☠️
smadi0x86 Playground
  • 💀Welcome to smadi0x86 Playground
    • 🍷Resources
    • 🚬Projects
    • 🎓Certifications
    • 📌Pinned
    • ❓Questions
    • 📞Contact
  • 🏞️Cloud Native
    • Docker
      • Quick Reference
      • Introduction
      • Containers
      • Images
      • Storage & Volumes
      • Security
      • Cheatsheet
    • Git
    • Serverless Framework
    • YAML
  • 🔨Software Engineering
    • System Design
    • Environment Variables
    • JSON Web Tokens
  • 👾Architecture
    • C Language
      • Introduction
      • Calling Conventions
      • GCC Compilation
      • Libraries & Linking
      • I/O
      • Files
      • Pointers
      • Dynamic Memory Allocation
      • Data Types
      • Strings Manipulation
      • Bit Manipulation
      • Pre-processors
      • Macros
      • Type Qualifiers
    • C/C++ Build Systems
      • Fundamentals for Linking
      • Symbolic Linking
      • Cross-Platform Compilation
      • CMake for Building and Linking
      • Shared Libraries
      • Dynamic Linking and Dependency Management
    • Operating Systems
      • OS & Architecture
      • Processes
      • CPU Scheduling
      • Memory Management
  • 🛩️Cyber Warfare
    • Flight Physics
    • Communication
      • PWM & PPM
      • MAVLink
  • 🏴‍☠️Offensive Security
    • Active Directory
      • Introduction
    • Web Attacks
      • Server Side
        • OS Command Injection
        • Information Disclosure
        • Directory Traversal
        • Business Logic
        • Authentication
        • File Upload
        • SSRF
      • Client Side
        • CSRF
        • XSS
    • Recon
      • Active
        • Host discovery
        • Nmap
        • Mass Scan
      • Passive
        • Metadata
      • Web Applications
        • Discovery
        • Subdomains & Directories
        • SSL Certs
        • CMS
        • WAF Detection
      • Firewall Evasion
  • Binary Exploitation
    • Stack Smashing
      • x86
      • x86_64
    • pwntools
      • Processes and Communication
      • Logging and Context
      • Cyclic
      • Packing
      • ELF
      • ROP
  • 😈Advanced Persistent Threat
    • C2
      • Sliver
    • Malware
      • Windows Internals
        • PEB
      • Academy
        • Basics
      • Sektor7
        • Essentials
  • 💌Certifications
    • AWS Certified Cloud Practitioner (CLF-C01)
      • Cloud Foundations
      • Domain 1: Cloud Concepts
      • Domain 2: Security and Compliance
      • Domain 3: Technology
      • Domain 4: Billing and Pricing
    • AWS Certified Solutions Architect - Associate (SAA-C03)
      • Foundation
    • Certified Kubernetes Administrator (CKA)
      • Core Concepts
      • Scheduling
      • Logging & Monitoring
      • Application Lifecycle Management
      • Cluster Maintenance
      • Security
      • Storage
      • Networking
      • Design Kubernetes Cluster
      • Kubernetes The Kubeadm Way
      • Troubleshooting
      • JSONPATH
      • Lightning Lab
      • Mock Exams
      • Killer Shell
    • Certified Kubernetes Security (CKS)
      • Foundation
      • Cluster Setup
      • Cluster Hardening
      • Supply Chain Security
      • Runtime Security
      • System Hardening
      • Killer Shell
    • (KGAC-101) Kong Gateway Foundations
      • Introduction to APIs and API Management
      • Introduction to Kong Gateway
      • Getting Started with Kong Enterprise
      • Getting Started with Kong Konnect
      • Introduction to Kong Plugins
  • 📜Blog Posts
    • Modern Solutions For Preventing Ransomware Attacks
Powered by GitBook
On this page
  • Deploying & Operating in the AWS Cloud
  • Ways to Provision and Operate in AWS
  • Connectivity Options
  • AWS Global Infrastructure
  • Relationship Among Regions, Availability Zones, and Edge Locations
  • Achieving High Availability
  • Benefits of Edge Locations
  • Core AWS Services
  • Categories of Services on AWS
  • Compute Services
  • Storage Services
  • Networking Services
  • Database Services
  • Resources for Technology Support
  1. Certifications
  2. AWS Certified Cloud Practitioner (CLF-C01)

Domain 3: Technology

Deploying & Operating in the AWS Cloud

Ways to Provision and Operate in AWS

Programmatic Access:

  • APIs: Set of routines and tools for building AWS software.

  • SDKs: Collection of software tools and libraries specific to various programming languages.

AWS Management Console:

  • Web-based interface for AWS management.

  • Features drag-and-drop capabilities to deploy AWS resources.

CLI:

  • Allows direct command line instructions for AWS resources.

  • Ideal for scripting and automations.

Infrastructure as Code (IaC):

  • Use scripts to provision and manage AWS resources.

  • Tools like AWS CloudFormation and terraform allow for IaC.

Deployment Models

Description

All in with Cloud/Cloud Native

Fully utilizing cloud services without on-premises resources.

