AWS Cloud practitioner basics

1 Point Contributor

Introduction:

  • Cloud practitioner overview is for non-technical roles. It helps taking business decisions of choosing a cloud solution. Cloud is a pay as you need solution.
  • On premises deployment is also known as a private cloud deployment.
  • Hybrid deployment: Hybrid environment has both, on premises and cloud deployments. Maybe for some applications, it makes sense to use on premises solution and for some, it makes sense to use a cloud deployment.
  • Amazon Athena: It is a query service to query S3 data, using standard SQL.
  • Cloud search: It is a search service that can be implemented for an application.
  • Container orchestration tools: ECS and EKS. Both use dockers for containers.
  • AWS Fargate: It is a serverless compute platform for ECS or EKS. In ECS and EKS, we need to manage servers. In Fargate, servers are managed by Amazon.

Global Infrastructure and Reliability:

  • Regions: AWS has multiple regions. No data goes to another region by design. There are ways to allow data access across regions. Four factors to choose a right region: compliance, proximity, feature availability, and pricing.
  • Availability zones: Regions contains Availability Zones. Regions are not at one location. Each region is made of multiple data centers. Ann availability zone has a single or group of data centers.
  • To maintain fault tolerance, it’s recommended to run applications with at least two availability zones in a region.
  • Edge locations: Edge locations run Amazon Cloudfronts. Amazon Cloudfronts these are global Content Delivery Networks (CDNs) of Amazon. It uses edge locations to accelerate content deliveries. We can use these to cache the data closed to customers locations. Edge locations also run DNS services called Amazon route 53.
  • AWS Outposts: These are isolated infrastructures within a company’s building.

Ways to interact with AWS:

  • AWS management console, AWS Command Line Interface (CLI), AWS Software Development Kits (SDKs), and other tools (like Cloud formation).
  • AWS management console are good for beginners.
  • AWS Command Line Interface (CLI) are better for production environment. using CLI, we can invoke commands to interact with terminal instances and automate processes.
  • AWS Software Development Kits (SDKs) allow to interact using various programming languages.
  • Other tools:
    • AWS Beanstalk allows us to let AWS create the desired infrastructure.
    • CloudFormation: allows us to manage infrastructure as code, to define configurations of the infrastructure.

Networking:

  • Amazon Virtual Private Cloud (VPC). Public subnet: an area that is open to public. Private subnet is not open to public. Internet gateway is kind of a door that allows selected network to be inside the network. VPC allows the private traffic to get inside the network. It doesn’t allow public network to get inside the network. AWS Direct Connect provides a direct connection to your network.
  • Public subnets contain resources that should be accessible by the public. Private subnets contain resources that must be accessible only through the private network, like a database.
  • Access Control List (ACLs) protect the subnet.
  • Security groups protect the individual server instances as security groups are at a server instance level.
  • Security group is stateful. It remembers who is allowed to enter into a server instance. ACLs are stateless.
  • DNS Route service: it helps to provide an IP address of a website.

Storage and databases:

  • Instance stores and Amazon Elastic Block Store (EBS): Block stores are blocks to store files. Hard drive of the computer is an example of a block store. With EBS, we can create virtual hard drives. Incremental backups on EBS are called snapshots.
  • Amazon Simple Storage Service (S3): At S3, we can store files. We store files in buckets. 5TB is the maximum size of a file/object. S3 standard provides very high availability. It stores data at least three facilities. S3 Standard infrequent (S3 IA) is suitable to store files that needs less frequently. S3 glacier can be used to store archives that are rarely to be accessed. AWS supports more S3 types for the various types of data storage needs.
  • EBS versus S3:
    • S3 is serverless. We don’t need any EC2 or another instance, to manage S3 buckets/storage.
    • If we need multiple updates, EBS is a better choice. If we’re changing complete objects, S3 is a better choice.
  • Amazon Elastic File Systems (EFS): With EFS, we can keep existing file systems.
  • EBS versus EFS: EBS volumes are attached to EBS instance. EFS can have multiple instances used at the same time. EBS stores data in a single availability zone. EFS is a regional resource.
  • Amazon Relational Database Service (RDS): It supports a variety of databases.
  • Amazon Aurora: it is compatible with MySQL and PostgreSQL at a 1/10th of the cost.
  • Amazon DynamoDB: It is a serverless and a non-relational NoSQL key-value database.
  • RDS versus DynamoDB: For complex relational joins for analytics, use RDS. For single table types data, key-value is a good choice.
  • Amazon Redshift: It is a data warehousing service that can be used for big data analytics.
  • AWS Database Migration Service (AWS DMS): This service helps to migrate databases on a one time or a continuous migrations models. For example, this service can help to migrate a MySQL database to an Amazon Aurora database. This service can also help to consolidate multiple databases to a single database.
  • Additional Database Services: There are other database services supported by AWS. For example:
    • Amazon Neptune is a graph database.
    • Amazon Document DB for document databases that supports MongoDB workloads.
    • Amazon Quantum Ledger database (QLDB) is a ledger database. For example, QLDB can help to review a history of all changes made to an application data.
    • Amazon Managed Blockchain to create and manage blockchain networks.
    • Amazon ElastiCache to add caching layers on top of a database, to improve the read activities.
    • Amazon DynamoDB Accelerator (DAX) is an in-memory cache for DynamoDB.

