1. Introduction to Cloud Computing and AWS

What is Cloud Computing:

Cloud computing delivers IT resources like compute power, storage, databases, networking, and analytics via the Internet on a pay-as-you-go basis.

Benefits of Cloud Computing:

1. Cost Efficiency: Pay only for what you use.
2. Scalability: Instantly scale resources up or down as needed.
3. Global Reach: Resources are accessible from anywhere in the world.
4. Performance: Leverage global infrastructure for high performance.
5. Security: Advanced security features such as encryption and identity management.

AWS Global Infrastructure:

1. AWS Regions: A physical location around the world where AWS clusters data centers.
2. Availability Zones (AZs): Each region has multiple isolated locations known as Availability Zones.
3. Edge Locations: Content delivery endpoints for AWS services, used in services like CloudFront.

AWS Cloud Deployment Models:

1. Public Cloud: Services offered over the public internet.
2. Private Cloud: Dedicated cloud resources used by a single organization.
3. Hybrid Cloud: A mix of public and private clouds, allowing data and apps to be shared between them.

Cloud Service Models:

1. Infrastructure as a Service (IaaS): Provides virtualized computing resources over the internet (e.g., Amazon EC2).
2. Platform as a Service (PaaS): Provides hardware and software tools (e.g., Elastic Beanstalk).
3. Software as a Service (SaaS): Delivers software applications over the internet (e.g., Amazon WorkDocs).

2. AWS Core Services

Compute Services:

1. Amazon EC2: Elastic Compute Cloud, virtual servers (instances) that can be configured based on processing power, memory, and storage needs.
2. AWS Lambda: Serverless compute service that runs code in response to events and automatically manages the compute resources.
3. Elastic Beanstalk: Easy-to-use service for deploying and managing applications without needing to manage infrastructure.

Storage Services:

1. Amazon S3 (Simple Storage Service): Object storage service offering scalability, data availability, security, and performance.
   • Storage Classes: S3 Standard, S3 Intelligent-Tiering, S3 Standard-IA, S3 Glacier.
2. Amazon EFS (Elastic File System): Scalable file storage service for use with AWS cloud services and on-premises resources.
3. Amazon Glacier: Low-cost cloud storage for data archiving and long-term backup.

Databases:

1. Amazon RDS (Relational Database Service): Managed service that makes it easy to set up, operate, and scale a relational database.
   • Supports engines like MySQL, PostgreSQL, SQL Server, Oracle, MariaDB, and Aurora.
2. Amazon DynamoDB: Fully managed NoSQL database service designed for high-scale, low-latency applications.
3. Amazon Redshift: Fully managed data warehouse service for fast, simple, and cost-effective analysis of large datasets.

Networking Services:

1. Amazon VPC (Virtual Private Cloud): Allows you to provision a logically isolated section of the AWS cloud where you can launch AWS resources.
2. Amazon CloudFront: Content delivery network (CDN) for distributing data globally with low latency.
3. Amazon Route 53: Scalable domain name system (DNS) web service designed to route end users to internet applications.
4. Elastic Load Balancing (ELB): Automatically distributes incoming application traffic across multiple EC2 instances.

Security Services:

1. AWS IAM (Identity and Access Management): Manage access to AWS services and resources securely.
2. AWS Cognito: User identity and access management service that helps you manage user sign-up, sign-in, and access control.
3. AWS Shield: Managed DDoS protection service that safeguards web applications.
4. AWS WAF (Web Application Firewall): Protects web applications from common web exploits.

3. AWS Billing and Pricing

AWS Free Tier:

• AWS offers a free usage tier that includes limited services, such as:
  1. EC2 t2.micro instance for 750 hours/month.
  2. S3 storage up to 5 GB.

AWS Pricing Models:

1. Pay-as-you-go: Pay for the actual usage of resources without any upfront costs.
2. Reserved Instances: Purchase instances for a one- or three-year term to get a significant discount.
3. Spot Instances: Bid for unused EC2 capacity at a lower price than on-demand instances.

AWS Cost Management Tools:

1. AWS Cost Explorer: Visualize, understand, and manage your AWS costs and usage over time.
2. AWS Budgets: Set custom cost and usage budgets and get alerts when you exceed thresholds.

AWS Billing Dashboard:

The billing dashboard in the AWS Management Console helps you view detailed information about your AWS costs, billing, and credits.

Total Cost of Ownership (TCO):

AWS provides a TCO calculator that compares your on-premises infrastructure costs with AWS cloud costs.

AWS Pricing Calculator:

A tool for estimating the cost of AWS services tailored to your expected usage patterns.

4. AWS Identity and Access Management (IAM)

IAM Users, Groups, and Roles:

1. Users: Individual entities that represent people or services needing access to AWS resources.
2. Groups: Collections of IAM users that are managed as a unit.
3. Roles: Assignable entities that provide temporary permissions for services or users.

