AWS CLOUD PRACTITIONER FOUNDATION COURSE (CLF-01)

PARTS:

- Cloud Computing Fundamentals 26%

- Technology tools & services 25%
- Security & Compliance 33%
- Billing & Pricing 16%

PART 1: CLOUD COMPUTING FUNDAMENTALS

*AVAILABILITY ZONES (AZ) have multiple data centers.

*EDGE LOCATION is only used to cache content. It cannot run an EC2 instance. CloudFront makes use of
Edge Location to deliver cached content. They reduce latency (i.e amt of time it takes for ur website to
load/launch).

*LOW LATENCY is a good sign in Cloud computing.

*Multi-AZ deployments provide high availability and reduce latency.

PART 2: TECHNOLOGY

i) Compute
ii) Storage
iii) Content Delivery
iv) Networking
v) Database
vi) Migration & Transfer
vii) Analytics
viii) Machine Learning
ix) Developer Tools
x) Deployment & Infrastructure Mgt
xi) Messaging & Integration
xii) Auditing, Monitoring & Logging

A) COMPUTE SERVICES:
i) EC2
ii) AWS LAMBDA
iii) CONTAINERS (Fargate, Lightsail, AWS Batch, Outposts)

EC2: *Amazon EC2 service provides a secure & resizable compute platform with choice of processor,
storage, networking, OS, & purchase model.
*You can deploy/provision a database to an EC2 instance.

*You can deploy EC2 to multiple AZ to make ur website/app highly available.

*You can access your EC2 instance via; AWS Mgt Console, SSH on local computer, EC2 instance connect
(EIC), AWS Systems manager.

( SSH – Generate Keypair – Connect it via SSH )

EC2 PRICING OPTIONS:

a. On-demand (Best for low budget)

b. Spot instance (CHEAPEST option. It lets you take adv. Of unused EC2 capacity)
c. Reserved instance (Most ECONOMICAL for longterm workloads)
d. Dedicated host (It has no shared license)
e. Saving plans

*EC2 Instances offer Load balancing & Autoscaling. These are its FEATURES.

(Elastic Load balancers automatically distributes traffic across multiple EC2 instances. E.g. classic,
application, gateway, and network load balancers)

(EC2 Autoscaling adds or replace EC2 instances automatically across AZs based on need/demand. It
improves high availability) (It can go from 1 instance --- 3 instances & from 3 instances – 1 instance).

(Horizontal scaling [scaling out] => where u add/replace servers)

(Vertical scaling [scaling up] => upgrades an existing instance)

AWS LAMBDA: *it is a serverless compute engine that lets you run code without managing servers. They
are serverless.

*They have a 15minute time-out.

*It scales automatically.

*They execute codes in response to events.

REAL WORLD C.S:

a. Realtime file processing. (Data file [.CSV])

b. Sending email notifications. (Email)
c. Backend Business Logic (Alexa)

CONTAINERS:

*FARGATE is a serverless compute engine for containers. They merge containers, i.e. Autoscales.

(20GB of ephemeral storage is available for all fargate tasks)

(Fargate supports SPOT & SAVINGS PLAN pricing options just like EC2 instances)

(ECS & EKS use Fargate to autoscale, loadbalance & optimize container availability)

*LIGHTSAIL allows you quickly launch all the resources you used for a small project. It deploys
preconfigured apps like WORDPRESS.

*AWS BATCH allows you to process large workloads in smaller chunks/batches.

*OUTPOSTS allows you run cloud services in internal data center. They support hybrid deployment
models.

B) STORAGE SERVICES:
i. Simple Storage Service (S3)
ii. Elastic Block Storage (EBS)
iii. EC2 Instance Store
iv. Elastic File System (EFS)
v. Storage Gateway.

S3: *They offer 11 9’s of durability (99.9999999%).

*S3 is a regional service. (i.e. objects are stored in multiple servers in multiple facilities across AWS)

STORAGE CLASS USED FOR? STORAGE DATA STORAGE PRICE

RETRIEVAL ACROSS AZs
S3 Standard Frequently Rapid Access Multiple
accessed data
S3 Intelligent Data with Rapid. No fees Multiple Cost- effective. (for
Tiering unknown/changing New apps)
access patterns
S3 Standard (IA) Infrequently Requires rapid Multiple Cheaper than S3
accessed data access Standard
S3 One Zone (IA) Infrequently Requires rapid Single AZ Costs <20% than S3
accessed data access standard IA. (data
can be lost)
S3 Glacier Long-term data. 1-5mins, Multiple It has cheaper
Archival storage 3-5hrs, storage options
5-12hrs, retrieval
options.
S3 Glacier Deep Accessed only once 12-48hrs retrieval Multiple Cheapest of all S3
Archive or twice a year options options
S3 Outposts Data that needs to Available on- Multiple devices & Demanding app
be kept locally premises, locally. servers performance
needs.
REAL WORLD C.S:

*Can be used to deploy static websites. (CloudFront)

*Can be used for data archival. (Glacier & Glacier DA)

*Can be used with data analytics services. (RedShift)

*Can be used by mobile app users for storage.

