AWS

Amazon Cloud :

What is cloud computing?
It is a process to use online resources as per your need. You can increase or decrease the use of the resources as per your need or demand. This is called scalability in cloud computing.
Cloud is a collection of infrastructures of networking , database , servers and other IT things. These are located at different regions worldwide which provide all the IT services  with high reliability, availability, back up , security, lowest latency and lowest cost.

Amazon EC2 or EC2 instance: Amazon EC2 is the cloud service that Amazon provides. EC2(Amazon Elastic Compute Cloud ). There are different types of EC2 instances with different features. You can choose the right EC2 instance for you based on your requirement of storage, networking, CPU etc. You can add or remove instances as per your requirement. Adding or terminating of instances is automatic process in most cases.

AWS Regions : Universally distributed ASW data centers, each containing at least two Availability Zones. Every regions might not have all the cloud services.

Availability Zones : Every AWS Regions contains atleast two availability zones. Each Availability zone has one or more data centers. Availability zones are for data back up and to provide high availability .AZ has one or more discrete data centers interconnected through low latency links. When one AZ fails, the service is provided by another availability zone.

Edge Locations : These are repeater station placed mainly in the major cities in the world to minimize the delay of response for the requests from anywhere in the world. This provides response with lowest possible latency with help of AWS CloudFront. Edge Location: uses caching of the resources to provide service to the customer with low latency. It uses the repeater stations placed at different location, mainly in the major cities, and provide service to the customer from the nearest repeater station.

AWS CloutFront : It helps minimize the delay of a response to reach to a user wherever he or she is.

Elasticity : This is the strength of AWS to scale the computing resources up and down as required or as per demand.

EC2 Auto Scaling: helps you with elasticity, connects or terminate instances based on the load or demand.

Two features of AWS : Elasticity and Agility
Reliability in cloud computing : It is an availability of resources as per the demand and the capability of mitigation if any disruption occurs.

AWS CloudWatch : To monitor the status of the EC2 instance in terms of loading. To limit the cost to a certain amount, you use cloudWatch billing alarm which triggers a notification(SNS) to your email address.

Amazon Simple Notification Service(SNS) : it is used to send alerts from the Amazon Cloud Watch alarms.
AWS CloudTrail : To monitor the history of all activities in your account, to monitor when the EC2 instance was added or terminated,  to monitor if any calls was made( if yes then when) to Amazon cloud watch from AWS management console, CLI or SDKs or other services.
S3 storage : It is stores Objects. Objects can be images, videos, logs, database snapshots, data files. You can store unlimited amount of data in AWS S3. To host active website, S3 is used. Used for immediate back up of the database. You can store or export the objects.
Amazon EBS: it stores blocks, Amazon EBS provides three types of volumes:
General purpose SSD
Provisioned IOPS and
Magnetic

Amazon RedShift: It is data Warehouse for OLAP analytical processing,  for BI purpose.

AWS EFS(Amazon Elastic File System): This stores files, it provides a simple and acalable shared file storage solution for Linux-based storage system, it does not work with window based system and it also works on on-premises servers. It is expensive compared to S3.

Amazon Glacier: it is used for archiving and backup the data. You use Amazon Glacier to save data which are not used frequently.Used for database backup, low-cost.
Has three options to retrieve an archive:
1. Expedited, stores data above 250MB+ and it takes 1-5 minutes to retrieve the archieve.
2. Standard, Default retrieval options and takes 3-5hours to retrieve the data.
3. Bulk, lowest cost retrieval option, takes 5-12 hours, it is used for large amount of data.

AWS RDS: used for online transation processing, ie, it simplifies relational database administration tasks, it hosts database.
Aurora: To run MYSQL, you use Amazon Aurora, it automatically scales database for loads. It is used for online data processing.
DynamoDB used for NoSQL datbase, it is serverless.

Spot Instance: This provides discount of upto 90% , this is based on bidding, should not be used for critical application, should be used for flexible application, infrequent and interruptible jobs.
On Demand instance: pay for the time you used AWS resources
Reserved instance: You reserve and pay for certain period like 1 year, 2 year. This is cheaper than On-Demand. You can pay all upfront(lowest cost), partial upfront and no upfront(highest cost).

