AWS Technical Essentials

# AWS Technical Essentials [toc] --- **Important Links** --- :::success - [Digital training (AWS Skillbuilder)](https://explore.skillbuilder.aws/) - [Classroom training](https://aws.amazon.com/training) - [AWS Workshops](https://workshops.aws/) - [Tech Talks](https://aws.amazon.com/events/online-tech-talks/on-demand/) - [AWS Technical Essentials [Self-paced version]](https://explore.skillbuilder.aws/learn/course/external/view/elearning/1851/aws-technical-essentials) - [AWS Cloud Quest: Cloud Practitioner](https://explore.skillbuilder.aws/learn/course/external/view/elearning/11458/aws-cloud-quest-cloud-practitioner) - [AWS Rampup guides](https://aws.amazon.com/training/ramp-up-guides/) - [AWS Trainings and Webinars](https://aws.amazon.com/training/events/) - [AWS Certification Home Page](https://aws.amazon.com/certification) - [AWS 12 Week workshop Challenge](https://12weeksworkshops.com/) ::: --- **Keywords** --- :::info - IT Resources - Compute - Storage - Networking - Container like technologies - chroot - bsd jails - solaris Zones - Hypervisors - ESXi - KVM - AWS Nitro Systems - Shared tenancy model - Limits / Quotas - DAS vs SAN vs NAS ::: --- ### [General Concepts](https://aws.amazon.com/what-is-aws/) --- **Cloud Deployment Models** :::success - Cloud - On-prem / Private Cloud - Hybrid (Cloud + On-prem) ::: **[AWS Global Infrastructure](https://aws.amazon.com/about-aws/global-infrastructure/)** :::success - Regions - Availability Zones - Edge Locations ::: **AWS Services can be accessed via** :::success - Console (GUI) - AWSCLI (Command Line) - SDK (Programmatic access) ::: **AWS Services scope can be** :::success - Global --> IAM, Route 53 - Regional --> VPC, DynamoDB - AZ specific --> EC2, Subnets ::: **AWS services can be** :::success - Managed --> ElastiCache - Unmanaged --> EC2, EBS ::: **AWS Services can have** :::success - Soft limits / Quotas - 100 S3 buckets per account - 1000 Parallel Lambda invocations - Hard limits / Quotas - 5TB Max object size in S3 ::: :arrow_right: *Check **Service Quotas** for your account specific limits* --- ### [Access management on AWS](https://aws.amazon.com/iam/) --- :::warning - IAM - Users - Groups - Policies - Roles - Temporary elevated privileges - Federated access - Application to service/resource access ::: ---- ### [Compute on AWS](https://aws.amazon.com/products/compute/) ---- :::warning - Virtual Machines - EC2 - Containers - ECS - EKS - Serverless - Lambda (Functions-as-a-Service and Event Driven Architectures) - Fargate (Containers and Microservices) ::: **Compute Evolution** :::info ``` - Physical Machines --> Virtual Machines --> Containers (2013) --> Serverless (2014) ``` ::: **EC2 Pricing Options** :::warning - On-demand - Spot - Commitment based - Reserved Instances - Savings Plan - Hardware isolation - Dedicated Instances - Dedicated Hardware ::: --- ### [Networking on AWS](https://aws.amazon.com/products/networking/) --- :::warning - VPC - **Routing** - Subnets - Route tables - Internet Gateway - NAT Gateways - **Security** - Security Groups - Firewalls at the instance level - Default: All incoming blocked; all outgoing allowed - Network ACLs - Firewalls at the subnet level - Default: All incoming / outgoing allowed - Hybrid / Connectivity - Virtual Private Gateway - VPN - Direct Connect ::: **CIDR Notation** :::info 0.0.0.0/0 --> All the IPs in the world / Internet 1.2.3.4/32 --> CIDR notation for 1.2.3.4 ::: --- ### [AWS Storage Portfolio](https://aws.amazon.com/products/storage/) --- :::warning - **Object Storage** - S3 | Internet accessible unlimited Object storage | Pay for what you use - Storage