Professional Documents
Culture Documents
1) AWS Things To Know v2
1) AWS Things To Know v2
1. By default, what is the maximum number of Linked Accounts per Paying Account under
Consolidated Billing?
Answ 20
2. Relate resource groups via tags
S3
1. S3
Default max bucket count is 100
Bucket name restrictions
1. Globally unique names.
2. DNS naming conventions
3. 3 to 63 characters.
4. No uppercase characters or underscores.
5. start with a lowercase letter or number.
6. series of one or more labels labels separated by a single period
7. Alpha numeric, period and hyphens, but only end in lowercase letter or a
number.
8. Bucket names must not be formatted as an IP address (for example,
192.168.5.4).
9. When you use virtual hosted–style buckets with Secure Sockets Layer (SSL),
the SSL wildcard certificate only matches buckets that don't contain periods
Unstructured data – flat files – 0 to 5tb – unlimited storage The largest object that can be
uploaded in a single PUT is 5 gigabytes. For objects larger than 100 megabytes
S3 Path style
i. rest protocol (path style) s3.aws-region.amazonaws.com/bucket
ii. Virtual-hosted style URL http://bucket.s3-aws-region.amazonaws.com
S3 Tiered storage all has 11x9 durability
i. Standard built for 99.99% avail (SLA 99.9%) stored redundantly across multiple
devices and facilities designed for loss of 2 facilities concurrently
ii. S3 IA build for 99.9% availability (SLA 99%) data access less frequently but rapid
access when needed lower storage fee but charge retrieval fee 99% availability
SLA
iii. S3 one zone build for 99.5% availability (SLA 99%) stored in one availability zone
infrequently accessed
iv. S3 intelligent tiering build for 99.9% availability looks at usage frequency and
moves object around accord to best cost for usage pattern uses AI to learn
v. Glacier normal and deep archive
1. E.g. for federal regulation
2. Deep archive is lowest cost 12hrs retrieval time (old info)
3. Newer is faster depending on option
a. Expedited retrievals typically return data in 1-5 minutes,
b. Standard retrievals typically complete between 3-5 hours,
c. Bulk retrievals lowest-cost retrieval option returning
large amounts of data 5-12 hours.
d. The Amazon S3 Glacier Deep Archive storage class provides
two retrieval options ranging from 12-48 hours.
4. Individual glacier archives are limited to a maximum size of 40
terabytes. There is no minimum limit to the amount of data that
can be stored in Amazon S3 Glacier and individual archives can
be from 1 byte to 40 terabytes.
5. All data will be encrypted on the server side. Amazon S3 Glacier
handles key management and key protection. (AES-256).
Customers wishing to manage their own keys can encrypt data
prior to uploading it.
6. You can create up to 1,000 vaults per account per region. Vaults
are groups of archives
Minimum billable object size for S3 128 KB. The minimum object size is 0 bytes, however
you will be billed for 128 KB. Objects smaller that 128 can still be stored, but will be billed as
if they are 128KB.
3. Snow ball
Petabyte scale transport solution
50 tb or 80tb drive, snowball edge is 100TB
256bit encryption, TPM (industry standard trusted platform module)
4. Storage gateway
Virtual or physical device
Virtual Supports vmware and hypervisor
File gateway accessed via NFS or SMB stored in s3 frequent used data cached
Volume gateway (iSCSI)
i. Caches volumes stored in s3 frequently used data (hot data) is cached
onsite up to 32 tb
ii. Stored volumes EBS snapshots asynchronously backed up to S3 up to 16tb
Tape Gateway VTL stores virtual tapes sotred in Glacier
i. Can archive virtual tapes stored in deep archive
5. Placement groups
The name of your placement group must be unique within your AWS Account
6. EC2 101 theory course
curl http://169.254.169.254/latest/meta-data/
curl http://169.254.169.254/latest/user-data/
i. EBS ST frequently used high throughput SC less frequently used
ii. Data Lifecycle Manager (Amazon DLM) Automate EBS snashopt quick to implement
iii. 5 Elastic Ips per region by default
iv. SLA guarantees a Monthly Uptime Percentage of at least 99.99%.
v. On demand vCPUs limit per region
vi. Reserved 20 default limit
vii. Spot instances 20 default limit per region
viii. Dedicated hosts dedicated physical host server bound SW licenses
ix. Convertible convert between instance types Convertible Reserved Instances are
associated with a specific Region
x. Since the additional disk does not contain the operating system, you can detach it in the
EC2 Console while the instance is running. However, any data on that drive would
become inaccessible, and possibly cause problems for the EC2 instance
xi. You are limited to running On-Demand Instances per your vCPU-based On-
Demand Instance limit, purchasing 20 Reserved Instances, By default, there is an
account limit of 20 Spot Instances per Region (new accounts might have lower
spot limits).
xii. Spot fleets and EC2 fleet considerations is about maintaining capacity and price/cost limit
-> fleets scale to maintain capacity and up to a cost ceiling
7. RDS
6 different databases on AWS SQL Server, Oracle, MySQL, PostgreSQL, Aurora,
MariaDB
Read replica
i. not avail for sql server
ii. can create in another region
iii. backups need to be activated
RDS key features
i. By default, customers are allowed to have up to a total of 40 Amazon RDS DB
instances. Of those 40, up to 10 can be Oracle or SQL Server DB instances under
the "License Included" model. All 40 can be used for Amazon Aurora, MySQL,
MariaDB, PostgreSQL and Oracle under the "BYOL" model.
ii. Note that RDS for SQL Server has a limit of up to 100 databases per DB instance
to learn more see the. RDS for PostgreSQL, MariaDB, MySQL, Aurora: No limit
imposed by software. RDS for Oracle: 1 database per instance; no limit on
number of schemas per database imposed by software
iii. DB storage size limits on RDS
1. Sql Server 16TiB
2. MySql, PostGress, MAriaDB 64TiB
3. ORable 63 TiB
iv. You can purchase up to 40 reserved DB instances. If you wish to run more than
40 DB instances, have to apply
v. Amazon RDS reserved instances are purchased for a Region rather than for a
specific Availability Zone. As RIs are not specific to an Availability Zone, they are
not capacity reservations.
