Monday, December 25, 2017

AWS Certified Solutions Architect - Progress Report and Notes

At this time, I've finished the second part of my study plan for the AWS Certified Solutions Architect Associate exam. As you may remember, I wanted to knock out CBT Nugget videos before digging into SafariBooks to read the AWS Certified Solutions Architect official study guide.






Now it's time to collect my notes from CBT and move on to the reading portion. Below are some high level notes I've taken:

AWS Infrastructure:
  • Uses regions with availability zones, zones are redundant
  • Edge Locations are cached Content Delivery Networks (CDNs)

Foundation Services:
  • Compute: EC2, LAMDA, Auto-Scaling (Regions)
  • Networking: Load-balancing, Route53, VPC (Availability Zones)
  • Storage: S3, Block Storage, Glacer, EFS (Edge Locations)

Platform Services:
  • Databases: DynamoDB, RDS, Redshift
  • Analytics: Kinesis, EMR, Data Pipeline
  • Deployment: Elastic Beanstalk, CodeDeploy
  • Mobile: Cognito, SNS

Storage Options:
  • Instance Store Backed: Physical storage connects directly to instance. Ephemeral so it is not in a permanent location.
  • EBS Backed (recommended): Persistent storage using EBS.

Simple Storage Service (S3):
  • Account uses bucketes (max 100 buckets)
  • Objects are files within buckets (virtually limitless storage)
  • Can host static web pages with S3
  • Buckets are globally unique names created in a region
  • Cannot nest buckets, they can only be Top-level containers
  • Objects can be up to 5TB in size
  • Bucket+Object+Version maps to unique URL
  • Access control can be done at bucket or object level
  • Not meant as primary storage for services (i.e. Instances)
  • Region specific & supports REST & SOAP
  • Server side encryption of data at rest
  • Three access controls: IAM, Bucket, and ACLs. You can combine all three methods.
S3 Storage Classes:
  • Standard: most expensive
  • Infrequent Access
  • Glacier: least expensive
  • Reduced Redundancy
Elastic Block Store (EBS):
  • Storage sizes between 1GB - 16TB (1TB for magnetic)
  • Can take snapshots into S3 at anytime
  • Use for DB's, Applications, & root volumes
  • Backups are incremental
  • Good for ephemeral temporary storage, is shared between instances
  • Similar to a SAN
VPC:
  • Security groups police traffic at instance level
  • Network ACLs police traffic at subnet level
  • Route tables are similar to VRF's
  • Default VPC use subnet 172.31.0.0/16 and IPv6 disabled
  • Use NAT Gateway or NAT instance for private to public routing
Identitiy and Access Management (IAM):
  • Policies are not cumulative, entities give up old permissions when assuming a role
  • Three types of policies (Managed, Custom, & Inline)
Non-Relational DB:
  • Top-level organized into 'Tables'
  • Tables contain 'Items'
  • Items contain 'Attributes'
Auto-Scaling:
  • Involves Elastic LB, Cloudwatch (provides info to AS), & Auto Scaling (manages group)
  • Auto-Scaling invludes the following:
  1.  Launch Config: Config of EC2 instances to be scaled
  2. Auto-Scaling group: Defines how much to scale and un-scale
  3. Scaling life cycle: Defines when to scale out or in, along with hooking events
Elastic Load Balancing (ELB):
  • Can load balance across availability zones
  • Cross zone load balancing: Allows you to distribute traffic evenly across all zones
  • Can be internet facing or internal only
Cloudwatch:
  • Has metrics for most AWS products and services
  • Can push metrics via REST or CLI
  • Can use SNS or Auto-Scaling
CloudFormation:
  • Method to create or manage a collection of resources
  • Built with JSON or CloudFormer
  • Infrastructure as code
  • Uses the components called "Resources" and "Parameters"
  • GIT is recommended for version control
  • Stack will rollback if there's a problem with its config
  • Resources are deleted when the stack is deleted
  • "WaitCondition" is used to ensure no 'order of operations' issues

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.