Final notes
Cloud Benifets:
1.
2.
3.
4.
5.
6.
Trade upfront expense for variable expense
Benefit from massive economies of scale
Stop guessing capacity.
Increase speed and agility.
Stop spending money running and maintaining data centers.
Go global in minutes.
Key Aspects of Procurement




Pricing
Security
Terms and Condition
Governance
Selecting cloud services:
1- Infrastructure as a Service (IaaS):
 Service provides you with the highest level of flexibility
 management control over your IT resources and is most familiar
2- Platform as a Service (PaaS):
 removes the need for organizations to manage the underlying infrastructure,
(usually hardware and operating systems) and allow you to focus on the deployment
and management
 your application. PaaS solutions are fully managed. You are able to focus on the
applications and data without concern over complex networking and compute.
3- Software as a Service (SaaS):
 provides you with a completed product that is run and managed by the service
provider
 SaaS offering you do not have to think about how the service is maintained,
infrastructure is managed; only think how you will use that particular piece of
software.
 example of a SaaS application is web-based email where you can send and receive
email.
Regions
are geographically isolated areas
Availability Zones
that allow you to run across physically separated buildings, tens of miles of separation, while keeping
your application logically unified.
Edge locations
An edge location is a site that Amazon CloudFront uses to store cached copies of your content closer to
your customers for faster delivery. Taking cache of data in japan and load it on Mumbai.
A Distribution
is made up of Edge Locations that you want to serve content from, and details about how that content
will be tracked an managed. Edge Groups and Circulations are not CloudFront Concepts, and although
Load Balancer is an AWS service that helps you direct web traffic, it is not applicable in this case.
AWS EC2
 Iaas
 By default public
 99.99% availability
 Has SDKS of Java and .net
 Can have EBS Volumes attached to it
 D. EC2 has a flexible, pay-as-you-go pricing model.
 E. EC2 has automatic storage cost optimization
AWS Fargate
AWS Fargate is a serverless compute engine for containers. It works with both Amazon ECS and
Amazon EKS. When using AWS Fargate, you do not need to provision or manage servers. AWS
Fargate manages your server infrastructure for you.
AWS Lambda
AWS Lambda is a service that lets you run code without needing to provision or manage servers.
Serverless, can handle microservices
You only pay for working time
In AWS, you can also build and run containerized applications.
Valid access types of IAM users?
1) Using sdk
2) Management console access
3) Programmatic command line
Containers
Containers provide you with a standard way to package your application's code and dependencies
into a single object. You can also use containers for processes and workflows in which there are
essential requirements for security, reliability, and scalability.
Amazon Elastic Container Service (Amazon ECS)
Amazon Elastic Container Service (Amazon ECS) is a highly scalable, high-performance container
management system that enables you to run and scale containerized applications on AWS.
Amazon Elastic Kubernetes Service (Amazon EKS)
Amazon Elastic Kubernetes Service (Amazon EKS) is a fully managed service that you can use to run
Kubernetes on AWS.
Kubernetes is open-source software that enables you to deploy and manage containerized
applications at scale.
.
Lightsail provides set of services; developers compute, storage, and networking capacity and
capabilities to deploy and manage websites and web applications in the cloud.
 Instance of VPS
 best suited for projects that require a few virtual private servers and users who prefer a
simple management interface.
 Predictable monthly prices, Lightsail plans are charged on an hourly, on-demand basis, so
you only pay for a plan when you're using it.
 PaaS
 ability to burst CPU performance on web application
Dedicated instance private and runs on VPC
Spot Instance allows you to use unused EC2 capacity 90% cheaper, runs instances in the background
On-Demand Instance most cost-effective per second and hour
Reserved instance 1-3 years and paying all upfront is the cheapest

AMIs are in AWS Marketplace and Community AMIs



object storage, each object consists of data, metadata, and a key.
The maximum file size for an object in Amazon S3 is 5 TB.
Web-enabled. HTTPS bucket name dot S3 regional endpoint/objects name

It's regionally distributed, which means that it has 11 nines of durability, so no need to
worry about backup strategies.
Supported by CloudFront
the cost savings is substantial overrunning the same storage load on EBS.
serverless, no Amazon EC2 instances are needed.
by default they’re private
S3




Amazon S3 Transfer Acceleration: AWS feature that enables fast, easy and secure transfers of
files over long distances between your client and your Amazon S3 buthe cket
EBS

An Amazon EBS volume is a durable, block-level storage device that you can attach to your
instances. After you attach a volume to an instance, you can use it as you would use a
physical hard drive, as instances delete data once you stop terminate the instance, good for
application data writing.





