Notes

1. Cloud computing is a computing service made available over the internet.

2. Types of EC2 instances:
General purpose:It balances computing, memory and networking resources.
Compute Optimised: this type is ideal for high-performance.
Memory Optimised: This type can deliver large dataset workloads fast and are best when huge amounts of data need to be preloaded before running the app.
Accelerated Computing: This type use hardware accelerators and are best for graphics applications and streaming.
Storage Optimised: This type is best when you have large datasets on local storage and are designed to deliver many inputs as fast as possible.

3. EC2 pricing models:
On Demand Instances:are best used for short-term workloads.
Reserved Instances: are used to reserve instances for an agreed period. The options are for 1-year or 3-years.
Spot Instances: This pricing model is best for workloads with flexible start and end times, which can take interruptions.
Dedicated hosts: are physical servers fully dedicated to you and is the most expensive model.

4. EC2 Auto Scaling can be added as a buffer on top of your instances.
It can add new instances to the application when necessary and terminate them when no longer needed.
Here you can set a minimum capacity of instances that will always be running. The rest will operate when necessary.

5. Elastic Load Balancing:
Traffic can be directed with Elastic Load Balancing.
The service allocates incoming traffic between the available resources.A monolithic application is built as a single unified unit while a microservices architecture is a collection of smaller, independently deployable services.
This service distributes application traffic across services.
The Load Balancer is a single point of contact for incoming web traffic.
The single point of contact means that the traffic hits the Load Balancer first, spreading out the load between the resources.
The balancer accepts requests and directs them to the appropriate instances.
It ensures that one resource won't get overloaded, and that the traffic is spread out.
AWS EC2 and Elastic Load Balancing are two different services that work well together.

6.A monolithic application is built as a single unified unit while a microservices architecture is a collection of smaller,
independently deployable services.
Monolithic applications typically consist of a client-side UI, a database, and a server-side application.
Developers build all of these modules on a single code base.
On the other hand, in a distributed architecture, each microservice works to accomplish a single feature or business logic.

7. Monolithic Application:
An architecture with tightly coupled components can be called a monolithic application.
Components can be databases, servers, interfaces, and much more.
A monolithic application can be vulnerable if one of the components fails.
In the worst case, this can cause the whole service to go down.

Microservices:
Microservices can help to maintain the service if one component fails.
The services can be maintained because they communicate with each other and the components are not tightly coupled.
AWS has two services that can make this integration:
AWS Simple Notification Service (AWS SNS)
AWS Simple Queue Service (AWS SQS)

8. AWS SNS: SNS is a cloud service for the mass delivery of messages.
It is a fully managed publish-subscribe messaging and mobile communication service.
It can be event-driven, with automated services responding to triggers.

SNS is a notification system, which pushes messages to its subscribers.
SQS is a queuing system, and the receivers have to pull the messages to be processed and deleted from the queue.
SNS and SQS can works well together.

9.AWS Simple Queue Service is also called AWS SQS
SQS is a message queuing service.
It exchanges and stores messages between software components.
The service adds the messages in a queue.
Users or services pick up the messages from the queue.
Once processed the messages gets deleted from the queue.

10.Serverless is a service where you do not have to think about servers.
With serverless, you only have to think about code.
The cloud provider handles all infrastructure behind it.

AWS EC2 provides virtual server instances.
To run EC2, you must do the following:
Provision of the virtual server instances
Deploy your code
Operate and maintain the servers

Serverless requires no server management.
Having less to think about with operating server lets you focus on the important things.
The serverless approach is suitable for scale.

11.AWS Lambda a serverless compute service.
This service lets you run code without needing to think about servers.
It lets you focus on what's most important, such as making a great application.
You only pay for the compute time that you use.
Pay for what you use translates to that you only pay when your code is running.

The high-level steps to understand the concept:
Deploy your code to Lambda
Make the code ready to trigger an event
The code only runs when triggered
Pay only when your code is running.

