AWS Cloud. Complete Study Guide. 100% mastery, Rated A. Latest update

Document Content and Description Below

AWS Cloud. Complete Study Guide. 100% mastery, Rated A. Latest update Cloud computing - ✔?is the on-demand delivery of compute power, database storage, applications, and other IT resources through a cloud services platform via the Internet with pay-as-you-go pricing Six Advantages of Cloud Computing - ✔?1. Trade capital expense for variable expense 2. Benefit from massive economies of scale 3. Stop guessing capacity 4. Increase speed and agility 5. Stop spending money running and maintaining data centers 6. Go global in minutes Types of Cloud Computing - ✔?1. Infrastructure as a Service (IaaS) 2. Platform as a Service (PaaS) 3. Software as a Service (SaaS) Infrastructure as a Service (IaaS) - ✔?Infrastructure as a Service (IaaS) contains the basic building blocks for cloud IT and typically provide access to networking features, computers (virtual or on dedicated hardware), and data storage space. IaaS provides you with the highest level of flexibility and management control over your IT resources and is most similar to existing IT resources that many IT departments and developers are familiar with today Platform as a Service (PaaS) - ✔?Platform as a Service (PaaS) removes the need for your organization to manage the underlying infrastructure (usually hardware and operating systems) and allows you to focus on the deployment and management of your applications. This helps you be more efficient as you don't need to worry about resource procurement, capacity planning, software maintenance, patching, or any of the other undifferentiated heavy lifting involved in running your application. Software as a Service (SaaS) - ✔?Software as a Service (SaaS) provides you with a completed product that is run and managed by the service provider. In most cases, people referring to Software as a Service are referring to end-user applications. With a SaaS offering you do not have to think about how the service is maintained or how the underlying infrastructure is managed Cloud - ✔?A cloud-based application is fully deployed in the cloud and all parts of the application run in the cloud. Applications in the cloud have either been created in the cloud or have been migrated from an existing infrastructure to take advantage of the benefits of cloud computing Hybrid - ✔?A hybrid deployment is a way to connect infrastructure and applications between cloud-based resources and existing resources that are not located in the cloud. The most common method of hybrid deployment is between the cloud and existing onpremises infrastructure to extend, and grow, an organization's infrastructure into the cloud while connecting cloud resources to the internal system. On-premises - ✔?The deployment of resources on-premises, using virtualization and resource management tools, is sometimes called the "private cloud." On-premises deployment doesn't provide many of the benefits of cloud computing but is sometimes sought for its ability to provide dedicated resources. In most cases this deployment model is the same as legacy IT infrastructure while using application management and virtualization technologies to try and increase resource utilization. Benefits of AWS Security - ✔?1. Keep Your Data Safe 2. Meet Compliance Requirements 3. Save Money 4. Scale Quickly assurance programs with which AWS complies - ✔?• SOC 1/ISAE 3402, SOC 2, SOC 3 • FISMA, DIACAP, and FedRAMP • PCI DSS Level 1 • ISO 9001, ISO 27001, ISO 27017, ISO 27018 AWS Management Console - ✔?Access and manage Amazon Web Services through the AWS Management Console, a simple and intuitive user interface. You can also use the AWS Console Mobile Application to quickly view resources on the go. AWS Command Line Interface - ✔?The AWS Command Line Interface (CLI) is a unified tool to manage your AWS services. With just one tool to download and configure, you can control multiple AWS services from the command line and automate them through scripts Software Development Kits - ✔?Our Software Development Kits (SDKs) simplify using AWS services in your applications with an Application Program Interface (API) tailored to your programming language or platform. Analytics services in AWS - ✔?1. Amazon Athena 2. Amazon EMR 3. Amazon CloudSearch 4. Amazon Elasticsearch Service 5. Amazon Kinesis 6. Amazon Kinesis Data Analytics 7. Amazon Kinesis Data Streams 8. Amazon Kinesis Video Streams 9. Amazon Redshift 10. Amazon QuickSight 11. AWS Data Pipeline 12. AWS Glue 13. AWS Lake Formation 14. Amazon Managed Streaming for Kafka (MSK) Amazon Athena - ✔?is an interactive query service that makes it easy to analyze data in Amazon S3 using standard SQL. Athena is serverless, so there is no infrastructure to manage, and you pay only for the queries that you run. Amazon EMR - ✔?provides a managed Hadoop framework that makes it easy, fast, and cost-effective to process vast amounts of data across dynamically