aws csa associate 04-07
TRANSCRIPT
AWS Certified Solutions ArchitectAssociate Level
Agenda● 08/Set - Abertura, Overview AWS e S3● 16/Set (terça) - Cloudfront e Route53● 22/Set - EC2 e VPC● 29/Set - RDS, DynamoDB e Other Storage Options● 06/Out - Elastic Beanstalk, CloudFormation, SWF e SQS● 13/Out - IAM e Security● 20/Out - Architecting for the Cloud e Revisão
Horário: 18:00 as 20:00
Retrospectiva
Como estamos até o momento?
Encontro 01S3
● O que é?● Pra que serve?● Durabilidade (com e sem RRS)● Disponibilidade● Web content hosting● Opções de criptografia● Object Lifecycle● Multi-part upload● Logs de acesso● Object versioning● Reduced Redundancy Storage
Modelo de Referência - Produtos
Encontro 02Route53
● O que é?● Pra que serve?● Ajuda com ?
○ Tolerância falha○ Escalabilidade
● Routing Policy○ Simple○ weighted○ Latency○ Failover○ Geolocation
● Health Checks
CloudFront● O que é?● Pra que serve?● Ajuda com ?
○ Tolerância falha○ Escalabilidade
● Impactos de fazer cache de conteúdo dinâmico
● Custom SSL
Encontro 03EC2
● Instâncias○ Tipos○ Como acessar
● Modelo de cobrança○ On demand○ Reserved○ Spot
● Elastic IPs● EBS● AMI● Load Balancers● Auto Scaling
○ Launch configurations○ Auto Scaling Groups○ CloudWatch
VPC● Como configurar?● Subnets● Route Tables● Internet Gateways● Qual impacto no Security Group?● NAT● Bastion Host● VPN
Agenda● 08/Set - Abertura, Overview AWS e S3● 16/Set (terça) - Cloudfront e Route53● 22/Set - EC2 e VPC● 29/Set - RDS, DynamoDB e Other Storage Options● 06/Out - Elastic Beanstalk, CloudFormation, SWF e SQS● 13/Out - IAM e Security● 20/Out - Architecting for the Cloud e Revisão
Horário: 18:00 as 20:00
O que preciso lembrar?RDS
● O que é?● Pra que serve?● Como obter:
○ Tolerância falha○ Escalabilidade
● Software Patching● Backups / Restores● Multi-AZ● Read Replica● Possui suporte a modelo
reserved?● Security Group● Suporte a VPC● Parameter Groups
DynamoDB● O que é?● Pra que serve?● Como obter:
○ Tolerância falha○ Escalabilidade
● Hash key● Range key● Secondary Indexes● Dynamic DynamoDB
Materiais de ApoioReferências1. Página oficial2. Post sobre o programa e prova3. AWS Architecture Center4. AWS Security Center5. AWS Documentation Page6. Curso online7. Slideshare
White Papers1. Overview of Amazon Web Services2. Overview of Security Processes3. AWS Risk and Compliance4. Storage Options in the AWS Cloud5. Architecting for the AWS Cloud: Best
Practices6. Storage Use Cases7. Designing Fault-Tolerant Applications in
the AWS Cloud
Agenda● 08/Set - Abertura, Overview AWS e S3● 16/Set (terça) - Cloudfront e Route53● 22/Set - EC2 e VPC● 29/Set - RDS, DynamoDB e Other Storage Options● 06/Out - Elastic Beanstalk, CloudFormation, SWF e SQS● 13/Out - IAM e Security● 20/Out - Architecting for the Cloud e Revisão
Horário: 18:00 as 20:00
RDS - Relational Database Service
● Serviço Gerenciado○ Sem acesso a SO○ Endpoint servidor banco○ Software patching○ Failure detection / Recovery○ Backups
● Escalonamento vertical○ Change instance type
● Escalonamento horizontal○ Read replica (MySQL)
Engines:● MySQL● PostgreSQL (re:Invent 2013)● Oracle● Microsoft SQL
Detalhemento● Storage Capacity
○ 5 GB - 3 TB*● IOPS - Standard X Provisioned
○ 1.000 - 30.000 IOPS*● Variáveis de cobrança (tem reserved)
○ Instance class○ Running time
■ Full instance-hour.○ Storage
■ Pro-rated○ I/O requests per month○ Backup storage
■ no additional charge for 100% provisioned database storage
○ Data transfer
● Instance Type○ Micro Instances○ Standard○ Memory Optimized○ Burst Capable
● Variáveis○ vCPU○ ECU○ Memory○ EBS-Optimized ○ Network Performance
* Depende da engine usada, tipo de máquina e tamanho do storage
Escalonamento - Read● Read Replica
○ (MySQL)○ Cross Region○ Parallel Replica Creation
Escalonamento - Read Complex
Escalonamento - Write
Exemplo:www.scalebase.com
Segurança● VPC● Security Group
○ Alerta: Integração com EC2s fora da VPC
● IAM○ DB instances○ DB snapshots○ Read replicas○ Reserved instances○ DB security groups○ DB option groups○ DB parameter groups○ Event subscriptions○ DB subnet groups
Exemplos Regras IAM1. Permit a user to perform any Describe action on any RDS resource
2. Permit a user to create a DB instance that uses a specified DB engine
3. Permit a user to create a DB instance that uses the specified DB
parameter and security groups
4. Prevent users from creating DB instances for certain DB instance classes
and from creating DB instances that use Provisioned IOPS
Lab 1
RDS MySQL
Agenda● 08/Set - Abertura, Overview AWS e S3● 16/Set (terça) - Cloudfront e Route53● 22/Set - EC2 e VPC● 29/Set - RDS, DynamoDB e Other Storage Options● 06/Out - Elastic Beanstalk, CloudFormation, SWF e SQS● 13/Out - IAM e Security● 20/Out - Architecting for the Cloud e Revisão
Horário: 18:00 as 20:00
Principais Funcionalidades● Fully managed cloud NoSQL database service● Fast, Predictable Performance
○ Particionamento de informações○ SSD
● Scalable● High Availability
○ Replica dados em AZs● Mais cobrado na prova de Developer
