Skip to content

AWS

Jump to bottom
Hernani Fernandes edited this page Jun 16, 2021 · 18 revisions

AWS Solutions Architect Exam

  • Link to practice the exam: https://www.whizlabs.com/aws-solutions-architect-associate/
  • Link to schedule an exam: https://www.aws.training/Certification
  • Availabity zone -> is a Data center or if they are close to each other they might be 1 availability zone
  • Region - is 2 or more Availability Zones
  • Edge locations - endpoints for AWS used for caching content (cloudFront - Amazon's content delivery Networl CDN)
  • VPC - Virtual Private clouse - service inside Networking Services
  • IAM 101 - Identity Acess Management - manage level of users access to the AWS Console

To pass the exam:

  • AWS Global infrastructure
  • Compute
  • Security, Identity & Compliance
  • Network & Content Delivery
  • Storage
  • Databases

Less important:

  • Migration & Transfer
  • Machine Learning
  • Desktop & App Streaming
  • Management & Governance
  • Analytics

STEPS:

  • create user, set policies, group and roles to get acess Id and secrety key
  • create billing alarm

IAM 101

  • Centralised control of AWS account
  • Shared access to AWS account
  • Granular Permissions
  • Identity federation (including Active Directory (user windows), Facebook, Linkeding etc..) - login with external credentials
  • Multifactor Authentication
  • Temporary access for user/devices and services where necessary
  • Setup own password rotation policy (when users needs to change their passwords)
  • Integrates with different AWS services
  • Supports PCI Dss Compliance (integration with crédit card related)

Terminologies:

  • Users - people, employees or organization

  • Groups - A collection of users - Each user inheirt the permission of the group

  • Policies - aka Policy documents. Json that gives permissions as what User/Group/Role is able to do

  • Roles - Roles that assign to AWS Resources (allows communication between services)

  • best practices to not user root user with admin

S3 - Simple Storage Service - Object based

  • Files from 0 - 5TB
  • Unlimited space
  • Files storage in buckets
  • Tiered storage available
  • Lifecycle management
  • Versioning
  • Encryptation
  • MFA Delete
  • Data security through Policies and Access Control Lists
  • Amazon transfer acceleration - transfer between buckets between regions
  • buckets are private by default

S3 Standard -

S3 IA (infrequent access) - costs by retrieval fee

S3 IA One Zone - same as IA by just in one zone - very low costs

S3 Inteligent tiering - based on IA move the s3 type based on your usage

S3 Glacier - archiving files (maybe govern regulations) - retrieve from minutes to hours

S3 Glacier Deep archive - retrive time of 12 hours, the lowest cost possible

  • S3 key fundamentals
  • Key - name of the object
  • Value (the sequence of bytes - the file)
  • Version ID
  • Metadata - info about the stored data
  • Subresources (Access control lists - permissions, torrent)
  • Read after write consistency for first PUTS of new objects
  • Eventual consistency for overwrite (PUTS and DELETES) - take some time to propagate
  • 99,99% availabitiy, 99,9999999999% durability designed to sustain the loss of 2 facilities concurrently
  • S3 charges
  • Based on size (storage)
  • by requests and data retrievals
  • by tiering
  • by region replication
  • by type
  • Restricting Bucket Access
  • bucket policies
  • Object policies
  • IAM Policies to Users & Groups

Summary of knowledges while I'm studying

Clone this wiki locally