Okay, hello cloud gurus

and welcome to this lecture.

In this lecture we're going to do
the 10,000 Foot Overview, part three.
So a few sections in this particular lecture
really do come up in both the solutions architect,
developer and sysops associate exams.
But most of these services
do not come up in any of them
so I'll just try and make it
as quick as possible focusing on the exam topics,
and the ones that don't we'll just skip through,
I'll just explain very quickly what they are
and we'll move on to the next slides.
So let's start with security and identity.
This service, Identity Access Management,
or IAM, we're going to do
in the very next section of the course.
That's where we're gonna start getting our hands dirty
and using the AWS Console,
and this particular service comes up
in every single certification exam
you're ever going to do.
It comes up in all eight
because this is the fundamental component of AWS.
This is how you basically sign in
or authenticate to AWS.
This is how you set up new users,
this is how you assign users permissions,
this is how you group users.
You might have your users in the administrator group,
or developer group, or read-only group.
This is the fundamental sort of identity
and access management service to use AWS.
So you're gonna be an IAM guru
in the very next section.
Move on to Inspector.
So Inspector is a pretty cool service.
Basically it's an agent that you install
on your virtual machines
and it basically inspects those virtual machines
and it does security reporting
as to what's going on.
Believe it or not, it doesn't even feature
just yet in the security specialty exam.
It doesn't really come up
in any of the associate exams either.
Certificate Manager is really cool.
This gives you free SSL certificates
for your domain names
so we will be using that later on in the course.
Directory Service is basically a way
of using Active Directory,
which you use with Microsoft, with AWS.
It's a way of connecting up
Active Directory to AWS.
This one really only comes up
in the Solutions Architect Associate course
so we will have a lecture of it in that course.
It's gonna be a theoretical lecture
rather than a practical lecture
but you just need to understand
the different types of Directory Service available.
Moving on to WAF or Web Application Firewall.
So basically this allows you
to give application-level protection
to your website.
Traditionally firewalls will give you
network protection, WAFs give you
application-level protection.
So they stop things like SQL injections
or cross-site scripting, or basically anyone
doing anything dodgy at the application layer.
And again don't worry
if you don't understand these terminologies,
we're gonna have a whole section on WAF.
We're gonna use it with our elastic load balancers
in the EC2 section of the course
and we'll look at how it works.
The only thing you just need to remember
is it's a security product.
Now it doesn't really come up,
to be honest, it doesn't come up
even in the security specialty exams just yet,
at least not that I can remember.
It doesn't come up in any of the associate ones either
but that being said,
it's fundamentally an important technology
so we are going to cover it off in a lab
later on in the EC2 section of the course.
Then finally we have a thing called Artifacts.
This is basically where you get your documentation
in the AWS Console.
And this is probably just something easier
to show you than to describe it.
So if we go down to Security and Compliance,
and we go down to Compliance Reports,
it's AWS Artifact and this is basically
where you can get things
like your ISO 27001 Certification.
Or you could go and get your ISO 9001 Certification
or your PCI DSS Attestation of Compliance,
et cetera.
So this is where you get all your compliance documents.
So it's pretty simple.
Again, it doesn't really come up too much
apart from in the security specialty cert.
And it comes up all the time
in that particular cert but it won't come up
in any of the associate certificates.
Okay, so let's move on and we're going
to move onto management tools.
Now management tools do come up
in all three associate certs.
Cloud Watch mostly comes up
in the SysOps Administrator Associate course.
Basically Cloud Watch is used
to monitor performance of your,
basically your AWS environment,
in particular things like EC2.
You can monitor disk utilization,
RAM utilization, CPU utilization, et cetera.
We will have labs on Cloud Watch
in the Certified Solutions Architect Associate course
and SysOps Administrator Associate course.
Cloud Formation.
So Cloud Formation is its own animal.
Cloud Formation is what actually drove me
to AWS to begin with.
So if you're working with AWS
chances are you're probably gonna use
Cloud Formation in some way, shape or form.
Cloud Formation is a way of turning
your infrastructure into code
so instead of having physical firewalls,
network switches, load balancers,
physical servers, et cetera.
Cloud Formation is basically a document
that describes your AWS environment.
And you have these things called Cloud Formation Templates.
