# Cloud Practitioner 重點整理 ###### tags: `AWS` `Cloud Practitioner` ## Six Advantages of Cloud Computing 1. **Trade capital expense for variable expense** - Moving from upfront capital expense (capex) to variable operational expense (opex). >:::info >https://aws.amazon.com/tco-calculator/?nc1=h_ls >AWS helps you **reduce Total Cost of Ownership**(TCO) by **reducing** the need to invest in large **capital expenditures (CAPEX)** and providing a **pay-as-you-go** model that empowers you to invest in the capacity you need and use it only when the business requires it. >::: 2. **Benefit from massive economies of scale** 3. **Stop guessing capacity** 4. **Increase speed and agility** - Agility == Lowering the cost and time it takes to experiment and develop 5. **Stop spending money running and maintaining data centers** 6. **Go global in minutes** *** 以下是 Billing & Cost Management 的部分 ## [Estimate your AWS billing](https://aws.amazon.com/premiumsupport/knowledge-center/estimating-aws-resource-costs/) - Use **Cost Explorer** to <mark>forecasts costs</mark>, <mark>**cost allocation tags**</mark> to divide your resources into groups, and then estimate the costs for each group. - <mark>**AWS Pricing Calculator**</mark> will replace **Simple monthly calculator** - To estimate the costs of migrating on-premises infrastructure to AWS, use the AWS <mark>**Total Cost of Ownership (TCO) Calculator**</mark>. - TCO Calculator 可以比較使用 On-Prem 或 AWS 的花費，產生一份報告，告訴你 AWS 可以幫你省多少錢 - Contact sales if you want to migrate significant infrastructure. ## [Cost Management](https://aws.amazon.com/aws-cost-management/) - **AWS Budgets**: Budgets can be set to <mark>warn you when your usage exceed or are forcasted to exceed</mark> the budget amount for a period of time (month,quarter,year) 基於目前的花費或預測未來的花費來告警 - [相關] **CloudWatch billing alarm** (see [budgets vs. billing alarm](https://www.reddit.com/r/aws/comments/9mds9z/what_is_the_difference_between_billing_alarms_and/)): alarms are '**per account**' only, and monthly only, based on overall AWS Spend. <mark>只基於目前的花費告警</mark> - **AWS Cost & Usage Report** - **lists AWS usage** for each service category used **by an account and its IAM users** in hourly or daily line items, and [any tags that you have activated](https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/activating-tags.html) for cost allocation purposes - contains the most comprehensive set of AWS cost and usage data available <mark>最詳細的花費報告</mark> - 其實就是可以匯出一個 <mark>CSV</mark> 檔 - [相關] **Trusted Advisor Cost Optimization** - 需要購買 Business 以上等級的 Support Plan *** ## EC2 Pricing | | Pricing models | Reservation term | payment options | | ----------------- | ------------------------------ | ---------------- | ----------------------- | | **Savings Plans** | EC2 Instance Savings Plans | 1y/3y | No/Full/Partial Upfront | | **Savings Plans** | Compute Savings Plans | 1y/3y | No/Full/Partial Upfront | | **RI** | Standard Reserved Instances | 1y/3y | No/Full/Partial Upfront | | **RI** | Convertible Reserved Instances | 1y/3y | No/Full/Partial Upfront | | | On-Demand Instances | N/A | N/A | ### Pricing models - **Standard Reserved Instances** - Up to 75% off - :heavy_check_mark: Enables you to modify: **Availability Zone, the instance size (within the <mark>same instance type</mark>), and networking type** - **Convertible Reserved Instances** - Up to 54% off - :heavy_check_mark: Enables you to exchange: **instance family, <mark>instance type</mark>, platform, scope, and tenancy** - **On-Demand Instances** - pay for compute capacity by the hour ### [Payment Options](https://docs.aws.amazon.com/whitepapers/latest/cost-optimization-reservation-models/reserved-instance-payment-options.html) 選擇是否預付 - **No Upfront** 全部使用後付費（月繳），需有良好繳費記錄 - **Partial Upfront** 部分預付，預付的部分有折扣 - **Ful Upfront** 全額預付，每單位折扣最多 ### RI Attributes 符合的話自動套用優惠 - **Instance Type** - **Platform description**: OS - **Tenency**: default/dedicated - Tenancy 有兩種：Dedicated Host 和 Dedicated Instance <mark>兩種性能上沒有差別</mark>，其餘詳細差別在[這裡](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/dedicated-hosts-overview.html#dedicated-hosts-dedicated-instances) - AZ *** ## AWS Professional Services 協助使用者採用雲服務(provides assistance related to enterprise cloud adoption)，AWS提供以下資源 - Whitepapers - Tech-talk Webinars - Blog Posts *** ## The AWS serverless platform * Lambda * Fargate * S3 * EFS * DynamoDB * Auora Serverless * RDS Proxy * API Gateway * SNS * SQSAppSync * EventBridge * Step Functions * Kinesis * Athena *** ## Elasticity | | Scale Horizontally | Scale Vertically | | -------- | ------------------ | ---------------- | | 增加資源 | **Scale Out** | **Scale Up** | | 減少資源 | **Scale In** | **Scale Down** |  ### Auto Scaling (Horizontal) Amazon EC2, Amazon ECS, AWS Fargate, Amazon EKS, and Amazon DynamoDB *** ## Trusted Advisor vs. Inspector **Trusted Advisor** * Cost Optimization * Fault Tolerance * Performance * Service Limits * Security **Inspector** - checks the configuration of <mark>**EC2 instances only**</mark> - Runs and checks **operating system patches** - Checks known <mark>**vulnerabilities**</mark> & common issues. *** ## [Share Responsibility Model](https://aws.amazon.com/compliance/shared-responsibility-model/?nc1=h_ls) 釐清一下 - **Inherited Controls**: Controls which a customer fully inherits from AWS. 客戶繼承自AWS的管理，亦即這部分完全由AWS負責 - Physical and Environmental controls - **Shared Controls**: Controls which apply to both the infrastructure layer and customer layers, but in completely separate contexts or perspectives. In a shared control, AWS provides the requirements for the infrastructure and the customer must provide their own control implementation within their use of AWS services. 因為這些名詞會涉及到客戶和AWS負責的範圍，與其說共同負責，不如說同樣名詞但不同系統Level，負責的人當然不一樣。 Examples include: - <mark>Patch Management</mark>: AWS is responsible for patching and fixing flaws within the infrastructure, but customers are responsible for patching their guest OS and applications. - <mark>Configuration Management</mark>: AWS maintains **the configuration of its infrastructure devices**, but a customer is responsible for **configuring their own guest operating systems, databases, and applications**. - <mark>Awareness & Training</mark>: AWS trains AWS employees, but a customer must train their own employees. - **Customer Specific**: Controls which are solely the responsibility of the customer based on the application they are deploying within AWS services. 完全由客戶負責，~~沒做好AWS可不管~~ Examples include: - Service and <mark>**Communications Protection**</mark> or <mark>**Zone Security**</mark> which may require a customer to route or zone data within specific security environments. *** ## AWS Support Plan <mark>死背也要背起來！</mark> | | Developer | Business | Enterprise | | ------------------------------ | ------------------------------------------------------------------------- | --------------------------------------------------------------------- | --------------------------------------------------------------------- | | Enhanced Technical Support | **Business hours(上班時間)** email access to **Cloud Support Associates** | **24x7 phone**, email, and **chat** access to **Cloud Support Engineers** | **24x7 phone**, email, and chat access to **Cloud Support Engineers** | | Case Severity / Response Times | General guidance: < 24 **business hours** | General guidance: < 24 hours | General guidance: < 24 hours | | | System impaired: < 12 **business hours** | System impaired: < 12 hours | System impaired: < 12 hours | | | | **Production system impaired: < 4 hours** | Production system impaired: < 4 hours | | | | **Production system down: < 1 hour** | Production system down: < 1 hour | | | | | **Business-critical system down: < 15 minutes** | Developer 只能發 mail，Business 以上才有 phone/chat ### All: - One-on-one responses to account and billing questions - Support forums - Service health checks - Documentation, whitepapers, and best practice guides ### Developer 以上 - Best-practice guidance - Building-block architecture support: guidance on how to use AWS products, features, and services together - AWS Identity and Access Management (IAM) to control user access to AWS Support ### Business 以上 - Use-case guidance - AWS Trusted Advisor - <mark>The AWS Support API</mark> to interact with Support Center and Trusted Advisor. - Third-party software support (Help w/ EC2 configurations and other third-party software) ### Enterprise - Application architecture guidance - Infrastructure event management - TAM (Technical account manager) - Well-Architected Reviews ***