DEV Community

Cover image for AWS Cloud Practitioner Certification Cheat Sheet (Part 1/2)☁️⛅
Rishita Shaw
Rishita Shaw

Posted on • Updated on

AWS Cloud Practitioner Certification Cheat Sheet (Part 1/2)☁️⛅

This is a cheat sheet for AWS Cloud Practitioner Certification Exam.
If you have already read the first part please refer to the part 2 link.
This is not enough for preparation but it's enough for revision.

Client-server model

the client can be a web browser or desktop application that a person interacts with to make requests to computer servers. A server can be services such as Amazon Elastic Compute Cloud (Amazon EC2), a type of virtual server.

Cloud computing

  • Cloud computing is the on-demand delivery of IT resources over the Internet with pay-as-you-go pricing. Instead of buying, owning, and maintaining physical data centers and servers, you can access technology services, such as computing power, storage, and databases, on an as-needed basis from a cloud provider like Amazon Web Services (AWS).
  • Undifferentiated heavy lifting of IT: the repetitive common tasks that are time-consuming, apparently the ones AWS helps you with

Types of models for Cloud computing

  • Cloud-based deployment:

    • Run all parts of the application in the cloud.
    • Migrate existing applications to the cloud.
    • Design and build new applications in the cloud.
    • Flexible with the complexity of architecture.
  • On-premise aka private cloud deployment:

    • Deploy resources by using virtualization and resource management tools.
    • Increase resource utilization by using application management and virtualization technologies.
  • Hybrid Deployment:

    • Connect cloud-based resources to on-premises infrastructure.
    • Integrate cloud-based resources with legacy IT applications.
    • enables to keep the legacy applications on-premises while benefiting from the data and analytics services that run in the cloud.

Benefits of cloud computing

  • Trade upfront expense for variable expense and overall reduced cost
  • scale in or scale-out in response to demand
  • you can achieve a lower variable cost than you can get on your own.
  • Increase speed and agility
  • the global footprint of the AWS Cloud enables you to deploy applications to customers around the world quickly while providing them with low latency.

Intro to Amazon EC2

  • highly flexible, cost-effective, and quick when you compare it to running your own servers on-premises in a data center that you own.
  • EC2 runs on top of physical host machines managed by AWS using virtualization technology
  • you are sharing the host with multiple other instances, otherwise known as virtual machines. And a hypervisor running on the host machine is responsible for sharing the underlying physical resources between the virtual machines. This idea of sharing underlying hardware is called multitenancy.
  • EC2 instances are secure and separate from each other. Even though they may be sharing resources, one EC2 instance is not aware of any other EC2 instances also on that host. control the networking aspect of EC2 as well as the type of OS (windows or Linux). you also configure what software you want running on the instance

Intro to Amazon EC2

Amazon EC2 instance types

  • Each instance type is grouped under an instance family and is optimized for certain types of tasks
  • Instance types offer varying combinations of CPU, memory, storage, and networking capacity, and give you the flexibility to choose the appropriate mix of resources for your applications.
  • The different instance families in EC2 are general purpose, compute optimized, memory optimized, accelerated computing, and storage optimized.
  • General purpose instances: provide a good balance of compute, memory, and networking resources, and can be used for a variety of diverse workloads like web service or code repositories.

  • Compute-optimized instances: compute-intensive tasks like gaming servers, high-performance computing or HPC, and even scientific modeling.

  • memory-optimized instances: good for memory-intensive tasks. Accelerated computing is good for floating-point number calculations, graphics processing, or data pattern matching, as they use hardware accelerators.

  • storage optimized: Workloads that require high performance for locally stored data.

  • input/output operations per second (IOPS) is a metric that measures the performance of a storage device. It indicates how many different input or output operations a device can perform in one second. Storage optimized instances are designed to deliver tens of thousands of low-latency, random IOPS to applications.

Amazon EC2 pricing

  • On-Demand Instances are ideal for short-term, irregular workloads that cannot be interrupted. No upfront costs or minimum contracts apply. The instances run continuously until you stop them, and you pay for only the compute time you use.
  • Amazon EC2 Savings Plans enable you to reduce your compute costs by committing to a consistent amount of computing usage for a 1-year or 3-year term.
  • Reserved Instances are a billing discount applied to the use of On-Demand Instances in your account. You can purchase Standard Reserved and Convertible Reserved Instances for a 1-year or 3-year term, and Scheduled Reserved Instances for a 1-year term. You realize greater cost savings with the 3-year option.
  • Spot Instances are ideal for workloads with flexible start and end times, or that can withstand interruptions. Spot Instances use unused Amazon EC2 computing capacity and offer you cost savings at up to 90% off of On-Demand prices.
  • Dedicated Hosts are physical servers with Amazon EC2 instance capacity that is fully dedicated to your use.