Basically you can provision
entire production environments
in Cloud Formation Templates
and just deploy them at will.
You can even deploy them by the command line.
You can run one single command
in the command line and you can provision out
a 50-server environment that uses
multiple availability zones
and has auto-scaling built-in
and failover and everything.
It's an amazing technology.
So Cloud Formation turns your infrastructure
into code, and what we're gonna do
in this particular course
is we're gonna go out and create
a fault tolerant WordPress site.
It's gonna take quite a few labs
to get through it all and then we're gonna look
at how we can just use Cloud Formation
to do it all in like the space of 30 seconds.
So Cloud Formation is a fantastic technology.
We do have a Cloud Formation course
which is the Beginner's Guide to Cloud Formation,
and we're about to release
at the beginning of January 2017
the Deep Dive to Cloud Formation.
Cloud Formation is the one thing
you need to know inside-out
if you plan on working as a solutions architect
in the real world for AWS.
Now that being said, Cloud Formation
doesn't come up in the exams all that too much.
I mean, you basically just have to understand
what it is at a high level.
It comes up in this security exam,
specialty exam, and in the professional
solutions architect professional exam,
you need to understand how to both deploy
Cloud Formation Templates and roll them back.
But at the associate level you don't really need
to know much apart from what it is
and what it does.
That being said, and I'm gonna break
my own rule here about only teaching you
what you need to know to pass the exam,
you do need to know Cloud Formation.
So we're gonna have a lab on Cloud Formation
later on in the course.
Cloud Trail is a way of auditing
your AWS resources.
So if somebody goes in and creates a new user
in the Identity and Access Management,
Cloud Trail will record them doing that.
So Cloud Trial is used for auditing
changes to your AWS environment.
Again, you just need to understand
what it is at high level.
We'll probably have a lab on it.
It comes up a lot in the security specialty exam.
OpsWorks is basically a way of automating
deployments using Shift.
Basically this really only comes up
in the sysops administrator associate exam,
and we will have a lab on it in there.
Config Manager is a way,
basically it automatically
monitors your environment
and gives you warnings when your environment
might break specific configurations that you set.
It's basically a way of auditing your environment.
But unlike Cloud Trial,
which basically just does audits,
Config, you can set alerts
so if somebody goes in and creates
a new security group that's breaking
company policy, Config will detect that
and it will basically send you an alert
saying this person's doing something
that contravenes company policy.
So it's a great way of being able
to proactively monitor changes to your environment.
Again, it doesn't really come up
in any of the associate exams.
It does come up in the security specialty exam though.
Next up we have AWS Service Catalog,
and this is a service that's designed
for larger enterprises,
and basically enterprises might have
specific images
that they might want to use for EC2.
Or they might have specific AWS services
that are authorized within their organization,
so things like EC2, S3 or RDS.
But then they might have other services
that they don't want to authorize,
things like workspaces for example.
So Service Catalog basically allows you
as an enterprise to build out
what it is that you authorize
within your organization
and what services are not authorized,
and that's Service Catalog.
Don't worry too much about it
because it is not an exam topic
in any of the associate or professional exams.
Moving on to Trusted Advisor.
Trusted Advisor was actually designed
by the AWS solutions architecture team,
and basically when they would go
into customers environments,
they would make a series of recommendations.
Trusted Advisor is their way of automating this
and basically it'll give you tips
on how to do co-stop automatization,
how to do performance optimization
any security fixes you should make,
and how to build a more fault tolerant environment.
So basically it's an automated way
of scanning your environment
and giving you different tips.
Again, it really only comes up
in the solutions architect associate exam
and you just really need to know what it is.
So we might just do a quick lab on it
in the course.
Moving on to application services.
So let's start with Step Functions.
Step Functions is a brand-new service
just announced at reInvent 2016.
Basically it's a way of visualizing
what's going on inside your application
or basically what different microservices
it's using.
Because it's so new it does not yet
come up in any of the exams.
Simple Work Flow service definitely comes up.
It's a cornerstone of both the,
well, actually all three associate exams,
to be honest.
And Simple Work Flow service is actually what they use
in the Amazon fulfillment center,
and it's a way of coordinating
both automated tasks and human-led tasks.