ELASTIC BLOCK STORAGE (EBS): *Very similar to a FLASH DRIVE.

*Can be attached/removed from an Instance.

*Data still persists when instance is not running.

*It can only be attached to one instance in the same AZ.

*It can only be connected to one AZ.

*It can be quickly accessible. And it helps with long-term data storage.

EC2 INSTANCE STORE: *This is a local storage that is attached to ur host computer physically & cannot
be removed.

*It is only used to store temporary data.

*Data can be replicated across multiple instances.

*It has a faster I/O speed.

*Storage is on disks physically attached to an instance.

ELASTIC FILE SYSTEM (EFS): *This is a serverless network file system for sharing files.

*It only supports Linux Systems.

*It is accessible across multiple AZs in the same Region.

*It is more expensive than EBS.

*They are used for Business-Critical apps.

STORAGE GATEWAY: *This is a Hybrid Storage service.

*They connect both on-premises & cloud data.

They help in moving backups to the cloud.

*Supports Hybrid models.

*They provide low-latency access to data, which is a good sign.

C) CONTENT DELIVERY SERVICES: *Cloud Delivery Networks (CDN) provide Low Latency.
i. CloudFront
ii. AWS Global Accelerator
iii. S3 Transfer Acceleration

CLOUDFRONT: *It is a CDN that provides Low latency to web apps.

*CloudFront uses EDGE LOCATIONS to cache contents.

*CloudFront helps to deploy static websites.

*CloudFront helps prevent DDoS (DISTRIBUTED DENIAL of SERVICE) attacks.

*CloudFront helps in IP address blocking. (Preventing users in certain countries from accessing contents)

AWS GLOBAL ACCELERATOR: *It improves latency & availability by sending users through the AWS
Global Network when accessing ur contents.

*They help reroute traffic to healthy available regional endpoints.

S3 TRANSFER ACCELERATION: *It improves content uploads & downloads to and fro ur S3 buckets. They
provide fast transfer of files over long distances.

D) NETWORKING SERVICES:
i. VPCs
ii. DNS. (Domain Name System)
iii. AWS Direct Connect
iv. AWS VPN

VPCs: *VPCs are like fences, they help keep things inside it safe & bad things out.

*A VPC is created across two AZs, each with a Subnet, Private & Public, where EC2 instances are
deployed. The EC2 instance provisioned in the private subnet can only be accessed by the root user,
while the EC2 instance provisioned in the public subnet is configured to display publicly to the
INTERNET. Using different configurations like the Network ACL, setting Route Tables to direct traffic, and
setting an Internet Gateway that allows public traffic from a VPC to the Internet.
*Network PEERING allows us connect 2 separate VPCs and make them behave as one.

DNS (DOMAIN NAME SYSTEM): ROUTE53: *This is a cloud DNS service that routes users to applications

*It helps with Domain name registration

*It helps perform health checks on AWS resources.

It supports hybrid cloud models/architecture.

AWS DIRECT CONNECT: *Direct connect is a physical network connection from your on-premises data
center to AWS.

*Data only travels over a private network.

*Supports a hybrid environment.

*It helps transfer large data sets to AWS

*It helps transfer business-critical data, bypassing ur service provider (the internet)

*They are expensive

AWS VPN: *It is similar to Direct Connect. Except;

- It is slightly cheaper than DC.

- It transfer data over a public network
- It automatically encrypts data

*It makes use of a VPN TUNNEL (Which has a similar set up as a VPC)

*Site-to-site VPNs help move apps to the cloud easier.

E) DATABASES:

*Database is an organized collection of various forms of data. (You can access a data in a database by
“querying” it)

*Databases are generally controlled by a Database Mgt System.

TYPES OF DATABASES ENGINES IN THE AWS ECOSYSTEM:

i. Relational: a). RDS b).AURORA

ii. NoSQL: DynamoDB
iii. Graph: Neptune
iv. In-Memory: ElastiCache
v. Document: DocumentDB
(NoSQL database means the database is self-describing & it does not enforce relations between its
tables like SQL databases [RDS])

RDS (SQL database):

*It makes it easy to launch & manage relational databases on AWS.

