AWS Cloud

Ace your homework & exams now with Quizwiz!

what would you use to select traffic from anywhere

0.0.0.0/0.

DNS Resolution Process

1 - Request sent to local name server 2 - Name server queries root server 3 - Root response sent to local name server 4 - Name server queries .com name server 5 - .com Response sent to local name server 6 - Name server queries specific domain server 7 - Domain server responds to name server 8 - Name server provides result to local device 9 - Answer is cached locally

Analytics services in AWS

1. Amazon Athena 2. Amazon EMR 3. Amazon CloudSearch 4. Amazon Elasticsearch Service 5. Amazon Kinesis 6. Amazon Kinesis Data Analytics 7. Amazon Kinesis Data Streams 8. Amazon Kinesis Video Streams 9. Amazon Redshift 10. Amazon QuickSight 11. AWS Data Pipeline 12. AWS Glue 13. AWS Lake Formation 14. Amazon Managed Streaming for Kafka (MSK)

fault tolerant tools

1. Amazon simple queue service 2. amazon Simple Storage system 3. Amazon Relational Database Service

AWS Well-architected Framework

1. Assess and improve architectures 2. understand how design decisions impact business 3.learn the five pillars

Features of VPCs

1. Builds upon availability regions and zones 2. Subnets 3. Route tables 4. Internet Gateway (IGW) 5. NAT Gateway 6. Network Access controls list

Types of Cloud Computing

1. Infrastructure as a Service (IaaS) 2. Platform as a Service (PaaS) 3. Software as a Service (SaaS)

Benefits of AWS Security

1. Keep Your Data Safe 2. Meet Compliance Requirements 3. Save Money 4. Scale Quickly

features of application load balancer

1. Path and host based routing 2. native IPv6 3. AWS WAF 4. Dynamic Ports 5. Deletion protection and request tracing

Six Advantages of Cloud Computing

1. Trade capital expense for variable expense 2. Benefit from massive economies of scale 3. Stop guessing capacity 4. Increase speed and agility 5. Stop spending money running and maintaining data centers 6. Go global in minutes

shared responsibility model

1. User data: your responsibility 2. App: your responsibility 3. guest OS: your responsibility ------------------------------------------------------- 4. Hypervisor: Uses a Zen based hypervisor AWS 5. network: AWS does propitiatory maintenance and protection 6. physical: AWS

AWS shield standard

1. automatic protection 2. quick detection 3. inline attack mitigation 4. self service

how to view instance

1. config private key (save a a PPK file on windows) 2. copy DNS and IP 3. execute putty (on windows you need to launch putty gen)

access control management

1. identity and access management (IAM) 2. Multi factor auth (MFA) 3. integration and federation with corporate directories 4. Amazon cognito 5. AWS SSO

how to set up a EC2 instance

1. log in 2. choose region 3. click services-EC2 4. launch instance 5. select image 6. select server type 7. select hardware type (instance types) 8. configure instance (how many/config network) 9. add storage (root volume/disk type/new volume) 10. add tags 11config security group (SSH connectivity) 12. review and launch 13 Launch and create a new key pair then download

three ways to manage AWS

1. management console 2. AWS CLI (from command line) 3. software kit-Amazon SDK (computing languages)

how to create a EBS volume and attach to a instance

1. needs to be in the same availability zone 2. click create volume 3. select type, size, zone, snapshots 4. click create 5. go to volumes, search your volume you created and attach to EC2 instance 6. you can add tags to volume

Five Pillars

1. security 2. Reliability 3. Performance efficiency 4. Cost optimization 5. Operational excellence

EBS Volumes

1.Choose between HDD and SSD types (drive types) 2. Persistence and customizable block storage for EC2 instances 3. replicated in same availability zone 4. backup snapshots 5. easy and transparent encryption 6. Elastic volumes

Cloud

A cloud-based application is fully deployed in the cloud and all parts of the application run in the cloud. Applications in the cloud have either been created in the cloud or have been migrated from an existing infrastructure to take advantage of the benefits of cloud computing

Security Groups

A group type that's the main Active Directory object administrators use to manage network resource access and grant rights to users.