So let's say you place an order for a,
I don't know, calculator.
Somebody inside the warehouse
has to actually go and locate that calculator.
They have to then basically pick it up,
take it over to the posting and packing area,
where somebody else will apply
posting and packing to it,
and then it needs to be sent out to you.
And Simple Work Flow basically facilitates that,
and we will cover that off
in the Application Services section of the course.
Okay, so moving on to API Gateway.
Basically think of API Gateway as a door.
It allows you to create, publish, maintain,
and monitor and also secure APIs at scale.
So basically it's a door for your apps
to access backend data.
So it might be a two-access business logic
or functionality from backend services
like things like lambda.
We actually use it on A Cloud Guru.
You're using it right now
if you're using our website.
Basically we run AngularJS
in our client devices.
They then make calls to API Gateway,
and then API Gateway then triggers lambda functions
which basically respond to your requests.
So when you're trying to view
a discussion forum for example,
that goes through API Gateway
and the lambda function
is responding to your request.
Don't worry if that all sounds complicated
because it's not gonna come up in any of the exams.
You just need to know what it is at a high level,
or probably I'll just do a quick little lecture
on just serverless and how our actual platform works
to put it all into perspective for you.
But you really don't need to know
much of it in detail apart from what it is
in any of the associate exams.
So just think about it as a doorway
to accessing backend services with AWS.
Moving on to AppStream.
AppStream is pretty cool.
It's a way of basically streaming
desktop applications to your users.
Again, you don't need to worry about it
for any of the exams.
And Elastic Transcoder.
Again, we use this quite a bit for A Cloud Guru.
Every single video that I record
we run through Elastic Transcoder,
and it basically just changes the video format
to suit all different devices.
So if you're watching this on an iPad
it will be different to you
if you're watching it on an iPad Air 2,
and will be different
in terms of screen resolution
if you're watching it on a laptop.
So Elastic Transcoder basically,
you upload a video and it's going
to transcode that video
into all these different formats.
Again, it doesn't come up in any of the exams.
Okay, so let's move on to developer tools.
Now surprisingly this does not come up
in the developer associate exam at all.
You would expect that to change in 2017
so I am going to have labs
on the four different products in here.
So CodeCommit is basically GitHub.
It's a way of, it's a place to store your code
securely in the cloud.
You can either make it open or close.
So you can basically just store your code
up in the cloud.
CodeBuild is a way of compiling your code.
It's brand-new.
It was released at reInvent 2016.
And CodeBuild is actually interesting
'cause you pay by the minute for CodeBuild.
But it's just a way of compiling your code
in different environments.
CodeDeploy is exactly
what it sounds like on the tin.
It's a way of deploying you code
to your EC2 instances.
It does it in a very automated
and regulated fashion.
And then CodePipeline is a way of keeping track
of all your different basically versions of codes.
You might have different code
in test and product.
You might have different code
in actual production.
You might have different code in UAT, et cetera.
These are all fantastic developer tools.
You would think that this would be
in the developer associate exam.
You think it would be the cornerstones
of the developer associate exam.
But it does not yet feature.
I would expect that to change though
and for that reason I'm going to have
a lab on every single product
in this particular section of the course.
And it's optional as to whether or not you do that.
Okay, so almost all of the next few services
don't come up in any of the associate level exams
and then messaging does come up a fair bit.
So I'm just going to go through it
really-really quickly
and just give you a high-level overview.
Remember you should always understand
what these services are at a high level anyway.
So moving on to mobile services
let's start with Mobile Hub.
Basically this lets you add, configure,
and design features for your mobile apps.
This includes things like user authentication,
data storage, backend logic, push notifications,
content delivery, and analytics.
The way to think of Mobile Hub
is you've got the AWS Console
which we're gonna be logging into all the time.
Mobile Hub is its own console for mobile apps
so basically if you're a mobile app developer
you'll be logging into Mobile Hub all the time
and it has its own console inside there,
and the console basically consists
of all these different elements.
So it consists of things like Cognito.
Cognito makes it easy for you
to have users sign up and sign into your apps
using things like social identity providers.
So Cognito, we actually do this
in the iOS with AWS course.
We use Cognito in that.
And we allow people to sign in
using basically their Gmail credentials,
and all of that information,
so their first name, their surname,
their email address, is all stored in Cognito.