*It supports popular database engines (e.g. ORACLE, AURORA, MySQL)

*It offers high availability & Fault tolerance using multiple AZ deployment option.

*AWS automatically manages services in this database engine.

*You can launch read replicas across Regions in order to provide enhanced performance & durability.

(Read Replica => It is a read-only copy of ur database used for fast querying)

AMAZON AURORA (SQL database):

*This is a database that is relationally compatible with MySQL & PostgreSQL that was created by AWS.

*It is 5x faster than normal MySQL &

3x faster than normal PostgreSQL database engines. (& a lot cheaper)

*It scales automatically, providing high availability & durability. (it also automatically grows storage as
needed)

*It is managed by RDS.

AMAZON DynamoDB (NoSQL database):

*It is fully managed by AWS & also fully serverless.

*It is non-relational.

*It scales automatically to massive workloads with fast performance.

*When creating a DynamoDB table, primary keys are essential. It helps to uniquely identify all the items
in the table.(Using Hashkeys)

AMAZON DocumentDB:

 A fully managed document database that supports (MongoDB)

 It is fully managed by AWS & serverless.
 It is non-relational.
ELASTICACHE:

 It is a fully managed “in-memory” datastore.

 It is compatible with “Redis & MemCached”
 Data can be lost, because it is stored “in-memory”
 It offers high performance & low-latency.

AMAZON NEPTUNE:

 It is a fully managed “GRAPH” database engine

 It supports highly connected datasets like social media networks.
 It is fully managed by AWS & serverless.

REAL WORLD C.S:

Migrate an on-premises ORACLE database to the cloud?

Ans: RDS

Migrate an on-premises PostgreSQL database to the cloud?

Ans: RDS & PostgreSQL.

Alleviate database load for data that is accessed often?

Ans: ElastiCache

Process large sets of user profiles & social interactions?

Ans: Amazon Neptune

NoSQL database fast enough to handle millions of request per second?

Ans: DynamoDB

Operate MongoDB workloads at scale?

Ans: DocumentDB

F) MIGRATION & TRANSFER SERVICES: These are fast & secure ways to move on-premises data to
or within AWS.

MIGRATION:

i. Database Migration Services (DMS)

ii. Server Migration Services (SMS)

TRANSFER:

iii. AWS Snow Family (Snowcone, snowball & snowball edge, snowmobile.)
 iv. AWS DataSync

DATABASE MIGRATION SERVICES (DMS):

 It helps migrate on-premises databases to AWS

 It provides for continuous data replication
 It supports homogenous (e.g. ORACLE to ORACLE) & heterogeneous (e.g. ORACLE to MySQL
servers) migrations.
 It provides virtually no downtime. (source database remains on standby)

REAL WORLD C.S:

 Can migrate on-premises ORACLE database to AURORA MySQL

 Can migrate an on-premises ORACLE database to ORACLE on EC2 Instance
 Can migrate an RDS ORACLE database to AURORA MySQL also in the cloud.

SERVER MIGRATION SERVICES (SMS):

 It helps you migrate on-premises servers to AWS.

 When servers have been migrated, they are saved as a new Amazon Machine Image (AMI).
 It uses AMIs to launch servers as EC2 Instances.

AWS SNOWFAMILY: SnowFamily helps you transfer large amounts of on-premises data to AWS using a
physical device.

TYPES:

i) SNOWCONE: *This is the smallest member of the data transport service.

 It holds 8TB of usable storage.
 They can be used to collect, process & move ur data offline/online using AWS DataSync
ii) SNOWBALL & SNOWBALL EDGE: *Petabyte-scale (1,024TB) usable storage.
 Transfers data in & out
 Cheaper than internet transfers.
 Snowball Edge supports EC2 & Lambda. (supports apps to run even when in a remote
environment)
iii) SNOWMOBILE: *Exabyte-scale (1024PB) usable storage
 Transfers data in a 45-foot long shipping container.
 Mostly used by companies who are shutting down their on-premises data center & moving to
AWS.
 Data is driven back to Amazon facility & store in an Amazon S3 bucket.
 It is secure.

AWS DATASYNC:

 Allows you transfer ur data online from on-premises storage to AWS storage services like S3 &
EFS.
 Data transfer speeds are up to 10x faster than open source tools.
  Copy data over Direct Connect or the internet.
 Can copy data between AWS storage services
 Replicates data cross-region or cross-account

G) ANALYTICS SERVICES:

Analytics is the act of querying & processing ur data

DATA-WAREHOUSING: A data-warehouse is a data storage solution that aggregates massive amount of

historical data from disparate sources.

