Section 1: AWS Global Infrastructure
- The AWS Global Infrastructure is designed and built to deliver a flexible, reliable, scalable and secure cloud computing environmnent with high-quality global network performance
AWS Region
An AWS Region is a geographical area
- Data replication across Regions is controlled by you
- Communication between Regions uses AWS backbone network infrastructure
- Each region provides full redundancy and connectivity to the network
- A region typically consists of two or more Availability Zone
Selecting a Region
- Might be legal requirements
- Local laws can restrict the Region
- Ex: European Union
- Latency
- Not all AWS services are available depending on the region
Availability Zones
- Each Region has multiple Availabiity Zones
- Each Availability Zone is fully isolated partition of the AWS infrastructure
- 69 Availability Zones worldwide
- Availability Zones consist of discrete data centers
- They are designed for fault isolation
- They are interconnected with other Availability Zones by using high-speed private networking
- You choose your Availability Zones
- AWS recommends replicating data and resources across Availability Zones for resiliency
- Protected for tornadoes, lightning, earthquakes…
AWS data centers
- AWS data centers are designed for security
- Data centers are where the data resides and data processing occurs
- Each data has redundant power, networking and connectivity, and is housed in a separate facility
- A data center typically has 50,000 to 80,000 physical servers
AWS uses custom netowrking equipment source from multiple ODMs.
ODM: Original Device Manufacturers
Design and manufacture product based on specifications from a second company. The second company rebrand the products for sale.
Points of Presence
- AWS provides a global network of 187 Points of Presence locations
- Consists of 176 edge locations and 11 Regional edge caches
- Used with Amazon CloudFront
- A global Content Delivery Network (CDN) that delivers content to end users with reduced latency
- Regional edge caches used for content with infrequent access
AWS infrastructure features
- Elasticity and scalability
- Elastic infrastructure; dynamic adaption of capacity
- Scalable infrastructure; adpats to accomodate growth
- Fault-tolerance
- Continues operating properly in the presence of a failure
- Built-in redundancy of components
- High availability
- High level of operational performance
- Minimize downtime
- No human intervention
Section 2: AWS services and service category overview
AWS foundational services
AWS categories of services
Storage service category
- Amazon Simple Storage Service (Amazon S3)
- Object storage
- Scalability, data availbility and performance
- Amazon Elastic Block Store (Amazon EBS)
- high performance block storage
- Used with Amazon EC2
- Amazon Elastic File System (Amazon EFS)
- Scalable file system (NFS)
- Use with AWS Cloud Services
- Amazon Simple Storage Service Glacier
- Extremely low-cost
- Data archiving
Compute service category
- Amazon EC2
- Resizable compute capacity
- Amazon EC2 Auto Scaling
- Automaticaly add or remove EC2 instances
- Amazon Elastic Container Service
- Supports docker container
- Amazon EC2 Container Registry (ECR)
- Fully managed docker container registry
- AWS Elastic Beanstalk
- Deploying and scaling web applications
- AWS Lambda
- Run code without servers
- No charge when the code is not running
- Amazon Elastic Kubernetes Service (Amazon EKS)
- Deploy, manage and scale applications using Kubernetes
- AWS Fargate
- Run container without having to manage servers
Database service category
- Amazon Relational Database Service (RDS)
- Relational database in the cloud
- Scalable
- Automating database setup, patching, back-ups
- Amazon Aurora
- MySQL and PostreSQL
- 5 time faster than MySQL
- 3 times faster than PostreSQL
- Amazon Redshift
- Analytic queries against petabytes of data
- Fast
- Amazon DynamoDB
- NoSQL database
- Single digit performance
Networking and content delivery service category
- Amazon VPC
- Isolated sections AWS Cloud
- Elastic Load Balancing
- Automatically distributes incoming application traffic
- Amazon CloudFront
- Delivery network (CDN)
- Secures data to cutsomers
- AWS Transit Gateway
- Connect Amazon VPC and on-premises network
- Amazon Rout 53
- Scalable cloud domain name system
- Translate URL to IP addresses
- AWS Direct Connect
- Established dedicated private network
- AWS VPN
- Secure private tunnel to AWS global network
Security, identity and compliance service category
- AWS Identity and Access Management (IAM)
- Enables you to manage access
- AWS Organizations
- Restricts actions and services allowed in your account
- Amazon Cognito
- Let you add user authentification and access control to web and mobile apps
- AWS Artifact
- On-demand access to AW security and compliance reports
- AWS Key Management Service (KMS)
- Create and manage encryption keys
- AWS Shield
- Managed distributied denial of service protection service
AWS cost management category
- AWS Cost and Usage Report
- Set AWS cost and usage data
- AWS Budget
- AWS Cost Explorer
- Visualize and manage AWS cost and usage
Management and governance service category
- AWS Management Console
- Web-based user interface for accessing your AWS account
- AWS Config
- Amazon CloudWatch
- Monitor resources and app
- AWS Auto Scaling
- Scale multiple resources to meet demand
- AWS Command Line Interface (CLI)
- Unified tool to manage AWS services
- AWS Trusted Advisor
- Optimize perfomance and security
- AWS Well-Architected Tool
- Reviewing and improving workloads
- AWS CloudTrail
- Track user activity an API usage
