Full

{TOC}

EC2

Host traditionnal applications Full access to the OS

AWS Lambda - An AWS service for serverless computing

Host short running functions Service-oriented applications Event driven applicaiton No provisioning or managing server

Lambda fonction attends un “trigger” avant de s’exectuter. durée < 15mn

For example, a simple Lambda function might involve automatically resizing uploaded images to the AWS Cloud. In this case, the function triggers when uploading a new image.

Orchestration tool (docker)

ECS - Amazon Elastic Container Service Run container as scale Run on EC2

EKS - Amazon Elastic Kubernetes Service run on EC2

Fargate

Serverless Work wih ECS and EKS When using AWS Fargate, you do not need to provision or manage servers. AWS Fargate manages your server infrastructure for you.

Instances

AMI

Image customisé d’une instances pour redéployer à l’identique.

Zoning

Region: A Region consists of two or more Availability Zones. Availability Zone:

Which factors should be considered when selecting a Region? (Select TWO.)

  • Compliance with data governance and legal requirements
  • Proximity to your customers

Amazon CloudFront: A global content delivery service based on a network of edge locations to cache content and deliver content to customers all over the world

AWS Outposts is a service that enables you to run infrastructure in a hybrid cloud approach

Module 4 - Networking

Connectivity to AWS

Virtual private gateway

AWS Direct Connect

Subnets and network access control lists

AWS Network - VPC

ACL

Limite l’entrée et la sortie du subnet VPC à chaque paquet sans souvenir du traffic (Stateless) By default, your account’s default network ACL allows all inbound and outbound traffic

Security groups

Limite l’entrée et la sortie du paquet de chaque instance EC2 instance avec souvenir du traffic (Statefull) They are stateful and deny all inbound traffic by default

Global Networking

Route53

Service DNS Site web sur AWS

Module 5: Storage and Databases

EBS and Instance Store

EBS: n stopping or terminating an EC2 instance, data remains available - Best for data retention Instance Store: When stopping or terminating an EC2 instance, data is deleted - Best for temporary data

Amazon Simple Storage Service (Amazon S3)

Store data as objects Store objets in a bucket 5TB storage

S3 Standard Infrequent Access S3 Standert

Amazon EBS

Gestion des fichier en tant que blocs. Le fichier est divisé en plusieurs blocs de données et lorsque l’on veut modifier le fichier, seul les blocs changés seront à ré-upload. Importance de taille sur les fichiers de très grosses tailles.

Amazon EFS - Elastic File System

Amazon RDS

Base de donnée Aurora

Amazon Aurora est une base de données relationnelle compatible avec MySQL et PostgreSQL Creation de 6 copies sauvegardées et répliquées automatique par AWS Possibilité également de créer des “Automated backups” pour sauvegarder notre BDD à intervals réguiliers.

DynamoDB

Service de données NoSQL rapide et flexible fournit par Amazon. Modèle de données flexible et performances fiable. Il convient parfaitement à des structures d’applications mobiles, Web, jeux ou technologies publicitaires.

Service RedShift

Service that is used to query and analyze data across a data warehouse

Module 6 -

Partie sécurité

AWS WAF et AWS Shield

AWS WAF us a webapplication firewall AWS Shield prevent DDOS attack

AWS KMS - Key management services

PKI - Gestion des certificats

Amazon inspector

Agent à installer sur l’instance qui remonte les anomalies et comportements anormals

Amazon Guard Duty

Protection intelligente contre les menaces au niveau réseau.

Module 7 - Monitoring and Analytics

Amazon CloudWatch

Access all metrics from central location Gain visibilité into your applications infrastructure and services Reduce MTTR (Min time to resolve) and improve TCO (cost of ownership) Drive insights to optimize applications and operationnal esources Monitor your resources’ utilization and performance Access metrics from a single dashboard Amazon CloudWatch is a web service that enables you to monitor and manage various metrics for the resources that run your applications

AWS CloudTrail

Every request gets logged in the CloudTrail enfine Who, when, where (IP), Result AWS CloudTrail is a web service that enables you to review details for user activities and API calls that have occurred within your AWS environment.