Amazon EC2 pricing

  • On-Demand Instances are ideal for short-term, irregular workloads that cannot be interrupted. No upfront costs or minimum contracts apply. The instances run continuously until you stop them, and you pay for only the compute time you use.
  • Amazon EC2 Savings Plans enable you to reduce your compute costs by committing to a consistent amount of computing usage for a 1-year or 3-year term.
  • Reserved Instances are a billing discount applied to the use of
  • On-Demand Instances in your account. You can purchase Standard Reserved and Convertible Reserved Instances for a 1-year or 3-year term, and Scheduled Reserved Instances for a 1-year term. You realize greater cost savings with the 3-year option.
  • Spot Instances are ideal for workloads with flexible start and end times, or that can withstand interruptions. Spot Instances use unused Amazon EC2 computing capacity and offer you cost savings at up to 90% off of On-Demand prices.
  • Dedicated Hosts are physical servers with Amazon EC2 instance capacity that is fully dedicated to your use.

Scaling Amazon EC2

Scalability involves beginning with only the resources you need and designing your architecture to automatically respond to changing demand by scaling out or in.

Amazon EC2 Auto Scaling

  • enables you to automatically add or remove Amazon EC2 instances in response to changing application demand.
  • Types of scaling
    • Dynamic scaling responds to changing demand.
    • Predictive scaling automatically schedules the right number of

auto scaling

Amazon EC2 instances based on predicted demand.

  • When configuring the size of your Auto Scaling group, you might set the minimum number of Amazon EC2 instances at one. This means that at all times, there must be at least one Amazon EC2 instance running.
  • The minimum capacity is the number of Amazon EC2 instances that launch immediately after you have created the Auto Scaling group
  • you can set the desired capacity at two Amazon EC2 instances even though your application needs a minimum of a single Amazon EC2 instance to run.
  • you can set in an Auto Scaling group is the maximum capacity Directing traffic with Elastic Load Balancing
  • A load balancer is an application that takes in requests and routes them to the instances to be processed.
  • ELB is automatically scalable. As your traffic grows, ELB is designed to handle the additional throughput with no change to the hourly cost. When your EC2 fleet auto-scales out, as each instance comes online, the auto-scaling service just lets the Elastic Load Balancing service know that it's ready to handle the traffic, and off it goes. Once the fleet scales in, ELB first stops all new traffic, and waits for the existing requests to complete, to drain out. Once they do that, then the auto-scaling engine can terminate the instances without disruption to existing customers.

load

loader

  • the idea of placing messages into a buffer is called messaging and queuing
  • A hallmark trait of a tightly coupled architecture is where if a single component fails or changes, it causes issues for other components or even the whole system.
  • loosely coupled is an architecture where if one component fails, it is isolated and therefore won't cause cascading failures throughout the whole system.
  • Amazon SQS allows you to send, store, and receive messages between software components at any volume. This is without losing messages or requiring other services to be available.
  • The data contained within a message is called a payload, and it's protected until delivery. SQS queues are where messages are placed until they are processed.
  • Amazon SNS is similar in that it is used to send out messages to services, but it can also send out notifications to end users. It does this in a different way called a publish/subscribe or pub/sub model. This means that you can create something called an SNS topic which is just a channel for messages to be delivered.
  • For decoupled applications and microservices, Amazon SQS enables you to send, store, and retrieve messages between components. This decoupled approach enables the separate components to work more efficiently and independently.

AWS Lamda

  • AWS Lambda is one serverless compute option. Lambda's a service that allows you to upload your code into what's called a Lambda function. Configure a trigger and from there, the service waits for the trigger.
  • it is automatically scalable, highly available and all of the maintenance in the environment itself is done by AWS.
  • Fargate is a serverless compute platform for ECS or EKS.
  • If you are trying to host traditional applications and want full access to the underlying operating system like Linux or Windows, you are going to want to use EC2. If you are looking to host short-running functions, service-oriented, or event-driven applications and you don't want to manage the underlying environment at all, look into the serverless AWS Lambda. If you are looking to run Docker container-based workloads on AWS, you first need to choose your orchestration tool.
  • The term “serverless” means that your code runs on servers, but you do not need to provision or manage these servers.

lamda function

Containers

  • provide you with a standard way to package your application's code and dependencies into a single object. You can also use containers for processes and workflows in which there are essential requirements for security, reliability, and scalability.

Amazon Elastic Container Service (Amazon ECS)

highly scalable, high-performance container management system that enables you to run and scale containerized applications on AWS.

Amazon Elastic Kubernetes Service (Amazon EKS)

fully managed service that you can use to run Kubernetes on AWS.