They help & support querying, reporting, analytics & business intelligence. They are not used for
transactional processing.

Customers primarily are RDS for online transaction processing.

(Data Warehousing are not good for transactional systems. They are primarily used for reporting &
analytics)

TYPES:

I. RedShift
II. Athena
III. Glue
IV. Kinesis
V. Elastic MapReduce (EMR)
VI. Data Pipeline

REDSHIFT:

 RedShift is AWS’s datawarehousing solution

 It improves speed & efficiency when being queried (being accessed).
 It handles Exabyte-scale of data (1024PB)

REAL WORLD C.S:

 Consolidate multiple data sources for reporting.

 For Relational Databases: when you need to run a database that doesn’t require real-time
transaction processing (insert, update & delete data)

ATHENA:

 This is a query service that allows you analyze relational data in S3 using standard SQL.
 You pay per query
 It is considered a serverless engine.

GLUE:

 Glue helps prepare ur data for analytics

 It is an ETL service that generates an ETL code. (ETL => Extract, Transform & Load)
KINESIS:

 Allows you analyze data & video streams in real-time.

 It supports video, audio, application logs, website clickstreams, & IOT data.

ELASTIC MAPREDUCE (EMR):

 Helps process large amounts of data. It can perform data mining, data processing, machine
learning, etc.
 It analyzes data using HADOOP. (HADOOP is a data framework that helps process large amt of
data across multiple clusters of computers)
 It also supports other big data frameworks like APACHE SPARK.

DATA PIPELINE:

 Helps you move data between compute & storage services running either on AWS or on-
premises.(e.g. moving data from S3 --- REDSHIFT)
 You can move data at specific intervals.
 You can move data based on certain conditions.
 It sends notifications on success or failure

ANALYTICS REAL WORLD C.S:

 Search for data in S3. (ATHENA)

 Log analytics services, such as; application monitoring/fraud detection. (KINESIS)

H) MACHINE LEARNING: This is a form of AI that teaches computers things that normally require
human intelligence.
i. Amazon Rekognition
ii. Comprehend
iii. Polly
iv. SageMaker
v. Translate
vi. Lex

AMAZON REKOGNITION:

 Helps you automate your image & video analysis.

 Helps identify custom labels in images & videos
 Performs face detection in images & videos.

REAL WORLD C.S:

 Label detection
 Text-in-image detection
 Celebrity recognition
  Facial analysis
 Image moderation
 Video analysis

COMPREHEND:

 It is a Natural-Language Processing service (NLP) that finds relationship in texts.

 It analyzes texts
 It finds insights & relationships within texts.

REAL WORLD C.S:

 It can be used for social media posts review. Can process social media posts by looking for
specific keywords.

POLLY:

 This turns texts to speech

 It mimics Natural-sounding human speech
 It has access to several voices across many languages.

REAL WORLD C.S:

 Polly could convert the text on a blogpost to speech that can be downloaded/replayed in MP3
format.

SAGEMAKER:

 This is the flagship machine learning service on AWS.

 It helps you build, train & deploy ML models quickly
 It provides every developer & data scientist the ability to prepare data for models, train &
deploy models
 It uses deep learning AMIs

(AMIs => EC2 deep learning instances with high compute capacity that accelerate ML & DL)

REAL WORLD C.S:

 Recommendation engines (e.g. Netflix uses this ML model to recommend movies to their
customers).

TRANSLATE:

 It provides language translation in real-time

 It supports many languages
 It translates many content formats.

REAL WORLD C.S:

 Allows you to add localization (language based on location) to your apps to support your diverse
user base.
LEX:

 It helps you build conversational interfaces like chatbots.

 It can recognize speech and understand language
 It can build highly engaging chatbots
 It is what powers the Amazon Alexa

REAL WORLD C.S:

 It can integrate voice into a device (e.g. Amazon Alexa integrated into Amazon Echo devices)

I) DEVELOPER TOOLS:

These are essential tools provided by AWS to accelerate development and release cycle for developers.

i. Cloud9
ii. CodeCommit
iii. CodeBuild
iv. CodeDeploy
v. CodePipeline
vi. X-Ray

CLOUD9:

 It allows you write your codes within an Integrated Development Environment (IDE) from your
browser.
 It allows you write & debug codes
 It supports popular programming languages

REAL WORLD C.S:

 It helps build serverless apps. (It preconfigures the development environment with the needed
SDKs & libraries). You can write ur lambda directly from ur browser.

