AWS Certified Cloud Practitioner - Quiz
S3 data
Current
REST
Encrypt object at REST
Private
Newly created buckets are private
Amazon Elastic Block Storage (EBS) (Beanstalk)
Persistent block storage for Amazon EC2 (raw). Note: s3 (alternative) is object based, files only.
AWS Service Area: Service: Direct Connect
Private network physical connection between AWS and DC.
Cross Region Replication
Replicate the contents on one bucket to another bucket automatically
S3 suitability for OS
S3 is not suitable for installing operating systems
Amazon EC2 Instance Storage
Temporary block storage
AWS ElasticCache
Web service for in-memory cache in the cloud. Supports two open-source in-memory caching engines: Memcached and Redis
AWS Service Area: Service: Mobile Analytics
With Amazon Mobile Analytics, you can measure app usage and app revenue. By tracking key trends such as new vs. returning users, app revenue, user retention, and custom in-app behavior events, you can make data-driven decisions to increase engagement and monetization for your app. You can view key charts in the Mobile Analytics console and automatically export your app event data to Amazon S3 and Amazon Redshift to run custom analysis. Amazon Mobile Analytics is free up to 100 million events per month and just $1 per million events thereafter.
The Fly
You can change the storage class and encryption level of your objects on the fly
Static Website hosting for s3
html
Snowball
large data volume data transfer
Amazon Glacier
low cost archive
Wordpress websites
requiring database connections can not be hosted on S3
HTTP 200
successful S3 uploads result in this status code
Group policy
Set up with JSON
AWS Service Area: Service: Amazon Simple Queue Service (SQS)
* A fast, reliable, scalable, fully managed message queuing service. * Transmit any volume of data, at any level of throughput * Offload the administrative burden of operating a messaging cluster
AWS Service Area: Service: Amazon Simple Workflow
* Build, run, and scale background jobs that have parallel or sequential steps. * A fully-managed state tracker and task coordinator in the Cloud. * Separation between the control flow of your background job's stepwise logic and the actual units of work * Redundantly stores the tasks, reliably dispatches * Eliminates the need for developers to manage the infrastructure plumbing of process automation * Write your application components and coordination logic in any programming language
AWS Service Area: Service: Identity and Access Management
* Control access to AWS services and resources for your users. * Create and manage AWS users and groups. Create roles. * Use permissions to allow and deny their access to AWS resources, and control which operations a user can perform. * Assign them individual security credentials (i.e., access keys, passwords, and multi-factor authentication devices) * Request temporary security credentials to provide users access to AWS services and resources. * Enable identity federation to allow existing identities (e.g. users)
AWS Service Area: Service: CloudFormation
* Create and manage a collection of related AWS resources * Ordering and dependencies automiatically handled * Deploy colleciton of resources using a 'template'. Templates can be re-used * Free. No additional charge to use. * Describe resource dependencies if needed * Pass special paraemters in at runtime * Template files are JSON-formatted text files * Publish progress of events using Amazon SNS
AWS Service Area: Service: Direct Connect
* Establish a dedicated network connection between your network and one of the AWS Direct Connect locations * Works with all AWS services that are accessible over the Internet * 1 Gbps and 10 Gbps connections; provision multiple connections if you need more capacity * Establish a private virtual interface from your on-premise network directly to your Amazon VPC * Using industry standard 802.1q VLANs, this dedicated connection can be partitioned into multiple virtual interfaces * Establish private connectivity to multiple VPCs using multiple virtual interfaces * Reduces your network costs into and out of AWS in two ways: * Reduce your bandwidth commitment to your Internet service provider * Data transferred over your dedicated connection is charged at the reduced AWS Direct Connect data transfer * Avoid the need to utilize VPN hardware
AWS Service Area: Service: Glacier
* Extremely low-cost cloud archive storage service that provides secure and durable storage for data archiving and online backup. * As little as $0.01 per gigabyte per month * Average annual durability of 99.999999999% for an archive. * Transfer of your data over Secure Sockets Layer (SSL) * Automatically encrypts data at rest using Advanced Encryption Standard (AES) 256-bit symmetric keys * Redundantly stores data in multiple facilities and on multiple devices within each facility. * Move data between Amazon S3 and Amazon Glacier using data lifecycle policies.
S3 Glacier
* Extremely low-cost cloud archive storage service that provides secure and durable storage for data archiving and online backup. * As little as $0.01 per gigabyte per month * Average annual durability of 99.999999999% for an archive. * Transfer of your data over Secure Sockets Layer (SSL) * Automatically encrypts data at rest using Advanced Encryption Standard (AES) 256-bit symmetric keys * Redundantly stores data in multiple facilities and on multiple devices within each facility. * Move data between Amazon S3 and Amazon Glacier using data lifecycle policies.