With Aurora MySQL you can configure cross-region Aurora Replicas using logical
replication to up to five secondary AWS regions. Aurora PostgreSQL currently does
not support cross-region replicas. Aurora Replica physical replication can only
replicate to one secondary region.
Default is 1 day if via API or 7 via console, and 0 disables auto backups
i. Backups stored if not chosen to be deleted upon deleting RDS stored
according to backup config
When creating an RDS instance, you can select the Availability Zone into which you
deploy it.
In RDS, changes to the backup window take effect immediately
If you are using Amazon RDS Provisioned IOPS storage with a Microsoft SQL Server
database engine, what is the maximum size RDS volume you can have by default
i. 16TB
There is minimal downtime when you are scaling up on a Multi-AZ environment because
the standby database gets upgraded first, then a failover will occur to the newly sized
database. A Single-AZ instance will be unavailable during the scale operation.
Database performance Enhanced Monitoring, which provides access to over 50 CPU,
memory, file system, and disk I/O metrics. You can enable these features on a per-
instance basis and you can choose the granularity (all the way down to 1 second).
You can purchase up to 40 reserved DB instances. If you wish to run more than 40 DB
instances need to apply to AWS
Retain backups or create snapshot is optional
8. DynamoDB
There is no charge for the transfer of data into DynamoDB, providing you stay within a
single region provisioned capacity and data storage charged for
Streams not activated by default hold data for 24 hrs (records and shards based
storage)
ACID transactions – DynamoDB transactions provide developers atomicity, consistency,
isolation, and durability (ACID)
9. AWS directory service
Simple directory service 500 or 5000 limit no trust to outside Ads
AWS Managed Windows AD can build trust Larger user bases fully managed
Shared responsibility and GPO or access/auth or scaling out is responsibility of client
AD connector link onsite AD to cloud resources establish trust e.g. EC2
resources
Cloud directory manages objects (100’s of millions) via tree structure dev tool
10. Redshift
Default 1-day retention period
Maximum of 35 days
Redshift always tries to maintain 3 copies of data
i. Original
ii. Replica on compute nodes
iii. Backup in s3 can replicate to another s3 region for backup
Charged for backups and for transfers within VPC Cant backup outside region
Single node 160Gb limit
When loading data into empty table redshift automatically samples data and selected
most appropriate compression technique
Only available in 1 AZ
11. Aurora
Up to 244Gig memory and 32 VCPUs
Lose Up to 2 copies of data does not impact write
Lose Up to 3 copies of data does not impact read
Self-healing
Replicas up to 15 Aurora, 5 Mysql and 1 postgresSQL
Backups do not impact performance and are automated.
Snapshots do not impact performance
Serverless option
i. Autoscaling everything (space, mem, CPUs) based on needs start and shuts
automatically
12. HPC
EN lower CPU consumption EFA (110gig) and VF (10 gig)
EFA ML and OS bypass Can bypass OS allowing applications such as HPC or
machine learning to talk directly to network interface lower latency only
supported on linux
13. Cloudwatch
Metrics dashboard
Alarms
Log groupslog streams custom metric Alarm
Enahcned monitoing is RDS feature Mem and CPU detail additional
Detailed monitotinh EC2 reports more often but still same metrics Need scripts
for more
14. Spotfleet Launch spot and on-demain instances according ot spot price different lunch
pools:
Capacity optimised
Lowest price
Diversified – From all pools
InstancePoolsToUseCount define which pools u want
Support plans
15. Aurora
The Amazon Aurora architecture involves separation of storage and compute. Aurora
includes some high availability features that apply to the data in your DB cluster. The
data remains safe even if some or all of the DB instances in the cluster become
unavailable.
Designed to transparently handle loss of 2 copies without affecting write and 3 copies
without affecting read availability
i. 6 copies of data
ii. 2 copies across minimum 3 AZs
Millisecond failover MySQL is seconds
Starts at 10gig and scales in 10gig increments to 64TB
The cluster endpoint always represents the current primary instance in the cluster
16. Route 53
With Route 53, there is a default limit of 50 domain names. However, this limit can be
increased by contacting AWS support
Alias Records can also point to AWS Resources that are hosted in other accounts by
manually entering the ARN
17. VPC
Amazon Virtual Private Cloud allows customers to create a new default VPC directly
from the console or by using the CLI.
Can have regional peering
Osaka has 1 AZ only AZ like this
By default, limit of 5 VPCs per AWS Region
AWS evaluates all rules for all the security groups associated with an instance before
deciding whether to allow traffic in or out. The most permissive rule is applied—so
remember that your instance is only as secure as your weakest rule.
NACL rules one at a time. Each NACL rule has a number, and AWS starts with the lowest
numbered rule. If traffic matches a rule, the rule is applied and no further rules are
evaluated. If traffic doesn’t match a rule, AWS moves on to evaluate the next
consecutive rule
Default NACL and SG allows all outbound accessNACL allows inbound as well
Custom SG and NACL allow no access except custom SG allows outgoing access
18. SQS
https://medium.com/@roymiddleton81/how-i-passed-my-aws-certified-solutions-architect-
associate-exam-saa-c02-this-2020-5c8d4ab3747c
https://info.acloud.guru/resources/should-i-take-the-saa-c01-or-saa-c02
27. Todo
1. Redo global accelerator module
2. Redo Direct connect module and youtube video
3.