-
What Is Cloud Computing?
- Cloud computing is the on-demand delivery of compute power, database, storage, applications, and other IT resources through a cloud services platform via the Internet with pay-as-you-go pricing.
-
Six Advantages of Cloud Computing
- Trade capital expense for variable expense
- Benefifit from massive economies of scale
- Stop guessing capacity
- Increase speed and agility
- Stop spending money running and maintaining data centers
- Go global in minutes
-
Types of Cloud Computing
-
Cloud Computing Models
-
1.Infrastructure as a Service (IaaS)
- Infrastructure as a Service (IaaS) contains the basic building blocks for cloud IT and typically provides access to networking features, computers (virtual or on dedicated hardware), and data storage space. IaaS provides you with the highest level of flflexibility and management control over your IT resources and is most similar to existing IT resources that many IT departments and developers are familiar with today.
-
2.Platform as a Service (PaaS)
- Platform as a Service (PaaS) removes the need for your organization to manage the underlying infrastructure (usually hardware and operating systems) and allows you to focus on the deployment and management of your applications.
-
3.Software as a Service (SaaS)
- Software as a Service (SaaS) provides you with a completed product that is run and managed by the service provider.With a SaaS offffering you do not have to think about how the service is maintained or how the underlying infrastructure is managed; you only need to think about how you will use that particular piece of software.
-
Cloud Computing Deployment Models
-
1.Cloud
- A cloud-based application is fully deployed in the cloud and all parts of the application run in the cloud.
-
2.Hybrid
- A hybrid deployment is a way to connect infrastructure and applications between cloud-based resources and existing resources that are not located in the cloud.
-
3.On-premises
- The deployment of resources on-premises, using virtualization and resource management tools, is sometimes called the “private cloud.”
-
Global Infrastructure
- The AWS Cloud infrastructure is built around AWS Regions and Availability Zones.The AWS Cloud operates in 80 Availability Zones within 25 geographic Regions around the world, with announced plans for more Availability Zones and Regions. AWS provides you with the flexibility to place instances and store data within multiple geographic regions as well as across multiple Availability Zones within each AWS Region.
-
AWS Region
- An AWS Region is a physical location in the world where we have multiple Availability Zones
- Each Amazon Region is designed to be completely isolated from the other Amazon Regions
- Achieves the greatest possible fault tolerance and stability
- Each region consists of at least 3 availability zones
-
Availability Zones
- Availability Zones consist of one or more discrete data centers, each with redundant power, networking, and connectivity, housed in separate facilities.
- Each Availability Zone is isolated and designed as an independent failure zone. This means that Availability Zones are physically separated within a typical metropolitan region and are located in lower risk flood plains
- Availability Zones in a Region are connected through low-latency links
-
Benefits of AWS Security
- Keep Your Data Safe
- Meet Compliance Requirements
- Save Money
- Scale Quickly
-
Security and Compliance
-
Security
- The AWS Cloud enables a shared responsibility model. While AWS manages security of the cloud, you are responsible for security in the cloud. This means that you retain control of the security you choose to implement to protect your own content, platform, applications, systems, and networks no difffferently than you would in an on-site data center.
-
Compliance
- The IT infrastructure that AWS provides to its customers is designed and managed in alignment with best security practices and a variety of IT security standards. The following is a partial list of assurance programs with which AWS complies:
- SOC 1/ISAE 3402, SOC 2, SOC 3
- FISMA, DIACAP, and FedRAMP
- PCI DSS Level 1
- ISO 9001, ISO 27001, ISO 27017, ISO 27018
-
Exam Essentials
- Understand the global infrastructure.
- AWS provides a highly available technology infrastructure platform with multiple locations worldwide. These locations are composed of regions and Availability Zones. Each region is located in a separate geographic area and has multiple, isolated locations known as Availability Zones.
- Understand regions.
- An AWS region is a physical geographic location that consists of a cluster of data centers. AWS regions enable the placement of resources and data in multiple locations around the globe. Each region is completely independent and is designed to be completely isolated from the other regions. This achieves the greatest possible fault tolerance and stability. Resources aren’t replicated across regions unless organizations choose to do so.
