AWS Cloud Prac
Services
Migration
Snowmobile - Exabyte transfer in shipping container
SMS (Server Migration Service)
Application Discovery Service
DMS (Database Migration Service)
Snowball - Physical storage drive
Snowball Edge - Physical storage + compute device
Analytics
Amazon Kinesis - Streaming data processing
Firehose - Stream data to Amazon e.g. S3 or Redshift
Analytics - Analyse streams using SQL
Streams - Stream to custom apps
Amazon EMR (Elastic MapReduce) - Managed Hadoop framework
Amazon Athena - S3 SQL query service
QuickSight - Analytics application (like PowerBI)
Database
Amazon Neptune - Graph database
Amazon Redshift - Data warehouse
Amazon RDS
(Relational Database Service)
Supported
DB Engines
Amazon Aurora
MariaDB
Oracle
MS SQL Server
PostgreSQL
Amazon DynamoDB - NoSQL
Amazon Aurora - Faster MySQL
Amazon ElastiCache - In-memory DB
Content
CloudFront - Global CDN
Amazon Elastic Search - Search as a service
CloudSearch - Search as a service
Compute
Elastic Beanstalk - PAAS Web Apps
ECR - EC2 Container Registry
Lambda - Serverless computing (aka Azure Functions)
EC2 (Elastic Computer Cloud) - Virtual Machines
Pricing Models
Dedicated - Not shared
Custom - Negotiable. Speak to sales.
On-Demand - Pay as you go
Spot - Bidding
Reserved - Discounted long term
locked-in pricing
Scheduled
Standard
Convertible
ECS - EC2 Container Service
AMI - Amazon Machine Images
LightSail = Simplified PAAS EC2 instance
ELB (Elastic
Load Balancing)
ALB - Application Load Balancer
NLB - Network Load Balancer
Classic Load Balancer - For EC2 Classic
Development
X-Ray - Request tracing
CodeCommit - Git Source Control
CodeBuild - Build service
CodeDeploy - Deployment
CodePipeline - CI / CD
(integrates CodeCommit, CodeBuild and CodeDeploy)
Networking
Virtual Private
Cloud (VPC)
Route 53 - DNS
Direct Connect - VPN
Security
Amazon Cloud Directory - Multi-dimensional directory service
CloudHSM - Hardware Security Module
IAM - Identity Access Management
Security policies expressed in JSON
MFA (Multi Factor Authentication)
Root vs Individual IAM account
Password policies
Security Group - Virtual firewall
WAF (Web Application Firewall)
Prevent XSS & SQL Injection
Amazon Inspector - EC2 security assessment
AWS Shield - DDOS protection
Amazon Key Management Service (KMS)
Securely store encryption keys
DevOps
OpsWorks - Provision applications using Chef
CloudFormation - Provision infrastructure using templates
AWS QuickStarts
Pre-built CloudFormation templates from
solution architects and partners
Messaging
SES (Simple Email Service)
Email notifications
SNS (Simple Notification Service)
Push Pub/Sub
SQS (Simple Queue Service)
Pull
Storage
EFS (Elastic file system)
File system based object storage - can attach to multiple EC2's (i.e. NAS)
Glacier - Long term object storage
3-5 hours to restore
EBS (Elastic block store) -
File system based block storage used by single EC2
Storage Types
General Purpose SSD
Provisioned IOPS
Magnetic
Throughput Optimised
S3 - Low latency object storage
Tiers
Reduced Redundancy (legacy)
Infrequent Access
Standard
Transfer acceleration
Global bucket namespace
Cross Region Replication Rules
Static website
Storage Gateway
On-premise hybrid storage
Auto Scaling
Benefits of Cloud
Trade capital expense for variable expense
Benefit from massive economies of scale
Scalability
Stop guessing about capacity
Increase speed and agility
Stop spending money running and maintaining data centers
Go global in minutes
Cloud Types
IAAS - Infrastructure as a Service
PaaS - Platform as a Service
SaaS - Software as a Service
Deployment Models
Cloud - Fully deployed in the cloud
Hybrid - Mix of on-prem and cloud infrastructure
On-Premises - All resources deployed locally on-premise
Management Tools
AWS EC2 Systems Manager
EC2 management service.
E.g. task automation, patching etc.
Trusted Advisor
Resource Groups
CloudTrail - Auditing. Records API calls
AWS Config - Resource configuration management service. Uses SNS & S3
Global Infrastructure
Edge Locations
Localised cache - CDN
Regions
Geographic area hosting 2 or more AZ's
Availability Zone
Physically separated data centre
Accounts & Billing
Charged For
Compute
Data transfer out
Transfer acceleration
Storage
Database
Support Plans
Basic
Developer - Tech support via email during business hours
Business - 24/7 tech support via phone, <1 hour response
Enterprise - TAM, <15 minute response
Pricing Policies
Pay as you go
Pay less when you reserve
Pay less by using more
Pay less as AWS grows
Pricing Calculator
AWS Organizations
Consolidated
Billing
20 account soft limit
Billing alerts
All features vs consolidated billing
SCP (Service Control Policy)
Ownership