Adding and modifying changed data each day by day.
Gets stored in another region
Block-level storage volumes behave like physical hard drives. In block storage, files are
separated into equalsized pieces (or blocks) of data. When a file in block storage is modified,
only the pieces that are changed are updated. One type of block storage that you can use
with Amazon EC2 instances is an instance store.
Amazon EBS volume stores data in a single Availability Zone.
Amazon EFS is a regional service. It stores data in and across multiple Availability Zones. The
duplicate storage enables you to access data concurrently from all the Availability Zones in the
Region where a file system is located. Automatically scales
EFS
Amazon Elastic File System (Amazon EFS) is a scalable file system used with AWS Cloud services
and on-premises resources. As you add and remove files, Amazon EFS grows and shrinks
automatically. It can scale on demand to petabytes without disrupting applications.
80 TB
Amazon Relational Database Service (Amazon RDS)
RESERVATION Amazon RDS is a managed service that automates tasks such as hardware
provisioning, database setup, patching, and backups. With these capabilities, spend less time
completing administrative tasks and more time using data to innovate your applications.
Amazon DynamoDB
Serverless, Highly scalable is a key-value database service. It delivers single-digit millisecond
performance at any scale at a very high rate. Nonrelational databse is easy to deal with.
Doesn’t take non complex queries than span multiple tables.
Amazon Redshift
is a data warehousing service that you can use for big data analytics. It offers the ability to collect
data from many sources and helps you to understand relationships and trends across your data.
Leader Node: it’s responsible for receiving queries and manage client connections
Compute nodes: The leader node compiles code and assigns the code to individual compute nodes.
The compute nodes run the compiled code and send intermediate results back to the leader node
for final aggregation
Aurora follows row-oriented storage and supports the complete data types in both MySQL and
Postgres instance types. Aurora is also an ACID complaint. Redshift uses a columnar storage
structure and is optimized for column level processing than complete row level processing.
AWS Database Migration Service (AWS DMS)
enables you to migrate relational databases, nonrelational databases, and other types of data
stores.
Redshift vs Aurora: Data Loading
Redshift ETL also supports the COPY command for inserting data. It is recommended to insert data
split into similar-sized chunks for better performance. In the case of data already existing in
Redshift, you may need to use temporary tables since Redshift does not ensure unique key
constraints. A detailed account of how to do ETL on Redshift can be found here.
Data loading in Aurora will depend on the type of instance type that is being used. In the case of
MySQL compatible instances, you would need to use the mysqlimport command or LOAD DATA IN
FILE command depending on whether the data is from a MySQL table or file. Aurora with Postgres
can load data with the COPY command.
Amazon VPC:
launch resources in a virtual network that you define. Within a virtual private cloud (VPC), you can
organize your resources into subnets.
Per account per region while using all AZs, Can per with other VPCs Internet & VPN gateway
A subnet is a section of a VPC that can contain resources such as Amazon EC2 instances.
It can span the whole AWS Region and all AZs
Subnets:


Public subnets contain resources that need to be accessible by the public, such as an online
store’s website.
Private subnets contain resources that should be accessible only through your private
network, such as a database that contains customers’ personal information and order
histories.
Internet Gateway:
connection between a VPC and the internet. You can think of an internet gateway as being similar
to a doorway that customers use to enter the coffee shop. Without an internet gateway, no one can
access the resources within your VPC.
Site to Site connection:
Contents
Virtual private gateway.
Transit gateway.
Customer gateway device.
Customer gateway.
virtual private gateway
enables you to establish a virtual private network (VPN) connection between your VPC and a private
network, such as an on-premises data center or internal corporate network. A virtual private
gateway allows traffic into the VPC only if it is coming from an approved network.
AWS Direct Connect is a service that enables you to establish a dedicated private connection
between your data center and VPC has a very low latency between on premises and on cloud. From
1 to 10Gbps
[Doesn’t remember] A network access control list (ACL) is a subnet level virtual firewall that
controls inbound and outbound traffic at the subnet level, uses set of rules.

