AWS Certificate Notes
AWS Certificate Notes
AWS Certificate Notes
AZ is one more discrete data centers each with redundant power, networking and
connectivity
Edge locations are endpoints for AWS used for caching typically consisting of
cloudfront & Amazon CDN
Storage Services
S3 - simple storage service
EFS - Network attached storage
Glacier - Data Archival
Snowball
Storage gateway - on prem to sync data with cloud
Database
RDS (Aurora, mysql, oracle. Any relational db
Dynamo DB (for non relational db
Elasticache - caching for DB
Redshift -
Migration
Migration Hub - tracking services as you migrate to AWS
Application Discovery - automated discovery tool for applications
DB Migration services - easy way to migrate from onprem db to cloud
Snowball - storage and migration
Analytics
Athena - allows you to run sql queries in s3 buckets - Serverless
EMR (it comes in exam) - Processing large amounts of data (big data)
Cloudsearch
Elastic Search
Kinesis (huge topic) - investing large data into aws (social media feeds)
Kinesus video stream
Quicksight - BI tool
Data Pipeline - a way to move data between aws services
Glue -
10,000 foot - part 4
Key ones are IAM, Inspector, Cloud HSM, Directory Services, WAF, Sheild,
certificate manager
Mobile Services
Mobile Hub - connect mob app to cloud
Pinpoint - targeted push notifications
Appsync - updates mobile data
DeviceFarm - testing your app on real devices
Mobile Analytics - Analytics for mobile
AR/VR
Application Integration
Step Functions - way of managing diff lambda function
MQ - Message MQ
SNS - Notification service (billing alarms)
SQS - Decoupling your infrastructure
SWF - Simple workflow service - amazon uses this for online ordering
Customer Engagement
Connect - Contact Center in the cloud
Simple Email Service - sending large amount of email
SES does come up in exam
Business Productivity
Alexa for business - brand new service
Chime
Workdocs
Workmail
IOT
IOT Device management - managing millions of iot devices
AmazonFreeRTOS
Greengrass
IAM is available across the world, it doesn’t matter what region you are in
Access Key id & secret access key are NOT used to login - this is only used through
api and command line - you can only view these once, if you loose them, you have
to regenerate them
Power users - access to all was services except for management of groups and users
within IAM
Implement multi factor authentication for all accounts to additionally secure IAM
S3 101
Object based storage not block based storage - store files NOT OS
Files can be unto 5 TB
S3 is a universal name space
Address s3.region.amazonaws.com/bucketname
S3 - Infrequently Access - data accessed less frequently, lower fee but charged a
retrieval fee
S3 - you are charged for storage, number of requests, storage management pricing,
data transfer pricing, transfer acceleration
Exam tips
S3 is object based
Files from 0 to 5tb
Files are stored in buckets
S3 has a universal name space
Read after write consistency for puts
Eventual consistency for overworkite puts and deletes
We have different classes (S3, S3 Infr Access, S3 Reduced rerundancy, glacier)
What makes up an object (Key (name), value (data), version, meta data, sub
resources (access control, torrent)
S3 - Lab 1
-Encryption, can be client side or server side (3 types, KMS S3 Managed keys, SSEC)
- By default buckets are private and all objects stored inside are private
Once you enable versioning, you cannot disable it, you can suspend it.
You need to think of versioning before enabling it