Hybrid

A hybrid deployment is a way to connect infrastructure and applications between cloud-based resources and existing resources that are not located in the cloud. The most common method of hybrid deployment is between the cloud and existing onpremises infrastructure to extend, and grow, an organization's infrastructure into the cloud while connecting cloud resources to the internal system.

Amazon Relational Database Service (RDS)

A relational database service supporting MySQL, Oracle, SQL Server, or PostgreSQL

CloudFormation stack

A stack is the "implementation" of one or more "Templates". When you use AWS CloudFormation, you manage related resources as a single unit called a stack. You create, update, and delete a collection of resources by creating, updating, and deleting stacks. All of the resources in a stack are defined by the stack's AWS CloudFormation template. Suppose you created a template that includes an Auto Scaling group, Elastic Load Balancing load balancer, and an Amazon RDS database instance. To create those resources, you create a stack by submitting your template that defines those resources, and AWS CloudFormation handles all of the provisioning for you. After all of the resources have been created, AWS CloudFormation reports that your stack has been created. You can then start using the resources in your stack. If stack creation fails, AWS CloudFormafion rolls back your changes by deleting the resources that it created.

AWS Shield

AWS Shield is a managed Distributed Denial of Service (DDoS) protection service that safeguards web applications running on AWS standard and advanced

AWS Management Console

Access and manage Amazon Web Services through the AWS Management Console, a simple and intuitive user interface. You can also use the AWS Console Mobile Application to quickly view resources on the go.

AWS Lambda benefits

Allows you to run code without managing or provisioning servers

Amazon CloudFront

Amazon CloudFront is a global content delivery network (CDN) service that accelerates delivery of your websites, APIs, video content, or other web assets.53 It integrates with other AWS products to give developers and businesses an easy way to accelerate content to end users with no minimum usage commitments. Requests for your content are automatically routed to the nearest edge location, so content is delivered with the best possible performance. works with : s3, EC2, Elastic Load Balancing, and Route 53 pay for what use

Amazon CloudWatch

Amazon CloudWatch is a monitoring service for AWS Cloud resources and the applications you run on AWS.64 You can use Amazon CloudWatch to collect and track metrics, collect and monitor log files, set alarms, and automatically react to changes in your AWS resources. can monitor: Ec2 instances, dynamoDB tables, and RDS DB instances You can use Amazon CloudWatch to gain system-wide visibility into resource utilization, application performance, and operational health

Amazon Inspector

Amazon Inspector is an automated security assessment service that helps improve the security and compliance of applications deployed on AWS

DDoS (application/service attacks)

An attack employing multiple attacking systems. Used to deny the use of or access to a specific service or system. EX: In the year 2000, there were highly publicized attacks on eBay, CNN, Amazon, and Yahoo!.

DDoS (Distributed Denial of Service)

An attack on a computer or network device in which multiple computers send data and requests to the device in an attempt to overwhelm it so that it cannot perform normal operations.

CloudFormation

An easy way to create and manage a collection of related AWS resources, provisioning and updating them in an orderly and predictable fashion.

Auto Scaling

Auto Scaling is a service that allows you to maintain the availability of your applications by scaling Amazon EC2 capacity up or down in accordance with conditions you set.

Target Group

Each target group routes requests to one or more registered targets using protocol and port numbers specified. A target can be registered with multiple target groups. Health checks can be configured on a per target group basis

EC2

Elastic Compute Cloud. Amazon Elastic Compute Cloud (Amazon EC2) is a web service that provides re-sizable compute capacity in the cloud. It is designed to make web-scale cloud computing easier for developers. Reduces the time required to obtain & boot new server instances to minutes.

