AWS Cloud Practitioner Exam - kimschles/schlesinger-knowledge GitHub Wiki

Cloud Practitioner Exam Prep From LinuxAcademy

• Provide a simple definition of the cloud

The cloud is a computer located somewhere else that you can access via the internet and use in some way. The servers are generally located in large data centers which are distributed all over the world.

• How a web request works

1. The web server sends it's IP Address and Domain to a DNS server
2. The browser sends the domain name to a DNS server (https://www.kimschlesinger.com)
3. The DNS server sends the IP address for the web server to user wants
4. The browser sends the request to the IP address
5. The server sends back the content to the user
6. The user sees the web page!

• Describe AWS from the 10,000 foot view

IaaS: Infrastructure as a Service: storage, computing power, databases, networking, analytics, dev tools, visualization, security

• Define High Availability

The thing you want is available when you try to access it

• Define Fault Tolerance

The ability for something to withstand a certain amount of failure and still remain functional

• Define Scalability

The ability to grow in size, capacity and scope when required

• Define Elasticity

The ability to scale up and down when required (scalability only gets bigger, elasticity means you get bigger and smaller)

• Describe the most common reasons individuals use cloud services

Storage, backups and sharing

• Explain how AWS regions are distrubuted throughout the world and how they are structured for fault tolerance

AWS data centers and servers are located in multiple regions across the globe. Each region has many Availability Zones so that if one datacenter is taken down, there are two others that can continue to process requests.

• Describe how AWS Availability zones are structured

Each AWS regions has multiple availability zones which are isolated from one another. Well-structured apps will make use of more than one AZ. Each AZ can communicate with another one in its region with low-latency.

• How does the concept of High Availability apply to consumers/enterprise users of AWS?

Redundant backups and sharing files across multiple servers makes services 'highly available'

IAM

• Identity and Access Management
• An IAM user has a username, password and permissions to access AWS services
• Principle of Least Privledge: Without being given explicit permissions, an IAM user will not be able to access any services
• IAM policies can be attached to users or groups
• IAM permission policies:

S3 (Simple Storage Service)

Describe the purpose of S3

• S3 is a way to store lots of data and access it from almost an internet-connected device.

Identify the name of a file that is uploaded to S3

Object

S3 Primitives

1. A bucket: a root-level folder in S3
2. A folder: a subsection of a bucket
3. An object: files that are stored in buckets

Storage Classes

• Standard
  • General, all purpose storage
  • Durability: 99.999999999% (eleven nines)
  • Availability: 99.99%
  • Default
  • Most expensive option because there is redundant storage
  • Use this class when you need to access files everyday
• RRS (reduced redundnacy storage)
  • For non-critical objects
  • Durability: 99.99%
  • Availability: 99.99%
  • Less expensive than stndard
  • When you have the original object somewhere other than S3
• Infrequent access (S3-IA)
  • For objects you don't access very often
  • Durability: 99.999999999% (eleven nines)
  • Availability: 99.90%
  • 3rd most expensive
  • For files that you can wait some seconds or minutes for
  • For files you access once a month or year
• Glacier
  • For long-term, archival storage
  • Can take several hours to retrive an object
  • Lowest cost
  • For files you may never access again

S3 Durability

• The percentage of time over one year that a file stored in S3 will not be lost

S3 Availability

• The percent of time over one year that a file stored in S3 will be accessible

How much data can you store in S3?

• Storage capacity is nearly unlimited.

Name the two things that impact how much you are charged for storing objects in S3

• The total size in gigabytes of all objects stored.
• The storage class used for the objects stored.

How do you move an object from an S3 bucket to Glacier?

• create a lifecycle policy that will migrate the object during a specified time of your choosing

Networking Services

• VPC

  • A private part of AWS that you control. You can decide which resources reside in your VPC and you can decide who can access these resources

• Subnet

  • A sub network
  • Includes all the computers in a specific location

• ACL

  • A firewall on the subnet layer

• Security Groups

  • A firewall on the server level

• Identify the two main security layers of a VPC

Security groups and NAT gateways

EC2 Instances

• EC2 provides scaling computing capacity
• EC2 Components
  • An OS
  • CPU
  • Hard Drive
  • Network card for internet access
  • Firewall
  • RAM
• AMI Options
  • Community AMIs
    • Free
    • You select the OS
  • AWS Marketplace AMIs
    • Pay to use
    • Comes with pre-loaded, licensed software
  • My AMIs
    • AMIs you create yourself
• EC2 Buying Options
  • On Demand
    • Most expensive
    • Most flexible
    • You are charged when the instance is running and your are billed per second
    • You can provision and terminate at any time
    • For anything above your baseline
  • Reserved
    • You buy 1 or 3 years to use an instance
    • The price is lower than on depand.
    • You can pay the entire cost upfront, part of it up front, or nothing upfront
    • You are responsible for the cost whether or not you use the instance to its capacity
    • For your baseline
  • Spot
    • You bid on an instance type, and you use than instance only when the spot price is at or below your bid price
    • For processing that can happen at any time and is not time sensitive

Name 3 things that affect the price you pay for an EC2 instance

• the Amazon Machine Image (AMI) you select
• the Instance Type you select
• how long you use the instance for

