2022-02-23 Chapter 21 - Migration
migration-001; The {{c1::Snow}} Family is a set of secure applications that provide petabyte-scale data collection and processing solutions at the edge and migrate large-scale data into and out of AWS. They offer built-in computing capabilities, enabling customers to run their operations in remote locations that do not have data center access or reliable network capability. migration-002; The {{c1::Snowcone}} offers 8TB of storage, 4GB of memory and 2 vCPUs. It offers IoT sensor integration. m...
Read post
2022-02-22 Chapter 20 - Governance
governance-001; {{c1::AWS Organisations}} is a free governance tool that allows you to create and manage multiple AWS accounts. With it, you can control your accounts from a single location rather than jumping from account to account. governance-002; When using AWS Organisations, it's best practice to create a specific account dedicated to {{c1::logging}}. {{c1::CloudTrail}} supports logs aggregation. governance-003; AWS Organisations allows you to combine and share {{c1::reserved instances}} ...
Read post
2022-02-22 Chapter 19 - Caching
service-cloudfront-001; AWS allows both external and internal {{c1::caching}}. External {{c1::caching}} deals with data that returns to users (images, videos etc) while internal could be in front of a database in an application. service-cloudfront-002; {{c1::AWS CloudFront}} is a fast content delivery network that securely delivers data, videos, applications and APIs to customers globally. It helps reduce latency and provide higher transfer speeds using AWS e{{c1::dge}} {{c1::locations}}. serv...
Read post
2022-02-21 Chapter 18 - Automation
service-cloudformation-001; {{c1::AWS CloudFormation}} allows you to provision resources quickly and consistently, and manages them throughout their lifecycles, by treating infrastructure as code. service-cloudformation-002; AWS CloudFormation is a declarative programming language which supports either {{c1::JSON}} or {{c1::YAML}} formats. service-cloudformation-003; When you upload a CloudFormation template, the service runs the required {{c1::AWS API calls}} on your behalf. service-cloudfor...
Read post
2022-02-21 Chapter 17 - Security
security-001; {{c1::AWS CloudTrail}} increases visibility into your user and resource activity by recording AWS Management Console actions and API calls. It tracks which users and accounts called AWS, the source IP address from which the calls were made, when the calls occurred, request parameters and responses. security-002; AWS CloudTrail stores logs in {{c1::S3}}. security-003; A layer {{c1::4}} DDoS attack is often referred to as a SYN flood. A SYN flood uses the built in patience of the T...
Read post
2022-02-20 Chapter 16 - Serverless Architecture
service-lambda-001; It almost always better to select an answer on the test that uses {{c1::Lambda}} or {{c1::containers}} rather than a traditional operating system. service-lambda-002; {{c1::AWS Lambda}} is a serverless compute service that lets you run code without provisioning or managing the underlying servers. service-lambda-003; Lambda requires that you pick an available {{c1::runtime}} or bring your own. Available {{c1::runtimes}} include Python, Java, NodeJS etc. service-lambda-004; ...
Read post
2022-02-20 Chapter 15 - Big Data
service-redshift-001; {{c1::AWS Redshift}} is a fully managed cloud data warehouse which can store up to 16 PB of data. service-redshift-002; AWS Redshift is a relational database suitable for {{c1::OLAP (BI)}} use cases. It's unsuitable for {{c1::OLTP}} use cases. service-redshift-003; AWS Redshift only supports single-{{c1::AZ}} deployments and is not highly-available by default. service-emr-001; {{c1::AWS Elastic Map Reduce (EMR)}} is a managed big data platform that allows you to process ...
Read post
2022-02-20 Chapter 14 - Decoupling Workflows
service-sqs-001; Tightly coupling applications, such as having an EC2 instance talk directly to another EC2 instance, is a{{c1::n antipattern}}. Always {{c1::loosely}} couple applications! service-sqs-002; {{c1::Simple Queue Service (SQS)}} is a fully managed message queuing service that enables you to decouple and scale microservices, distributed systems and serverless applications. service-sqs-003; Simple Queue Service (SQS) is a poll-based messaging queue that allows {{c1::asynchronous}} pr...
Read post
2022-02-16 Chapter 13 - High Availability & Scaling
service-autoscaling-001; A {{c1::launch template}} specifies all the needed settings that go into building out an EC2 instance. It is a collection of settings you can configure so you don't have to walk through the EC2 wizard over and over. service-autoscaling-002; A {{c1::launch template}} comprises the AMI, EC2 instance size, security groups and potentially networking information and user data. service-autoscaling-003; Launch templates can be used for {{c1::autoscaling}} and other use cases...
Read post
2022-02-15 Chapter 12 - CloudWatch
service-cloudwatch-001; {{c1::AWS CloudWatch}} is a monitoring and observability service that was designed to give us insight into our AWS architecture. It allows us to monitor multiple levels of applications and identify potential issues. service-cloudwatch-002; In CloudWatch, {{c1::System}} (i.e. {{c1::default}}) Metrics are metrics available out-of-the-box from managed AWS services. An example {{c1::default}} metric is CPU utilisation in EC2. service-cloudwatch-003; In CloudWatch, {{c1::App...
