AWS Global Infrastructure

location consisting of
1 Region A geographical
cluster datacenters
of
datacenter
Zones ALS Cluster
Availability
of
2 with high speedfibre
binoled together
servers
Consist
of
Region

7 1a Mulraj south t
lab
Zones ALS 7
it
ji
Datacenters
as Y
DCS Fault tolerance
Redundancy
1AZIDI
 OS windows
macos

Applications Compute
Resizable
capacity

Software IGI BRAM

processor
30GB SSDStorage
AWS Cloud virtual
Instance type A
AmazonMachine underlying
AMI representation of
Image compute
resources
specifies software I CPU IGI
BRAM
Eu 2 Micro
configuration
WordPress 5.1.1
Os Apache
PHP
F U Ubuntu 20.04
DB Y 5.0.22
MySQL
MachineImage
Amazon
 Egs 79g
resources wordpressserver
Recognisingyour
Automation
server Tag
100Instances ApachePHP version
Applyupdates upgrade

8 Admin
reports
Generating billing

Tag
ProjectAlpha
so
Instaffs Project
Alpha
July

Public Private Key Cryptography

KeypM publickey 1 Privatekey

Embedded
into Q
I Admin

EInstanti Saved on local

machine
 Security Group
andoutgoing
that restricts incoming
A virtual firewall
an instance Filters
traffic for
EU HTTPHTTPS SSH
Restricted ti ii
t.
webAppling Ports
HTTPS 443
Outgoing Aws ssn 22

QQ RDP 3389
3306
tenet users MySQL
connect to
installsoftware
gig Ip Addresses
patening
Admins applications
andupgradation
maintenance

8 22
Port Known from your
on premises

IP Address IPS
network

Protocol
3389
Port 8 Known IPs only
Internetusers
HTTP or HTTPS
Protocols
Autoscaling
443 2
Ports 80
Mincapacity
Desired
IP Address fromanywhere
0.0.0.010 Launch

Elastic Load Balancer

Instance A Healthy 5011

Instance B HEY 50 1 2000 stance us east ta
Unhealthy
a 50
ELB send to
X Pingpath
thcheck
html
Tfm
request g finder
2000K
Instance B us east lb
uyz.com pastor
Healthy
Respond
ya Running
Apps and services are
Internet users responding
AZ is available
 Passed 2 2 checks

unhealthy
Terminated
Stopped
are Not
and services
Apps
responding
is down outage
AZ
2 2 checks
Not passed
State Impaired
Check
Instance Status
2 2 checks Check
System Status

Balancer
Application Lead
model
the Ost
the 7th layerof
Works at
HTTPand HTTPS traffic only
Supports
to targets
your traffic
Route Instances
Docker containers
Lambda functions
 Onpremises servers

based or content basedrouting

Supports path
µ jpgimages
ALB
Elders does
doc
Idages

i.fi I
Instances

It itGroup 1 TargetGroup
2
Target

Aue sealing
no instances
Rightcapacity of
availability
High
Fault tolerance shrinkyour
Grow or
Based on Elasticity
based i Demand
infrastructure Patterns incoming traffic
7 Hi of Too
or decrease the
no
11Increase
instances
of cg Time of Day
 Scenario 1 Day
ScheduledAction Timeof

F commerce
instances
Normal days
100 Eez instant
tooo Ece
Promotions
Discounts
Sale 239125th Dec
Christmas

Scenario In house business applications

100 Eca instances

7 9AM 6PM
Io Eca instances
Post 6PM
9AM Neut day
Demand
Patterns incoming traffic
Scenarios of

x
Cloudwatch
780
o Cpu utilization
Event
a ScaleOut A
Initiate 10 Auto Scaling Group logical
instances
Launch identicalinstances
collection of

i
 10
0
CPU Utilization 130
a Scale
In Event
Initiate
instances
Terminate

Auto Scaling Launch Instances

initiates a x
scale out
Event
I I
AmazonMachineImage
CAMI Auto Scaling Group
Instance type
Security Launch configuration

Storage Guy
keypair
Requests

ga 11 Fist

Users Front End

Web Server
 VIC
Virtual PrizateCloyd
data centre in
the Aws cloud
A virtual

Accenture JP Morgan
et

Fito
AWS Public Cloud

Benefits
Enhanced security

Flenibility
Transparency
resources
More control upon
 Blocks a UPC
Building of
IP Addresses Private Public and Elastic
1
communication within
i Private IPs Internal network
the same

AWS Cloud
Ranges

10 xxx
xx x 0 255
xx 172.31
172.16
X
192.168 X
to it
IP assigned
should have
a
instance private
Every
Static in nature