CODECOMMIT:

 This is a source control system for Git repositories. (similar to GITHUB)

 It creates repositories to store ur codes
 It commit, branch & merge ur code
 It helps collaborate with other software developers

REAL WORLD C.S:

 It manages versions of source code files for ur applications & also different versions of ur app.

CODEBUILD:

 Allows you to build & test ur application source code.

 It helps combine source code & run tests.
  It enables Continuous Integration & Continuous Delivery (CI/CD)
 It produces artifacts ready to be deployed.

REAL WORLD C.S:

 It helps you run as many parallel streams of tests needed before deploying a new version of ur
application to production. Allowing you deploy ur changes more quickly.

CODEDEPLOY:

 It manages the deployment of code to compute services in the cloud or on-premises. Deploys
code to EC2, Fargate, Lambda & on-premises.
 It helps with maintaining app uptime.

REAL WORLD C.S:

 It helps with “ rolling deployments ”. (it eliminates downtime during this process when
deploying a new version of ur app)

CODEPIPELINE:

 It automates software release process.

 It quickly delivers new features & updates.
 It integrates with CodeBuild to run builds & run tests.
 It integrates with CodeCommit to retrieve source code
 It integrates with CodeDeploy to deploy ur changes to ur app

REAL WORLD C.S:

 When CodePipeline integrates with other developer tools, it helps development teams
implement DevOps practices that automates building, testing, & deploying applications.

DEPLOYMENT OF CODE TO PRODUCTION:

DEV-----TEST-----PRODUCTION

X-RAY:

 It helps you debug & analyze production apps.

 You are able to map ur application components
 You are able to view requests end to end.

REAL WORDL C.S:

 X-Ray can help you trace calls to an RDS database. It helps map requests to ur RDS database
from within ur app. You can also track information about the SQL queries generated, etc.

J) DEPLOYMENT & INFRASTRUCTURE MANAGEMENT SERVICES:

These are services that helps you standup/deploy new applications, automate the mgt of resources &
provide real-time visibility into the system health.

i. CloudFormation
ii. Elastic BeanStalk
iii. OpsWork
iv. MarketPlace
v. AWS Partner Network

INFRASTRUCTURE AS CODE (IAC): This is where you write scripts to provision AWS resources
(standup/deploy servers, databases, etc).

Basically, you script out infrastructures, which turns the infrastructure into code.

It saves time.

CLOUDFORMATION:

 Allows you provision AWS resources using IAC (Scripted Templates).

 It provides a repeatable process for provisioning AWS resources.
 It works with most AWS resources.
 It helps create templates for the resources you want to provision.

REAL WORLD C.S:

 You can use kit to automate the creation of EC2 instances in ur AWS account.

ELASTIC BEANSTALK:

 It is a compute service used when you are ready to deploy ur web app/service to AWS, not on-
premises.
 It is an orchestration service used to provision & scale web apps to AWS.
 It automatically handles the deployment. (capacity provisioning, load balancing & autoscaling)
 It also monitors application health via a health dashboard

REAL WORLD C.S:

 You are able to quickly deploy a scalable Java-based web app to AWS. (After uploading ur Java
code, Elastic BeanStalk helps deploy it & automatically handle its deployment, as well as help
monitor the system health of ur application)

ELASTIC BEANSTALK SETUP:

USERS ----- APPLICATION LOAD BALANCER ------ EC2 instances

OPSWORKS:

 Allows you use Chef/Puppet to automate the configuration of your servers.

 It helps deploy code & manage application
  It helps manage on-premises servers/EC2 instances into the AWS cloud. i.e. you can deploy apps
internally on ur on-premises servers into AWS cloud.

REAL WORLD C.S:

 Opsworks allows you define software installation scripts & automate configuration for ur app
server.

MARKETPLACE:

This is a digital catalog of prebuilt solutions you can purchase or license. You can also use it to sell these
solutions to others.

AWS PARTNER NETWORK:

This is a global community of approved partners that offer software solutions & consulting services for
AWS.

K) MESSAGING & INTEGRATION SERVICES:

i. Simple Queue Service (SQS)
ii. Simple Notification Service (SNS)
iii. Simple Email Service (SES)

 Coupling means the connections/interdependencies between components of a system

 Loose coupling, i.e. loose connections, helps reduce the risk of cascading failures between
components of a system.
 Loose coupling supports Microservices.
 Tight coupling typically supports Monolithic Applications because it’s a large application with a
lot of dependencies.
 Queues are used to implement loose coupling.
 Queues is a data structure that holds a message/request.
 Loose coupling implements the FIFO order (FIRST IN FIRST OUT)

SIMPLE QUEUE SERVICE (SQS):