AWS Short Notes
AWS Short Notes
AWS Short Notes
Stop
Six Economies
guessing
Advantages of scale
capacity
Focus on
Increase
business
speed and
differentiator
agility
s
Variable vs. Capital Expense
• you can pay only when you consume
computing resources and pay only for how
much you consume.
Economies of Scale
• organization benefit from massive
economies of scale.
• AWS can achieve higher economies of scale
which translate into lower prices.
Stop Guessing Capacity
• they can access as much or as little as they
need and scale up or down as required with
only a few minutes’ notice
Increase Speed and Agility
• In a cloud computing environment, new IT
resources are one click away which allows
organizations to reduce the time it takes to
make those resources available to
developers from weeks to just minutes.
Focus on Business Differentiators
• To focus on customers business priorities.
• Organizations can stop spending money on
running and maintaining data center.
• to Focus on projects
• - Analyzing petabytes of data
• - Delivering video content,
• - Building application
Go Global in Minutes
• Organizations can easily deploy their
applications to multiple locations around the
world with just a few click.
• Allow organizations to provide redundancy
across the globe and to deliver lower latency
and better experiences to their customers at
minimal cost.
Cloud Computing Deployment Model
Message Lifecycle
Amazon Simple Queue Service
• Valid properties are message ID and body
• retention period
– default : 4days
– max : 14days
• Delay Queues and Visibility Timeouts
– Delay queue timeout is max 15Min
– Visibility Timeout is up to 12hour
– up to 120,000 messages in flight
• Queue Operations, Unique IDs, and Meta Data
– Messages are identified via a globally unique ID
• Queue and Message Identifiers
– queue URLs, Message IDs, receipt handles
– Maximum length of message handle is 1,024 char
Amazon Simple Queue Service
• Message Attribute
– Structured metadata items
• timestamp
• geographical data
• Signatures
• Long Polling
– in order to prevent looping for check message
– WaitTimeSecond argument to ReceiveMessage up to 20 Sec.
• Dead Letter Queues
– Move unsuccessfully processed message to another queue
– sideline and isolate
• Access Control
– Using IAM role
– Grant another AWS account access to queue, (period) or deny
Amazon Simple Workflow Service
• Workflows
– Distributed , asynchronous application
– Run as asynchronously among in multiple devices
– Sequential and parallel processing
• Actors
– starter, Decider, Activity worker
• Tasks
– Activity tasks, AWS lambda tasks, decision tasks
• Task Lists
– Task associated with a workflow and routing task
• Long Polling
• Object Identifiers
– workflow type , activity type => domain, name, version
– Decision task, activity task => unique task token
– workflow => domain, workflow ID, run ID (run ID is return value)
• Workflow Execution Closure
– completed , canceled. failed, timed out
• Lifecycle of a Workflow Execution
Amazon Simple Notification Service
FQDN components
DNS and Route3
• Name Servers
– Zone Files
• Mapped plain text file between domain names and IP
addresses
– Top-Level Domain(TLD) Name Registrars
• Steps Involved in DNS(Server) Resolution
– TLD Servers
– Domain-Level Name Servers
– Resolving Name Servers
– More About Zone Files
DNS and Route 53
• Record Types
– SOA (Start of Authority) Record
• Mandatory in all zone file and identifies the base DNS (single)
– A and AAA
• map a host to IP Address (A : IPv4, AAAA: IPv6)
– CNAME (Canonical Name)
• Alias name to another name
– MX (Mail Exchange)
• define the mail server
– NS (Name Server)
• used by TLD server
– PTR (Pointer)
• reverse of an A record
– SPF (Sender Policy Framework)
• used by mail server to combat span
• SPF record with the IP address of mail server
– TXT (Text)
• Description
– SRV (Service)
Route53
• Domain Registration
• Domain Name System Service
– Route 53 to route internet traffic to CloudFront, S3, ELB
• Hosted Zones
– Private hosted zone -> Amazon VPC
– Public hosted zone -> Internet facing
• Support Record type
– A, AAAA, CNAME, MX, NS, PTR, SPF ,SRV, TXT, Routing
Policies
• Routing policies : weighted , latency-based, failover, geolocation
Route53
• Routing Policies
– Weighted
• Associated with single DNS and EC2 instances or ELB
– Latency-based
– Failover
• Active – Passive failover (route53 automatically health
check)
– Geolocation
Amazon ElastiCache
• Data Access Patterns
• Cache Engines
– Memcached
– Radis
• Nodes and Clusters
– A single Memcached cluster can be have up to 20 nodes.
– Redis is always single; multiple clusters can be grouped into replication group
• Memcached Auto Discovery
– Auto discovery with the provided client library
• Scaling
– Horizontal
– Vertical
• Replication and Multi-AZ
• Multi-AZ Replication Groups
• Backup and Recovery
• Access Control
Amazon ElastiCache
Example pipeline
AWS Import/Export
• AWS Snowball
– shippable storage appliances
– 50TB and 80TB
– Encryption is enforced
• AWS Import/Export Disk
– Using Amazon Internal network
– Import data into Glacier, EBS, S3
– Export data from S3
– Optional encryption
– 16TB limit
DevOps
• AWS OpsWorks
– Configuration management service (using Chef)
– Layers depend on Chef recipes to handle task
– Set of lifecycle (automatically run receipts)
– Sends all of resource metric to CloudWatch
DevOps
-or-
Need cloud storage with high data durability to support backup and active archives
for disaster recovery
Require cloud storage for data archiving and long-term backup Glaicer
Require a CDN to deliver entire website, (inc Dynamic , static, streaming, interactive CloudFront
content)
Fast and flexible NoSQL DynamoDB
RDMS RDS
OLAP Redshift
Shared between more than one EC2 instnaces Elastic File system
Web Application architecture with S3 and CloudFront
Web Application architecture with ElastiCache and DynamoDB
Build Security in Every Layer
• Use AWS Features for Defense in Depth
– Network Level, VPC topology, subnet, Security
groups, routing table, WAF(web application firewall) ,
access control using IAM
• Offload Security Responsibility to AWS
– Reduce Privileged Access
• Using IAM roles to grant permissions
– Security as Code
• Using CloudFormation for Golden Environment
– Real-time Auditing