Free cost
of
 communication
Public IIs Enternal
Ii
Internet
I Branonoffice Internet
IPs
I I usingprivate

iÉ II
Over
the
Egg E
Aws Cloud Route53 YFÉom
PD Better
Not mandatory insidedefault
and randomly Yapp
automatically No
Assigned 1
IP
lew Public

point I
IPs 3 Ayewpublic
1
office
Ip

2 StopInstance
in nature
Dynamic
3 Restart instance
 Free cost Aws
of
Changeable
BYOIP LISP
IPs
IPs Same as public
Iii Elastic nature
Static in small nage g FIPS
can buy

account More
All Pricing Free
types 5 EIPs Region
Man limit
toolong
FIP to a stopped for too
instance
Neverassign state long
keep them in unassigned for
Never ElasticIPs
1 Scarcityof public
it
Release

Blocks IPs
2 Subnets ofprivate
inside them
Launch instances
Zones
Associated with Availability

Subnets Public and Private

ganging
divided into
a WPC nets CIDR
Create multiplesub Eachsubnethas
a
to it
CIDR Block block assigned
Classless Inter DomainRouting
Block
IP Address
bits Y octets
E 32
IPv4 Address

1725310000 16 4 120
xp
1stoctet
T I I
www.fbitsy Subnet
01101101
Host

É
Subnets
Integgtway

subnet
Public Lou a

Subnet

172 31.0.0116
UPC N Virginia
 RouteTable A set routes
ofand externaltraffic flow
Determines internal

Consists the resources

0 PublicSulnet of
the internet
access
that should
Web Servers
e.g
RouteTable Public Subnet
PrivateSubnet
Route 0.0.0.010 71GW a

the resources
oIIatesynet Consists
of
be restrictedfrom open
that should Databases
internet access e.g

No access to the internetgateway

 Natan's Eep

Én q
Yaw

NAT Gw

Icw

MITE 8.073
II ice
PublicSubnet Private Subnet

Iain
Identity andAccess Management
JPMorgan
7 Root Account
Impolicies 1 Authentication
credentials
and level
Authorization types
Q z
access
IAM Chris Developer of
Ms Cool Commit
Eez
CooleBuild
waccess
CoolePipeline is given
RootAccount x
X Technical operations
to Aws
On boarding

Billing
Managing
Ian users

QAS Lima Networking

Users SAS Deus
I AM mins
and DB Aol

Technical operations
X Billing
Administrator Billing
enception

1am Policies
documents
IS on
1am users

Specifypermissions for
 types

Custom
Aws Managed customers
Created
by
Default Customized
based
customization
Lack needs
on business

TSE Policy
Anatomy
of a
descriptionof
A formal
1 Statement
single permission

Allow
Effect Deny
MakeBucket CreateASG
3 Action LaunchInstane
TerminateInstance
 EG Instance ELB AutoScalingGp
4 Resource
53 Bucket

A Uli lolcoed

All
Any
Object A fundamentalentity
Account
Any
buckets
too
jpeg pong polf to
far olocete up
Lip
Rogations
53 Bucket A fundamental
container
List
Read Get
 Root Account 2 Statement
1
100 Buckets

1stBucket Acces
Full
I Iis
guru tY

Rest y
Statement
Buckets

IAI Roles
interaction
Resource to resource
out scope
Cross AccountAccess of
 E at Python
webApp

images y
gimages y 1
2
Endusers EEIganicemages

Attach 53 Bucket
Ian Role
Full Access
AmazonS3
Policy

Cloudwatch
tool
monitoring
Default with Sns
merged
Send notifications
Take actions automatically
some

Y
Cloudwatch 5min
Default
frequency
Elz Instance
Standard Monitoring
L
 Free Metrics Parameters
Cpu utilization
a
Admin Network In Bytes
Sys
Network Out Bytes

Detailed monitoring
I 1min frequency
Paid
Volumes
EBS
Elastic Block Store snapshots

disks to be linked
o Provides raw and formatted

instances in the cloud

with
167 B man limit
each volume
o Size
of andimage C
8
Data Rootvolume Os Admin
files
NAS Attached Mounted RDP
EBS 7
a
SAN I HP IBM
AS Volume Same AZ
Deelphysical
30GB
separate Eez Instance machine
storage Attach Windows
infrastructure
 f
Same AZ