[Remembers] A security group is a virtual firewall instance-level that controls inbound and
outbound traffic for an Amazon EC2 instance,
 You can change a Security Group associated with an instance if the instance is in the
running state or stopped.
 By default, a security group denies all inbound traffic and allows all outbound traffic. You
can add custom rules to configure which traffic should be allowed or denied.
 (remembers): stateful packet filtering
Customers: Security IN the cloud
Examples of customer responsibilities include:
• Instance operating system
• Applications
• Security groups
• Host-based firewalls
• Account management
AWS: Security OF the cloud
Examples of AWS responsibilities include:
• Physical security of data centers
• Hardware and software infrastructure
• Network Infrastructure
• Virtualization infrastructure
IAM

best practice, create individual IAM users for each person who must access AWS. Even if you
have multiple employees who require the same level of access, you should create individual
IAM users for each of them. This provides additional security by allowing each IAM user to
have a unique set of security credentials.
Authentication methods
Certificates and Access keys
Granular permissions
Least privilege is an advantage in IAM
Service control policies (SCPs)
SCPs enable you to place restrictions on the AWS services, resources, and individual API actions that
users and roles in each account can access.
Multi-factor authentication (MFA)
You can add two-factor authentication to your account and to individual users for extra security.
Identity federation
You can allow users who already have passwords elsewhere—for example, in your corporate
network or with an internet identity provider—to get temporary access to your AWS account.
Valid access types of IAM users?
4) Using sdk
5) Management console access
6) Programmatic command line
IAM Groups


An IAM group is a collection of IAM users
Assigning IAM policies at the group level also makes it easier to adjust permissions when an
employee transfers to a different job.

An IAM policy is a document that allows or denies permissions to AWS services and
resources. IAM policies allow you to customize users’ levels of access to resources.
For example, if an employee needs access to only a specific bucket, specify the bucket in the
IAM policy. Do this instead of granting the employee access to all of the buckets in your
AWS account.

The main difference from IAM user policies is that bucket policies are attached to an S3 resource
directly rather than to an IAM user.
When the employee needs to switch to a different task, they give up their access to one
workstation and gain access to the next workstation. The employee can easily switch between
workstations, but at any given point in time, they can have access to only a single workstation. This
same concept exists in AWS with IAM roles. An IAM role is an identity that you can assume to gain
temporary access to permissions, An employee requires temporary access to create several Amazon
S3 buckets.
IAM Role
Thye’re the authetnitication permission or authoroization between the instance and the objects
Works by assigning
IAM Policy
List of permission
AWS account root user
The root user is accessed by signing in with the email address and password that you used to create
your AWS account. You can think of the root user as being similar to the owner of the coffee shop.
he root user to create your first IAM user and assign it permissions to create other users.
AWS Organizations automatically creates a root, which is the parent container for all the accounts
in your organization.
AWS Artifact
is a service that provides on-demand access to AWS security and compliance reports and select
online agreements. AWS Artifact consists of two main sections: AWS Artifact Agreements and AWS
Artifact Reports+ISO certificate, a seal of approval from a third party body that a company runs to
one of the international standards developed and published by the International Organization for
Standardization (ISO)