AWS Snowball: way of migrating data from on-prem to cloud in petabytes scale. It is a physical movement of data.
AWS Snowmobile : used to transport large amount(Exabyte-scale data) of data in truck, it is physical movemonent of data.
Amazon Virtual Clouds(VPC):  It is an AWS networking service. This helps customers to create virtual network called subnets within AWS. Any number of subnets can be created in a VPC, however it is recommended to keep the number of subnets minimum possible so that the complexity can be minimized.Amazon VPC helps you to create your own isolated/private network in AWS Cloud. You can use direct connect to connect VPC with your on-prem.

Direct Connect: to connect VPC with on-prem, a network to connect on-prem to cloud(VPC)

VPC peering: two connect two VPCs
Route 53: it is also known as DNS web service, it translate the domain to numeric IP address, it connects the data centers with in the availability zone if one AZ fails or faulty.
IAM User or AWS Account root user need an access key and a security access key to get programmatic access to AWS resources.

Auto Scaling: This adds or terminates the instances as the load changes(increase or decrease).

Agility in AWS Cloud: this means the ability to make the resource available as per demand, if you need more, more resource will be available and vice versa. And take less time to compute additional resources.

Elasticity: Scaling the number of EC2 instances as per the traffic and Resizing RDS instances as per business needs

AWS organizations & Consolidated billing: To centrally manage multiple AWS accounts, to consolidate the bills so that you get volume discounts.
AWS IAM: for authentication and authorization, you can create user, group and role. IAM policy is user's responsibility. User could be human or machine and they have permanent credentials. Group is the more than one user. A user can be a part of a single group or more than one groups. Role is given to user for specific purpose. The credentials to role are temporary.

AWS Config:Config has resource configuration, records of configuration and history of configuration., to audit and evaluate the AWS configurations, to audit AWS resources management, it also monitors or records the AWS resources configurations over the period.

AWS cloudwatch Logs: It gives logs of certain period of the activities.
Amazon Neptune: it is a graph database
Amazon lightsail:You can use LightSail to build website or web application. Lightsail is a virtual private server-VPS. It provides you a cost-effective, monthly plan.

AWS Schema conversion Tool: to migrate data from on-prem to cloud

Responsibilities:
Shared Responsibilities:
Patch Management, this could be Customer responsibility, shared responsibility and AWS responsibility depending upon where it is done.

Customer Responsibilities:
Granting access to individuals and services using IAM, IAM Policies
Encrypting data in Trasnit, Encryption management
Application Security
Managing the VPC network access
Configuring operating system, network and firewall
Firewall management
Patching operating systems on EC2 instances
Provide a key for Amazon S3 client-side encryption
Configuration of an EC2 instance
Patching Amazon EC2 instances
Patch Management??Customer Responsibility  remove it, very confused, not aws responsibility for sure
Encryption management
Firewall management(it is not firmware)
Patching of operating systems
Configuration of the security groups

AWS responsibilities:
Physical security of Data Centers
Securing EC2 hypervisor
Facilities Management
Hardware management
firmware management(Firmware updrades of network infrastructure)
Patching underlying infrastructure
Patching network infrasture
Visualization management
Patching of underlying hypervisor

AWS Lamda: Serverless architecture, In AWS Lamda, user pays based on the number of requests and used resources.

Serverless platfrom: AWS Step Functions,Dynamo DB, SNS.
AWS Marketplace: where customer go and search software from independent software vendors to find , test , buy and deploy software that runs on AWS.

TCO (Total cost ownership) calculator : calculates the comparision of the cost of running the workloads in the cloud versus running in on-prem.
AWS Simple Monthly calculator : For predicting or estimating monthly cost of using AWS resources
AWS Trusted advisor: This is a tool to suggest for cost optimization, performance, and security, it has a set of automated checks which gives customers the recommendations so that customers can provision the resources to achieve cost optimization, performance, Fault Tolerance and security.
EC2 Auto Scaling: helps you with elasticity, connects or terminates instances based on the load or demand as per the rule applied.
Application Load balancer: diverts load to healthy AWS instances, and evenly distributes the load(traffic), It can detect and create cloudwatch alram if you add ELB health check with it.

Least Privilege: granting only the required amount of permission to perform a given task.

AWS Code Commit : used for version/source contol for Git-based repositories, like in GitHub

AWS Artifacts: it provide compliance information, report and security information
AWS Xray: used for analyze and debug distributed applications and microservices and requests

AWS Certificate Manager gives security certification for SSL/TLS for using AWS service: Secure Sockets Layer/Transport Layer Security, it provides network security.
AWS inspector provides automated security assessment of compliance and security.

