I’ve recently been having some conversations with clients who currently provide an on premise software solution. Their product started out as a two-tier thick client and has moved towards a cloud-hosted N-tier web application. Currently they deploy their solution on premise for each of their customers. They think they need to become multi-tenant in order to … Continue reading So you wanna be multi-tenant…
Here are the 9 parts of my study guide for the AWS Certified SysOps Administrator Exam. Part I: VPC Part II: Security Groups & NACLs Part III: VPC Access & VPC Peering Part IV: EC2 Instance Types Part V: EBS Part VI: S3 Part VII: ELB & Auto Scaling Part VIII: Route 53 Part IX: … Continue reading AWS Certified SysOps Administrator Exam: Study Guide
1. IAM a. Domain i. Users 1. Represents a specific set of credentials tied to the identity of a specific user ii. Groups 1. Group of users that can have permissions or roles associated 2. You can’t nest groups iii. Roles 1. Defines a set of permissions for a specific resource 2. Rather than … Continue reading AWS Certified SysOps Administrator Part IX: IAM, CloudWatch and RDS High Availability
1. Configuring Route 53 a. Characteristics i. Name comes from the default DNS port of UDP Port 53 ii. Built from the ground up iii. Worldwide distributed DNS iv. Database of name to IP address mappings v. Uptime SLA of 100% vi. Server health checks b. Record Types i. A 1. ‘A record’ 2. … Continue reading AWS Certified SysOps Administrator Part VIII: Route 53
1. Configuring Elastic Load Balancer (ELB) a. Characteristics i. Region wide load balancer 1. Deploy to multiple availability zones ii. Fully managed load balancer iii. Can be used internally or externally iv. Layer-7 functionality 1. SSL termination and processing a. Important because if its not done at the ELB it will happen on the … Continue reading AWS Certified SysOps Administrator Part VII: ELB & Auto Scaling
1. What is it? a. Its not a file system b. AWS Region-level storage 2. Types of Storage a. Standard Storage i. 11 9s durability: 99.999999999% durability ii. Availability 99.99% b. RRS i. 99.99% durability ii. 99.99% availability 3. Replication a. Data is stored on multiple facilities, multiple devices within each facility b. RRS … Continue reading AWS Certified SysOps Administrator Part VI: S3
1. EBS a. Storage Types i. Instance Store 1. Ephemeral ii. S3 1. Standard 2. RRS iii. EBS 1. GP-SSD 2. PIOPS 3. Magnetic iv. EFS 1. Network Attached Storage 2. Managed file system 3. Only supports Linux instances b. EBS Characteristics i. Billed on storage capacity and I/O ii. Does not need to … Continue reading AWS Certified SysOps Administrator Part V: EBS
1. On-Demand a. Pricing Model: Standard Retail b. Attributes i. Default type ii. Most expensive iii. No commitment and no advanced fee iv. Billed on an hourly basis 2. Reserved Instances a. Pricing Model: Pre-paid b. Attributes i. Less expensive ii. Requires a commitment (1 or 3 year commitment) iii. Reserved capacity. AWS will … Continue reading AWS Certified SysOps Administrator Part IV: EC2 Instance Types
1. VPC Access a. VPN i. Hardware-based VPN 1. Types of VPN a. Client-to-Site: Users that are getting access to corporate resources b. Site-to-Site: Corporate office connecting to another corporate office but using the internet c. Private Connection (e.g. MPLS): usually don’t have encryption on it 2. When you setup a hardware-based VPN is … Continue reading AWS Certified SysOps Administrator Part III: VPC Access & VPC Peering
1. Layered Security a. Overview i. Resources are inside a.. ii. VM Firewall (instance level – OS provided) iii. Security Groups (instance level - AWS platform provided) iv. NACLs (Subnet level) 2. Security Groups a. Resource level traffic firewall i. Instance, ELB, etc. ii. Control egress / ingress b. Stateful (return traffic allowed) c. Only … Continue reading AWS Certified SysOps Administrator Part II: Security Groups & NACLs