AWS Global infrastructure

  • Inside each Region, we have multiple data centers that have all the compute, storage and other services you need to run your applications. Each Region can be connected to each other Region through a high-speed fiber network, controlled by AWS, a truly global operation from corner to corner if you need it to be. Now before we get into the architecture of how each Region is built, it's important to know that you, the business decision-maker, get to choose which Region you want to run out of.
  • Factors affecting region choices
    • Compliance with data governance and legal requirements
    • Proximity to your customers
    • Available services within a Region
    • Pricing

Availability Zones

Availability Zones

An Availability Zone is a single data center or a group of data centers within a Region. Availability Zones are located tens of miles apart from each other. This is close enough to have low latency (the time between when content requested and received) between Availability Zones. However, if a disaster occurs in one part of the Region, they are distant enough to reduce the chance that multiple Availability Zones are affected.

Edge locations

  • CDNs are commonly used, and on AWS, we call our CDN Amazon CloudFront. Amazon CloudFront is a service that helps deliver data, video, applications, and APIs to customers around the world with low latency and high transfer speeds. Amazon CloudFront uses what are called Edge locations, all around the world, to help accelerate communication with users, no matter where they are.

Provision AWS resources

  • The AWS Management Console is a web-based interface for accessing and managing AWS services. You can quickly access recently used services and search for other services by name, keyword, or acronym.
  • AWS CLI enables you to control multiple AWS services directly from the command line within one tool. AWS CLI is available for users on Windows, macOS, and Linux.
  • SDKs enable you to use AWS services with your existing applications or create entirely new applications that will run on AWS.

AWS Elastic Beanstalk

  • you provide code and configuration settings, and Elastic Beanstalk deploys the resources necessary to perform the following tasks:
    • Adjust capacity
    • Load balancing
    • Automatic scaling
    • Application health monitoring

AWS CloudFormation

With AWS CloudFormation, you can treat your infrastructure as code. This means that you can build an environment by writing lines of code instead of using the AWS Management Console to individually provision resources.

Amazon Virtual Private Cloud (Amazon VPC)

Amazon VPC enables you to provision an isolated section of the AWS Cloud. In this isolated section, you can launch resources in a virtual network that you define. Within a virtual private cloud (VPC), you can organize your resources into subnets. A subnet is a section of a VPC that can contain resources such as Amazon EC2 instances.

Internet gateway

gateway

Virtual private gateway

The virtual private gateway is the component that allows protected internet traffic to enter into the VPC.

VPN
A virtual private gateway enables you to establish a virtual private network (VPN) connection between your VPC and a private network, such as an on-premises data center or internal corporate network.

AWS Direct Connect

AWS Direct Connect is a service that enables you to establish a dedicated private connection between your data center and a VPC.

AWS Direct Connect

Subnets and network access control lists

  • A subnet is a section of a VPC in which you can group resources based on security or operational needs. Subnets can be public or private.
  • Public subnets contain resources that need to be accessible by the public, such as an online store’s website.
  • Private subnets contain resources that should be accessible only through your private network, such as a database that contains customers’ personal information and order histories.

Network traffic in a VPC

  • A packet is a unit of data sent over the internet or a network. Before a packet can enter into a subnet or exit from a subnet, it checks for permissions. These permissions indicate who sent the packet and how the packet is trying to communicate with the resources in a subnet.
  • The VPC component that checks packet permissions for subnets is a network access control list (ACL).

Network access control lists (ACLs)

  • A network access control list (ACL) is a virtual firewall that controls inbound and outbound traffic at the subnet level. By default, your account’s default network ACL allows all inbound and outbound traffic, but you can modify it by adding your own rules. For custom network ACLs, all inbound and outbound traffic is denied until you add rules to specify which traffic to allow.

Stateless packet filtering

  • Network ACLs perform stateless packet filtering. They remember nothing and check packets that cross the subnet border each way: inbound and outbound.

Security groups

  • A security group is a virtual firewall that controls inbound and outbound traffic for an Amazon EC2 instance.

Stateful packet filtering

  • Security groups perform stateful packet filtering. They remember previous decisions made for incoming packets.
  • When a packet response for that request returns to the instance, the security group remembers your previous request. The security group allows the response to proceed, regardless of inbound security group rules.

Stateful packet filtering

Domain Name System (DNS)

You can think of DNS as being the phone book of the internet. DNS resolution is the process of translating a domain name to an IP address.

DNS

Amazon Route 53

  • Amazon Route 53 is a DNS web service. It gives developers and businesses a reliable way to route end users to internet applications hosted in AWS.
  • Amazon Route 53 connects user requests to infrastructure running in AWS (such as Amazon EC2 instances and load balancers). - It can route users to infrastructure outside of AWS

Amazon Route 53

part 2 is out!! Click here

If you like my content do like share and give a follow

Rishita Shaw

learning

Top comments (1)

The discussion has been locked. New comments can't be added.
Collapse
 
ahujasyn profile image
ahujasyn

Great stuff captured over here , good work Rishita.