Elastic Load Balancing (ELB)

Elastic Load Balancing (ELB) automatically distributes incoming application traffic across multiple EC2 instances.56 It enables you to achieve greater levels of fault tolerance in your applications, seamlessly providing the required amount of load balancing capacity needed to distribute application traffic 2 types w/ high availability, auto scaling, and security: 1. CLassic load balancer: routes traffic based on app or network level info 2. Application Load Balancer: routes traffic based on advanced application level info (more advanced)

HHTP

HyperText Transfer Protocol - the protocol used for transmitting web pages over the Internet. Port 80

HTTPS

Hypertext Transfer Protocol Secure port 443

Infrastructure as a Service (IaaS)

Infrastructure as a Service (IaaS) contains the basic building blocks for cloud IT and typically provide access to networking features, computers (virtual or on dedicated hardware), and data storage space. IaaS provides you with the highest level of flexibility and management control over your IT resources and is most similar to existing IT resources that many IT departments and developers are familiar with today

policy document in IAM

JSON, lists specific API that I allow against which resources. can be attached directly to a role. you can set permanent denies. attached to users and groups.

Software Development Kits

Our Software Development Kits (SDKs) simplify using AWS services in your applications with an Application Program Interface (API) tailored to your programming language or platform.

Platform as a Service (PaaS)

Platform as a Service (PaaS) removes the need for your organization to manage the underlying infrastructure (usually hardware and operating systems) and allows you to focus on the deployment and management of your applications. This helps you be more efficient as you don't need to worry about resource procurement, capacity planning, software maintenance, patching, or any of the other undifferentiated heavy lifting involved in running your application.

AWS infrastructure

Regions, availability zones, edge locations

Route 53

Scalable DNS and Domain Name Registration - Named after DNS Port - Globally configured - Can set up Public or Private Zones

AWS Elastic Beanstalk

Service for deploying and scaling web apps and services with popular program languages Java, .NET, PHP, Node.js, Python and Ruby Retain full control over the AWS resources powering your app Browse log files, monitor app health, adjust auto-scaling rules, setup email notifications

Software as a Service (SaaS)

Software as a Service (SaaS) provides you with a completed product that is run and managed by the service provider. In most cases, people referring to Software as a Service are referring to end-user applications. With a SaaS offering you do not have to think about how the service is maintained or how the underlying infrastructure is managed

Elastic IP (EIP)

Static IP that can be moved between instances; manually purchased, used, and deleted - Networking - Global

common uses for S3

Storing app asset static web hosting backup and disaster recovery staging are for big data ect.

high availability

System is continuously operational at all times

AWS Command Line Interface

The AWS Command Line Interface (CLI) is a unified tool to manage your AWS services. With just one tool to download and configure, you can control multiple AWS services from the command line and automate them through scripts

On-premises

The deployment of resources on-premises, using virtualization and resource management tools, is sometimes called the "private cloud." On-premises deployment doesn't provide many of the benefits of cloud computing but is sometimes sought for its ability to provide dedicated resources. In most cases this deployment model is the same as legacy IT infrastructure while using application management and virtualization technologies to try and increase resource utilization.

CloudFront origin

The origin of all files that the CDN will distribute.

Amazon Simple Notification Service (SNS)

Webservice that makes it easy to setup, operate, and send notifications from the cloud is what Amazon service?

Application Load Balancer

When you need a flexible feature set for your web applications with HTTP and HTTPS traffic. Operating at the request level, Application Load Balancers provide advanced routing, TLS termination and visibility features targeted at application architectures, including microservices and containers.

Target

a destination for traffic based on the established listener rules

Launch Configuration

a template that an Auto Scaling group uses to launch EC2 instances

groups

collection of users

cloud front

content to deliver content to end users (edge locations)

SDK

enables applications to manage infras code. has several guides, forums and blogs

Fault-tolerant systems

ensure availability in the event of a system failure by using a combination of hardware and software

Why are tags important

in can help track costs

default in AWS for traffic

inbound is denied/ outbound allowed

AWS Lambda

is a compute service that lets you run code without provisioning or managing servers. It executes your code only when needed and scales automatically, from a few requests per day to thousands per second

Amazon QuickSight

is a fast, cloud-powered business intelligence (BI) service that makes it easy for you to deliver insights to everyone in your organization. QuickSight lets you create and publish interactive dashboards that can be accessed from browsers or mobile devices. You can embed dashboards into your applications, providing your customers with powerful self-service analytics. QuickSight easily scales to tens of thousands of users without any software to install, servers to deploy, or infrastructure to manage.

