AWS Solutions Architect (Associate) Exam Course · PDF fileAWS Solutions Architect (Associate) Exam Course Manual The Orion Papers Enter

AWS Solutions Architect (Associate) Exam Course Manual

The Orion Papers

Enter

Linux AcademyKeller, TexasUnited States of America

March 31, 2017

To All Linux Academy Students:

Welcome to Linux Academy's AWS Certified Solutions Architect (associate level) prep course. As part of this course, we are introducing an exciting innovation in AWS instruction - called The Orion Papers.

The Orion Papers is a non-linear, visual, interactive guide designed to enhance your learning and understanding of AWS. This guide can be used independently of the video lessons, but is meant to be supplemental and used in conjunction with the video lessons and live labs provided on linuxacademy.com.

Thank you for joining us on this AWS adventure!

Sincerely,

T homas B . H aslett

Thomas B. HaslettCourse Author

The Orion Papers

Continue

The Orion PapersAppendix

Welcome to the Appendix for the Orion Papers

Here you will find helpful resources and links to aid in your exploration of AWS.

Select a resource in the navigation panel above to explore various parts of this appendix.

Terminology About the Exam Helpful Links Live LabsCSA Concepts Exit

The Orion PapersPhysical & Networking Layer

Account & Services Layer

On-Premise Servers

Appendix

HybridEnviornments

On-premise Data Center

Open InternetOpen Internet

AWS Console AWS CLI

AWS Users(dev. account)

IAM

AWS Account(i.e. Development Account)

AWS Account(i.e. Production Account)

IAM

AWS Account & Services Layer

The Account & Services Layer represents how you create, access, and manage an AWS account and it's services. From how you interact with an AWS account and managing user rights, to how you access and use various AWS services and features.

This layer is all about account management & managing services.

AWS Infrastructure "Container"

Account Connection Tools

AWS Root Account HolderAWS Users

(prod. account)

Cross Account Access

The Orion PapersAccount & Services Layer

Physical & Networking Layer

On-Premise Servers

Appendix

HybridEnviornments


i.e. us-east-1 i.e. us-west-1

i.e. eu-central-1 i.e. ap-northeast-1

AWS Edge Location

AWS Physical & Networking Layer

The Physical & Networking Layer represents the global infrastructure of AWS in terms of where resources are physically located around the world and how data flows through the AWS network.

This layer is all about how AWS is organized, and how internal and external communication with AWS works.

AWS Region

Open Internet

Customers(front end/public access)

AWS Users(back end/private access)

Web Browser (http)

Terminal(ssh/rdp)

AWS Edge Location

AW

S In

fras

ruct

ure

"C

on

tain

er"

AWS Region

AWS RegionAWS Region

The Orion Papers

On-Premise Servers

HybridEnviornments



Appendix


AWS Physical & Networking Layer(Networking)

Moving into a pure networking view, this diagram represents how data is routed through AWS's networking infrastructure for highly available and fault tolerant web application. Identifying the methods of access for both customers (front end) and developers (back end).

VPC Peering


VPC 1(DEFAULT VPC)

Route 53(DNS)

CloudFront

S3

Terminal(ssh/rdp)


AWS Users(back end/private access)

Web Browser (http)

Open Internet

Go Back

Content Delivery (CDN)

Static Web Hosting/DNS Failover

AW

S In

fras

ruct

ure

"C

on

tain

er"

VPC 2 (user created)

The Orion Papers

On-Premise Servers



Appendix


On-Premise Servers

AWS Physical & Networking Layer(Hybrid Environments)

Hybrid architecture allows you to combine resources located in the AWS cloud with resources located on-premise, and use them as if they were located in the same environment.

Go Back

AWS Infrasructure "Container"

Availability Zone Availability Zone

Subnet 2 Subnet 1

VPC

VirtualPrivate Network

AWS Direct Connect

AWS Storage Gateway



HybridEnviornments

Appendix

Non-AWS Account holders who may need AWS Access


Open Internet

AWS Console AWS CLI

AWS Account & Services Layer(IAM)

Moving into a more detailed view of IAM, here you can view an example of various ways different users and resources access an S3 bucket. Including all the IAM components required, such as Users, Groups, Roles, Policies, and API Keys.