Policies and Permissions:

1. Policies: JSON-based documents that define permissions. Policies are attached to users, groups, or roles.
2. Least Privilege Principle: Always give the minimum permissions needed to perform a task.

Multi-Factor Authentication (MFA):

• MFA: An extra layer of security that requires users to provide not only their password but also a second authentication method (such as a code from their phone).

IAM Best Practices:

1. Enable MFA for all users.
2. Use groups to assign permissions.
3. Grant least privilege access.
4. Rotate credentials regularly.

5. AWS Security and Compliance

AWS Shared Responsibility Model:

1. AWS’s Responsibility: Security of the cloud (hardware, infrastructure, and managed services).
2. Customer’s Responsibility: Security in the cloud (data, identity, access management, applications).

AWS Organizations and Service Control Policies (SCPs):

1. AWS Organizations: Allows central management of multiple AWS accounts.
2. Service Control Policies (SCPs): Policies that allow you to control what services and actions can be accessed in member accounts.

AWS Key Management Service (KMS):

KMS: Managed service to create and control encryption keys used to encrypt your data.

• 1. Customer Master Keys (CMKs): Used to encrypt and decrypt up to 4 KB of data or to encrypt the data keys that encrypt larger datasets.

AWS CloudTrail and AWS Config:

1. AWS CloudTrail: Enables governance, compliance, and operational and risk auditing of your AWS account by logging all API calls.
2. AWS Config: Assesses, audits, and evaluates the configurations of your AWS resources.

AWS Security Hub:

1. AWS Security Hub: Provides a comprehensive view of your security alerts and security posture across AWS accounts.

6. AWS Cloud Architecture and Design Principles

AWS Well-Architected Framework:

• A set of best practices to help you design reliable, secure, efficient, and cost-effective systems in the cloud.
  1. Operational Excellence: Focus on operations that deliver business value.
  2. Security: Protect information, systems, and assets.
  3. Reliability: Ensure a workload can recover from failures and meet operational expectations.
  4. Performance Efficiency: Efficiently use computing resources.
  5. Cost Optimization: Avoid unnecessary costs.

AWS Reliability and Fault Tolerance:

1. Fault Tolerance: The system’s ability to remain operational even if some of its components fail.
2. Elastic Load Balancing and Auto Scaling improve fault tolerance by automatically distributing traffic and adjusting capacity based on demand.

Elasticity and Scalability:

1. Elasticity: Automatically adjust compute resources to meet varying demand.
2. Scalability: Ability to grow in capacity as demand increases and shrink when demand decreases.

High Availability and Disaster Recovery:

1. High Availability: Ensuring services are available as much as possible, using techniques like distributing instances across Availability Zones.
2. Disaster Recovery (DR): Strategies for recovering from outages and ensuring business continuity, such as backups, replication, and failover.

7. Monitoring and Analytics

AWS CloudWatch:

• CloudWatch: Monitors AWS resources and applications. It collects and tracks metrics, monitors log files, and sets alarms.

AWS CloudTrail:

• CloudTrail: Tracks user activity and API usage across your AWS environment. It’s helpful for auditing and governance.

AWS Trusted Advisor:

• Trusted Advisor: Provides real-time recommendations to help you reduce costs, increase performance, and improve security.

AWS X-Ray:

• X-Ray: Helps developers analyze and debug distributed applications, such as those built using microservices.

8. AWS Support Plans

Basic Support (Free):

• Basic Support includes 24/7 access to customer service, documentation, and whitepapers but does not include technical support.

Developer Support:

• Developer Support includes:
  1. Technical support during business hours.
  2. General guidance and system impairment troubleshooting.
  3. Cloud Support Engineers available via email.

Business Support:

• Business Support includes:
  1. 24/7 access to Cloud Support Engineers.
  2. Help with best practices, client-side diagnostic tools, and third-party software support.
  3. Access to AWS Trusted Advisor checks.

Enterprise Support:

• Enterprise Support includes:
  1. All features of Business Support.
  2. A Technical Account Manager (TAM).
  3. Access to AWS infrastructure event management and white-glove service.

9. Migration and Transfer Services

AWS Migration Hub:

• AWS Migration Hub: Provides a central place to track the progress of application migrations across multiple AWS and partner solutions.

AWS Application Discovery Service:

• Application Discovery Service: Gathers information about your on-premises data centers to help plan your migration to AWS.

AWS Database Migration Service (DMS):

• DMS: Helps migrate databases to AWS quickly and securely. The source database remains operational during the migration.

AWS Snowball and Snowmobile:

1. AWS Snowball: Physical devices that securely transfer large amounts of data into and out of AWS.
2. AWS Snowmobile: Exabyte-scale data transfer service that transports up to 100 PB of data to AWS in a 45-foot shipping container.

10. Conclusion

It’s important to understand the AWS global infrastructure, security principles, key services (compute, storage, databases, networking), and how AWS pricing and support models work. Dive into each section in more detail, practice with AWS services hands-on, and use the AWS documentation as a resource to reinforce your knowledge.

Download Elysium Spark Note