This repository has been archived by the owner on Aug 1, 2024. It is now read-only.
forked from jtviolet/aws-solutions-architect-associate-notes
-
Notifications
You must be signed in to change notification settings - Fork 45
/
Copy pathgeneral-notes.txt
147 lines (128 loc) · 5.37 KB
/
general-notes.txt
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
10,000-foot Overview
----------------------
Exam Tips
Know EC2 Pricing Models
- On Demand
--- Pay by the second or hour
- Reserved
--- Reserve capacity, contracts are from 12-36 months
- Spot
--- Set a bid price and if spot price meets your bid it will be provisioned
--- Instances terminated when spot price goes out of range
--- won't be charged if AWS terminates instance, but you will be charged if you terminate it
- Dedicated Hosts
--- Used when licensing or multi-tenate is an issue
Know EC2 Instace Types
- (FIGHT DR MCPX)
Know EBS
- Storage Types
--- SSD, General Purpose GP2 (up to 10,000 IOPS, less than 500 MiB/sec)
--- SSD, Provisioned IOPS IO1 (MOre than 10,000 IOPS, more than 500 MiB/sec)
--- HDD, Throughput Optimized ST1 (frequently accessed workloads)
--- HDD, Magnetic Standard (cheap, infrequently accessed storage)
- Cannot mount EBS Volume to multiple EC2 instances; use EFS instead
- Termination Protection is turned off by default, you must turn it on
- On EBS-backed instance, default action is for the root EBS volume to be deleted when the instance is terminated
- EBS Root volumes of your DEFAULT AMI's cannot be encrypted (but third party tools can be used to encrypt)
- EBS Volumes can also be copied and then encrypted at that time
- Additional volumes can be encrypted
Know Volumes Vs Snapshots
- Volumes exist on EBS, virtual hard disk in the cloud
- Snapshots exist on S3
- You can take a snapshot of a volume, the snapshot will be stored on S3
- Snapshots are point-in-time copies of volumes
- Snapshots are incremental
- First snapshot takes a while
- Security
--- Snapshots of encrypted volumes are encrypted automatically
--- Volumes restored from encrypted snapshots are encrypted automatically
--- Snapshots can be shared, but only if they are not encrypted
- Snapshots of ROOT Device Volumes
--- Stop instances before taking snapshot of ROOT volume
- EBS Vs. Instance Store (Ephemeral Storage)
--- Instance Store volumes cannot be stopped
--- If underlying host in Instance Store fails, you lose your data
--- EBS can be stopped
--- Both can be rebooted, you won't lose your data
--- Both will be deleted on termination, but EBS offers option to keep
- Snapshotting RAID Array
--- Freeze the file system
--- Unmount RAID Array
--- Shutdown EC2 Instance
Know Amazon Machine Images (AMI)
- Regional, but can be copied to other regions
Know CloudWatch (monitoring)
- Standard (5minutes)
- Detailed (1minute)
- CloudWatch is for performance monitoring
- Unlike CloudTrail, which is for auditing AWS
- Dashboards
- Alarms
- Events
- Logs
Know Roles
- More secure than storing access key and secret access keys on instances
- Easier to Manage
- Can be assigned to EC2 instance AFTER provisioning
- Universal to region
Know Instance Meta-data
- Used to get information about an instance
- curl http://169.254.169.254/latest/meta-data/
- curl http://169.254.169.254/latest/user-data/
Know EFS Features
- Supports NFSv4 protocol
- Only pay for storage used
- Can scale to petabytes
- Can support thousands of concurrent NFS connections
- Data stored across multiple AZ's
- Read After Write Consistency
Know Lambda
- Event-driven compute service
- Compute service, run code in response to requests
Know Placement Groups (assume clustered is implied, if not mentioned)
- Clustered Placement Groups
--- Always in one AZ, used for Big Data (low latency, high throughput)
- Spread Placement Groups
--- Important EC2 instance on separate hardware
KNOW Elastic Container Service (ECS)
S3 Exam Tips
- S3 is object-based
- Files can be 0B to 5TB
- Unlimited storage
- Files are stored in Buckets
- Universal namespace, names must be unique
- Read after Write consistency for PUTS of new objects
--- Immediately able to read object
- Eventual Consistency for overwrite PUTS and DELETES (take time to propogate)
--- If you update object and then try to read you may get the old object
- Writing to S3 returns HTTP200 for successful write
- Loading files is faster when multipart upload is enabled
Route53 exam tips
- You can only resolve an ELB by going to it's DNS name
- ELB never has IPv4 address, only DNS names
- Understand difference between Alias Record and CName Record
- Given the choice, always choose Alias Record over a CName Record
- Understand routing policies and their use cases
VPC exam tips
- Think of VPC as logical datacenter in AWS
- Consists of IGW's (or virtual private gateways), route tables, NACL's, Subnets, Security Groups
- 1 subnet = 1 AZ
- Security Groups are stateful; NACL's are Stateless
- NO TRANSITIVE PEERING
- If you need to access resources from another AWS account, you need to perform a VPC peering between both accounts.
Load balancer tips
- 3 types of Load Balancers
--- Application Load Balancers (layer 7)
--- Network Load Balancers (layer 4)
--- Classic Load Balancers (layer 7 and layer 4)
- 504 means the gateway has timed out. This means the application not responding within the idle timeout period.
--- Troubleshoot. Is it the web server or the database server?
- If you need IPv4 address of end user, look for the X-Forwarded-For header
- Instances monitored by ELB are reported as InService or OutofService
- Healthcecks instance by talking to it
- ELB'as have their own DNS name
- Read FAQ
Exam Tips
- ELB do not have pre-defined IPv4 addresses, must resolve using DNS name
- Understand the difference between Alias Record and CName Record
- Given the choice, always choose an Alias Record over CName