IAM Essentials




(prod. account)

EC2

S3 Bucket

Open Internet

Root user has UNLIMITED access

to all AWS resources by defaultIAM User

IAM Role

IAM Group

IAM Policy

IAM API Keys

Federate with SAML providers (i.e. Active

Directory) for temporary and single sign on access

Go Back



On-Premise Servers

Appendix

HybridEnviornments


AWS Account & Services Layer(storage services)

AWS's main storage service is S3. As represented in the diagram, S3 has many different methods of importing, exporting, and syncing data with on-premise networks.

Go Back

S3

Storage Services

Storage Gateway

Snowball

Multi-Part UploadSingle Operation

Upload

IAM

AWS Import/Export

Snowball

Storage Gateway S3

Glacier

Open Internet

AWS Console



(prod. account)


AWS Account(i.e Production Account)

AWS CLI

Lifecycle Policies

Storage "Transit" Services



On-Premise Servers

Appendix


HybridEnviornments

AWS Account & Services Layer(compute services)

AWS's main compute service is EC2 - which are virtual servers you can provision in the AWS cloud. AWS also offers a newer service called Lambda, which is a serverless option for a different kind of computing requirements.

Go Back

LambdaEC2

IAM

Open Internet

AWS Console



(prod. account)



AWS CLI

AWS Compute Services

Virtual Server Based Computing Serverless Computing



On-Premise Servers

Appendix


HybridEnviornments

AWS Account & Services Layer(Database Services)

AWS offers a wide range of database services, with its primary offerings including both RDS (SQL) and DynamoBB (NoSQL). Also included in the database category are options for high-performance (ElastiCache) and data warehousing (Redshift) datasets.

Go Back

IAM

Open Internet

AWS Console



(prod. account)



AWS CLI


Fully-Managed SQL Databases

Serverless NoSQL Database

In-Memory Cache Engine

RDS

ElastiCache

DynamoDB

Petabyte-Scale Data Warehouse

Redshift



On-Premise Servers

Appendix


HybridEnviornments

AWS Account & Services Layer(Application Services)

Application and messaging services provided by AWS offer a great variety of solutions - from receiving important alerts and creating decoupled environments, to managing every task required in workflow.

Go Back

IAM

Open Internet

AWS Console



(prod. account)



AWS CLI


NotificationsQueue

Management

Workflow Management

SNS SQS

SWF



On-Premise Servers

Appendix


HybridEnviornments

AWS Account & Services Layer(Deployment Services)

CloudFormation and Elastic BeanStalk offer two great options for quick and efficient deployment of application infrastructure.

CloudFormation to manage infrastructure as code, and Elastic BeanStalk to easily deploy out simple single tier applications.

Go Back

Elastic BeanStalk

IAM

Open Internet

AWS Console



(prod. account)



AWS CLI

AWS Deployment Services

CloudFormation

Infrastructure as Code

Simple App Deployment



On-Premise Servers

Appendix


HybridEnviornments

AWS Account & Services Layer(Monitoring Services)

AWS offers two primary monitoring services (CloudWatch and CloudTrial), which can work together or independently, that allow you to effectively keep tabs on the status of your environment and who is taking what actions inside of it.

Go Back

CloudTrailCloudWatch

IAM

Open Internet

AWS Console



(prod. account)


AWS CLI


AWS Monitoring Services

Monitoring AWS Resources Logging Actions



On-Premise Servers

Appendix


HybridEnviornments

AWS Account & Services Layer(Analytic Services)

AWS provides to primary service for data analytics. Kinesis for real-time data processing, and Elastic MapReduce for Hadoop framework data processing.

Go Back

Elastic MapReduce

Kinesis

IAM

Open Internet

AWS Console



(prod. account)



AWS CLI

AWS Analytic Services

Real-time Data Processing

Hadoop Framework Data Processing

Start

Lesson Navigation

Lambda Basics

Back to Main

Project Omega

Lambda Test

Finish

Quick Reference Current Section = Lambda

AWS Essentials Section (12):Lambda

Section (12) Topics Include:Introduction to AWS Lambda

Overview of Serverless ComputingPricing/Cost Overview

Using Lambda to Execute Code

OFF


Route 53(DNS)


Web Browser (http)

Open Internet

AW

S In

fras

ruct

ure

"C

on

tain

er"

CloudFront Essentials

ELB

EC2

Edge Location

Edge Location

Edge Location

Edge Location

CloudFront "Origin"

S3

Documents

AWS Solutions Architect (Associate) Exam Course · PDF fileAWS Solutions Architect (Associate) Exam Course Manual The Orion Papers Enter