Professional Documents
Culture Documents
Snow ball:
Availability zones: one or more discrete data centres interconnected to low latency .
Agility : when we want get more and when we don’t we get less
Aws config : ec2 installed monitors the configs audits and monitor
Advantages of volume discounts with minimal impact to aws resources : use the consolidated billing
feature from aws organizations
Factors to Customer need to Choose aws region: reduced latency to user /data sovereignty
compliance
Amazon Elastic Compute Cloud (Amazon EC2) offers the broadest and
deepest compute platform, with over 600 instances and choice of the
latest processor, storage, networking, operating system, and purchase
model to help you best match the needs of your workload. We are the first
major cloud provider that supports Intel, AMD, and Arm processors, the
only cloud with on-demand EC2 Mac instances, and the only cloud with
400 Gbps Ethernet networking. We offer the best price performance for
machine learning training, as well as the lowest cost per inference
instances in the cloud. More SAP, high performance computing (HPC), ML,
and Windows workloads run on AWS than any other cloud.
Amazon EMR is the industry-leading cloud big data solution for petabyte-
scale data processing, interactive analytics, and machine learning using
open-source frameworks such as Apache Spark, Apache Hive,
and Presto.
Amazon Simple Queue Service (Amazon SQS) lets you send, store, and
receive messages between software components at any volume, without
losing messages or requiring other services to be available.
AWS AppSync creates serverless GraphQL and Pub/Sub APIs that simplify
application development through a single endpoint to securely query, update,
or publish data.
Amazon Connect, you can set up a contact center in minutes that can
scale to support millions of customers.
AWS Cost Explorer has an easy-to-use interface that lets you visualize,
understand, and manage your AWS costs and usage over time. Get started
quickly by creating custom reports that analyze cost and usage data.
Analyze your data at a high level (for example, total costs and usage
across all accounts), or dive deeper into your cost and usage data to
identify trends, pinpoint cost drivers, and detect anomalies.
AWS Budgets, set custom budgets to track your costs and usage, and
respond quickly to alerts received from email or SNS notifications if you
exceed your threshold.
Savings Plans is a flexible pricing model that can help you reduce your bill
by up to 72% compared to On-Demand prices, in exchange for a one- or
three-year hourly spend commitment. AWS offers three types of Savings
Plans: Compute Savings Plans, EC2 Instance Savings Plans, and Amazon
SageMaker Savings Plans.
AWS Batch lets developers, scientists, and engineers efficiently run hundreds
of thousands of batch and ML computing jobs while optimizing compute
resources, so you can focus on analyzing results and solving problems.
AWS Elastic Beanstalk deploys web applications so that you can focus on
your business.
Amazon Connect, you can set up a contact center in minutes that can
scale to support millions of customers.
Amazon API Gateway is a fully managed service that makes it easy for
developers to create, publish, maintain, monitor, and secure APIs at any
scale. APIs act as the "front door" for applications to access data,
business logic, or functionality from your backend services. Using API
Gateway, you can create RESTful APIs and WebSocket APIs that enable
real-time two-way communication applications. API Gateway supports
containerized and serverless workloads, as well as web applications.
AWS AppSync creates serverless GraphQL and Pub/Sub APIs that simplify
application development through a single endpoint to securely query, update,
or publish data.
Amazon Elastic File System (EFS) automatically grows and shrinks as you
add and remove files with no need for management or provisioning.
Amazon Macie is a data security service that uses machine learning (ML)
and pattern matching to discover and help protect your sensitive data.
AWS WAF helps you protect against common web exploits and bots that
can affect availability, compromise security, or consume excessive
resources.
AWS IAM Identity Center (successor to AWS Single Sign-On) helps you
securely create or connect your workforce identities and manage their
access centrally across AWS accounts and applications. IAM Identity
Center is the recommended approach for workforce authentication and
authorization on AWS for organizations of any size and type.
AWS Resource Access Manager AWS RAM helps you securely share your
resources across AWS accounts, within your organization or organizational
units (OUs), and with IAM roles and users for supported resource types.
