Disclaimer
This blog is part of a 4 part series covering the 2024 AWS (CLF-CO2) study guide. While there is tremendous value in going through this blog even if you are not writing the exam , please be aware that the content is centered around the exam.
As with any exam , the curriculum and the course content will evolve over time , please pay attention to when this blog was written and take into account that the exam and its content may have changed.
Deploying and Operating in the AWS Cloud
- Different Ways of Provisioning and Operating in the AWS Cloud:
- Resource Deployment Methods: Options include manual setup through the console, infrastructure as code (e.g., AWS CloudFormation, Terraform), and automated deployment pipelines.
- Different Ways to Access AWS Services:
- APIs: Provide programmatic access to AWS services, allowing integration with other applications.
- SDKs: Software Development Kits simplify AWS interactions across programming languages.
- CLI (Command Line Interface): Enables executing commands via scripts or terminal commands.
- AWS Management Console: A graphical user interface for managing AWS services and resources.
- Types of Cloud Deployment Models:
- Cloud: Fully hosted on AWS, where all infrastructure is managed by AWS.
- Hybrid: Combines cloud and on-premises infrastructure, providing flexibility for specific workloads.
- On-Premises: Resources are managed locally, but AWS services may still be integrated.
- Connectivity Options:
- AWS VPN: Secure, encrypted connections to AWS from your on-premises network.
- AWS Direct Connect: A dedicated network connection for high bandwidth, low latency access to AWS.
- Public Internet: Access to AWS resources via standard internet connections.
- Deciding Between Access Methods:
- Programmatic Access: Ideal for automation and integration through APIs, SDKs, or CLI.
- AWS Management Console: Best suited for hands-on management and visual resource monitoring.
- Infrastructure as Code (IaC): Ensures consistent and repeatable deployments using tools like CloudFormation.
- Identifying Connectivity Options:
- AWS VPN: Best for secure, quick connections.
- AWS Direct Connect: Suitable for high throughput and consistent latency.
- Public Internet: Offers convenience and accessibility at a lower cost.
AWS Global Infrastructure
- AWS Regions, Availability Zones, and Edge Locations:
- Regions: Geographically isolated areas consisting of multiple Availability Zones.
- Availability Zones (AZs): Isolated data centers within a region that offer redundancy and low-latency network connections to each other.
- Edge Locations: Sites that cache content and accelerate data delivery, reducing latency.
- Use of Multiple Regions:
- Disaster Recovery (DR) and Business Continuity: Implementing cross-region backups and multi-region failover.
- Low Latency: Distributing applications to regions closer to end users.
- Data Sovereignty: Ensuring data remains within specific geographic regions for compliance.
- Benefits of Edge Locations:
- Amazon CloudFront: A content delivery network (CDN) that caches content close to users for faster load times.
- AWS Global Accelerator: Improves the availability and performance of applications by routing traffic to optimal endpoints.
- AWS Wavelength Zones and AWS Local Zones:
- Wavelength Zones: Extends AWS infrastructure to the edge of 5G networks for ultra-low latency applications.
- Local Zones: Offers low-latency access to specific AWS services, bringing compute, storage, and networking closer to end users.
AWS Compute Services
- Appropriate Use of Different EC2 Instance Types:
- Compute-Optimized: Suitable for high-performance computing (HPC), gaming, and scientific modeling.
- Memory-Optimized: Ideal for in-memory databases, big data analytics, and real-time processing.
- Storage-Optimized: Great for NoSQL databases, data warehousing, and Hadoop.
- General Purpose: Balanced compute, memory, and storage for diverse applications.
- Appropriate Use of Different Container Options:
- Amazon ECS: Best for managing containers using AWS’s native orchestration.
- Amazon EKS: Ideal for Kubernetes users who prefer open-source tooling and native integrations.
- AWS Fargate: Perfect for those needing fully serverless container orchestration.
- Appropriate Use of Serverless Compute Options:
- AWS Lambda: Best for event-driven applications, microservices, and one-time processing tasks.
- AWS Fargate: Suitable for applications that require full container orchestration without managing infrastructure.
- Auto Scaling for Elasticity:
- Amazon EC2 Auto Scaling: Automatically scales EC2 instances based on defined rules and demand.
- Application Auto Scaling: Provides scaling for ECS tasks, DynamoDB tables, and other AWS services.
