you only pay for what u use
- Amazon Elastic Compute Cloud (Amazon EC2) = a virtual server
- AWS Cost explorer = visualize, understand, and manage your AWS costs and usage over time
- Amazon EC2 Auto Scaling = auto scaling ec2 server based on user demand needs / in response to changing app demand ( auto add instance and auto decommision when not needed )
- elastic load balance ( ELB ) = ervice that automatically distributes incoming application traffic across multiple resources, such as Amazon EC2 instances.
- amazon simple queue service ( SQS - queue)
> send store receive msg between software component at any vol.
> msg are placed in queue until they are processed
> scale automatically, easy configure and used
> can send notification
- amazon simple notification service ( SNS )
> send notification for user via publish / subscribe model.
subscriber bs:
- sqs queues
- aws lambda
- https / http web hook
bs jg ngasih notification ke end user via:
- mobile push
- sms
- aws lamba = running code without manage instances. // serverless.
> suited for process under 15 min
// container orchestration tools => docker container
- AMAZON ECS ( elastic container service ) = orchestration tool to manage container without hasle of managing ur own container orchestration software
- AMAZON EKS ( elastic kubernetes service ) = similar to ecs with different tool and features
// aws fargate :
serverless compute platform for ecs / eks
==========
ha system with no fail
auto scalling system based on user need
=========
- regions
geographical area that containts aws resource
- availability zones
sing dc or group of DC within a regions
========
- aws outpost
> automatically install a fully operational mini region in customer own
========
// amazon virtual private cloud
let u provision a logically isolated section
aws cloud.
- create virtual network environtment
- can public facing / private ( with internet or private )
public subnet
- talk to internet.
private subnet
- ip internal
// fungsi vpc:
able to define private ip for aws resources.
elb dan ec2 butuh setting ip -> vpc
subnet = chunk of ip adress in ur vpc that allow to group resources tgt.
control either services publicly or privately available
=========
// aws direct connect
- provide physical line that connect ur network to your aws vpc
connected dedicated fiber connection from DC1 to AWS VPC
- work with direct connect partner in ur area to establish this connection
==========
// Amazon Elastic Block Store ( EBS )
virtual hard drive / ebs volume.
bs di attach ke ec2 / directly attached
harddrive that is persistent
==========
// amazon Elastic File System ( EFS )
- manage filesystem
- shared filesystem accross app
- Multiple instances can access the data in EFS at same time
- auto scale up and scale down by system
============
// amazon aurora
Amazon Aurora
an enterprise-class relational database. It is compatible with MySQL and PostgreSQL relational databases. It is up to five times faster than standard MySQL databases and up to three times faster than standard PostgreSQL databases.
Amazon Aurora helps to reduce your database costs by reducing unnecessary input/output (I/O) operations, while ensuring that your database resources remain reliable and available.
Consider Amazon Aurora if your workloads require high availability. It replicates six copies of your data across three Availability Zones and continuously backs up your data to Amazon S3.
support mysql
support postgresql
- price 1/10 cost of commercial db
ada data replication & 6 copy at a time
bs apply 15 read replicas. // offload read and scale performance
ada continuous backup to s3 ,, ready to restore
ada point in time recovery : can recover data from specific period
================
// amazon RDS
running your databases in the cloud is to use a more managed service called Amazon Relational Database Service, or RDS
// amazon dynamoDB
noSQL database fully managed, high performance scalable serverless db.
// Amazon DocumentDB is a document database service that supports MongoDB workloads.
===================
AWS Database Migration Service (AWS DMS)
service to migrate existing db between source and target.
===================
AWS Identity and Access Management (IAM)
AWS Identity and Access Management (IAM) enables you to manage access to AWS services and resources securely.
