Domain 3: Technology
Deploying & Operating in the AWS Cloud
Ways to Provision and Operate in AWS
Programmatic Access:
APIs: Set of routines and tools for building AWS software.
SDKs: Collection of software tools and libraries specific to various programming languages.
AWS Management Console:
Web-based interface for AWS management.
Features drag-and-drop capabilities to deploy AWS resources.
CLI:
Allows direct command line instructions for AWS resources.
Ideal for scripting and automations.
Infrastructure as Code (IaC):
Use scripts to provision and manage AWS resources.
Tools like AWS CloudFormation and terraform allow for IaC.
Deployment Models
Description
All in with Cloud/Cloud Native
Fully utilizing cloud services without on-premises resources.
Hybrid
Mixture of on-premises resources with cloud services.
On-Premises
Traditional infrastructure without significant cloud interaction.
Connectivity Options
VPN: Securely connect your on-premises network to the AWS cloud.
AWS Direct Connect: Establish a dedicated network connection from your premises to AWS.
Public Internet: General connectivity method but less secure.
AWS Global Infrastructure
Relationship Among Regions, Availability Zones, and Edge Locations
Regions: Separate geographic areas to ensure data redundancy and compliance.
Availability Zones: Physically isolated data centers within a region.
Edge Locations: Multiple distributed locations globally, primarily used by CloudFront (CDN) to cache content close to end-users.
How many Availability Zones does a typical AWS Region have?
a) 1 b) 2-3 c) 5-6 d) 10
b) 2-3
Achieving High Availability
Disaster Recovery/Business Continuity: A strategic advantage of utilizing multiple regions.
Use of multiple Availability Zones to ensure fault tolerance and minimize downtime.
Some countries or industries require data to be stored in specific geographies.
Benefits of Edge Locations
Amazon CloudFront: A content delivery network to distribute content globally with low latency.
AWS Global Accelerator: Boosts the availability and performance of applications.
Core AWS Services
Categories of Services on AWS
AWS services can be classified into different categories based on their function:
Compute: Services tailored for processing capabilities.
Storage: Services related to data storage and retrieval.
Network: Tools and services that relate to networking features.
Database: Services for structured and unstructured data storage and management.
Compute Services
AWS offers several compute families tailored for different needs:
General Purpose (e.g., t2, m5): Balanced CPU, memory, and networking.
Compute Optimized (e.g., c5): For CPU-intensive workloads.
Memory Optimized (e.g., r5, x1): For memory-intensive applications.
Accelerated Computing (e.g., p3, f1): Leveraging hardware accelerators, or co-processors.
Services Providing Compute:
Amazon EC2 (Elastic Compute Cloud): Provides resizable compute capacity. It's like having a virtual machine but in the AWS cloud.
AWS Lambda: A serverless compute service. You just provide the code and AWS runs it without you provisioning or managing servers.
Amazon Elastic Container Service (ECS): A fully managed container orchestration service.
Elasticity through Auto Scaling:
AWS Auto Scaling allows you to maintain application availability. It dynamically adjusts its capacity to maintain steady, predictable performance at the lowest possible cost.
Purpose of Load Balancers:
AWS offers Elastic Load Balancing with three types: Application Load Balancer, Network Load Balancer, and Classic Load Balancer.
Distributes incoming application traffic across multiple targets, like EC2 instances, containers, and IP addresses, in one or more Availability Zones.
Storage Services
Amazon S3 (Simple Storage Service): Object storage service offering scalability, data availability, security, and performance.
Amazon EBS (Elastic Block Store): Block storage service for EC2 instances. Allows persistent data storage.
Amazon S3 Glacier & S3 Glacier Deep Archive: Storage services optimized for infrequently accessed data, and long-term archiving with cost-efficiency.
AWS Snowball: A physical data transport solution, more secure and faster than internet-based transfer methods.
Amazon EFS (Elastic File System): Managed file storage for use with AWS Cloud services and on-premises resources.
AWS Storage Gateway: Hybrid cloud storage service that provides on-premises applications access to cloud storage.
Networking Services
VPC (Virtual Private Cloud): Provides a private section of the AWS cloud where you can launch resources in a virtual network that you define.
Security Groups: Act as a virtual firewall to control inbound and outbound traffic to networked EC2 instances.
Amazon Route 53: A scalable domain name system (DNS) and domain name registration service.
VPN (Virtual Private Network) & AWS Direct Connect: Allow secure connection from on-premises sites to AWS. Direct Connect does so over a dedicated line for higher speed and consistency.
Database Services
Amazon EC2 vs. AWS Managed Databases: While you can manually set up databases on an EC2 instance, AWS managed database services, like RDS and DynamoDB, offer easier management, backups, and scalability.
Amazon RDS (Relational Database Service): Managed relational database service with various database engines like MySQL, PostgreSQL, SQL Server, etc.
Amazon DynamoDB: Managed NoSQL database service known for single-digit millisecond performance.
Amazon Redshift: Fully managed petabyte-scale data warehouse service.
Resources for Technology Support
Documentation: Comprehensive AWS documentation includes whitepapers, user guides, and reference material.
Support Plans: AWS offers a variety of support plans, from Basic to Enterprise.
AWS Partner Network: Extensive network of third-party vendors, solutions, and integrators.
AWS Trusted Advisor: Offers insights to reduce cost, increase performance, and ensure a secure environment.
Last updated