Custo● Capacidade de taxa de transferência provisionada
○ 10 unidades de capacidade de gravação○ 50 unidades de capacidade de leitura
● Armazenamento de dados indexados● Capacidade reservada
○ Até 53% no período de 1 ano○ Até 76% no período de 3 anos
● Alertas○ Secondary Indexes○ Código capacidade VS operações por segundo
Secondary Indexes
Dynamic DynamoDB
Lab 2
Dynamo DB
Agenda● 08/Set - Abertura, Overview AWS e S3● 16/Set (terça) - Cloudfront e Route53● 22/Set - EC2 e VPC● 29/Set - RDS, DynamoDB e Other Storage Options● 06/Out - Elastic Beanstalk, CloudFormation, SWF e SQS● 13/Out - IAM e Security● 20/Out - Architecting for the Cloud e Revisão
Horário: 18:00 as 20:00
Traditional Storage Options● Memory
○ Caches, In-memory databases and RAM disks● Storage area network (SAN)
○ Virtual disk LUNs● Direct-attached storage (DAS)● Network attached storage (NAS)● Databases
○ Relational database, a NoSQL non-relational database, or a data warehouse.● Backup and Archive
○ Tapes or optical media● Message Queues
○ Temporary durable storage for data sent asynchronously between computer systems or application components.
AWS Storage Options (1/3)
AWS Storage Options (2/3)
AWS Storage Options (3/3)
O que preciso lembrar?RDS
● O que é?● Pra que serve?● Como obter:
○ Tolerância falha○ Escalabilidade
● Software Patching● Backups / Restores● Multi-AZ● Read Replica● Possui suporte a modelo
reserved?● Security Group● Suporte a VPC● Parameter Groups
DynamoDB● O que é?● Pra que serve?● Como obter:
○ Tolerância falha○ Escalabilidade
● Hash key● Range key● Secondary Indexes● Dynamic DynamoDB
AWS Certified Solutions ArchitectAssociate Level
OBRIGADO!!
Questão 01 / 10Does S3 provide read-after-write consistency?a. No, not for any regionb. Yes, but only for certain regionsc. Yes, but only for certain regions and for new objectsd. Yes, for all regions
Questão 02 / 10What is the maximum size of a single S3 object?a. There is no such limitb. 5 TBc. 5 GBd. 100 GB
Questão 03 / 10Is data stored in S3 is always encrypted?a. Yes, S3 always encrypts data for securityb. No, there is no such featurec. Yes, but only when right APIs are calledd. Yes, but only in Gov Cloud datacenters
Questão 04 / 10What is true for S3 buckets (select multiple if more than one is true)?a. Bucket namespace is shared and is global among all AWS users.b. Bucket names can contain alphanumeric charactersc. Bucket are associated with a region, and all data in a bucket resides in that regiond. Buckets can be transferred from one account to another through API
Questão 05 / 10EBS can always tolerate an Availability Zone failure?a. No, all EBS volume is stored in a single Availability Zoneb. Yes, EBS volume has multiple copies so it should be finec. Depends on how it is setupd. Depends on the Region where EBS volume is initiated
Questão 06 / 10Which of the following Auto scaling CANNOT do (select multiple if more than one is true)?a. Start up EC2 instances when CPU utilization is above thresholdb. Release EC2 instances when CPU utilization is below thresholdc. Increase the instance size when utilization is above thresholdd. Add more Relational Database Service (RDS) read replicas when utilization is above threshold
Questão 07 / 10Which of the following benefits does adding Multi-AZ deployment in RDS provide (choose multiple if more than one is true)?a. MultiAZ deployed database can tolerate an Availability Zone failureb. Decrease latencies if app servers accessing database are in multiple Availability Zonesc. Make database access times faster for all app serversd. Make database more available during maintenance tasks
Questão 08 / 10What happens to data when an EC2 instance terminates (select multiple if more than one is true)?a. For EBS backed AMI, the EBS volume with operation system on it is preservedb. For EBS backed AMI, any volume attached other than the OS volume is preservedc. All the snapshots of the EBS volume with operating system is preservedd. For S3 backed AMI, all the data in the local (ephemeral) hard drive is deleted
Questão 09 / 10For an EC2 instance launched in a private subnet in VPC, which of the following are the options for it to be able to connect to the internet (assume security groups have proper ports open).a. Simply attach an elastic IPb. If there is also a public subnet in the same VPC, an ENI can be attached to the instance with the ip address range of the public subnetc. If there is a public subnet in the same VPC with a NAT instance attached to internet gateway, then a route can be configured from the instance to the NATd. There is no way for an instance in private subnet to talk to the internet
Questão 10 / 10When an ELB is setup, what is the best way to route a website’s traffic to it?a. Resolve the ELB name to an ip address and point the website to that ip addressb. There is no direct way to do so, Route53 has to be usedc. Generate a CNAME record for the website pointing to the DNS name of the ELB