Agile protection against web attacks
AWS WAF rule propagation and updates take under a minute, enabling you to quickly
update security across your environment when issues arise.
 Ease of deployment & maintenance
AWS WAF is easy to deploy and protect applications deployed on either Amazon CloudFront
as part of your CDN solution, the Application Load Balancer that fronts all your origin
servers, Amazon API Gateway for your REST APIs, or AWS AppSync for your GraphQL APIs.
 Easily monitor, block, or rate-limit bots
With AWS WAF Bot Control, you get visibility and control over common and pervasive bot
traffic to your applications.
Prevents against:
 URI Link
 HTTP Body,Headers
 IP addresses w homa gowa
Does this through ACL working with Cloudfront and ALB
Amazon Macie
is a data security service that discovers sensitive data using machine learning and pattern
matching, provides visibility into data security risks, and enables automated protection against
those risks.
Makes the application or server is unavailable, use AWS Shield to prevent attacks.
Amazon Inspector
helps to improve the security and compliance of applications by running automated security
assessments and vulnerabilities. It checks applications for security vulnerabilities and deviations
from security best practices, such as open access to Amazon EC2 instances and installations of
vulnerable software versions.
Customer’s responsibility;
AWS Key Management Service (AWS KMS)
enables you to perform encryption operations through the use of cryptographic keys. A
cryptographic key is a random string of digits used for locking (encrypting) and unlocking
(decrypting) data.
Amazon GuardDuty
is a service that provides intelligent threat detection for your AWS infrastructure and resources. It
identifies threats by continuously monitoring the network activity and account behavior within your
AWS environment.
Amazon Route 53 is a DNS web service. It gives developers and businesses a reliable way to route
end users to internet applications hosted in AWS.
 Depend on in disaster recovery
 DNS Resolver reflects changes in their cache TTL in 24 hours
AWS CloudHSM is a cloud-based hardware security module (HSM) that enables you to easily
generate and use your own encryption keys on the AWS Cloud.
It’s used to balance the requests flow within instances in low-demand and high-demand periods
Error 504 is when app is unresponsive so it serves page 504
 Inherently secure
 Classic: has Listener, then Register instance and forward the port (inherently scalable and
self-healing)
 Application: has Listener and then goes to target groups depending on the Rules, Dynamic
port mapping.
 Network: Listener and target group, static IP address. It better for Long term.
To help maintain application availability when a single component fails, you can design your
application through a microservices approach.
Suppose that you have an application with tightly coupled components run horizontally.
Amazon Simple Notification Service (Amazon SNS)
Amazon Simple Notification Service (Amazon SNS) is a publish/subscribe service. Using Amazon SNS
topics, a publisher publishes messages to subscribers.
Amazon Simple Queue Service (Amazon SQS) is a message queuing service.
Using Amazon SQS, you can send, store, and receive messages between software components,
without losing messages or requiring other services to be available. For decoupling
Amazon CloudFront
is a content delivery service. It uses a network of edge locations to cache content and deliver
content to customers all over the world.
AWS Outposts
is a service that enables you to run infrastructure in a hybrid cloud approach.
Amazon CloudWatch
is a web service that enables you to monitor and manage various metrics and configure alarm
actions based on data from those metrics for 2 weeks.
AWS Personal Health Dashboard
-you have a personalized view of the AWS service status that powers your application. Use the AWS
Health Dashboard to learn about specific operational issues that affect your account. For example, if you
receive an event for a lost Amazon Elastic Block Store (EBS) volume associated with one of your Amazon
EC2 instances, you can quickly view how your resources are impacted, helping you to troubleshoot and
remediate.