- Purposes of Load Balancers:
- Application Load Balancer (ALB): Operates at the application layer (Layer 7), ideal for HTTP and HTTPS traffic.
- Network Load Balancer (NLB): Operates at the network layer (Layer 4), suited for high-throughput, low-latency traffic.
- Classic Load Balancer (CLB): Legacy load balancer that supports HTTP, HTTPS, and TCP protocols.
AWS Database Services
- AWS Database Services:
- Relational Databases (SQL): Amazon RDS and Amazon Aurora for managed database services.
- NoSQL Databases: Amazon DynamoDB and Amazon DocumentDB for flexible, schema-less data structures.
- In-Memory Databases: Amazon ElastiCache for caching and real-time analytics.
- Graph Databases: Amazon Neptune for complex relationship mapping.
- Data Warehousing: Amazon Redshift for large-scale analytics.
- Database Migration:
- AWS Database Migration Service (DMS): Helps migrate databases with minimal downtime.
- AWS Schema Conversion Tool (SCT): Converts database schemas from one database engine to another.
- EC2-Hosted vs. AWS-Managed Databases:
- EC2-Hosted: Offers full control over the database engine and configuration but requires managing backups, scaling, and maintenance.
- AWS-Managed: Includes features like automated backups, scaling, high availability, and security management.
- Relational Databases:
- Amazon RDS (Relational Database Service): Supports multiple database engines like MySQL, PostgreSQL, and SQL Server.
- Amazon Aurora: A high-performance, scalable relational database compatible with MySQL and PostgreSQL.
- NoSQL Databases:
- Amazon DynamoDB: Fully managed, low-latency, NoSQL database suitable for web, mobile, and gaming applications.
- Amazon DocumentDB: A managed MongoDB-compatible database for JSON-like document storage.
- Memory-Based Databases:
- Amazon ElastiCache: Supports Redis and Memcached for real-time caching and in-memory processing.
- Amazon MemoryDB: Fully managed Redis-compatible in-memory database for ultra-fast data processing.
AWS Network Services
- AWS Network Services:
- Amazon VPC (Virtual Private Cloud): Enables the provisioning of a logically isolated network, defining your own IP ranges and subnet configurations.
- Amazon Route 53: Managed DNS service that connects requests to AWS services or external domains.
- AWS Direct Connect: Dedicated private connection from on-premises networks to AWS.
- AWS VPN: Securely connects on-premises networks or individual devices to AWS via IPsec tunnels.
- AWS CloudFront: Content delivery network (CDN) that speeds up delivery of static and dynamic web content.
- Components of a VPC:
- Subnets: Logical subdivisions of a VPC that allow you to group resources.
- Gateways: Connect your VPC to other networks, such as:
- Internet Gateway: Enables communication between VPC resources and the internet.
- NAT Gateway: Allows private subnet instances outbound access to the internet.
- Virtual Private Gateway: Connects VPCs to your on-premises network using a VPN.
- Security in a VPC:
- Security Groups: Act as virtual firewalls for individual instances, controlling inbound and outbound traffic.
- Network ACLs: Operate at the subnet level and control traffic entering or leaving subnets.
- Purpose of Amazon Route 53:
- DNS Management: Handles domain registration, routing traffic, and managing DNS records.
- Traffic Routing: Supports routing policies for global load balancing, geolocation, and latency-based routing.
- Health Checks: Monitors endpoint health and ensures traffic is only directed to healthy endpoints.
AWS Storage Services
- AWS Storage Services:
- Amazon S3 (Simple Storage Service): Scalable object storage for any type of data.
- Amazon EBS (Elastic Block Store): Persistent block storage for EC2 instances.
- Amazon EFS (Elastic File System): Managed, scalable file storage that grows and shrinks automatically.
- Amazon FSx: Fully managed Windows file servers and high-performance file systems.
- AWS Storage Gateway: Connects on-premises environments to cloud storage.
- AWS Backup: Centralized service to manage backups across AWS resources.
- Differences in Amazon S3 Storage Classes:
- S3 Standard: Default class for frequently accessed data.
- S3 Intelligent-Tiering: Optimizes costs by automatically moving data between access tiers.
- S3 Standard-IA (Infrequent Access): Suitable for data accessed less frequently but requires rapid retrieval.
- S3 One Zone-IA: Lower-cost option for infrequently accessed data, stored in a single availability zone.