Amazon Redshift

is a fast, scalable data warehouse that makes it simple and costeffective to analyze all your data across your data warehouse and data lake. Redshift delivers ten times faster performance than other data warehouses by using machine learning, massively parallel query execution, and columnar storage on highperformance disk. You can setup and deploy a new data warehouse in minutes, and run queries across petabytes of data in your Redshift data warehouse, and exabytes of data in your data lake built on Amazon S3. You can start small for just $0.25 per hour and scale to $250 per terabyte per year, less than one-tenth the cost of other solutions.

AWS Glue

is a fully managed extract, transform, and load (ETL) service that makes it easy for customers to prepare and load their data for analytics. You can create and run an ETL job with a few clicks in the AWS Management Console. You simply point AWS Glue to your data stored on AWS, and AWS Glue discovers your data and stores the associated metadata (e.g. table definition and schema) in the AWS Glue Data Catalog. Once cataloged, your data is immediately searchable, queryable, and available for ETL.

Amazon Managed Streaming for Kafka (MSK)

is a fully managed service that makes it easy for you to build and run applications that use Apache Kafka to process streaming data. Apache Kafka is an open-source platform for building real-time streaming data pipelines and applications. With Amazon MSK, you can use Apache Kafka APIs to populate data lakes, stream changes to and from databases, and power machine learning and analytics applications

Amazon CloudSearch

is a managed service in the AWS Cloud that makes it simple and cost-effective to set up, manage, and scale a search solution for your website or application. Amazon CloudSearch supports 34 languages and popular search features such as highlighting, autocomplete, and geospatial search.

Amazon Kinesis Data Streams

is a massively scalable and durable real-time data streaming service. KDS can continuously capture gigabytes of data per second from hundreds of thousands of sources such as website clickstreams, database event streams, financial transactions, social media feeds, IT logs, and location-tracking events. The data collected is available in milliseconds to enable real-time analytics use cases such as real-time dashboards, real-time anomaly detection, dynamic pricing, and more.

listeners

is a process that checks for connection requests, using the protocol and port that you configure. the rules that you define for listener determine how the load balancer routes requests to the targets in one or more target groups

AWS Lake Formation

is a service that makes it easy to set up a secure data lake in days. A data lake is a centralized, curated, and secured repository that stores all your data, both in its original form and prepared for analysis. A data lake enables you to break down data silos and combine different types of analytics to gain insights and guide better business decisions

AWS Data Pipeline

is a web service that helps you reliably process and move data between different AWS compute and storage services, as well as on-premises data sources, at specified intervals. With AWS Data Pipeline, you can regularly access your data where it's stored, transform and process it at scale, and efficiently transfer the results to AWS services such as Amazon S3, Amazon RDS, Amazon DynamoDB, and Amazon EMR.

Amazon Athena

is an interactive query service that makes it easy to analyze data in Amazon S3 using standard SQL. Athena is serverless, so there is no infrastructure to manage, and you pay only for the queries that you run.

Amazon Kinesis Data Analytics

is the easiest way to analyze streaming data, gain actionable insights, and respond to your business and customer needs in real time. Amazon Kinesis Data Analytics reduces the complexity of building, managing, and integrating streaming applications with other AWS services. SQL users can easily query streaming data or build entire streaming applications using templates and an interactive SQL editor. Java developers can quickly build sophisticated streaming applications using open source Java libraries and AWS integrations to transform and analyze data in real-time

Amazon Kinesis

is the easiest way to reliably load streaming data into data stores and analytics tools. It can capture, transform, and load streaming data into Amazon S3, Amazon Redshift, Amazon Elasticsearch Service, and Splunk, enabling near real-time analytics with existing business intelligence tools and dashboards you're already using today. It is a fully managed service that automatically scales to match the throughput of your data and requires no ongoing administration. It can also batch, compress, transform, and encrypt the data before loading it, minimizing the amount of storage used at the destination and increasing security.