AWS SNS (Simple Notification Service)
* Fast, flexible, fully managed push messaging service * Notifications to Apple, Google, Fire OS, and Windows devices * Deliver notifications by SMS text message or email, to Amazon Simple Queue Service (SQS) queues, or to any HTTP endpoint. * All messages are stored redundantly across multiple availability zones * Publish a message once, and deliver it one or more times. * Direct unique messages to individual Apple, Google or Amazon devices, or * Broadcast deliveries to many mobile devices with a single publish request. * SNS allows you to group multiple recipients using topics. * A topic is an "access point" for allowing recipients to dynamically subscribe for identical copies of the same notification. * $1.00 to send one million notifications via push messaging.
AWS Service Area: Service: Simple Notification Service
* Fast, flexible, fully managed push messaging service * Notifications to Apple, Google, Fire OS, and Windows devices * Deliver notifications by SMS text message or email, to Amazon Simple Queue Service (SQS) queues, or to any HTTP endpoint. * All messages are stored redundantly across multiple availability zones * Publish a message once, and deliver it one or more times. * Direct unique messages to individual Apple, Google or Amazon devices, or * Broadcast deliveries to many mobile devices with a single publish request. * SNS allows you to group multiple recipients using topics. * A topic is an "access point" for allowing recipients to dynamically subscribe for identical copies of the same notification. * $1.00 to send one million notifications via push messaging.
AWS Service Area: Service: Route53
* Highly available and scalable cloud Domain Name System (DNS) web service * Connects user requests to infrastructure running in AWS * Used to route users to infrastructure outside of AWS. * Manage traffic globally through a variety of routing types, including Latency Based Routing, Geo DNS, and Weighted Round Robin—all * Offers Domain Name Registration
AWS Service Area: Service: Amazon Simple Email Service (SES)
* Outbound-only email-sending service * Pay low charges for the number of emails sent, data transfer fees, and attachments. * Sending statistics and built-in notifications for bounces, complaints, and deliveries * Outgoing messages are stored redundantly across multiple servers and datacenters * Amazon SES takes proactive steps to maximize the percentage of your emails that arrive in your recipients' inboxes * Track your bounces, complaints, and deliveries with Amazon SNS and easily set up DKIM for any domain you manage via Amazon Route 53.
AWS Service Area: Service: Kinesis
* Platform for streaming data on AWS * Load and analyze streaming data * Build custom streaming data applications for specialized needs
AWS Service Area: Service: Virtual Private Cloud
* Provision a logically isolated section of the Amazon Web Services (AWS) Cloud * You define the entire virtual networking environment * Control IP addresses, subnets, route tables, and network gateways
AWS VPC (Virtual Private Cloud)
* Provision a logically isolated section of the Amazon Web Services (AWS) Cloud * You define the entire virtual networking environment * Control IP addresses, subnets, route tables, and network gateways
AWS Service Area: Service: Amazon Elastic Compute Cloud (EC2)
* Resizable compute capacity in the cloud * Boot new server instances to minutes * Scale capacity as needs change * Controlled via Amazon Website or via Web Service APIs * Root access to instances * 99.95% availability for each Amazon EC2 Region * Choose either the size or type of CPU, memory, and boot partition * Use Security Groups and Network ACLs to control inbound and outbound network access * Use dedicated instances to offer additional isolation by running on dedicated hardware * Pay based on computing power used (e.g. size of instance) * On-Demand Instances let you pay for compute capacity by the hour with no long-term commitments. * Dedicated Instances are Amazon EC2 Instances that run on hardware dedicated to a single customer for additional isolation.
AWS Service Area: Service: Cognito
* Save mobile user data, such as app preferences or game state, in the AWS Cloud * No writing any backend code or managing any infrastructure * Offers mobile identity management and data synchronization across devices. * Save data locally on users' devices allowing your applications to work even when the devices are offline * Synchronize data across a user's devices so that their app experience will be consistent regardless of the device they use
AWS Service Area: Service: AppStream
* Stream your existing Windows applications from the cloud * Application will be deployed and rendered on AWS infrastructure and the output is streamed to mass-market devices (e.g. phones, tablets) * Scale computational and storage needs, regardless of the devices your customers are using * Use Amazon SDK for streaming your application from the cloud * Integrate your own custom clients, subscriptions, identity, and storage solution
AWS S3 (Simple Storage Service)
* Write, read, and delete objects containing from 1 byte to 5 terabytes of data each. The number of objects you can store is unlimited. * Each object is stored in a bucket and retrieved via a unique, developer-assigned key * A bucket can be stored in one of several regions. You can choose a region to optimize for latency, minimize costs, or address regulatory requirements * Objects can be made private or public, and rights can be granted to specific users. * Options for secure data upload/download and encryption of data at rest are provided * Uses standards-based REST and SOAP interfaces * The default download protocol is HTTP. A BitTorrent™ protocol interface is provided to lower costs for high-scale distribution. * Manage of data through its lifetime. Includes options for segregating data by buckets, monitoring and controlling spend, and automatically archiving data to even lower cost storage options.