Again, this doesn't come up
in any of the associate exams.
Really this is a real world application stuff
so if you want to use Cognito,
check out our iOS with AWS course,
and that will actually teach you
how to build out an Instagram style clone.
And that uses AWS backend services.
So you take a photo, it will store that photo in S3,
it'll write the metadata to DynamoDB,
it will trigger lambda functions
to generate thumbnails of that photo,
and will store all basically
people's user data in Cognito,
and they basically sign in using
their Gmail accounts.
Again, it's a great course
but it has nothing to do with certifications.
Moving on to Device Farm.
Basically this enables you to improve
the quality of your Android, iOS and Fire OS apps
by quickly and securely testing them
on hundreds of real smartphones.
So it's literally, they've got a farm
of all these different devices
and you can test your apps on physical devices
in the AWS data center.
Moving on to Mobile Analytics.
This is a service that lets you basically
simply and cost-effectively collect
and analyze app usage data
so it's a way of analyzing your mobile data.
And then Pinpoint is a brand-new service.
It's been announced at reInvent 2016
and this basically enables you to understand
and engage with your application users.
Think of Pinpoint as Google Analytics
for your mobile applications.
So you use Pinpoint to gather data
on what your users are doing
with the apps that you've built,
where they are in world,
how they do different purchases, et cetera.
It allows you to understand user behavior
and then you can define who to engage,
determine what notifications to send,
and then decide when to deliver these notifications,
and then you can track the results of these campaigns.
So basically think of it as a way
of combining Google Analytics
with doing targeted marketing campaigns.
And again, 'cause it's a brand-new service,
it doesn't come up in any of the exams.
Moving on to Business Productivity.
So WorkDocs is a way of securely
basically storing your important
work documents in the cloud.
It's more or less using S3
but it has a whole bunch
of different security tied into it.
Not in any of the exams.
WorkMail.
Think of it as Exchange for AWS.
So it's a way of sending and receiving email.
Again, not in any of the exams.
Moving on to Internet of Things, or IoT.
IoT is its own immense service.
It was announced at reInvent2015
and it's basically a way of having
thousands or millions or billions
of devices out there
and then keeping track of them.
You use IoT gateway.
IoT will probably be its own certification,
that's my own bet, potentially in 2017,
perhaps in 2018.
Again, it's quite new, it was announced
at reInvent 2015, doesn't feature
in any of the exams at present.
Moving on to desktop and app streaming.
So we've got WorkSpaces.
For those of you who know what VDI is,
basically WorkSpaces is just VDI.
Think of WorkSpaces as a way
of having your desktop in the cloud.
So if you're using a Windows PC,
you might have a thin client,
so it might just be a tablet or something
that has no local operating system
installed on it, the actual operating system
itself would run in the AWS cloud,
so you'd run your Windows environments out there.
It doesn't really feature in the exam too much
apart from knowing what it is.
And then we have AppStream 2.0.
This is again very similar to AppStream 1.
AppStream 1 has been retired now
but it still sits in the AWS Console.
It's just a way of streaming
desktop applications to your users.
Moving on to Artificial Intelligence
and I could talk about this all day.
This is one of the biggest announcements
at reInvent, it's a whole bunch
of different new services under AI.
If you're a fan of Elon Musk,
you probably follow AI a lot.
Elon Musk, for those that don't know,
is the founder of Tesla.
He's also the founder of SpaceX.
He's basically Iron Man,
the character Iron Man was based, more or less,
off Elon Musk, if you believe the rumors.
And Elon Musk is always warning us
against the dangers of artificial intelligence.
He says it's like, basically it's even
more dangerous than nuclear weapons,
it's nuclear weapons to the Nth degree.
Artificial intelligence is here.
It's growing faster every day.
It is pretty scary stuff.
I really started getting into AI
when Elon Musk tweeted about this book.
It's called Superintelligence by Nick Bostrom.
I recommend you read it.
It's fantastic.
Go ahead and have a look at this on Amazon.com.
We're out of time now.
Guys you've been really-really patient.
One more lecture and then we finish
this section of the course.
So go have a break, make yourself a coffee
and when you've got the time,
please join me in the next lecture.
Thank you.