12.
Containers are popular for deploying and managing applications in the cloud.
Containers let you package code in a single object.
The container isolates the code and removes the dependencies to other components.
It runs in isolation.
Containers are an essential concept in micro service architectures.

13. Serverless Compute for Containers - AWS Fargate
It helps to deploy and manage applications.
Fargate manages the infrastructure for you.
You do not have to think about the provision of servers and infrastructure management when using Fargate.

14. Instance Store is a storage volume that acts as a physical hard drive.
It provides temporary storage for Amazon EC2 instance.
The data in an instance store persists during the lifetime of its instance.
If an instance reboots, data in the instance store will persist.
When the instance hibernates or terminates, you lose any data in the instance store.
It is recommended to avoid storing valuable data in the store instance.
Instance Stores are good for temporary files, and data that can be easily recreated.

15.AWS EBS is also called AWS Elastic Block Store.
EBS is a service that provides storage volumes.
You can use provided storage volumes in Amazon EC2 instances.
EBS volumes are used for data that needs to persist.
It is important to backup the data with AWS EBS snapshots.
After creating an EBS volume, you can attach it to an AWS EC2 instance.
If the EC2 instance stops or is terminated, all the data on the attached EBS volume remains.

EBS snapshot is an incremental data backup.
The first backup of a volume backups all the data.
Every next backup copies only a block of data that has changed since the last snapshot.
It saves on storage costs by not duplicating data.

16. AWS S3 is also called AWS Simple Storage Service.
S3 is a storage service.
It allows uploading any type of file.
In S3 you can set access permissions to a file.
It is object-level storage.
It offers unlimited space in the storage.
The maximum file size is 5 TB.

17. AWS S3 Storage Classes
There are many AWS S3 storage classes.
They differ in data availability.
How frequent data is retrieved and cost price.

S3 Standard:
S3 Standard is ideal for data that is accessed often.
Provides high availability for stored objects.
It stores data in at least three Availability Zones.
It is the most expensive class.

S3 Standard-Infrequent Access:
S3 Standard-Infrequent Access is also called S3 Standard-IA
S3 Standard-IA is ideal for data that is often accessed.
It has the same level of data availability as S3 Standard.
It stores data in at least three Availability Zones.
Lower storage price but higher data retrieval price.
It is higher priced than other classes.

S3 One Zone-IA (S3 One Zone-Infrequent Access)
It stores data in one Availability Zone.
It is cheaper than S3 Standard and S3 Standard-IA classes.

S3 Intelligent-Tiering:
S3 Intelligent-Tiering requires automation and monitoring.
It is recommended for data with unknown or frequently changing access.
It moves the object to the S3 Standard-IA class if it is not accessed for 30 days.
It moves objects to S3 Standard if accessed in S3 Standard-IA or S3 One Zone-IA classes.

S3 Glacier:
S3 Glacier is recommended for archiving data.
It can retrieve objects within a few minutes.
S3 Glacier is a cheaper and slower class.

S3 Glacier Deep Archive:
S3 Glacier Deep Archive has the lowest cost.
Like S3 Glacier, it is best for archives.
Compared to S3 Glacier, S3 Glacier Deep Archive can retrieve objects within 12 hours.

18. Cloud File System - AWS EFS
AWS EFS is also called AWS Elastic File System.
EFS is a file system.
Data in EFS is accessed via file paths.
Compared to AWS EBS, AWS EFS saves the data in many Availability Zones.
Scaling AWS EFS does not disrupt applications.
It is ideal if many services need to access the same data at the same time.

19. Amazon Aurora is a relational database ideal for large organizations and enterprises.
It offers high availability of data.
It is excellent for managing large amounts of data.
It is five times faster than a MySQL database.
It is three times faster than a PostgreSQL database.
Amazon Aurora creates six copies of data across three Availability Zones and a data backup on Amazon S3.
It ensures the data is available at all times.

AWS DynamoDB is a non-relational, NoSQL database.
It is a serverless database.
DynamoDB is a high performance service.
As AWS DynamoDB is a serverless database, you do not have to manage servers or an operational system to use it.