scalable Amazon EC2 instances. You can also run other popular distributed frameworks such as Apache Spark, HBase, Presto, and Flink in Amazon EMR, and interact with data in other AWS data stores such as Amazon S3 and Amazon DynamoDB. EMR Notebooks, based on the popular Jupyter Notebook, provide a development and collaboration environment for ad hoc querying and exploratory analysis. Amazon CloudSearch - ✔?is a managed service in the AWS Cloud that makes it simple and cost-effective to set up, manage, and scale a search solution for your website or application. Amazon CloudSearch supports 34 languages and popular search features such as highlighting, autocomplete, and geospatial search. Amazon Elasticsearch Service - ✔?makes it easy to deploy, secure, operate, and scale Elasticsearch to search, analyze, and visualize data in real-time. With Amazon Elasticsearch Service, you get easy-to-use APIs and real-time analytics capabilities to power use-cases such as log analytics, full-text search, application monitoring, and clickstream analytics, with enterprise-grade availability, scalability, and security. The service offers integrations with open-source tools like Kibana and Logstash for data ingestion and visualization. It also integrates seamlessly with other AWS services such as Amazon Virtual Private Cloud (Amazon VPC), AWS Key Management System (AWS KMS), Amazon Kinesis Data Firehose, AWS Lambda, AWS Identity and Access Management (IAM), Amazon Cognito, and Amazon CloudWatch, so that you can go from raw data to actionable insights quickly. Amazon Kinesis - ✔?is the easiest way to reliably load streaming data into data stores and analytics tools. It can capture, transform, and load streaming data into Amazon S3, Amazon Redshift, Amazon Elasticsearch Service, and Splunk, enabling near real-time analytics with existing business intelligence tools and dashboards you're already using today. It is a fully managed service that automatically scales to match the throughput of your data and requires no ongoing administration. It can also batch, compress, transform, and encrypt the data before loading it, minimizing the amount of storage used at the destination and increasing security. Amazon Kinesis Data Analytics - ✔?is the easiest way to analyze streaming data, gain actionable insights, and respond to your business and customer needs in real time. Amazon Kinesis Data Analytics reduces the complexity of building, managing, and integrating streaming applications with other AWS services. SQL users can easily query streaming data or build entire streaming applications using templates and an interactive SQL editor. Java developers can quickly build sophisticated streaming applications using open source Java libraries and AWS integrations to transform and analyze data in real-time Amazon Kinesis Data Streams - ✔?is a massively scalable and durable real-time data streaming service. KDS can continuously capture gigabytes of data per second from hundreds of thousands of sources such as website clickstreams, database event streams, financial transactions, social media feeds, IT logs, and location-tracking events. The data collected is available in milliseconds to enable real-time analytics use cases such as real-time dashboards, real-time anomaly detection, dynamic pricing, and more. Amazon Kinesis Video Streams - ✔?makes it easy to securely stream video from connected devices to AWS for analytics, machine learning (ML), playback, and other processing. Kinesis Video Streams automatically provisions and elastically scales all the infrastructure needed to ingest streaming video data from millions of devices. It also durably stores, encrypts, and indexes video data in your streams, and allows you to access your data through easy-to-use APIs. Kinesis Video Streams enables you to playback video for live and on-demand viewing, and quickly build applications that take advantage of computer vision and video analytics through integration with Amazon Recognition Video, and libraries for ML frameworks such as Apache MxNet, TensorFlow, and OpenCV. Amazon Redshift - ✔?is a fast, scalable data warehouse that makes it simple and costeffective to analyze all your data across your data warehouse and data lake. Redshift delivers ten times faster performance than other data warehouses by using machine learning, massively parallel query execution, and columnar storage on highperformance disk. You can setup and deploy a new data warehouse in minutes, and run queries across petabytes of data in your Redshift data warehouse, and exabytes of data in your data lake built on Amazon S3. You can start small for just $0.25 per hour and scale to $250 per terabyte per year, less than one-tenth the cost of other solutions. Amazon QuickSight - ✔?is a fast, cloud-powered business intelligence (BI) service that makes it easy for you to deliver insights to everyone in your organization. QuickSight lets you create and publish interactive dashboards that