AWS Trusted Advisor

AWS Trusted Advisor is a web service that inspects your AWS environment and provides real-time recommendations in accordance with AWS best practices.

AWS GuardDuty

Amazon GuardDuty is a service that provides intelligent threat detection for your AWS environment and resources. It identifies threats by continuously monitoring the network activity and account behavior within your AWS environment.

Module 8 - Pricing and support

AWS Free Tier

The AWS Free Tier enables you to begin using certain services without having to worry about incurring costs for the specified period.

  • Always Free
  • 12 Months Free
  • Trials

AWS pricing concepts

Pay for what you use. Pay less when you reserve. Pay less with volume-based discounts when you use more.

Billing dashboard

Use the AWS Billing & Cost Management dashboard to pay your AWS bill, monitor your usage, and analyze and control your costs. From the billing dashboard in the AWS Management Console, you can view details on your AWS bill, such as service costs by Region, month to date spend, and more.

Consolidated billing

The consolidated billing feature of AWS Organizations enables you to receive a single bill for all AWS accounts in your organization. By consolidating, you can easily track the combined costs of all the linked accounts in your organization

AWS Budgets

Review how much cost your predicted AWS usage will incur by the end of the month

AWS Cost Explorer

AWS Cost Explorer is a tool that enables you to visualize, understand, and manage your AWS costs and usage over time

AWS Support plans

  • Basic - access to a limited selection of AWS Trusted Advisor checks
  • Developer
    • Best practice guidance
    • Client-side diagnostic tools
    • Building-block architecture support, which consists of guidance for how to use AWS offerings, features, and services together
  • Business
    • Use-case guidance to identify AWS offerings, features, and services that can best support your specific needs
    • All AWS Trusted Advisor checks
    • Limited support for third-party software, such as common operating systems and application stack components
  • Enterprise
    • Application architecture guidance, which is a consultative relationship to support your company’s specific use cases and applications
    • Infrastructure event management: A short-term engagement with AWS Support that helps your company gain a better understanding of your use cases. This also provides your company with architectural and scaling guidance.
    • A Technical Account Manager

AWS Marketplace

AWS Marketplace is a digital catalog that includes thousands of software listings from independent software vendors. You can use AWS Marketplace to find, test, and buy software that runs on AWS.

Module 9 -Migration and innovation

AWS Cloud Adoption Framework - AWS CAF

  • The Business Perspective helps you to move from a model that separates business and IT strategies into a business model that integrates IT strategy.
  • The Security Perspective of the AWS Cloud Adoption Framework also helps you to identify areas on non-compliance and plan ongoing security initiatives.
  • The Operations Perspective focuses on operating and recovering IT workloads to meet the requirements of your business stakeholders.
  • The People Perspective helps Human Resources (HR) employees prepare their teams for cloud adoption by updating organizational processes and staff skills to include cloud-based competencies.
  • Platform Perspective helps you design, implement, and optimize your AWS infrastructure based on your business goals and perspectives?

Migration strategies

Rehosting
Replatforming
Refactoring/re-architecting
Repurchasing
Retaining
Retiring

  • Rehosting

    • Rehosting also known as “lift-and-shift” involves moving applications without changes.
      In the scenario of a large legacy migration, in which the company is looking to implement its migration and scale quickly to meet a business case, the majority of applications are rehosted.

  • Replatforming

    • Replatforming, also known as “lift, tinker, and shift,” involves making a few cloud optimizations to realize a tangible benefit. Optimization is achieved without changing the core architecture of the application.

  • Refactoring/re-architecting

    • Refactoring (also known as re-architecting) involves reimagining how an application is architected and developed by using cloud-native features. Refactoring is driven by a strong business need to add features, scale, or performance that would otherwise be difficult to achieve in the application’s existing environment.

  • Repurchasing

    • Repurchasing involves moving from a traditional license to a software-as-a-service model.

  • Retaining

    • Retaining consists of keeping applications that are critical for the business in the source environment. This might include applications that require major refactoring before they can be migrated, or, work that can be postponed until a later time.

  • Retiring

    • Retiring is the process of removing applications that are no longer needed.