Focuses on performance and availablity of AWS Services
Service alerts and communicating
While the Service Health Dashboard displays the general status of Amazon Web Services services,
Personal Health Dashboard gives you a personalized view into the performance and availability of the
Amazon Web Services services underlying your Amazon Web Services resources.
AWS QuickStart
Partner Solutions are automated reference deployments built by Amazon Web Services (AWS)
solutions architects and AWS Partners. Partner Solutions help you deploy popular technologies to
AWS according to AWS best practices. You can reduce hundreds of manual procedures to a few
steps and start using your environment within minutes. Helps Start-ups
AWS QuickSight
AWS CloudTrail
AWS CloudTrail records API calls for your account. The recorded information includes the identity of
the API caller, the time of the API call, the source IP address of the API caller, and more. You can
think of CloudTrail as a “trail” of breadcrumbs (or a log of actions) that someone has left behind
them. Shown by request + sends insights to cloduWatch
CloudWatch: “What is happening on AWS?” and logging all the events for a particular service or
application.
CloudTrail: “Who did what on AWS?” and the API calls to the service or resource.
AWS Trusted Advisor
AWS Trusted Advisor is a real-time web service that inspects your AWS environment and provides
real-time recommendations in accordance with AWS best practices.
The fault tolerance best practice is to deploy across multiple AZs
AWS Free Tier
The AWS Free Tier enables you to begin using certain services without having to worry about
incurring costs for the specified period.
Three types of offers are available:
 Always Free
 12 Months Free
 Trials
AWS Total cost op (TCO)
The AWS TCO calculator allow you to estimate the cost savings when using AWS and provide a
detailed set of reports that can be used in executive presentations.
AWS Pricing Calculator
The AWS Pricing Calculator lets you explore AWS services and create an estimate for the cost of
your use cases on AWS. You can organize your AWS estimates by groups that you define. A group
can reflect how your company is organized, such as providing estimates by cost center. Combine
usage across accounts to receive volume pricing discounts.
Consolidated billing
The consolidated billing feature of AWS Organizations enables you to receive a single bill for all
AWS accounts in your organization. By consolidating, you can easily track the combined costs of all
the linked accounts in your organization. The default maximum number of accounts allowed for an
organization is 4, but you can contact AWS Support to increase your quota, if needed.
AWS Cost Explorer
is a tool that enables you to visualize, understand, and manage your AWS costs and usage over
time.
AWS Support
AWS offers four different Support plans to help you troubleshoot issues, lower costs, and efficiently
use AWS services.
You can choose from the following Support plans to meet your company’s needs:
 Basic
 Developer (Cheapest)
 Business (AWS TRUSTED ADVISOR FULL BEST PRACTICE CHECK)
 Enterprise On-Ramp
 Enterprise (TAM + 15 MIN SLA)
AWS Marketplace
AWS Marketplace is a digital catalog that includes thousands of software listings from independent
software vendors. You can use AWS Marketplace to find, test, and buy software that runs on AWS.
AWS Budgets
In AWS Budgets, you can set custom alerts that will notify you when your service usage exceeds
(or is forecasted to exceed) the amount that you have budgeted
This feature is in the CloudWatch
Other Services:
AWS IoT Core supports standard communication protocols (HTTP, MQTT, WebSockets and
LoRaWAN are supported currently). Communication is secured using TLS. Processing data sent from
connected devices.
AWS Config can be used to audit, and evaluate configurations of AWS resources. If there are
any operational issues, AWS config can be used to retrieve configurational changes made to
AWS resources that may have caused these issues. The diffdifference between AWS CloudTrail
is that cloudTrail audits everything
Amazon Connect is an omnichannel cloud contact center that can be set up easily & at a low
cost. It has the following features which help to provide customers a superior service,
Telephone as a service
High-quality Audio
Omnichannel routing
Web & Mobile Chat
Task management
Contact Centre Automation
Rules Engine.
Amazon WorkSpaces provides a secure managed service for virtual desktops for remote users.
It supports both Windows & Linux-based virtual desktops for a large number of users.
AWS Service Catalog can be used to create & deploy portfolio of products within AWS
infrastructure. This helps to create consistent resources within AWS infrastructure with quick
deployment. These catalogues can be used for deployment of single resource or a multi-tier
web application consisting of web, application, & database layer resources.
Cloud9 IDE
Amazon Kinesis cost-effectively processes and analyzes streaming data at any scale as a fully
managed service. With Kinesis, you can ingest real-time data, such as video, audio, application
logs, website clickstreams, and IoT telemetry data, for machine learning (ML), analytics, and
other applications.
AWS Support following activities are performed,
1.
2.
3.
4.
5.
6.
7.
Queries regarding all AWS Services & features.
Best Practices to integrate, deploy & manage applications in the AWS cloud.
Troubleshooting API & SDK issues.
Troubleshooting operational issues.
Issues related to any AWS Tools.
Problems detected by EC2 health checks
Third-Party application configuration on AWS resources & products.
*App is layer 7
Volume based discounts are used to rewards aws and reduce prices for using their services
AWS ElastiSearch and CloudSearch
Services in rf
1) AWS KMS
2) AWS CloudHSM
Managers
Certificate Manager service can they use to keep track of the expiry dates of SSL/TLS certificates as
well as updating and renewal
The AWS Lifecycle Manager creates life cycle policies for specified resources to automate
operations.
AWS License Manager serves the purpose of differentiating, maintaining third-party software
provisioning vendor licenses. It also decreases the risk of license expirations and the penalties.
AWS Firewall Manager aids in the administration of Web Application Firewall (WAF), by
presenting a centralised point of setting firewall rules across different web resources.
AWS Management Service
AWS Management Console
is a web-based interface for accessing and managing AWS services. You can quickly access recently
used services and search for other services by name, keyword, or acronym. The console includes
wizards and automated workflows that can simplify the process of completing tasks.
-building out test environments
-viewing AWS bills
-viewing monitoring
-working with other non technical resources.
Error: can forget to checkbox something.
AWS Command Line Interface (AWS CLI)
To save time when making API requests, you can use the AWS Command Line Interface (AWS CLI).
AWS CLI enables you to control multiple AWS services directly from the command line within one
tool. AWS CLI is available for users on Windows, macOS, and Linux.
Software development kits (SDKs)
SDKs make it easier for you to use AWS services through an API designed for your programming
language or platform. SDKs enable you to use AWS services with your existing applications or create
entirely new applications that will run on AWS.
AWS Elastic Beanstalk
you provide code and configuration settings, and Elastic Beanstalk deploys the resources necessary
to perform the following tasks:
-Adjust capacity
-Load balancing
-Automatic scaling
-Application health monitoring
-quick deployment for .net and java
Amazon ElastiCache
a fully managed, Redis- and Memcached-compatible service delivering real-time, cost-optimized
performance for modern applications. ElastiCache scales to hundreds of millions of operations per
second with microsecond response time, and offers enterprise-grade security and reliability.
AWS CloudFormation
 uses JSON and YAML
 you can treat your infrastructure as code. This means that you can build an environment by
writing lines of code instead of using the AWS Management Console to individually
provision resources.
 Can create “Golden Environment”
Calls necessary API and environment (completely automated and used for testing environment and
stacks\resources provision)
Framework
AWS Cloud Adoption Framework (AWS CAF)
organizes guidance into six areas of focus, called Perspectives. Each Perspective addresses distinct
responsibilities.
In general, the Business, People, and Governance Perspectives focus on business capabilities,
whereas the Platform, Security, and Operations Perspectives focus on technical capabilities.