AWS Service Area: Service: Amazon Simple Storage Service (S3)
* Write, read, and delete objects containing from 1 byte to 5 terabytes of data each. The number of objects you can store is unlimited. * Each object is stored in a bucket and retrieved via a unique, developer-assigned key * A bucket can be stored in one of several regions. You can choose a region to optimize for latency, minimize costs, or address regulatory requirements * Objects can be made private or public, and rights can be granted to specific users. * Options for secure data upload/download and encryption of data at rest are provided * Uses standards-based REST and SOAP interfaces * The default download protocol is HTTP. A BitTorrent™ protocol interface is provided to lower costs for high-scale distribution. * Manage of data through its lifetime. Includes options for segregating data by buckets, monitoring and controlling spend, and automatically archiving data to even lower cost storage options.
Developer Support Plan
- $ 29 / Month - 12 / 24 Hour response
Business Support Plan
- $100 / month - 24 x 7 access - 1 hour response
Enterprise Support Plan
- 15K / Month - 15 minute response - Tam
Cloud computing advantage - Godzilla
- Benefit from massive economies of scale
Access AWS Platform in 3 ways
- Console - Command Line - SDK
Group
- Place to store users that inherit all permissions of the group - developers - sa's - hr
Platform As A Service (PAAS) - GoDaddy
- Someone else manages H/W & S/W - I focus on my app - Someone else manages - security - patching - updates - maintenance
Cloud computing advantage - Guess
- Stop guessing about capacity - scales to business needs - no long term contracts
Cloud computing advantage - Money
- Trade capital expense for variable expense - Pay only when you consume resources - Pay only per how much you consume - min / sec / hr / GB /TB
Cloud computing advantage - Samson
- focus on your strengths - let someone else manage infrastructure for you
Cloud computing advantage - Earth
- go global in minutes - deploy app in multiple regions around the world in a few clicks - lower cost - lower latency - better experience
Cloud computing advantage - The Flash
- scales infinitely with demand - Acloud guru was built in 3 weeks using serverless architecture
AWS CloudFront
Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds, all within a developer-friendly environment. CloudFront offers advanced security capabilities, including field level encryption and HTTPS support, seamlessly integrated with AWS Shield, AWS Web Application Firewall and Route 53 to protect against multiple types of attacks including network and application layer DDoS attacks. These services co-reside at edge networking locations - globally scaled and connected via the AWS network backbone - providing a more secure, performant, and available experience for your users. CloudFront works seamlessly with any AWS origin, such as Amazon S3, Amazon EC2, Elastic Load Balancing, or with any custom HTTP origin. You can customize your content delivery through CloudFront using the secure and programmable edge computing feature AWS Lambda@Edge.
AWS DynamoDB
Amazon DynamoDB is a (NoSQL) key-value and document database that delivers single-digit millisecond performance at any scale. It's a fully managed, multi-region, multi-active, durable database with built-in security, backup and restore, and in-memory caching for internet-scale applications. DynamoDB is serverless with no servers to provision, patch, or manage and no software to install, maintain, or operate. DynamoDB automatically scales tables up and down to adjust for capacity and maintain performance.
AWS SQS (Simple Queue Service)
Amazon Simple Queue Service (SQS) is a fully managed message queuing service that enables you to decouple and scale microservices, distributed systems, and serverless applications. SQS eliminates the complexity and overhead associated with managing and operating message oriented middleware, and empowers developers to focus on differentiating work. Using SQS, you can send, store, and receive messages between software components at any volume, without losing messages or requiring other services to be available. SQS offers two types of message queues. Standard queues offer maximum throughput, best-effort ordering, and at-least-once delivery. SQS FIFO queues are designed to guarantee that messages are processed exactly once, in the exact order that they are sent.