Classes - Versioning - Access Control - Bucket ACLs - Bucket policies - IAM policies - **Block Storage** - EBS | Persistent Block storage | SAN | Pay for what you provision | Attach the Volume - SSD Based - Provisioned IOPS SSD volumes - General Purpose - HDD Based - Throughput Optimized HDD volumes - Cold HDD - Instance Store | Ephemeral Block Storage | DAS | Free / Complimentary - **File/Network Storage** | NAS | Pay for what you use | Mount the file system - EFS | Linux workloads | NFS 4.0 and 4.1 - FSx | Windows workloads | CIFS / NTFS / SMB ::: **Analogies to understand storage solutions** :::info Block --> C:\, D:\ Object --> C:\myfiles, D:\officedocs Network --> K:\, G:\, Z:\ (NTFS, CIFS, SMB, NFS) ::: --- ### [Databases on AWS](https://aws.amazon.com/products/databases/) --- **Relational** :::warning - RDS DB Engines - MySQL - MS SQL - Oracle - PosgreSQL - Maria DB - Amazon Aurora - RDS Features - Multi-AZ (Synchronous Replication) --> High Availablity - Read replicas (Asynchronous Replication) --> Performance Benefit - Automated backups (Upto 35 Days retention) - Database Sharding (For Performance benefits) ::: **Non Relational** :::warning - DynamoDB - Fully Managed non-relational DB service - Global Tables - Eventually and Strongly consistency models - Extreme horizontal scaling capacity - DocumentDB [MongoDB_compatible] - Keyspaces [Managed_Apache_Cassandra] ::: **Other Purpose-Built Databases** :::warning - Redshift [Data_warehousing] - Elasticache [Database_Caching] - Redis - Memcached - Neptune [Graph_Database] - Amazon QLDB [HyperLedger/Blockchain] - Amazon Timestream [Time_Series] ::: ---- ### [Monitoring and Observability on AWS (CloudWatch)](https://aws.amazon.com/cloudops/monitoring-and-observability/) --- :::warning - Monitoring - Standard Monitoring - Enabled by default - Free tier - 5 minute granularity - Detailed Monitoring - has to be enabled - incurres extra cost - 1 minute (or less) granularity - Compontents - Metrics - Default Metrics - Custom Metrics - Logs - Events - Alarms - Notify (emails/sms/chats) - Take actions (Auto scaling events/ Trigger Lambda) - Dashboard ::: --- ### [Load Balancing on AWS](https://aws.amazon.com/elasticloadbalancing/) --- :::warning - ELB (Elastic Load Balancer) - ALB | Layer 7 | http and https | Content/path based routing - NLB | Layer 4 | tcp, udp, tls | IP based routing - GLB | Layer 3/4 | IP filtering | hosted security appliances ::: **Content based routing** :::success ```yaml amazon.co.uk/home /payments /orders /wishlists /cart ``` ::: **Scaling Concepts** :::info - Vertical Scaling - Scale up/down - Horizontal Scaling - Scale in/out ![](https://hackmd.io/_uploads/BJtoTyW2n.png) ::: --- ### [Scaling on AWS](https://aws.amazon.com/ec2/autoscaling/) --- :::warning - EC2 Auto Scaling - Launch Templates - Auto Scaling Groups - Auto Scaling Policies - Scheduled - Dynamic - Predictive (Intelligent) ::: ### References :::info - https://aws.amazon.com/about-aws/global-infrastructure/ - https://aws.amazon.com/cli/ - https://aws.amazon.com/developer/tools/ - https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_examples.html - https://aws.amazon.com/ec2/nitro/ - https://aws.amazon.com/ec2/instance-types/ - https://www.rfc-editor.org/rfc/rfc1918 - https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-volume-types.html - https://aws.amazon.com/s3/storage-classes/ - https://aws.amazon.com/products/databases/ ::: :::danger :warning: *Disclaimer: The content provided here is for informational purposes only and is based purely on my own understanding, knowledge and experience. This is **NOT** an official AWS documentation.* :::