Dedicated host, dedicated instance: You can launch Amazon EC2 instances onto physical servers that are fully dedicated to your use. About billing, for dedicated host, it is per host. And for dedicated instance, it is per instance. Dedicated host is the most expensive AWS instance.
Dedicated host allows you to use the existing eligible third party software licenses on Amazon EC2
Elastic Beanstalk : It is a service to deploy and scale web application. It is a service provided by AWS to automate the process and scales and deploys the applications built in Java, .NET, PHP, Node.js, Python, Ruby, Go, and Docker.
Wikipedia says: "AWS Elastic Beanstalk is an orchestration service offered by Amazon Web Services for deploying applications which orchestrates various AWS services, including EC2, S3, Simple Notification Service, CloudWatch, autoscaling, and Elastic Load Balancers."

Features of Amazon CloudWatch Logs: Real-time monitoring , Adjustable retention
Amazon Route 53: AWS managed Domain Name System (DNS) web service

Amazon Elasticache : To store database query results, this helps to reduce database access load
AWS Directory service: enables customer single sign on-SSO to aws console.
AWS TCO(Total cost of ownership): helps customer to  do a cost comparison between the on-premises and AWS. While building a cloud Total cost of Ownership-TCO model, these cost elements are considered : Compute costs, Storage Costs, Network infrastructure costs
Application deployment on AWS is managed and automated by AWS CodeCommit and AWS Data Pipeline
Amazon S3: it has durability of 99.99999999(11 9's) and availability of 99.99, it provides unlimited amount of storage for any kind of data. It stores any number of objects but it has object size limit.Amazon S3 stores objects which could be data, file. it is used for static website. It can not be used to store live database or running operating systems.

AWS Lamda: Just upload the code and aws lamda takes care of everything. Lamda takes care of the resources, scaling. You will pay only when the code is running, you pay based on the number of requests and used resources.. It is a Serverless architecture. AWS Lamda supports any programming languages using an API. Lamda allows you to run the code without server.

DinamoDB is also serverless and it is NOSQL Database. 

Serverless platfrom: AWS Step Functions,Dynamo DB, SNS,AWS Lamda.
AWS Simple Queue service SQS : To store, send, receive and distribute messages. There are two types of queus: Standard(this is default), FIFO
AWS CloudFormation: provides a common language for the resources in AWS.


Internet Gateway: if you want to connect the VPC to outside AWS cloud. When you add internet gateway to the subnet in the VPC then the subnet becomes public.
Elastic Load balancer: diverts load to specific instances, distribute the incoming traffic, informs if the server is overloaded or if any instance is unhealthy.
Reserved instance: You reserve the instance for certain period. It is the cheapest option. There are three options in this;
All up-front(AURI-this is the cheapest),
Partial up-front(PURI)
No up-front(NURI)
AWS Trusted Advisor: This is a tool to suggest for cost optimization, performance, fault tolerance , and security, it has a set of automated checks which gives customers the recommendations so that customers can provision the resources to achieve cost optimization, performance, Fault Tolerance and security.
Five Pillars of AWS Architecture: Security, Reliability, Performance, Cost Optimization and Operational Excellence
Financial benefit of moving from an on-prem to AWS: Moving from capex to opex,ie, Upfront capital expense to variable operational expense.

Benefits of AWS Cloud: Elasticity and Agility

AWS Cloud9: It is a cloud based IDE(Integrated Development Environment) which lets you write, run and debug your code with a browser. This provides a code editor, a debugger and a terminal.
AWS Cognito: This lets you sign up, sign in, single sign on and access control to your web and mobile apps.

AWS Batch is a compute service. It allows you to run hundreds of thousands of batch computing jobs on AWS.
AWS WAF (Web Application Firewall) : it protects the application from the loads from unwanted route which might destroy your security, uses excessive resources , excessive bandwidth, reduce availability, increase latency, harm your application in different ways. AWS WAF helps you create the rules to block such unwanted incidents or attacks. It monitors the HTTP and HTTPS requests.

SnowBall: transfer large volume of data upto pitabyte
SnowMobile: transfer data upto 100 pitabyte per snowMobile.
Per second billing: with this you pay for the exact time of use in hour, minute and second. AWS provides this service only for Linux, Windows and Ubuntu.
AWS Chime: it is a communication service for online meetings

AWS support plans Response Times:
EnterPrize : within 15 min
Business: within 1 hour
Developer: within 12 hours
Basic: no technical support

In Progress......