
Event Busrecieves events from a source and routes events to target
Event Bridgeserverless event bus&nbsp;
Kubernetes&nbsp;container orchestration system for automating deployment scaling and management of containers
AWS Organizationscreates new aws account, centralizing billing, control access, compliance, security, and shared recources
AWS Control Towerhelps enterprises setup multi account&nbsp;
AWS QuickStartsprebuilt templates
Amazon Connectvirtual call center service
Workspacesvirutal remove desktop service
WorkDocsshared collaboration service
Chimevideo conference service
WorkMailmaange email contaacts calenders
Simple Email Service SEStransactional email service
QuickSight&nbsp;Business intelligence service
AWS OpsWorksconfiguration management service
Cloud Formationinfrastructure modeling and provision service, automate provisining of aws services&nbsp;
AWS Amplifymobile and web applciation framework
AWS CloudTraillogs api calls between aws services
CloudWatchlogs, metrics, events, alarms, dashboard, colelction of services
AWS X-Raydistibuted tracing system, pinpoint issues with microservices
Amazon Sagemakerbuild train deploy ML models at scale
Amazon CodeGuruML code analysis service
Amazon Lexconversion interface service, voice and text chatbots
Amazon Personalizereal time recommendation service
Amazo Pollytext to speech
Amazon Rekognitionimage and video recognition
Amazon transcribe&nbsp;speech to text
amazon tetractextract text from scanned documents
Amazon translateml translation
amazon comprehend&nbsp;natural language processor
Amazon Athenaserverless intereactive querry service, csv or json to s3
Amazon CloudSearch&nbsp;text search service
Amazon Elasticsearch serivce ESmanaged elastisearch cluster, full text search engine
Amazon Elastic Map Reduce EMRdata processing and analysis&nbsp;
Kinesis Data Streamsreal time streaming data service
AWS Well Architcted Framworkoperational excellent- run and monitor systems<br>security - protect data<br>reliability- mitage and recovber<br>performance efficiency - use computing recources effectively<br>cost optimization
AWS Pricing Calculatorfree cost estimation tool
AWS Migration Evaluatorestimate costof cloud migration
AWS Data Migration Service DMSallows you to quickyl migrate one database to anaother
AWS Support Plansbasic, developer, business, enterprise
Technical Account Manager TAMguidance and reactrive support&nbsp;
AWS Trusted Advisorrecomendation tool to automtically and monitor ads account for recomendations
AWS Budgetsgive you alerts on defined budget
AWS Cost Explorervisalize and manage aws cost over time
Layers of Security1. Data<br>2. Application<br>3. Compuite<br>4. Network<br>5 Permiter<br>6 Identity and access<br>7 phyiscal
Confidetiality integrity availibility CIAc - protect data from unauthorized users<br>i - maintaining<br>a - availible when needed
AWS Artifacton demand access to compliance reports
AWS Inspectorruns security benchmark against ec2 sintances , network and host assessments
AWS Shieldmanages DDos
Amazon Gaurd Dutythreat detection service
Amazon Virtual Private Network VPNsecure private tunnel from network to aws global network
AWS Web Application Firewall WAFpreotection web pplications from web exploits
Cloud HSM&nbsp;automatate hardware probvisioning software patching backups