AWS Snow Family

The AWS Snow Family is a collection of physical devices that help to physically transport up to exabytes of data into and out of AWS.
AWS Snow Family is composed of AWS Snowcone, AWS Snowball, and AWS Snowmobile. AWS Snowmobile is a service that is used for transferring up to 100 PB of data to AWS. Each Snowmobile is a 45-foot long shipping container that is pulled by a semi trailer truck.

Innovation with AWS

  • Amazon Textract is a machine learning service that automatically extracts text and data from scanned documents.
  • Amazon Lex is a service that enables you to build conversational interfaces using voice and text.
  • AWS DeepRacer is an autonomous 1/18 scale race car that you can use to test reinforcement learning models.
  • Amazon SageMaker, you can quickly and easily begin working on machine learning projects. You do not need to follow the traditional process of manually bringing together separate tools and workflows.

Module 10 - The Cloud Journey

The AWS Well-Architected Framework

  • The Cost Optimization pillar focuses on the ability to run systems to deliver business value at the lowest price point.
  • The Performance Efficiency pillar focuses on using computing resources efficiently to meet system requirements and to maintain that efficiency as demand changes and technologies evolve.
  • The Reliability pillar focuses on the ability of a workload to consistently and correctly perform its intended functions
  • The Operational Excellence includes the ability to run workloads effectively and gain insights into their operations

Benefits of the AWS Cloud

The six advantages of cloud computing are:

  • Trade upfront expense for variable expense.
  • Benefit from massive economies of scale.
  • Stop guessing capacity.
  • Increase speed and agility.
  • Stop spending money running and maintaining data centers.
  • Go global in minutes.

Module 11 - The Cloud Journey

Exam details

Exam strategies

Module 12 - Final Assessment

Final assessment

Q : You want to send and receive messages between distributed application components. Which service should you use?

  • R : Amazon Simple Queue Service (Amazon SQS)

Q : Which statement best describes AWS Marketplace?

  • R : A digital catalog that includes thousands of software listings from independent software vendors

Q : Which migration strategy involves changing how an application is architected and developed, typically by using cloud-native features?

  • R : Refactoring

Q : Which statement best describes Elastic Load Balancing?

  • R : A service that distributes incoming traffic across multiple targets, such as Amazon EC2 instances

Q : Which pillar of the AWS Well-Architected Framework focuses on using computing resources in ways that meet system requirements?

  • R : Performance Efficiency

Q : Which tool is used to automate actions for AWS services and applications through scripts?

  • R : AWS Command Line Interface

Q : You want Amazon S3 to monitor your objects’ access patterns. Which storage class should you use?

  • R : S3 Intelligent-Tiering

Q : Which service is used to run containerized applications on AWS?

  • R : Amazon Elastic Kubernetes Service (Amazon EKS)

Q : You want to store data in a volume that is attached to an Amazon EC2 instance. Which service should you use?

  • R : Amazon Elastic Block Store (Amazon EBS)

Q : Which tasks are the responsibilities of AWS? (Select TWO.)

  • R : Maintaining virtualization infrastructure ² Configuring AWS infrastructure devices

Q : In the S3 Intelligent-Tiering storage class, Amazon S3 moves objects between a frequent access tier and an infrequent access tier. Which storage classes are used for these tiers? (Select TWO.)

  • R : S3 Standard & S3 Standard-IA

Q : Which service enables you to review details for user activities and API calls that have occurred within your AWS environment?

  • R : AWS CloudTrail

Q : Which component or service enables you to establish a dedicated private connection between your data center and virtual private cloud (VPC)?

  • R : AWS Direct Connect

Q : Which tool enables you to visualize, understand, and manage your AWS costs and usage over time?

  • R : AWS Cost Explorer

Q : Which compute option reduces costs when you commit to a consistent amount of compute usage for a 1-year or 3-year term?

  • R : Savings Plans

Q : Which service enables you to consolidate and manage multiple AWS accounts from a central location?

  • R : AWS Organizations

Q : Which AWS Trusted Advisor category includes checks for your service limits and overutilized instances?

  • R : Performance

Q : Which service enables you to build the workflows that are required for human review of machine learning predictions?

  • R : Amazon Augmented AI