Networking and Content Delivery
What are the types of ELB's?
- Application Load Balancer > layer 7 (HTTP/HTTPS) traffic
- Network LB > layer 4 (TCP/UDP); handles millions of requests per second
- Gateway LB > connects 3rp party apps distributes traffic across multiple apps
- Classic LB > layer 7 and 4. Legacy.
What is EC2 Auto Scaling?
- Automatically adjust number of EC2 instances based on demand
- Optimize costs, increase performance and availability
- Auto Scaling Groups > minimum and maximum
- Manual Scaling, Dynamic Scaling on Demand, Predictive Scaling, Scheduled Scaling, etc.
What is Amazon RDS?
- Relational Database Service
- Managed DB service
- 7 engines: Aurora, PostgreSQL, MySQL, MariaDB, Oracle, SQL Server, RDS Custom
- Automates time consuming DBA tasks
What are IAM Roles?
- Temporary credentials
- Used by a user or a service
- Can be used for cross-account access
- Multiple policies can be attached to a role
- Service roles vs service-linked roles
What is AWS Lake Formation?
- Central console to locate data sources in a lake
- create transformation jobs for data heading into the lake
- Eliminate duplicates
- Catalogue data for analytics tools
- Configure data access and security policies
What are VPC Endpoints?
- Default public endpoints reachable over the internet provides access to services
HOWEVER
- VPC endpoints provide access without going over the internet; connect privately
- 2 types: VPC Endpoint Interface, VPC Endpoint Gateway
What EC2 Spot Instances
- For workloads that don't need to run all the time and can handle unexpected shutdowns
- Leverage unused EC2 capacity in Cloud
- Discounted at 90% compared to others
- Pick maximum cost
- AWS can stop with 2 minutes notice
What is RDS Multi-AZ vs Read Replicas?
Multi-AZ > replicates data synchronously to standby instance, automatic failover, mission critical workloads > about durability and availability
Read Replicas > read intensive DB apps, read only copy of DB > about performance
What is an IAM Policy?
- Defines permissions for resources
- Can be assigned to a user or role or group
- JSON document
- Groups of statements w/ Effect, Action, and Resource(s)
What is Amazon Kinesis?
- Real-time streaming service
- Gather, process, and analyze REAL TIME streaming data
- Get insights and respond
- Can also use for ML and other applications
- Do all these things as the data comes in, not once it's in
- Kinesis Data Streams and Kinesis Video Streams
What is AWS App Mesh?
- Service 'mesh' > software layer you can add that handles communication between services
- Helps w/monitoring, security, and control over inter-service communication
- Compatible w/containerized and non-container compute services
What are the EC2 Tenancy Types?
- Shared Tenancy
- Dedicated Instance
- Dedicated Host
What is Amazon Neptune?
- Graph DB
- Highly connected datasets > lots of relationships
- Low latency
- Has a serverless offering
- Use Cases: recommendation engines, fraud detection, drug discovery, etc
What is AWS WAF?
- Web Application Firewall
- Configure rules to allow, block, or monitor web requests
- Typical web attack protection (SQL inject, cross-site)
- Bot Control, Account Takeover, Fraud Prevention, etc.
What is Amazon OpenSearch Service?
- Formerly Elastisearch
- Managed service
- ingest, search, aggregate, and visualize large amounts of data
- Supports up to 3 petabytes of data
- Has serverless offering
- Use Cases: log/ops analytics, real-time app monitoring, clickstream analysis, vector search can power gen-ai
What is Route 53 Application Recovery Controller?
- Readiness checks, Routing Controls, Zonal Shift (moves traffic away from bad AZ), Zonal Auto-shift (same thing but automatic)
What is EC2 Instance Store?
- Can be used to launch an instance (as opposed to an EBS-backed AMI)
- Temporary block level storage
- Physically attached to host computer
- Data lost if instance stops, hibernates, terminates, or the physical disk fails
- No valuable, long-term data
What is Aurora Global DB?
- Distributed apps that need high availability and fast response time
- Spans multiple regions
- Low latency replication
- Apps run w/o interruption
- Fast failover
- Critical workloads w/global footprint (financial, travel, gaming apps)
What is IAM?
- Identity and Access Management
- Manage access to AWS resources and services
- Users, groups, roles
- MFA and Federated access (SAML, AD)
- Free
- Principal of Least Privilege
What is AWS Glue DataBrew?
- Leverage pre-built transformations
- Automate some related tasks
- After data prep can export to other services
- Create data profiles > insights into data quality and ID issues
What are the Route 53 Routing Policies (7)
- Simple > domain name mapped to an IP
- Failover > Use primary unless unavailable, then secondary
- Geolocation > if users here, route here
- Geoproximity > route to closest resources
- Latency > route to fastest
- Multivalue answer routing > here's up to 8 targets, route to the randomly
- Weighted > send this percentage to this target and this percentage to another target
What is AWS Wavelength?
- Embeds AWS hardware in 5g network telecom centers
- Connect to AWS services without leaving the 5G network
- Ultra-low latency apps
What is Amazon Timestream?
- Time series, serverless DB
- Store and analyze billions of datapoints daily
- Autoscaling
- User engagement w/apps over time, storage and analysis of IoT data, etc.
What is AWS RAM?
- Resource Access Manager
- share resources btw accounts
- Integrates w/Organizations to share across org or OU's
- Single set of policies and permissions for shared resources
- Centralized usage monitoring
AWS Data Exchange
Service that lets:
Data Users > find and subscribe to data from different providers
Data Providers > build data projects and offer them to consumers
- Secure and efficient without needing a custom platform