AWS DocumentDB is a document-based database service.
It is a type of NoSQL database.

Big Data Analytics - AWS Redshift
AWS Redshift is big data analytics service.
It can gather information from many sources.
It assists you with getting connections across your data.

Database Migration Service - AWS DMS
It helps you move data between databases.
There is a source database and a target database.
A source database is a database from where data is migrated.
A target database is a database where data is migrated to.
Your source database will remain operational during the migration process.
AWS DBS is simple to use, reduces application downtime, supports a wide range of databases, has low cost, and is reliable.

20. The AWS shared responsibility model is a concept of dividing responsibilities between AWS and a Customer.
AWS's responsibilities are the security of the cloud.
Customer responsibilities are security in the cloud.

AWS IAM is also called AWS Identity and Access Management.
It helps you securely manage AWS resources and services.
IAM features are:
AWS account root user
IAM Users
IAM policy
IAM groups
IAM roles
Multi-factor authentication

AWS Organizations is a container for your AWS accounts.
It comes with an organization root user by default.
It allows you to manage permissions of your organization's accounts.
Permissions in AWS organizations are controlled by service control policies (SCPs).
SCPs allow you to restrict AWS resources and services for each account.

AWS Artifact is a service.
It provides access to compliance reports and AWS security on demand.
It consists of AWS Artifact Reports and AWS Artifact Agreements.

AWS Artifact Agreements:
AWS Artifact Agreements are agreements about the use of certain types of information.
Types of information are used throughout AWS services.
It can manage individual account agreements, or all AWS Organization accounts agreements.

AWS Artifact Reports:
AWS Artifact Reports give you compliance reports.
They give information about compliance responsibility regarding certain standards.
AWS Artifact Reports are always up to date.

Denial-of-service attacks (DoS) attack is an effort to make an application or a website inaccessible.
The DoS causes an excessive flood of data that overloads an application or a website network.
DoS attack comes from a single source.

Distributed denial-of-service attacks (DDoS) attack comes from different sources.
Like DoS, DDoS attempts to make an application or a website inaccessible.
The attack can come from more than one attacker or a single attacker that uses bots.
Bots are infected computers that automatically flood your application or a website with excessive traffic.

AWS Shield:
AWS Shield gives protection against DoS and DDoS attacks.
It provides standard and advanced protection.
AWS Shield Standard protection protects all AWS users at no expense.
AWS Shield Advanced is a paid service.
AWS Shield Advanced provides attack details and can minimize the effects of more complex attacks.

AWS KMS is also known as AWS Key Management Service.
It ensures the security of your application data with cryptographic keys.
A cryptographic key is a sequence of characters that may be used to encrypt or decrypt data.

AWS WAF is also known as AWS Web Application Firewall.
It monitors your application's network requests.
It can allow or block network traffic.
To allow or block network traffic, AWS WAF uses ACL (web access control list).

Amazon Inspector:
Amazon Inspector helps you improve applications security.
It also helps improve applications compliance.
It checks the application for software versions and other vulnerabilities.

Amazon GuardDuty:
Amazon GuardDuty is a threat detection service.
It detects threats for AWS resources and infrastructure.

21.
Cloud Monitoring and Management Service - AWS CloudWatch
CloudWatch lets you monitor your resources.
It is a web-based service.
Configure the service to monitor and set alarms based on your metrics.

Access CloudWatch from your browser.
It gives you an overview of your resources in one single view.
CloudWatch gives insights across AWS services.

Cloud Action Logging Service - AWS CloudTrail
CloudTrail logs actions inside your AWS environment.
It records API calls on your account.

CloudTrail gives a complete history of user activity and API calls on your resources.
CloudTrail can be used to create events
Events are set up to understand what has happened.

CloudTrail Insights:
CloudTrail has a feature called CloudTrail Insights.
Insights let you detect unusual API activities on your account by automation.

Cloud Inspection Service - AWS TrustedAdvisor
TrustedAdvisor checks your account, evaluates, and recommends.
It recommends helping you follow AWS best practices.