can be accessed from browsers or mobile devices. You can embed dashboards into your applications, providing your customers with powerful self-service analytics. QuickSight easily scales to tens of thousands of users without any software to install, servers to deploy, or infrastructure to manage. AWS Data Pipeline - ✔?is a web service that helps you reliably process and move data between different AWS compute and storage services, as well as on-premises data sources, at specified intervals. With AWS Data Pipeline, you can regularly access your data where it's stored, transform and process it at scale, and efficiently transfer the results to AWS services such as Amazon S3, Amazon RDS, Amazon DynamoDB, and Amazon EMR. AWS Glue - ✔?is a fully managed extract, transform, and load (ETL) service that makes it easy for customers to prepare and load their data for analytics. You can create and run an ETL job with a few clicks in the AWS Management Console. You simply point AWS Glue to your data stored on AWS, and AWS Glue discovers your data and stores the associated metadata (e.g. table definition and schema) in the AWS Glue Data Catalog. Once cataloged, your data is immediately searchable, queryable, and available for ETL. AWS Lake Formation - ✔?is a service that makes it easy to set up a secure data lake in days. A data lake is a centralized, curated, and secured repository that stores all your data, both in its original form and prepared for analysis. A data lake enables you to break down data silos and combine different types of analytics to gain insights and guide better business decisions Amazon Managed Streaming for Kafka (MSK) - ✔?is a fully managed service that makes it easy for you to build and run applications that use Apache Kafka to process streaming data. Apache Kafka is an open-source platform for building real-time streaming data pipelines and applications. With Amazon MSK, you can use Apache Kafka APIs to populate data lakes, stream changes to and from databases, and power machine learning and analytics applications application integration - ✔?the integration of a company's existing management information systems 1. AWS Step Functions 2. Amazon MQ 3. Amazon SQS 4. Amazon SNS 5. Amazon SWF three ways to manage AWS - ✔?1. management console 2. AWS CLI (from command line) 3. software kit-Amazon SDK (computing languages) resource group - ✔?specific to users, you can share with other users, add tag (keys and values) to describe the user type CLI - ✔?open source tool built to interact with amazon uses multiple computer langauges SDK - ✔?enables applications to manage infras code. has several guides, forums and blogs EC2 - ✔?Elastic Compute Cloud. Amazon Elastic Compute Cloud (Amazon EC2) is a web service that provides re-sizable compute capacity in the cloud. It is designed to make web-scale cloud computing easier for developers. Reduces the time required to obtain & boot new server instances to minutes. how to set up a EC2 instance - ✔?1. log in 2. choose region 3. click services-EC2 4. launch instance 5. select image 6. select server type 7. select hardware type (instance types) 8. configure instance (how many/config network) 9. add storage (root volume/disk type/new volume) 10. add tags 11config security group (SSH connectivity) 12. review and launch 13 Launch and create a new key pair then download how to view instance - ✔?1. config private key (save a a PPK file on windows) 2. copy DNS and IP 3. execute putty (on windows you need to launch putty gen) EBS Volumes - ✔?1.Choose between HDD and SSD types (drive types) 2. Persistence and customizable block storage for EC2 instances 3. replicated in same availability zone 4. backup snapshots 5. easy and transparent encryption 6. Elastic volumes how to create a EBS volume and attach to a instance - ✔?1. needs to be in the same availability zone 2. click create volume 3. select type, size, zone, snapshots 4. click create 5. go to volumes, search your volume you created and attach to EC2 instance 6. you can add tags to volume Why are tags important - ✔?in can help track costs Amazon Simple Storage Service (S3) - ✔?managed cloud service for storing and using data, stores unlimited number or objects, access anytime form anywhere, rich security controls. common uses for S3 - ✔?Storing app asset static web hosting backup and disaster recovery staging are for big data ect. AWS infrastructure - ✔?Regions, availability zones, edge locations cloud front - ✔?content to deliver content to end users (edge locations) Amazon VPC (Virtual Private Cloud) - ✔?you provision a private, isolated section of the Amazon Cloud you can launch AWS resources in a virtual network that you define meant so you can reflect a network in your own datacenter Easily customizable make a public facing subnet, for example Features of VPCs - ✔?1. Builds upon availability regions and zones 2. Subnets 3. Route tables 4. Internet Gateway (IGW) 5. NAT Gateway 6. Network Access controls list Security