Security:

  • Shared responsibility model: Both, AWS and AWS developers are responsible for the security.
  • User permission and access:
    • Root user: A root user is an owner that can not be restricted anywhere where they are owners.
    • IAM User: A user can not login by default. A user needs explicit access to any resources. We need to attach an IAM policy to a user, to provide an access to a resource.
    • Role: roles allow or deny the access to a resource.
    • IAM policy: An IAM policy is a document that allows or denies permissions to AWS resources.
    • IAM groups: An IAM group is a collection of IAM users.
  • Compliance: AWS provides ways to be compliant as per the needs within the country or the region of the business.
  • Distributed Denial of Service (DDoS): AWS security features help avoid DDoS attacks.

Monitoring & Analytics:

  • CloudWatch: CloudWatch can helps in monitoring in many ways. For example, we can generate alerts based on some logs.
  • CloudTrail: It’s an API auditing tool. It helps to log user actions entries, to analyze who did what and when.
  • Trusted Advisor: It’s a service that will utilize your applications/resource about cost optimization, performance, security, fault tolerance, and service limits.

Pricing and Support:

  • Free Tier: 12 months free.
  • Billing Dashboard: This is useful to know about the cost of running your AWS infrastructure.
  • Consolidated billing: it allows to view all costs of multiple accounts at one place.
  • AWS Budgets: we can define a budget amount so that we get an alert when budget is reached.
  • Cost Explorer: it shows where are we spending more money so we can track it over time.
  • Support Plans: Basic Support is free. Business support plan includes all AWS trusted advisor checks at a low cost.
  • Five pillars of the well-architected framework: operational excellent, security, reliability, performance efficient, and cost optimization.
  • Marketplace: Here, we can find click and go services.

Migration and Innovation:

  • Cloud Adoption Framework (CAF): CAF can help to migrate resources to AWS.
  • Migration strategies: Six Rs for migration are six possible options for the migration. Six Rs are:
    • Rehosting: Lift and shift.
    • Replatforming: Lift, minor changes, and shift. No code changes.
    • Retire: Do not migrate.
    • Retain: These are applications that maybe about to go end of life. Do not migrate these and plan to decommission these.
    • Repurchasing: Applicable to business who are looking to repurchase new vendor softwares.
    • Refactoring: Write new code. Driven by strong business needs, to write new code. This has highest initial cost.
  • Snow Family: Three sizes below in the order of lower to a higher capacity:
    • Snowcone: contains edge computing. This is used to ship TBs of data to AWS to backup at AWS.
    • Snowball Edge: They fit into existing servers.
    • Snowmobile: Ideal for larger migrations. Up to 100 Petabyte data.
  • Innovations with AWS:
    • VMWare cloud on AWS: We can migrate VMWare based infrastructure on prime can be moved to AWS.
    • SageMaker: It builds and trains ML models using popular open sourced frameworks.
    • Augmented AI: It is for AI solutions.
    • Lex: It is the technology for Alexia.
    • Textract: To extract text and data.
    • DeepRacer: Experiment reinforced learning.
    • Internet Of Things
    • Ground Station

Cloud Journey:

  • Three tier architecture: Load Balancer, EC2, and Databases. Pillars of a well-architected framework:
    • Operational excellence
    • Security
    • Reliability
    • Performance Effienciency
    • Cost Optimization
  • We can use a well architected tool to suggest where are gaps in an application at AWS.
  • Benefits of AWS Cloud: Six main benefits of using AWS cloud:
    • Trade fix expense for variable expense: assess cost for: Physical space, Hardware, Staff for racking & stacking, Overhead of keeping data center running, and Fixed cost.
    • Benefit from massive economies of scale
    • Stop guessing capacity
    • Increase speed and agility
    • Stop spending money running and maintaining data centers
    • Go global in minutes

Reference:

  • AWS Cloud Practitioner Essentials course.
  • AWS documentations.

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Cancel

Connecting to %s