- Understand Availability Zones.
- An Availability Zone is one or more data centers within a region that are designed to be isolated from failures in other Availability Zones. Availability Zones provide inexpensive, low-latency network connectivity to other zones in the same region. By placing resources in separate Availability Zones, organizations can protect their website or application from a service disruption impacting a single location.
- Understand the hybrid deployment model.
- A hybrid deployment model is an architectural pattern providing connectivity for infrastructure and applications between cloud-based resources and existing resources that are not located in the cloud.
Amazon Web Services
Compute Services
- Amazon EC2
- Amazon EC2 Auto Scaling
- AWS Lambda
- AWS Elastic Beanstalk
- AWS Serverless Application Model (AWS SAM)
- AWS Serverless Application Repository
- Amazon Elastic Container Service
- AWS Fargate
- Amazon Elastic Container Registry
- Amazon Elastic Kubernetes Service
- AWS Batch
- Amazon Lightsail
- AWS Outposts
- VMware Cloud on AWS
-
Database
- Amazon Relational Database Service
- Amazon RDS on VMware
- Amazon Aurora
- Amazon DynamoDB
- Amazon Redshift
- Amazon ElastiCache
- Amazon DocumentDB (with MongoDB compatibility)
- Amazon Neptune
- Amazon Quantum Ledger Database (QLDB)
- Amazon Timestream
Networking and Content Delivery
- Elastic Load Balancing
- Amazon VPC
- AWS PrivateLink
- AWS Transit Gateway
- Amazon CloudFront
- Amazon Route 53
- Amazon API Gateway
- AWS Direct Connect
- AWS Global Accelerator
- AWS App Mesh
- AWS Cloud Map
-
Analytics
- Amazon Redshift
- Amazon Athena
- Amazon Elasticsearch Service
- Amazon Kinesis Data Firehose
- Amazon Kinesis Data Analytics
- Amazon Kinesis Data Streams
- Amazon Kinesis Video Streams
- AWS Glue
- Amazon EMR
- AWS Data Pipeline
- Amazon CloudSearch
- Amazon QuickSight
- Amazon Managed Streaming for Apache Kafka (Amazon MSK)
- AWS Lake Formation
- Amazon FinSpace
-
Application Integration
- Amazon SQS
- Amazon SNS
- Amazon SWF
- AWS Step Functions
- Amazon MQ
- Amazon EventBridge
-
Security, Identity, and Compliance
- AWS Identity and Access Management
- AWS Secrets Manager
- AWS CloudHSM
- AWS Key Management Service
- AWS Security Hub
- Amazon GuardDuty
- Amazon Inspector
- Amazon Macie
- AWS WAF
- AWS Firewall Managera
- AWS Shield
- Amazon Cloud Directory
- AWS Directory Service
- AWS Certifificate Manager
- AWS Single Sign-On
- AWS Network Firewall
- AWS Artifact
-
Developer Tools
- AWS CodeCommit
- AWS CodeBuild
- AWS CodeDeploy
- AWS CodePipeline
- AWS CodeStar
- Amazon Corretto
- AWS Cloud9
- AWS X-Ray
-
Management and Governance
- AWS Auto Scaling
- Amazon CloudWatch
- AWS Systems Manager
- AWS CloudFormation
- AWS CloudTrail
- AWS Confifig
- AWS Trusted Advisor
- AWS Control Tower
- AWS OpsWorks
- AWS Organizations
- AWS Managed Services
- AWS License Manager
- AWS Well-Architected Tool
- AWS Compute Optimizer
- AWS Resource Groups
- Amazon Data Lifecycle Manager
- AWS Health
- AWS Service Catalog
- AWS Personal Health Dashboard
- AWS Console Mobile Application
-
Migration and Transfer
- AWS Transfer Family
- AWS Migration Hub
- AWS Application Discovery Service
- AWS Database Migration Service
- AWS Snow Family
- AWS DataSync
- AWS Proton
- AWS Transfer for SFTP