Identify the most common type of storage used for EC2 instances

• Elastic Block Storage

Lambda

• Serverless computing
• You can write code that accepts data and processes it only when necessary
• You only pay for the compute time you use

Elastic Load Balancing and Autoscaling

• An ELB evenly distributes traffic between EC2 instances
• An ELB can distribute traffic across availability zones
• ELBs allow for high-availability and fault tolerance
• An autoscaler automates adding or removing EC2 instances based on traffic to your application
• You can set maximum and minimum numbers of EC2 instances
• The scaling policy is what lets you set thresholds
• Scalability and elasticity

Route53

• Allows you to register a domain name
• A DNS service: translates domain names into IP addresses
• Health checking: sends automated requests to your domain to make sure it's available
  • Failover (sending traffic to another AZ or region is one is down)

CloudFront

• A Content Delivery Network (CDN) that allows you to cache content in Edge Locations
  • Customers get content fast
  • Helps provide security against DDOS attacks

Describe the purpose of AWS Cloudfront

A content delivery network, or CDN; good DDoS attack protection

CloudWatch and Cloudtrail (Monitoring and Logging)

• CloudWatch is a tool that helps you monitor your account.

  • Collect and track metrics
  • You can configure alarms to send notifications, or automatically make changes
  • Monitor and store logs
  • A way to collect metrics and logs on all API activity on your AWS services

• CloudTrail is a tool that helps you monitor actions of IAM users

  • Big Brother mode?
  • "governance, compliance, operational risk, and risk auditing of your AWS account"

Simple Notification Service (SNS)

• A service that lets you setup automated email or text messages that are triggered by events that occur in your AWS account
  • Pub/Sub

Database Services

• RDS = SQL service

  • Can use an engine like Aurora, Postgres, mySQL, Maria, etc.

• DynamoDB = noSQL service

  • Can replace Mongo, Cassandra, etc.

• You are trying to organize and import (to AWS) gigabytes of data that are currently structured in JSON-like, name-value documents. What AWS service would best fit your needs?

DynamoDB

Which of the following are benefits of AWS's Relational Database Service (RDS)?

• Resizable capacity
• Automated patches and backups

Elasticache is a data caching service that speeds up the performance of web applications * Uses redis and MemcacheD

Elasticache Under what circumstances would someone want to use ElastiCache?

• They need in-memory data store service
• Caches the most accessed, and most relevant data
• Puts data in memory instead of on a disk
• They need to improve the performance of their web application

Redshift

• A data warehouse designed to store and analyze petabytes of data

AWS Redshift

• A data warehouse that allows you to analyze data

AWS Organizations and Consolidated Billing

• An organization allows you to manage billing and access to more than one AWS account
• Consolidated billing lets you read, write and pay bills for more than one AWS account

Describe 2 benefits of AWS Organizations

• Centrally manage access polices across multiple AWS accounts
• Automate AWS account creation and management.

AWS Pricing Model

• Pay as you go
• No long-term contracts
  • Except for EC2 reserved instances
• Volume discounts: the more you use, the less expensive per unit
• No termination fees
• Free-tier (free for the first 12 months)

S3 Pricing

S3 pricing considers 2 things:

1. How much data you store

• Charged per GB stored
• Price varies per region and storage class
• Applies to data at rest, not data transfer

2. Request pricing

• HTTP requests
• Lifecycle transition requests
• Data retrieval and archving

EC2 pricing considers 6 things: You are charged per second based on an hourly rate

1. Purchasing option

• On-demnad, spot, reserved

2. Instance type
3. AMI type

Billing and Cost Tools

TCO Calculator

• Total Cost of Ownership (TCO)
• Helps you estimate the cost of infrastructure on AWS compared to an on prem data center
• Potential usage costs

Cost Explorer

• Let's you visualize your costs from the last 13 months
• You can estimate how much you'll spend in the next 3 months
• Helps you save money
• Current usage costs

Shared Responsibility Model

• Amazon handles the security of the cloud
• The customer manages security in their cloud

Penetration Testing

• If you get prior authorization from Amazon, you can run penetration testing on your own EC2 instances

Trusted Advisor and Support

Support Tiers

• Basic
• Developer

Trust Advisor

• A service you can use to get advice on how to set up your infrastructure and minimize costs
• Specifically, trust advisor gives you information on performance, cost optimization, security and fault tolerance

Transfer Acceleration

• A fast way to enable the transfer of files from a client to an S3 bucket

Which two AWS services can be used to store files?

• S3
• EBS (Elastic Block Store)

Which services use Edge Locations?

• Cloudfront
• There are more Edge Locations than datacenters so that images and files can be cached and quickly accessed upon request

What should you do if you believe your AWS account has been compromised?

• Change all IAM user's passwords
• Respond to any notifications you received from AWS through the AWS Support Center.

What best describes the purpose of having many Availability Zones in each AWS region?

• Multiple Availability Zones allow for duplicate and redundant compute
• and data backups.

Tracy has created a web application, placing it's underlying infrastructure in the N. Virginia (US-East-1) region. After several months, Tracy notices that much of the traffic coming to her website is coming from Japan. What can Tracy do to (best) help reduce latency for her users in Japan?

• Create a CDN using CloudFront, making sure the proper content is cached at Edge Locations closest to Japan.