AWS CloudTrail, you can monitor your AWS deployments in the cloud by
getting a history of AWS API calls for your account, including API calls
made by using the AWS Management Console, the AWS SDKs, the
command line tools, and higher-level AWS services. You can also identify
which users and accounts called AWS APIs for services that support
CloudTrail, the source IP address from which the calls were made, and
when the calls occurred. You can integrate CloudTrail into applications
using the API, automate trail creation for your organization, check the
status of your trails, and control how administrators turn CloudTrail
logging on and off.
Business support :
24x7 access to Cloud Support Engineers via phone, chat, and web. You can
have an unlimited number of contacts that can open an unlimited amount of
cases. Response times for general guidance is less than 24 hours, system
impaired is less than 12 hours, production system impaired is less than 4
hours, and production system down is less than an hour.
Enterprise On-Ramp
24x7 access to Cloud Support Engineers via phone, chat, and web. You can
have an unlimited number of contacts that can open an unlimited amount of
cases. Response times for general guidance is less than 24 hours, system
impaired is less than 12 hours, production system impaired is less than 4
hours, production system down is less than an hour, and business critical
system down is less than 30 minutes.
24x7 access to Cloud Support Engineers via phone, chat, and web. You can
have an unlimited number of contacts that can open an unlimited amount of
cases. Response times for general guidance is less than 24 hours, system
impaired is less than 12 hours, production system impaired is less than 4
hours, production system down is less than an hour, and business critical
system down is less than 15 minutes.
AWS X-Ray - You can use AWS X-Ray to analyze and debug serverless and distributed applications
such as those built using a microservices architecture. With X-Ray, you can understand how your
application and its underlying services are performing to identify and troubleshoot the root cause of
performance issues and errors.
AWS Trusted Advisor - AWS Trusted Advisor is an online tool that provides you real-time
guidance to help you provision your resources following AWS best practices on cost
optimization, security, fault tolerance, service limits and performance improvement. Whether
establishing new workflows, developing applications, or as part of ongoing improvement,
recommendations provided by Trusted Advisor regularly help keep your solutions
provisioned optimally. Trusted Advisor cannot be used to debug performance issues for this
serverless application built using a microservices architecture.
Amazon Pinpoint - Amazon Pinpoint allows marketers and developers to deliver customer-
centric engagement experiences by capturing customer usage data to draw real-time insights.
Pinpoint cannot be used to debug performance issues for this serverless application built
using a microservices architecture.
AWS CloudFormation - AWS CloudFormation allows you to use programming languages
or a simple text file to model and provision, in an automated and secure manner, all the
resources needed for your applications across all Regions and accounts. Think infrastructure
as code; think CloudFormation. CloudFormation cannot be used to debug performance issues
for this serverless application built using a microservices architecture.
Site to Site VPN - AWS Site-to-Site VPN creates a secure connection between your data
center or branch office and your AWS cloud resources. This connection goes over the public
internet. Site to Site VPN cannot be used to interconnect VPCs.
AWS Direct Connect - AWS Direct Connect creates a dedicated private connection from a
remote network to your VPC. This is a private connection and does not use the public
internet. Takes at least a month to establish this connection. Direct Connect cannot be used to
interconnect VPCs.
VPC Endpoint - A VPC endpoint enables you to privately connect your VPC to supported
AWS services and VPC endpoint services powered by AWS PrivateLink without requiring an
internet gateway, NAT device, VPN connection, or AWS Direct Connect connection. You
cannot connect two VPCs using a VPC endpoint.
AWS Glue - AWS Glue is a fully managed extract, transform, and load (ETL) service that
makes it easy for customers to prepare and load their data for analytics. AWS Glue job is
meant to be used for batch ETL data processing. It cannot be used to discover and protect
your sensitive data in AWS.
Amazon Polly - Amazon Polly is a service that turns text into lifelike speech, allowing you
to create applications that talk, and build entirely new categories of speech-enabled products.
Polly's Text-to-Speech (TTS) service uses advanced deep learning technologies to synthesize
natural sounding human speech. It cannot be used to discover and protect your sensitive data
in AWS.