Cloud computing

is the on-demand delivery of compute power, database storage, applications, and other IT resources through a cloud services platform via the Internet with pay-as-you-go pricing

Amazon Elasticsearch Service

makes it easy to deploy, secure, operate, and scale Elasticsearch to search, analyze, and visualize data in real-time. With Amazon Elasticsearch Service, you get easy-to-use APIs and real-time analytics capabilities to power use-cases such as log analytics, full-text search, application monitoring, and clickstream analytics, with enterprise-grade availability, scalability, and security. The service offers integrations with open-source tools like Kibana and Logstash for data ingestion and visualization. It also integrates seamlessly with other AWS services such as Amazon Virtual Private Cloud (Amazon VPC), AWS Key Management System (AWS KMS), Amazon Kinesis Data Firehose, AWS Lambda, AWS Identity and Access Management (IAM), Amazon Cognito, and Amazon CloudWatch, so that you can go from raw data to actionable insights quickly.

Amazon Kinesis Video Streams

makes it easy to securely stream video from connected devices to AWS for analytics, machine learning (ML), playback, and other processing. Kinesis Video Streams automatically provisions and elastically scales all the infrastructure needed to ingest streaming video data from millions of devices. It also durably stores, encrypts, and indexes video data in your streams, and allows you to access your data through easy-to-use APIs. Kinesis Video Streams enables you to playback video for live and on-demand viewing, and quickly build applications that take advantage of computer vision and video analytics through integration with Amazon Recognition Video, and libraries for ML frameworks such as Apache MxNet, TensorFlow, and OpenCV.

Amazon Simple Storage Service (S3)

managed cloud service for storing and using data, stores unlimited number or objects, access anytime form anywhere, rich security controls.

CloudWatch Alarms

measure a single metric and perform one or more options

Role

not permissions, authentication method. this is the operator that is temporary.

CLI

open source tool built to interact with amazon uses multiple computer langauges

user

permanent named operator

Amazon EMR

provides a managed Hadoop framework that makes it easy, fast, and cost-effective to process vast amounts of data across dynamically scalable Amazon EC2 instances. You can also run other popular distributed frameworks such as Apache Spark, HBase, Presto, and Flink in Amazon EMR, and interact with data in other AWS data stores such as Amazon S3 and Amazon DynamoDB. EMR Notebooks, based on the popular Jupyter Notebook, provide a development and collaboration environment for ad hoc querying and exploratory analysis.

auto scaling policy

scheduled, you create, scale in policy, scale out policy. Created in cloud watch

resource group

specific to users, you can share with other users, add tag (keys and values) to describe the user type

CloudWatch Events

stream of events/ uses simple rules/ aware of operational changes/ responds

fault tolerance

the ability for a system to respond to unexpected failures or system crashes as the backup system immediately and automatically takes over with no loss of service

application integration

the integration of a company's existing management information systems 1. AWS Step Functions 2. Amazon MQ 3. Amazon SQS 4. Amazon SNS 5. Amazon SWF

CloudWatch Logs

to monitor, store, and access your log files from Amazon EC2 instances, AWS CloudTrail, and other sources.

hosted zones

used in route 53 for inbound/outbound traffic. you can add host names/comments you can add

Auto Scaling Group

where a deployment takes place and when to do it to and VPC

creating a record set in route 53

you can set a IP address to your application

Amazon VPC (Virtual Private Cloud)

you provision a private, isolated section of the Amazon Cloud you can launch AWS resources in a virtual network that you define meant so you can reflect a network in your own datacenter Easily customizable make a public facing subnet, for example

assurance programs with which AWS complies

• SOC 1/ISAE 3402, SOC 2, SOC 3 • FISMA, DIACAP, and FedRAMP • PCI DSS Level 1 • ISO 9001, ISO 27001, ISO 27017, ISO 27018


Related study sets

Praxis: Social Studies (Geography)

View Set

When thinking about how wireless clients work on wireless networks, which statement best describes a challenge for IT teams?

View Set

Chapter 46. Nursing Care of Patients With Musculoskeletal and Connective Tissue Disorders

View Set

Ch 20 - Assessing Breasts and Lymphatic System

View Set

Midsemester I test MIIM20001 Principles of Microbiology & Immunology

View Set

Physiology- Chapters 8, 9, 10, & 11.

View Set