AWS Service Area: Service: CloudSearch
Built for high throughput and low latency, Amazon CloudSearch supports a rich set of features including language-specific text processing for 34 languages, free text search, faceted search, geospatial search, customizable relevance ranking, highlighting, autocomplete and user configurable scaling and availability options.
Transfer Acceleration
Upload files to edge locations and Amazon transfers the files, over there internal network, to buckets.
AWS Service Area: Service: Redshift
* Fast, fully managed, petabyte-scale data warehouse solution * Analyze all your data using your existing business intelligence tools * Fast query performance by using columnar storage technology * Uses standard PostgreSQL JDBC and ODBC drivers * Automated most of the common administrative tasks * Backups to Amazon S3 are continuous, incremental and automatic. * Pay only for the resources you provision
AWS Route53
* Highly available and scalable cloud Domain Name System (DNS) web service * Connects user requests to infrastructure running in AWS * Used to route users to infrastructure outside of AWS. * Manage traffic globally through a variety of routing types, including Latency Based Routing, Geo DNS, and Weighted Round Robin—all * Offers Domain Name Registration
Root Account Features
- Full Admin Access - Do not give account credentials away - create user for each individual - use MFA to secure root account
Software As A Service (SAAS) - Gmail
- I manage my inbox - Google takes care of everything else
Infrastructure As A Service (IAAS) - Amazon - Rackspace
- I manage the server and OS - Data provider has no access to server
AWS Service Area: Service: OpsWorks
AWS OpsWorks is a cloud application management service can define the application's architecture and the specification of each component including package installation, software configuration and resources such as storage automation to scale your application based on time or load
AWS Service Area: Service: Elastic Transcoder
Amazon Elastic Transcoder is media transcoding in the cloud. It is designed to be a highly scalable, easy to use and a cost effective way for developers and businesses to convert (or "transcode") media files from their source format into versions that will playback on devices like smartphones, tablets and PCs.
ARN
Amazon Resource Name
Public Cloud - AWS - Azure - GCP
Available to all
JSON
Key Value Pairs - { "name" : "MikeMcMac1" } - between the brackets
Private Cloud (On Premise) - Openstact -VMWare
Managed in your data center
Availability Zones
Many data centers
Hybrid Cloud
Mixture of public and private
S3 is object based
Files only
Region
Geographical area - 2 or more Availability Zones
Glacier data
Archive 3 - 5 Hour retrieval time
Bucket Policies
Restrict access to entire bucket you can make entire s3 buckets public
ACL (Access Control Lists)
Restrict access to individual objects (files)
Scalable
S3 Storage
Bucket viewing
Globally you can also have buckets in individual regions
Universal Name Space
Names have to be unique You can not have the same name as someone else
S3 Bucket
Place to store objects - directory on a computer accessible from anywhere in the world - console - command line
AWS Service Area: Service: Amazon WorkDocs
Amazon WorkDocs offers you an easy way to provide your end users with secure enterprise storage and sharing, with strong administrative controls and feedback capabilities that improve user productivity. As Amazon WorkDocs is a fully managed service, you don't have to worry about procuring hardware, installing and managing complex collaboration software, or deploying FTP servers or network file storage to deliver these benefits to your users. All you need to do is enable Amazon WorkDocs for your organization and invite your users.
AWS Service Area: Service: WorkSpaces
Amazon WorkSpaces offers you an easy way to provide a managed, cloud-based desktop experience to your end-users. You don't have to worry about procuring or deploying hardware or installing complex software to deliver a desktop experience to your users. Amazon WorkSpaces takes care of all the heavy lifting of managing hardware and software, and tasks such as patching and maintenance, enabling you to deliver a high quality desktop experience to your users.
Edge Location
CDN Endpoints for Cloudfront Location where content will be cached This is separate from an AWS Region/AZ
S3 Unique Name Space
Each object has a unique name
Root Account
Email account you used to set up account
SSL
Encrypt objects in transit to S3
AWS Service Area: Service: Data Pipeline
a web service that helps you reliably process and move data between different AWS compute and storage services as well as on-premise data sources at specified intervals access your data where it's stored, transform and process it at scale, and efficiently transfer the results to AWS services
AWS Service Area: Service: Elastic Beanstalk
service for deploying and scaling web applications and services developed with Java, .NET, PHP, Node.js, Python, Ruby, and Docker on familiar servers such as Apache, Nginx, Passenger, and IIS. upload your code and Elastic Beanstalk automatically handles the deployment you retain full control over the AWS resources powering your application and can access the underlying resources at any time. no additional charge for Elastic Beanstalk - you pay only for the AWS resources needed
