Exam Notes part 2

Posted on Posted in AWS

CloudTrail

  • You can use AWS CloudTrail to get a history of AWS API calls and related events for your account. This includes calls made by using the AWS Management Console, AWS SDKs, command line tools, and higher-level AWS services.

Cloudfront

  • Amazon CloudFront can handle data transfer rate 1,000 Mbps and 1000 requests per second.

S3

  • S3 Standard – IA offers the high durability, throughput, and low latency of Amazon S3 Standard, with a low per GB storage price and per GB retrieval fee.
  • Only difference of IA with standard is 99.99 availibility!
  • IA has minimum of 128KB bytes, S3 standard has 0 bytes minimum
  • S3 does support website redirects.
  • Using IPv6 support for Amazon S3, applications can connect to Amazon S3 without needing any IPv6 to IPv4 translation software or systems.
  • Using an encryption client library, such as the Amazon S3 Encryption Client, you retain control of the keys and complete the encryption and decryption of objects client-side using an encryption library of your choice. Some customers prefer full end-to-end control of the encryption and decryption of objects; that way, only encrypted objects are transmitted over the Internet to Amazon S3.
  • CRR replicates every object-level upload that you directly make to your source bucket. The metadata and ACLs associated with the object are also part of the replication.

Glacier

  • Because Amazon S3 maintains the mapping between your user-defined object name and Amazon Glacier’s system-defined identifier, Amazon S3 objects that are stored using the Amazon Glacier option are only accessible through the Amazon S3 APIs or the Amazon S3 Management Console.

ELB

  • ELB supports ipv6
  • Elastic Load Balancing offers two types of load balancers that both feature high availability, automatic scaling, and robust security.
  • These include the Classic Load Balancer that routes traffic based on either application or network level information, and the Application Load Balancer that routes traffic based on advanced application level information that includes the content of the request.
  • The Classic Load Balancer is ideal for simple load balancing of traffic across multiple EC2 instances, while the Application Load Balancer is ideal for applications needing advanced routing capabilities, microservices, and container-based architectures.
  • Two components:
    • the load balancers
    • controller service – verify the load balancers
  • To ensure traffic is evenly distributed: “Enable Cross-Zone Load Balancing”
  • Connection draining is the concept of ensuring traffic are not sent anymore to instances that are deregistering or unhealthy.

EC2

  • Cluster group can only be in one AZ
  • Amazon’s SLA guarantees a Monthly Uptime Percentage of at least 99.95% for Amazon EC2 and Amazon EBS within a Region.
  • EBS volumes can be attached to an ec2 instance in the same AZ
  • The AMIs will need to be copied to the new Region prior to deployment.

RDS

  • By default, the scan operation processes data sequentially. DynamoDB returns data to the application in 1 MB increments, and an application performs additional scan operations to retrieve the next 1 MB of data.
  • The easiest way would be to take a snapshot of your DB Instance outside VPC and restore it to VPC by specifying the DB Subnet Group you want to use.
  • To automatically failover from one geographic location to another you should use Multi-AZ for RDS.
  • You should implement database partitioning and spread your data across multiple DB Instances.
  • Databases generally do not require public access from the Internet, so a private subnet is the better choice from a security perspective. /28 is the smallest possible subnet in an AWS VPC.
  • RDS replication : MULTI-AZ – Synchronous , Read-Replica – Asynch
  • At this time, you cannot have a multi-AZ copy of your read replica.
  • Read Replicas are supported by Amazon RDS for MySQL and PostgreSQL.
  • Infrequent IO:Amazon RDS Magnetic Storage would be the most suitable.
  • At the present time, encrypting an existing DB Instance is not supported. To use Amazon RDS encryption for an existing database, create a new DB Instance with encryption enabled and migrate your data into it.

SMS (Server Migration Service) 

  • Improvement of VM Import/Export
  • Simplify migration process, orchetrate multi-server migrations, test, support, minimize downtime
  • 50 concurrent VM migrations per account
  • 90 days service usage

Others

  • Amazon DevPay and FPS – for paying
  • It’s always best practice to grant users access via IAM roles and groups even if they only need access once
  • SWF has a gurantee that processes are only executed once against SQS
  • Availability Zones offer you the ability to operate production applications and databases which are more highly available, fault tolerant and scalable than would be possible from a single data center.
  • You can use AWS Config to continuously record configurations changes to Amazon RDS DB Instances, DB Subnet Groups, DB Snapshots, DB Security Groups, and Event Subscriptions and receive notification of changes through Amazon Simple Notification Service (SNS).
  • SSD volumes must be between 1 GiB – 16 TiB.
  • Economies of scale: The AWS Well-Architected framework has been developed to help cloud architects build the most secure, high-performing, resilient, and efficient infrastructure possible for their applications. This framework provides a consistent approach to application and solution architecture that will scale with your needs over time.
  • AWS Config – enables you to keep track of all the config you have for your rersources
  • In cloud computing, elasticity is defined as “the degree to which a system is able to adapt to workload changes by provisioning and de-provisioning resources in an autonomic manner, such that at each point in time the available resources match the current demand as closely as possible
  • Paying account and linked account for Consolidated billing

Trusted Advisor 

  • Covers Performance, cost optimization, security and fault tolerance

Leave a Reply