===============
// AWS Artifact
- access to compliance reports
- Access AWS security and compliance reports and special online agreements -
================
// Amazon Inspector
improve security and compliance of your aws deployed app.
by running automated security assessment
best practice
vulnerabilities
security issue and recomendation how to fix it
3 piece component di amazon inspector:
network configuration reachability piece
amazon agent
security assessment service
+ can retreive finding via api. bs diremediation. performing remediation to fix issues
================
// amazon GuardDuty
threat detecting
- analyze continuous streams of metadata generated from ur account and network activity
found on aws cloudtrail event, amazon vpc flow log, and dns log.
it uses integrated threat intelligence such as known malicious ip address, anomaly detection, and machine learning to identify threat more accurate
run independent from another ews service. so it wont affect performance or availability
1 enable guardduty
2 guardduty continuously analyze network and account activity
3 guardduty intelligently detect threats
4 review detailed finding and take action
===============
// amazon cloudwatch
visibility
monitor health and operation app and infra aws in real time
- Monitor applications and respond to system-wide performance changes
// cloudwatch alarm
set threshold for a metric
can generate alert and trigger action when threshold meet
can integrate with SNS
===============
// aws cloudtrail
- API Auditing tools
every request made to aws.
get logged to cloudtrail
can save log to s3 bucket
=============
// aws trusted advisor
Trusted Advisor compares its findings to AWS best practices in five categories: cost optimization, performance, security, fault tolerance, and service limits. For the checks in each category, Trusted Advisor offers a list of recommended actions and additional resources to learn more about AWS best practices.
=============
// lightsails
deploy ready-made application stacks
(a service that enables you to run virtual private servers)
============
// AWS Pricing calculator
The AWS Pricing Calculator lets you explore AWS services and create an estimate for the cost of your use cases on AWS.
- ada bulk discount pricing
==========
Consolidated billing also enables you to share volume pricing discounts across accounts.
Some AWS services, such as Amazon S3, provide volume pricing discounts that give you lower prices the more that you use the service. In Amazon S3, after customers have transferred 10 TB of data in a month, they pay a lower per-GB transfer price for the next 40 TB of data transferred.
In this example, there are three separate AWS accounts that have transferred different amounts of data in Amazon S3 during the current month:
Account 1 has transferred 2 TB of data.
Account 2 has transferred 5 TB of data.
Account 3 has transferred 7 TB of data.
=========
// aws budget
set custom budget and alerting of usage
fungsi tag : bs dibikin per project. monitor usage db.
bs bikin report daily cost.
=========
// aws cost explorer
visualize usage data.
=============
// beanstalk
AWS Elastic Beanstalk
Deploy dan skalakan aplikasi web
Businesses upload their application, and Elastic Beanstalk automatically handles the deployment details of capacity provisioning, load balancing, auto-scaling, and application health monitoring.
============
// Amazon CloudFront
a content delivery service.
===========
// amazon route 53
Connect user requests to infrastructure in AWS and outside of AWS.
Manage DNS records for domain names.
Amazon Route 53 is a DNS web service. It gives developers and businesses a reliable way to route end users to internet applications that are hosted in AWS.
Additionally, businesses can transfer DNS records for existing domain names that are currently managed by other domain registrars, or register new domain names directly within Amazon Route 53.
===========
// aws shield
A service that helps protect applications against distributed denial-of-service (DDoS) attacks
============
// Amazon Augmented AI (Amazon A2I)
provides built-in human review workflows for common machine learning use cases, such as content moderation and text extraction from documents. With Amazon A2I, a person can also create their own workflows for machine learning models built on Amazon SageMaker or any other tools.
=========
// Amazon Textract
a machine learning service that automatically extracts text and data from scanned documents.
===========
// Amazon Lex
a service that builds conversational interfaces using voice and text.
============
// AWS Key Management Service (AWS KMS)
a service that creates, manages, and uses cryptographic keys.
============
// Amazon Redshift
a data warehousing service for providing big data analytics. It offers the ability to collect data from many sources and provides insight into relationships and trends across a data set.
============
// Amazon Quantum Ledger Database (Amazon QLDB)
a ledger database service. A person can use Amazon QLDB to review a complete history of all the changes that have been made to application data.
============
// AWS Snowball
a device that transfers large amounts of data into and out of AWS.
============
// Amazon ElastiCache
service that adds caching layers on top of databases to help improve the read times of common requests.
===========
// Amazon Neptune
a graph database service. Amazon Neptune provides the capability to build and run applications that work with highly connected datasets, such as recommendation engines, fraud detection, and knowledge graphs.
============
// AWS DeepRacer
is an autonomous 1/18 scale race car that tests reinforcement learning models.
===========
No comments:
Post a Comment