- S3 Glacier: Archive storage for data that doesn’t require immediate access, with different retrieval speeds.
- Block Storage Solutions:
- Amazon EBS: Persistent block-level storage for EC2 instances, offering performance and backup features.
- Instance Store: Temporary block storage that persists only during instance lifetimes, useful for caching.
- File Services:
- Amazon EFS: Managed NFS file system for shared access across multiple EC2 instances.
- Amazon FSx: High-performance file storage optimized for Windows workloads or high-speed data processing
AWS Artificial Intelligence and Machine Learning (AI/ML) Services and Analytics Services
- AWS AI/ML Services:
- Amazon SageMaker: Comprehensive service for machine learning (ML), enabling data scientists to build, train, and deploy models at scale.
- Amazon Lex: Builds intelligent chatbots for natural language understanding and text or voice interfaces.
- Amazon Kendra: Implements advanced search for improved data discovery across internal knowledge bases.
- Amazon Comprehend: Natural language processing service that extracts insights from documents.
- Amazon Rekognition: Analyzes images and videos to identify objects, faces, and inappropriate content.
- Amazon Personalize: Delivers personalized recommendations for end users using machine learning.
- AWS Analytics Services:
- Amazon Athena: Serverless querying service for S3, allowing SQL queries over stored data.
- Amazon Kinesis: Real-time data streaming platform for processing and analyzing streaming data.
- AWS Glue: Serverless data integration tool for extracting, transforming, and loading (ETL) data into data lakes and other stores.
- Amazon QuickSight: Scalable business intelligence service for creating data visualizations and generating business insights.
- Amazon Redshift: Fully managed data warehouse that handles petabyte-scale data.
Services from Other In-Scope AWS Service Categories
- Application Integration Services:
- Amazon EventBridge: Serverless event bus service that connects applications via events.
- Amazon Simple Notification Service (SNS): Push messaging service for sending alerts and notifications to various endpoints.
- Amazon Simple Queue Service (SQS): Fully managed message queue service for decoupling distributed systems.
- Business Application Services:
- Amazon Connect: Cloud-based contact center solution for managing customer interactions.
- Amazon Simple Email Service (SES): Email platform for sending transactional or marketing emails.
- Customer Engagement Services:
- AWS Activate for Startups: Provides startups with credits, technical training, and support.
- AWS IQ: Connects AWS experts with customers for projects and technical advice.
- AWS Managed Services (AMS): Automates infrastructure management.
- AWS Support: Offers support plans ranging from basic to enterprise levels.
- Developer Tool Services and Capabilities:
- AWS AppConfig: Manages application configurations.
- AWS Cloud9: Web-based IDE for coding, debugging, and running applications.
- AWS CloudShell: Browser-based shell with pre-configured AWS CLI.
- AWS CodeArtifact: Artifact repository for storing and sharing software packages.
- AWS CodeBuild: Managed CI service that compiles source code and runs tests.
- AWS CodeCommit: Source control service for hosting Git repositories.
- AWS CodeDeploy: Automates application deployments.
- AWS CodePipeline: CI/CD service to automate release pipelines.
- AWS CodeStar: Integrates project management tools with CI/CD workflows.
- AWS X-Ray: Analyzes and traces distributed applications.
- End-User Computing Services:
- Amazon AppStream 2.0: Streams desktop applications securely to a web browser.
- Amazon WorkSpaces: Provides secure, managed virtual desktops.
- Amazon WorkSpaces Web: Web-based access to virtual desktops and browser-based apps.
- Frontend Web and Mobile Services:
- AWS Amplify: Full-stack development framework for web and mobile apps.
- AWS AppSync: GraphQL API service that connects to data sources like DynamoDB and Lambda.
- IoT Services:
- AWS IoT Core: Securely connects and manages IoT devices.
- AWS IoT Greengrass: Extends cloud capabilities to local IoT devices.
- Choosing the Appropriate Service for Messaging and Alerts:
- Amazon SNS is suitable for high-throughput notifications, while Amazon SQS excels at message queuing.
- Choosing the Appropriate Service for Business Applications:
- For contact centers, Amazon Connect is ideal, whereas Amazon SES handles email-related needs.
- Choosing the Appropriate Service for Customer Support:
- AWS Support offers tailored plans ranging from basic to enterprise, with services like account monitoring and architectural guidance.