Published

Model_ 4 cornerstones of operational resilience operations security software infrastructure (1) Operations (2) Security (3) Software (4) Infrastructure

Business Agility: respond faster, experiment more (compare with Model_ Cloud Computing benefits #5 speed and agility) code throughput (1) Lead Time (2) Deployment Frequency system stability (3) Change Failure Rate (4) Mean Time To Recover

Model_ Cloud-based deployment models https://aws.amazon.com/products/ Model_ Cloud-based deployment models AWS core service categories

https://aws.amazon.com/certification/certified-cloud-practitioner/ details exam guide sample questions

Compute in the cloud ec2 instance types pricing dedicated hardware scaling auto-scaling load balancing messaging Simple Notification Service (SNS) Simple Queue Service (SQS) Serverless Lambda container services Elastic Container Service (ECS) Elastic Kubernetes Service (EKS) Fargate “serverless containers” (1) EC2 EC2 instance types general purpose - balances compute, memory, network compute optimized - high-performance processors memory optimized - high-performance databases (db needs memory) storage optimized - data warehousing accelerated - (special use-cases) !...

https://aws.amazon.com/about-aws/global-infrastructure/ region: distinct geographic area\ has at least 2 AZs availability zone (AZ) select a region: compliance customer proximity available services pricing Content Delivery Network: CloudFront https://aws.amazon.com/cloudfront/features/ AWS Outposts extending the cloud https://aws.amazon.com/outposts/ interact via AWS apis same hardware as AWS customer: power, network, physical security amazon: maintenance options outpost racks outpost servers (1u / 2u pizzabox server)

(1) Connecting data VPC subnet gateway internet gateway virtual private gateway AWS direct connect (2) Control the flow of data Network Access Control List (NACL) Security Groups (3) AWS global network Route 53 - DNS (1) Connecting data Virtual Private Cloud (VPC) subnet Gateway internet gateway virtual private gateway AWS Direct Connect internet gateway public subnet = network WITH an internet gateway private subnet = network WITHOUT an internet gateway...

Storage Block Storage instance storage EBS volumes Object Storage: S3 storage classes File Storage: Elastic File System (EFS) Databases Relational Database Service (RDS) database engines Amazon Aurora DynamoDB Database Migration Service (DMS) additional services Redshift DocumentDB Neptune QLDB Managed Blockchain ElastiCache DynamoDB Accelerator (DAX) storage types Block Storage instance store (data lives with the instance) block storage physically attached to instances optimized speed not persistence Elastic Block Store (EBS) !...

Shared responsibility model Compliance Identity and Access Management (IAM) user policy group role AWS Organization Application Security Web Application Firewall (WAF) Shield - DDoS Inspector - automated security assessment Key Management Service (KMS) - cryptographic keys (not secrets, not certificates) GuardDuty - intelligent threat detection Shared Responsibility Model Compliance compliance: prove https://aws.amazon.com/compliance/ using a compliant service is not sufficient to mkae a customer compliant Identity and Access Management (IAM) manage access to AWS services and resources !...

(1) CloudWatch - metrics & alerting (2) CloudTrail - user activity logs (3) Trusted Advisor - automated advice (1) CloudWatch - metrics & alerting metrics thresholds actions dashboards this is how auto-scaling actually works in: cpu usage threshold: if cpu usage > 75% action: add instance (2) CloudTrail - user activity logs (3) Trusted Advisor - automated advice cost performance security fault tolerance service limits full trusted advisor checks -> only starting at business level support (see [[course-aws-cloud-practitioner-essentials-8....