AWS Certified Solutions Architect – Associate (SAA-C02) – Cloud Services Overview

Published by michal on

AWS Overview
The Cloud
  • Internet-based solution
  • Cloud operates on physical servers
  • There’s limited knowledge of hardware location and their capabilities
  • Clouds may be limited to a single organization (enterprise clouds), or be available to many organizations (public cloud)
Cloud Computing
  • On-demand availability of computer system resources, especially data storage (cloud storage) and computing power, without direct active management by the user
  • Processing on the Internet or a private network where the exact processor location is unknown
  • The use of AWS can reduce hardware, operational and deployment costs;
AWS Benefits
Hardware Cost Operational Cost Deployment Cost
– upfront investment vs. usage-based cost
– operational cost to manage physical vs. virtual infrastructure;
– people can be freed to do other work;
– faster turn around on deployment;
– scale up and down as needed;
Resiliency Performance Capacity
– resiliency refers to recoverability from a failure (health monitoring);
– auto-scaling servers based on usage;
– capacity in terms of storage, cup, memory etc.

Cloud Computing Deployment Methods
  1. Full Cloud Deployment/ All-In Cloud Deployment
    • All Components are in the cloud, including databases, processing, storage etc.
    • Nothing is available on-premises

  2. Hybrid Deployment
    • Some resources are internal, while others are in the cloud
      • e.g. long-running processes on the cloud while others internally
      • e.g. archiving on the cloud as data is not needed for fast retrieval
Cloud Service Models
  1. Infrastructure as a Service (IaaS)
    • The entire infrastructure is in the cloud, servers, network services etc.
    • Platforms and software run on other’s infrastructure
    • You must manage it all

  2. Platform as a Service (PaaS)
    • You don’t manage the infrastructure
    • Applications are deployed onto the platform instead
    • Typical web hosting model

  3. Software as a Service (SaaS)
    1. Someone else develops the software, and you use it from the cloud
    2. Early examples include email services (e.g. Gmail)
Who Manages Cloud IaaS, PaaS, and SaaS Services – The Enterprise ...

AWS Foundation Services
ComputeStorage
EC2 – Elastic Compute Cloud; the leading focus service of the exam; this is how to build an instance; manual setup & configuration.

Elastic Beanstalk – application-based environments that can be easily spun up; auto-config based specs;

Lambda – serverless apps; run code without servers;

ECS – Elastic Container Service;		 S3 – Simple Storage Service; primary object storage; objects in buckets;

EFS – Elastic File System; in relation to EC2 volumes/ drives;

Glacier – archives; the least expensive storage option;based on non-frequent access;

Storage Gateway – how to access cloud storage locally;

DatabasesMigration
 RDS – Relational Database Service; a fully managed service that makes it easier to set up, operate, and scale a relational database in the AWS Cloud;

 DynamoDBNoSQL; a key-value and document database that delivers single-digit millisecond performance at any scale;

 ElastiCache – a service that makes it easy to set up, manage, and scale a distributed in-memory data store or cache environment in the cloud;

 Amazon Redshift – a fully managed, petabyte-scale data warehouse service in the cloud;		 Amazon Migration Hub  – importing data/ VMs into AWS; a single place to discover your existing servers, plan migrations and track the status of each application migration;

 App Discovery Service – helps enterprise customers plan migration projects by gathering information about their on-premises data centers;

 Database Migration Service

 Server Migration Service

 Snowball – service that uses physical storage devices to transfer large amounts of data between S3 and onsite data storage location at faster-than-internet speeds;

Network & Content Delivery Mgmt & Governance
 VPC – Virtual Private Cloud, a virtual network dedicated to an AWS account. It is logically isolated from other virtual networks in the AWS Cloud;

 CloudFront – a web service that speeds up distribution of your static and dynamic web content, such as HTML, CSS, JavaScript, and image files, to your users;

 Route 53 – a highly available and scalable cloud Domain Name System (DNS) web service.

 API Gateway –  management tool to create, configure, and deploy an APIs;

 Direct Connect – used to establish private connectivity between AWS and a private data center, office, or the collocated environment;		 CloudWatch –  a monitoring and management service that provides data and actionable insights for AWS, hybrid, and on-premises applications and infrastructure resources;

 Auto Scaling – a service that lets you build scaling plans that automate how groups of different resources respond to changes in demand;

 Organizations – an account management service that enables you to consolidate multiple AWS accounts into an organization that you create and centrally manage;

 CloudFormation – a service that gives developers and businesses an easy way to create a collection of related AWS and third-party resources and provision them in an orderly and predictable fashion;

 CloudTrail – a service that enables governance, compliance, operational auditing, and risk auditing of an AWS account;

 Trusted Advisor – it helps to observe best practices for the use of AWS by inspecting environment to save money, improve system performance and reliability, and closing security gaps;

 Config – a service that enables you to assess, audit, and evaluate the configurations of your AWS resources;

AnalyticsSec & Compliance
 Kinesis – a service for processing big data in real-time. It is capable of processing hundreds of terabytes per hour from high volumes of streaming data from sources such as operating logs, financial transactions and social media feed;
 IAM – Identity and Access Management; It enables you to manage access to AWS services and resources securely.

 Cognito – a simple user identity and data synchronization service that helps you securely manage and synchronize app data for your users across their mobile devices.

 Inspector – an automated security assessment service that helps improve the security and compliance of applications deployed on AWS;

 CloudHSM –  a cloud-based hardware security module (HSM) that enables you to easily generate and use your own encryption keys on the AWS Cloud;

 Directory Services – it lets you run Microsoft Active Directory (AD) as a managed service;

 WAF Web Application Firewall;

 Shield – a managed Distributed Denial of Service (DDoS) protection service that safeguards applications running on AWS;

App IntegrationCost Mgmt
 SNS – Simple Notification Service;  a highly available, durable, secure, fully managed pub/sub messaging service that enables you to decouple microservices, distributed systems, and serverless applications;

 SQS – Simple Queue Service; a fully managed message queuing service that enables you to decouple and scale microservices, distributed systems, and serverless application;		 AWS Cost Explorer – it lets you visualize, understand, and manage your AWS costs and usage over time;

 AWS Budgets – give you the ability to set custom budgets that alert you when your costs or usage exceed (or are forecasted to exceed) your budgeted amount;

Media Services
End User Computing
 Elastic Transcoder – a media transcoding in the cloud;

 Kinesis Video Streams – a service that makes it easy to securely stream video from connected devices to AWS for analytics, machine learning (ML), playback, and other processing.		 WorkSpaces –  a cloud-based virtual desktop that can act as a replacement for a traditional desktop;

 AppStreams 2.0 – a fully managed application streaming service. You centrally manage your desktop applications on AppStream 2.0 and securely deliver them to any computer;

Shared Responsibility Model

AWS customer is responsible for the security of their data and client-side ops, while AWS is responsible for the security of its services and infrastructure.

Shared_Responsibility_Model_V2
Regions and Availability Zones

Regions – a physical location or a boundary within AWS that consists of two or more Availability Zones.

Availability Zone one or more discrete data centers with redundant power and networks; housed in separate facilities;

Edge Areas endpoints for AWS, which are used for caching content. They are typically consisting of CloudFront, Amazon’s Content Delivery Network (CDN).

Links

AWS Shared Responsibility Model

AWS Regions and Availability Zones

Categories: AWSCertificationCloud
Tags:

Related Posts

AWS Cloud

Powering Up Your Cloud Game: A Roundup of Exciting AWS Announcements

Hey tech enthusiasts! 🌞 This week, we’ve got some exciting news from the world of Amazon Web Services (AWS) that will make your cloud-powered projects soar. From accelerating AI innovations to streamlining CI/CD pipelines and Read more

Cloud DevOps IaC

Terraform Building Blocks and Best Practices

Terraform becomes truly powerful once you move beyond basic resource definitions and start designing reusable, scalable infrastructure patterns. This post explores the core building blocks of Terraform — modules, variables, state management, and environment structure — along with practical best practices for organizing infrastructure code, avoiding common pitfalls, and building maintainable cloud platforms that scale with teams and environments.

Cloud DevOps IaC

Understanding Terraform

Terraform introduced a fundamental shift in how infrastructure is built and operated — treating cloud environments as versioned, reproducible code instead of manual configuration. This post explains Terraform from first principles, breaking down core concepts like infrastructure as code, state management, providers, and execution workflows to help engineers understand not just how Terraform works, but why it became a cornerstone of modern cloud engineering.