Hybrid

Mixture of on-premises resources with cloud services.

On-Premises

Traditional infrastructure without significant cloud interaction.

Connectivity Options

  • VPN: Securely connect your on-premises network to the AWS cloud.

  • AWS Direct Connect: Establish a dedicated network connection from your premises to AWS.

  • Public Internet: General connectivity method but less secure.


AWS Global Infrastructure

Relationship Among Regions, Availability Zones, and Edge Locations

  • Regions: Separate geographic areas to ensure data redundancy and compliance.

  • Availability Zones: Physically isolated data centers within a region.

  • Edge Locations: Multiple distributed locations globally, primarily used by CloudFront (CDN) to cache content close to end-users.

How many Availability Zones does a typical AWS Region have?

a) 1 b) 2-3 c) 5-6 d) 10

b) 2-3

Achieving High Availability

  • Disaster Recovery/Business Continuity: A strategic advantage of utilizing multiple regions.

  • Use of multiple Availability Zones to ensure fault tolerance and minimize downtime.

  • Some countries or industries require data to be stored in specific geographies.

Benefits of Edge Locations

  • Amazon CloudFront: A content delivery network to distribute content globally with low latency.

  • AWS Global Accelerator: Boosts the availability and performance of applications.


Core AWS Services

Categories of Services on AWS

AWS services can be classified into different categories based on their function:

  1. Compute: Services tailored for processing capabilities.

  2. Storage: Services related to data storage and retrieval.

  3. Network: Tools and services that relate to networking features.

  4. Database: Services for structured and unstructured data storage and management.

Compute Services

AWS offers several compute families tailored for different needs:

  • General Purpose (e.g., t2, m5): Balanced CPU, memory, and networking.

  • Compute Optimized (e.g., c5): For CPU-intensive workloads.

  • Memory Optimized (e.g., r5, x1): For memory-intensive applications.

  • Accelerated Computing (e.g., p3, f1): Leveraging hardware accelerators, or co-processors.

Services Providing Compute:

  • Amazon EC2 (Elastic Compute Cloud): Provides resizable compute capacity. It's like having a virtual machine but in the AWS cloud.

  • AWS Lambda: A serverless compute service. You just provide the code and AWS runs it without you provisioning or managing servers.

  • Amazon Elastic Container Service (ECS): A fully managed container orchestration service.

Elasticity through Auto Scaling:

  • AWS Auto Scaling allows you to maintain application availability. It dynamically adjusts its capacity to maintain steady, predictable performance at the lowest possible cost.

Purpose of Load Balancers:

  • AWS offers Elastic Load Balancing with three types: Application Load Balancer, Network Load Balancer, and Classic Load Balancer.

  • Distributes incoming application traffic across multiple targets, like EC2 instances, containers, and IP addresses, in one or more Availability Zones.

Storage Services

  • Amazon S3 (Simple Storage Service): Object storage service offering scalability, data availability, security, and performance.

  • Amazon EBS (Elastic Block Store): Block storage service for EC2 instances. Allows persistent data storage.

  • Amazon S3 Glacier & S3 Glacier Deep Archive: Storage services optimized for infrequently accessed data, and long-term archiving with cost-efficiency.

  • AWS Snowball: A physical data transport solution, more secure and faster than internet-based transfer methods.

  • Amazon EFS (Elastic File System): Managed file storage for use with AWS Cloud services and on-premises resources.

  • AWS Storage Gateway: Hybrid cloud storage service that provides on-premises applications access to cloud storage.

Networking Services

  • VPC (Virtual Private Cloud): Provides a private section of the AWS cloud where you can launch resources in a virtual network that you define.

  • Security Groups: Act as a virtual firewall to control inbound and outbound traffic to networked EC2 instances.

  • Amazon Route 53: A scalable domain name system (DNS) and domain name registration service.

  • VPN (Virtual Private Network) & AWS Direct Connect: Allow secure connection from on-premises sites to AWS. Direct Connect does so over a dedicated line for higher speed and consistency.

Database Services

  • Amazon EC2 vs. AWS Managed Databases: While you can manually set up databases on an EC2 instance, AWS managed database services, like RDS and DynamoDB, offer easier management, backups, and scalability.

  • Amazon RDS (Relational Database Service): Managed relational database service with various database engines like MySQL, PostgreSQL, SQL Server, etc.

  • Amazon DynamoDB: Managed NoSQL database service known for single-digit millisecond performance.

  • Amazon Redshift: Fully managed petabyte-scale data warehouse service.


Resources for Technology Support

  • Documentation: Comprehensive AWS documentation includes whitepapers, user guides, and reference material.

  • Support Plans: AWS offers a variety of support plans, from Basic to Enterprise.

  • AWS Partner Network: Extensive network of third-party vendors, solutions, and integrators.

  • AWS Trusted Advisor: Offers insights to reduce cost, increase performance, and ensure a secure environment.

PreviousDomain 2: Security and ComplianceNextDomain 4: Billing and Pricing

Last updated 1 year ago

💌
Page cover image