Groups - ✔?A group type that's the main Active Directory object administrators use to manage network resource access and grant rights to users. HHTP - ✔?HyperText Transfer Protocol - the protocol used for transmitting web pages over the Internet. Port 80 HTTPS - ✔?Hypertext Transfer Protocol Secure port 443 what would you use to select traffic from anywhere - ✔?0.0.0.0/0. default in AWS for traffic - ✔?inbound is denied/ outbound allowed Application Load Balancer - ✔?When you need a flexible feature set for your web applications with HTTP and HTTPS traffic. Operating at the request level, Application Load Balancers provide advanced routing, TLS termination and visibility features targeted at application architectures, including microservices and containers. listeners - ✔?is a process that checks for connection requests, using the protocol and port that you configure. the rules that you define for listener determine how the load balancer routes requests to the targets in one or more target groups Target - ✔?a destination for traffic based on the established listener rules Target Group - ✔?Each target group routes requests to one or more registered targets using protocol and port numbers specified. A target can be registered with multiple target groups. Health checks can be configured on a per target group basis features of application load balancer - ✔?1. Path and host based routing 2. native IPv6 3. AWS WAF 4. Dynamic Ports 5. Deletion protection and request tracing Auto Scaling - ✔?Auto Scaling is a service that allows you to maintain the availability of your applications by scaling Amazon EC2 capacity up or down in accordance with conditions you set. Launch Configuration - ✔?a template that an Auto Scaling group uses to launch EC2 instances Auto Scaling Group - ✔?where a deployment takes place and when to do it to and VPC auto scaling policy - ✔?scheduled, you create, scale in policy, scale out policy. Created in cloud watch Route 53 - ✔?Scalable DNS and Domain Name Registration - Named after DNS Port - Globally configured - Can set up Public or Private Zones hosted zones - ✔?used in route 53 for inbound/outbound traffic. you can add host names/comments you can add creating a record set in route 53 - ✔?you can set a IP address to your application DNS Resolution Process - ✔?1 - Request sent to local name server 2 - Name server queries root server 3 - Root response sent to local name server 4 - Name server queries .com name server 5 - .com Response sent to local name server 6 - Name server queries specific domain server 7 - Domain server responds to name server 8 - Name server provides result to local device 9 - Answer is cached locally Amazon Relational Database Service (RDS) - ✔?A relational database service supporting MySQL, Oracle, SQL Server, or PostgreSQL AWS Lambda - ✔?is a compute service that lets you run code without provisioning or managing servers. It executes your code only when needed and scales automatically, from a few requests per day to thousands per second AWS Lambda benefits - ✔?Allows you to run code without managing or provisioning servers AWS Elastic Beanstalk - ✔?Service for deploying and scaling web apps and services with popular program languages Java, .NET, PHP, Node.js, Python and Ruby Retain full control over the AWS resources powering your app Browse log files, monitor app health, adjust auto-scaling rules, setup email notifications Amazon Simple Notification Service (SNS) - ✔?Webservice that makes it easy to setup, operate, and send notifications from the cloud is what Amazon service? Amazon CloudWatch - ✔?Amazon CloudWatch is a monitoring service for AWS Cloud resources and the applications you run on AWS.64 You can use Amazon CloudWatch to collect and track metrics, collect and monitor log files, set alarms, and automatically react to changes in your AWS resources. can monitor: Ec2 instances, dynamoDB tables, and RDS DB instances You can use Amazon CloudWatch to gain system-wide visibility into resource utilization, application performance, and operational health Amazon CloudFront - ✔?Amazon CloudFront is a global content delivery network (CDN) service that accelerates delivery of your websites, APIs, video content, or other web assets.53 It integrates with other AWS products to give developers and businesses an easy way to accelerate content to end users with no minimum usage commitments. Requests for your content are automatically routed to the nearest edge location, so content is delivered with the best possible performance. works with : s3, EC2, Elastic Load Balancing, and Route 53 pay for what use CloudFormation - ✔?An easy way to create and manage a collection of related AWS resources, provisioning and updating them in an orderly and predictable fashion. CloudFormation stack - ✔?A stack is the "implementation" of one or more "Templates". When you use AWS CloudFormation, you manage related resources as a single unit called a stack. You create, update, and delete a