Read post
2022-02-15 Chapter 11 - Elastic Load Balancing
service-elb-001; The AWS {{c1::Elastic Load Balancing}} service automatically distributes incoming application traffic across multiple targets, such as {{c1::EC2 instances}}. This can be done across multiple {{c1::AZs}}. service-elb-002; Elastic Load Balancing offers {{c1::3}} different types of load balancers which are likely to be covered in the SAA-C02 exam. service-elb-003; {{c1::Application Load Balancer}} is a type of load balancer offered within the Elastic Load Balancing service. It is...
Read post
2022-02-14 Chapter 10 - Route53
service-route53-001; AWS Route53 is a managed {{c1::DNS}} service. service-route53-002; Route53 supports both {{c1::i}}pv4 and {{c1::i}}pv6. service-route53-003; {{c1::Start of Authority (SOA)}} is a type of DNS record that stores information about the name of the server that supplied data for the zone, who the administrator is and the current version of the data file. service-route53-004; {{c1::Name Server (NS)}} is a type of DNS record that is used by top-level domain servers to direct traf...
Read post
2022-02-11 Chapter 9 - Virtual Private Cloud (VPC) Networking
service-vpc-001; A VPC can be thought of as a {{c1::virtual data center}} in the cloud i.e. a logically isolated part of the {{c1::AWS Cloud}}. service-vpc-002; A typical three tier architecture would have web servers in a {{c1::public subnet}} (i.e. {{c1::internet accessible}}), application servers in a {{c1::private subnet}} (i.e. not {{c1::internet accessible}}) speaking to web/database tier and database servers in a {{c1::private subnet}} which can only talk to the {{c1::application layer}}...
Read post
2022-02-10 Chapter 8 - Databases
service-rds-001; Relational Database Service (RDS) offers six different database engines: {{c1::SQL Server, PostgreSQL, Oracle, MariaDB, MySQL and Amazon Aurora}}. service-rds-002; RDS offers multi-AZ, failovers and automated {{c1::backups}}. service-rds-003; RDS is intended to support {{c1::online transaction}} processing {{c1::(OLTP)}} and is not really suitable for {{c1::online analytical}} processing {{c1::(OLAP)}}. service-rds-004; Enabling the {{c1::multi-AZ}} feature in RDS creates an ...
Read post
2022-01-22 Chapter 7 - Elastic Block Storage (EBS) and Elastic File System (EFS)
service-ebs-001; Elastic Block Storage (EBS) are {{c1::storage volumes}} that you can attach to your {{c1::EC2 instances}}. You can use it the same way that you use any {{c1::system disk}} e.g. create a file system, run an OS or database. service-ebs-002; EBS is automatically {{c1::replicated}} within {{c1::a single AZ}} to protect against hardware failures. service-ebs-003; You can dynamically change EBS {{c1::capacity}} and {{c1::volume type}} with no downtime or performance impact. service...
Read post
2022-01-22 Chapter 6 - Elastic Compute Cloud (EC2)
service-ec2-001; Elastic Compute Cloud (EC2); Secure, resizable compute capacity in the cloud. service-ec2-002; EC2 operates like a {{c1::virtual machine}} hosted in {{c1::an AWS data center}} rather than {{c1::your own data center}}. service-ec2-003; There are four different pricing options for EC2: {{c1::On-Demand, Reserved, Spot and Dedicated}}. service-ec2-004; On-demand instances offer flexibility because there are {{c1::no up-front costs}}. It's also useful for applications with {{c1::s...
Read post
2022-01-18 Chapter 5 - Simple Storage Service (S3)
service-s3-001; S3 manages data as {{c1::objects}} rather than in file systems. You can upload any file type you can think of to S3, but you can't use it to run an {{c1::operating system or database}}. service-s3-002; Objects in S3 can be up to {{c1::5TB}} in size. service-s3-003; You can store {{c1::an unlimited number of}} objects in S3. service-s3-004; All S3 buckets share {{c1::the S3 namespace}}, so each {{c1::S3 bucket name is globally unique}}. service-s3-005; When you upload a file s...
Read post
2022-01-17 Chapter 4 - Identity & Access Management
service-iam-1; Identity and Access Management (IAM); AWS service for controlling access to other AWS resources. service-iam-2; Root Account; This corresponds to the email address you use to sign up for AWS. It has full administrative access to AWS, so it's important to secure it using MFA. You shouldn't use it for day-to-day work. service-iam-3; Principle of Least Privilege; You should only assign a user the minimum amount of access to AWS that they need to do their job. service-iam-4; In IAM...
Read post
2022-01-17 Chapter 3 - AWS Fundamentals
overview-1; Region; A geographical area comprising two or more availability zones. overview-2; Availability Zone; A logical data centre comprising one or more physical buildings, with redundant power, networking and connectivity. overview-3; Edge Location; An endpoint for caching content, typically for AWS CloudFront, Amazon's Content Delivery Network (CDN). overview-4; Key compute services covered in SAA-002 exam (x3); EC2, Lambda, Elastic Beanstalk overview-5; Key storage services covered ...
Read post