AWS Secrets Manager - AWS Secrets Manager helps you protect secrets needed to access
your applications, services, and IT resources. The service enables you to easily rotate,
manage, and retrieve database credentials, API keys, and other secrets throughout their
lifecycle. Users and applications retrieve secrets with a call to Secrets Manager APIs,
eliminating the need to hardcode sensitive information in plain text. It cannot be used to
discover and protect your sensitive data in AWS.
Amazon Macie - Amazon Macie is a fully managed data security and data privacy service
that uses machine learning and pattern matching to discover and protect your sensitive data in
AWS. Macie automatically provides an inventory of Amazon S3 buckets including a list of
unencrypted buckets, publicly accessible buckets, and buckets shared with AWS accounts
outside those you have defined in AWS Organizations. Then, Macie applies machine learning
and pattern matching techniques to the buckets you select to identify and alert you to
sensitive data, such as personally identifiable information (PII).
On-Demand
On-Demand Instances let you pay for compute capacity by the hour or second
with no long-term commitments. This frees you from the costs and
complexities of planning, purchasing, and maintaining hardware and
transforms what are commonly large fixed costs into much smaller variable
costs.
Users that prefer the low cost and flexibility of EC2 without any upfront
payment or long-term commitment
Applications with short-term, spiky, or unpredictable workloads that
cannot be interrupted
Savings Plans
Savings Plans is a flexible pricing model that can help you reduce your bill by
up to 72% compared to On-Demand prices, in exchange for a commitment to a
consistent amount of usage (measured in $/hour) for a 1- or 3-year term.
AWS offers three types of Savings Plans: Compute Savings Plans, EC2
Instance Savings Plans, and Amazon SageMaker Savings Plans. Compute
Savings Plans apply to usage across Amazon EC2, AWS Lambda, and AWS
Fargate.
Amazon EC2 Spot Instances let you take advantage of unused EC2 capacity in
the AWS cloud and are available at a discount of up to 90% compared to On-
Demand prices.
Dedicated Hosts
A Dedicated Host is a physical EC2 server fully dedicated for your use.
Dedicated Hosts can help you reduce costs by allowing you to use your
existing server-bound software licenses, including Windows Server, SQL
Server, and SUSE Linux Enterprise Server (subject to your license terms).
Dedicated Hosts can be purchased On-Demand (hourly) or can be purchased
as part of Savings Plans.
Disaster recovery
Per-second billing
EC2 per-second billing removes the cost of unused minutes and seconds from
your bill. Focus on improving your applications instead of maximizing hourly
usage, especially for instances running over irregular time periods such as
dev/testing, data processing, analytics, batch processing, and gaming
applications.
For details on related costs like data transfer, Elastic IP addresses, and EBS
Optimized Instances, visit the On-Demand pricing page.
Cloud Computing can be broadly divided into three types - Infrastructure as a Service (IaaS),
Platform as a Service (PaaS), Software as a Service (SaaS).
IaaS contains the basic building blocks for cloud IT. It typically provides access to
networking features, computers (virtual or on dedicated hardware), and data storage space.
IaaS gives the highest level of flexibility and management control over IT resources.
Examples - Amazon EC2 (on AWS), GCP, Azure, Rackspace, Digital Ocean, Linode.
PaaS removes the need to manage underlying infrastructure (usually hardware and operating
systems) and allows you to focus on the deployment and management of your applications.
You don’t need to worry about resource procurement, capacity planning, software
maintenance, patching, or any of the other undifferentiated heavy lifting involved in running
your application. Examples - Elastic Beanstalk (on AWS), Heroku, Google App Engine
(GCP), Windows Azure (Microsoft).
SaaS provides you with a complete product that is run and managed by the service provider.
With a SaaS offering, you don’t have to think about how the service is maintained or how the
underlying infrastructure is managed. You only need to think about how you will use that
particular software. Examples - Amazon Rekognition, Google Apps (Gmail), Dropbox,
Zoom.