collection of resources by creating, updating, and deleting stacks. All of the resources in a stack are deﬁned by the stack's AWS CloudFormation template. Suppose you created a template that includes an Auto Scaling group, Elastic Load Balancing load balancer, and an Amazon RDS database instance. To create those resources, you create a stack by submitting your template that deﬁnes those resources, and AWS CloudFormation handles all of the provisioning for you. After all of the resources have been created, AWS CloudFormation reports that your stack has been created. You can then start using the resources in your stack. If stack creation fails, AWS CloudFormaﬁon rolls back your changes by deleting the resources that it created. CloudWatch Logs - ✔?to monitor, store, and access your log files from Amazon EC2 instances, AWS CloudTrail, and other sources. CloudFront origin - ✔?The origin of all files that the CDN will distribute. CloudWatch Alarms - ✔?measure a single metric and perform one or more options CloudWatch Events - ✔?stream of events/ uses simple rules/ aware of operational changes/ responds AWS Well-architected Framework - ✔?1. Assess and improve architectures 2. understand how design decisions impact business 3.learn the five pillars Five Pillars - ✔?1. security 2. Reliability 3. Performance efficiency 4. Cost optimization 5. Operational excellence fault tolerance - ✔?the ability for a system to respond to unexpected failures or system crashes as the backup system immediately and automatically takes over with no loss of service high availability - ✔?System is continuously operational at all times Elastic Load Balancing (ELB) - ✔?Elastic Load Balancing (ELB) automatically distributes incoming application traffic across multiple EC2 instances.56 It enables you to achieve greater levels of fault tolerance in your applications, seamlessly providing the required amount of load balancing capacity needed to distribute application traffic 2 types w/ high availability, auto scaling, and security: 1. CLassic load balancer: routes traffic based on app or network level info 2. Application Load Balancer: routes traffic based on advanced application level info (more advanced) Elastic IP (EIP) - ✔?Static IP that can be moved between instances; manually purchased, used, and deleted - Networking - Global Route 53 - ✔?Scalable DNS and Domain Name Registration - Named after DNS Port - Globally configured - Can set up Public or Private Zones Fault-tolerant systems - ✔?ensure availability in the event of a system failure by using a combination of hardware and software fault tolerant tools - ✔?1. Amazon simple queue service 2. amazon Simple Storage system 3. Amazon Relational Database Service Amazon Simple Queue Service (SQS) - ✔? Amazon Simple Storage system - ✔? Amazon Relational Database Service (RDS) - ✔?A relational database service supporting MySQL, Oracle, SQL Server, or PostgreSQL access control management - ✔?1. identity and access management (IAM) 2. Multi factor auth (MFA) 3. integration and federation with corporate directories 4. Amazon cognito 5. AWS SSO shared responsibility model - ✔?1. User data: your responsibility 2. App: your responsibility 3. guest OS: your responsibility ------------------------------------------------------- 4. Hypervisor: Uses a Zen based hypervisor AWS 5. network: AWS does propitiatory maintenance and protection 6. physical: AWS user - ✔?permanent named operator groups - ✔?collection of users Role - ✔?not permissions, authentication method. this is the operator that is temporary. policy document in IAM - ✔?JSON, lists specific API that I allow against which resources. can be attached directly to a role. you can set permanent denies. attached to users and groups. Amazon Inspector - ✔?Amazon Inspector is an automated security assessment service that helps improve the security and compliance of applications deployed on AWS AWS Shield - ✔?AWS Shield is a managed Distributed Denial of Service (DDoS) protection service that safeguards web applications running on AWS standard and advanced DDoS (Distributed Denial of Service) - ✔?An attack on a computer or network device in which multiple computers send data and requests to the device in an attempt to overwhelm it so that it cannot perform normal operations. DDoS (application/service attacks) - ✔?An attack employing multiple attacking systems. Used to deny the use of or access to a specific service or system. EX: In the year 2000, there were highly publicized attacks on eBay, CNN, Amazon, and Yahoo!. AWS shield standard - ✔?1. automatic protection 2. quick detection 3. inline attack mitigation 4. self service AWS shield avanced - ✔?1. Specialized supportadvance attatck mitigation 2. visibility and attack notification 3. always monitoring 4. enhanced detection 5. DDoS cost protection 6. if a DDoS raised instances Amazon will refund

[Show More]

Last updated: 3 years ago

Preview 1 out of 43 pages

Buy Now

Instant download

We Accept: