Simplified Multi-Account Management AWS Control Tower provides a streamlined way to set up and govern a secure, multi-account AWS environment. This service automates the setup of baseline environments using AWS best practices, making it easier for enterprises to ensure compliance while maintaining agility. Core Benefits AWS Control Tower delivers three Read more…
Amazon Athena Overview Amazon Athena is an interactive query service (serverless) that allows analyzing data in Amazon S3 using SQL Athena used Data Catalogue that stores the S3 DDL Athena is based on Presto – an open-source, distributed SQL query engine optimized for low latency and ad-hoc data analysis with Read more…
Overview VPC Endpoint enables a private connection between VPC and AWS supported services (including S3, Athena, DynamoDB, ECS) and AWS Marketplace services (AWS PrivateLink-powered SaaS) Unlike VPC Endpoint – NAT Gateway uses the Internet Gateway and thus the public internet, impacting solution performance and cost VPC Endpoint VPC Endpoint enables Read more…
Overview An IAM Role is an IAM entity that defines a set of permissions for making AWS service requests. IAM roles are not associated with a specific user or group. Instead, trusted entities assume roles, such as IAM users, applications, or AWS services such as EC2. (what can I do?) An instance profile represents EC2 instances (who am I?). Instance profiles provide temporary credentials that are rotated Read more…
AWS Supported Database Types Hosted Services Relational (OLTP) Multiple database engine providers e.g. Amazon Aurora, SQL Server, Oracle Non-Relational (NoSQL) Amazon DynamoDB Data Warehouse (OLAP) Amazon Redshift Customer Installed “Bring Your Own License” (BYOL) Self-install/ configuration on EC2s Hosted Services AWS Relational Database Services (RDS) Amazon Aurora MySQL Amazon Aurora PostgreSQL Oracle Read more…
Overview Application and deployment services allow you to implement logic and code in the cloud Some services provide code execution, and others offer data analytics Selecting the appropriate service is essential and requires an understanding of its capabilities Lambda Service AWS compute service that runs code without servers Runs code Read more…
Auto Scaling Overview Monitors the workload of instances and can add or remove capacity as needed Scaling Up = adding capacity Scaling Down = reducing capacity Allows better cost management Many AWS resources are scalable Scalable AWS Resources EC2 auto-scaling groups Aurora DB cluster DynamoDB global secondary indexes DynamoDB tables Read more…
Identity & Access Management (AIM) AIM is all about managing access to AWS It doesn’t support OS, services, or application access management It is what people can do within AWS E.g. launch instance etc. It supports users, groups, and roles (app-users) It’s free, however AWS services implemented by the users Read more…
Elastic Compute Cloud (EC2) Overview A service that allows you to run virtual machines (AMIs) in the could Pay as you go (on-demand) default model Integrates with storage, networking, and security Enables fast turnaround/ time to market No hardware racking & stacking needed While the legacy model takes weeks to Read more…
Virtual Private Cloud (VPC) A virtual network dedicated to your AWS account The term “virtual” = “not really” It is logically isolated from other virtual networks in the AWS Cloud A personal data center in the could VPN connections can be made to the VPC You can launch your AWS resources, such as Amazon EC2 instances, into your VPC You Read more…