AWS CodeCommit – A fully-managed source control service that hosts secure Git-based
repositories. CodeCommit makes it easy for teams to collaborate on code in a secure and
highly scalable ecosystem. This solution uses CodeCommit to create a repository to store
the application and deployment codes.

AWS CodeBuild – A fully managed continuous integration service that compiles source code,
runs tests, and produces software packages that are ready to deploy, on a dynamically
created build server. This solution uses CodeBuild to build and test the code, which we
deploy later.

AWS CodeDeploy – A fully managed deployment service that automates software
deployments to a variety of compute services such as Amazon EC2, AWS Fargate, AWS
Lambda, and your on-premises servers. This solution uses CodeDeploy to deploy the code
or application onto a set of EC2 instances running CodeDeploy agents.
DB features
Amazon RDS Read Replicas provide enhanced performance and durability for Amazon RDS
database (DB) instances. They make it easy to elastically scale out beyond the capacity constraints
of a single DB instance for read-heavy database workloads.
For microservices debugging
AWS X-Ray is a service developed by Amazon that enables developers to conduct performance
analysis and debug distributed microservice-based applications.
CapEx expenditure in the cloud:






Building/premises purchase
Physical data center equipment like servers and networking infrastructure
IT equipment for IT and office staff
Patents
Installing local software or in-house applications
Datacenter renovation




Restoring an asset's value through upgrades
Repurposing an asset
Setup and supporting infrastructure costs
Repairs beyond routine maintenance
OpEx expenses in the cloud











Items that require a subscription fee, such as software licenses or cloud-based services such as
SaaS, IaaS, PaaS, and DaaS
Property leasing, such as leasing IT infrastructure on Amazon Web Services (AWS) for a monthly
fee
Ongoing web hosting
Annual IT infrastructure maintenance agreements
Software support
Cost of goods sold (COGS), which are the direct costs you incur when building and running
subscription-based software services. COGS are also referred to as the cost of sales. Contrary,
operating costs comprise all expenses you spend to run your entire business, not just the
revenue-generating activity.
Rent and utilities overhead
Wages and salaries
General repair and IT infrastructure maintenance fees
Marketing
Research and development (R&D)
AWS OpsWorks
a configuration management service that provides managed instances of Chef and Puppet. Chef and
Puppet are automation platforms that allow you to use code to automate the configurations of your
servers. OpsWorks lets you use Chef and Puppet to automate how servers are configured, deployed, and
managed across your Amazon EC2 instances or on-premises compute environments.
Disaster recovery
AWS Elastic Disaster Recovery (AWS DRS) minimizes downtime and data loss with fast,
reliable recovery of on-premises and cloud-based applications using affordable storage, minimal
compute, and point-in-time recovery. LAUNCHES IN REGIONS
PCI
AWS Lambda@Edge
For CDN serve varying types of content based on the viewer’s browser cookies
System Manager
AWS service gives the user the ability to group AWS resources across different AWS Regions by
application and then collectively view their operational data for monitoring purposes
PCI Compliant
A. Choose AWS services which are PCI Compliant
B. Ensure the right steps are taken during application development for PCI Compliance
C. Do an audit after the deployment of the application for PCI Compliance
Elasticity
ability to acquire resources as you need them and release resources when you no longer need them.
Scalability
the ability to add, remove, or reconfigure hardware and software resources to handle an increase or
decrease in usage through OpsWork. DEPENDING ON USER DEMAND
Auto-Scaling
monitors your applications and automatically adjusts capacity to maintain steady, predictable
performance at the lowest possible cost.
Serveless services









AWS Lambda
AWS Fargate
AWS SNS
AWS SQS
AWS S3
AWS DynamoDB
AWS EFS
AWS RedShift
AWS Aurora
ERROR 500: unresponsive page
Cost allocation tags: AWS service or feature can a company use to determine which business unit is
using specific AWS resources
AWS Data Pipeline and Amazon EC2: To simultaneously process hundreds of requests from different
users.