Root Create image

Volyme I
Launch duplicate
Eca instance instance
Another

EBS is a
persistent storage in the
made redundant
o Data in a volume is
same AZ
Incremental
backups
EBS
Volume
Snapshot
Data is us east 1
1a
us east 1a made
Ib
mean
across
all Azs
in
If
a Region
volume
Restore a duplicate
Snapshot in same AZ
in other AZS
 in same Region
in Region
different
over to other Regions
can be copied
Snapshots
Snapshot
A Pt A
X Snapshot
Mumbai N virginia
accounts
with other Aws
0
Shared privately

o Disaster recovery
o Data migration
Create image CustomAMI
Rootvolume
OSandbinary t
data
files Encapsulates Snapshot Launch

createdfrom
a
instance
Duplicate
Volume
 instance
volumes with
an

You can attach multiple volumes

these
data across
Stripe and throughput
increased i o
for
performance

Backup
Snapshot Incremental

IIs 1StSnapshot

2 so
É
ÉsnaI ai as
volume
40GB
snap

so
2nd 3rd GiB

Cost
off
t
31 30
I GiB
450 t 5GiB
Faster size us GiB
Duplicate volume D Aws manage
3rdsnap Snap Ss Bucket
3 2 1
 Elastic IIe System CES
as
A developed by
file system
workloads
Acts as a storage
common
multiple
instances for
and applications running upon

a
be
partof
can a
virtual disk
EBS volume
instance of
NFS 2049 B EBS
Volume

sing F
than data
Entire
region
É
Fg a a
doc
To connect a
Éd
1

i s creates AD
Mount targets
AZ
One mount target
one interface
 virtual f these
installedupon
should be
is The Ets utility
a bash soft
instances Automated using
Automated
NFS 2049
D E ca sa X E FSG
File system
ECz Instances

Storage
Data reolynolaney Class

Standard One Lone

Regional
Multiple copies Multiple copies
is
data is produced
data produce
of of
Replicated
in just
across all
Replicated one AZ only

AZ s in a Region
Cheaper
cost
More
 VE Peeing
VPes together
Connect the
in same or in a
different Region
accounts
in same or across different
if
as
communicate
and
NPCs are connected they
network
to the same
they belong Same organization
Same account
Use Case 1
should
C IDR Blocks
wait Eg

Route Tables
VPC

Y
Aolwins
Et

Finance
m
Use Case 2 Across separate accounts

NASA
É fstg
on
0 16
172 31.0 10.0 0.0 16
Steps S
Vec Yacceptor Vec

1 Requester
Reject
Upc
Z Accepter
Accept
tables
route
3 Modify
 Network Access Control
List
security
An optionallayerof the incoming
that restricts
A virtual firewall a subnet
and outgoing traffic for

I IEps
HIM
IIFA
My
Security
Groups
BII EÉÉE
Y
chunk
major of
Subnet
traffic XII
VPC E Mumbai

N
thy
79 D
Political
Science
x a
xp
EFIM EE Psychology
Highermain
priority
gate
 Configuration
rule no 1 32766
Every rule
to
top
in ascending order from
Rule nos should be bottom

I si
HTTPS Ascending
2

rule at the bottom

Every
NACL Deny not
which is
Blocks Denies any traffic
mentioned Gateway

VIC Endpoints Interface

network
Internet Public
1st T 5
portion If
Endpoint
Eatman
Bucket
network Upc

Edge
Locations Endpoint
Encrypted
one P
DynamoDB Tables
and

pusnetwork secure
 Simple Storage Service 3

cases
Use

Backup and
archival
1 videos etc
images
2 Content delivery
3 Snapshots
Static website
hosting Region
4 domain Region
Aws other cloud
5 Data migration and vice versa
Aws on premises

6 Disaster recovery Watch logs

and Cloud
Store
troubleshooting
7

8 Analytics Object
copies
Multiple
availability a
High

mean
t if

Resilient
No Virginia us east 1
 Versioning
Benefits
of accidental deletions
data in cases
1 Protects
your of
and onewrites
Vcs
a Version Control System
2 Use it as

Classes
Storage
accessed data
1 Standard Frequently
accessed
2 Standard IA Infrequently
data

Unknown or changing
3 Intelligent Tiering access patterns
Access Tier
Frequent cheaper
Object 30

First
No access
for
straight
Infrequent
days Access Tier
30days

Rex
 Chie access
90days

No 180 yo
for
straight
for
access

straight Tier
days Archive Access
DeepArchi a
lot cheaper
Tier
Cheapest

Replication
x
a
Cross Region
Same Region

accounts
In same separate
 re
png
Topyofupng
Q Nitin Singapore
us 9
7 Asin
a
1

Bucket
Primary Bucket Secondary
Prerequisites
both
should be enabled on

1 Versioning
buckets mandatory
bucket
2 IAM role Primary
Automated
 Routes3

contains
Hosted Zone A container that
th the entire routing information
Leverage domains
DNS service domains and sub
of
Consists records Ms
of Name servers
name
Actualdomain
Two defaultrecords servers that will
the domain's
process
traffic
Soa
Stout Authority
of master primary name server
Point towards the
Fail DMS Failover
uyz.com
8 Routes

Always
r
cloudwath
Health
Check
LB LB
Healthy
I
unhealthy
Primary secondary standby
01 02
01 02

Singapore
Novirginia