AWS Basic Services
AWS Administration Services
AWS Deployment Services
With the AWS Solutions Architect Professional level certification, Amazon sought to identify individual administrators who are truly platform experts. Unless you've got some significant experience with AWS deployments and good familiarity with the full range of Amazon services, you probably won't have a chance at passing.
However, with this series of Cloud Academy courses, cloud expert Kevin Felichko is committed to making your learning process as smooth and productive as possible. Once complete, Kevin's guide to the Solutions Architect Professional level exam will lead you through the theoretical and practical skills you'll need to master this material.
This first course covers the key conceptual terminology and services that form the base for Amazon cloud architecting. The second course will guide you through fully-realized practical deployments, from start to finish. And the final course (late August, 2015) will focus on exam preparation and, in particular, strategies for confronting the particularly complicated style of question you'll face.
Do you have questions on this course? Contact our cloud experts in our community forum.
Networking Infrastructure in the Cloud is composed of various services that act to isolate your network from others, allow on-premise networks to connect to cloud-based networks, and manage DNS both internally and externally.
We will begin with the root of networking on AWS, the Virtual Private Cloud.
Virtual Private Cloud or VPC is a logically isolated section of the AWS Cloud dedicated to your environment. You have complete control over the VPC including the IP range, Subnets, Routing Tables and more. VPCs use security groups and access control lists to secure access and protect against unauthorized access.
With Virtual Private Gateways, you can connect existing networks to your VPC. VPCs are created with any network you establish in AWS. Whether as an extension to, or replacement of, an existing on-premise network.
You will have a VPC when you use AWS to host a multi-tier application. VPCs also make sense in disaster recovery scenarios.
There is no cost associated with using VPCs. Direct Connect is a private, dedicated, connection between your on-premise network and your AWS Virtual Private Cloud. It works whether that on-premise network exists at your office or colocation or data centre. It uses the 802.1 q VLAN standard.
Direct Connect will help eliminate network congestion. It is available at 14 locations worldwide. Amazon partners or APNs can help you use Direct Connect if your existing infrastructure is not in one of these 14 locations.
The main reason to use Direct Connect is in hybrid environments and or when you need to transfer large amounts of data between your network and your VPC.
When using Direct Connect you pay hourly, per port, based on port speed. On top of the hourly rate, you pay based on the amount of data transferred in gigabyte increments based on whether the data is headed out to the local region or to a remote region.
Data Transfers in are free.
Placement Groups are a logical grouping of instances within a single Availability Zone that offer a low-latency, 10 GB per second network. You can launch multiple EC2 Instances into one placement group.
The EC2 Instances must be a very specific instance types, in order to work. For the best performance you should use instances with enhanced networking. The most common use for Placement Groups is EC2 Instances that host applications requiring low network latency and or high network throughput.
There is no additional cost to using Placement Groups with your EC2 Instances.
Route 53 is a high available Domain Name System Service offered by AWS. It supports geographical routing based on an end user's location.
The DNS Failover feature can redirect users to an alternate location during an outage. It accomplishes this with Health Checks that monitor Endpoints.
You can also use Weighted Routing to divide traffic to different resources based on percentages. Latency Routing will direct users to the lowest latency Availability Zone.
If you have a domain name that you like to purchase, you can use Route 53 instead of having to use another registrar. With Route 53 you can use Private DNS that points to internal resources. Route 53 makes it easy to perform a graceful application failover from a dynamic site, accessible via an ELB to a static S3 base site, and this is a common use-case.
Companies that run Multi-Region Systems use the location-based routing functionality to send users to a region close to them.
You can use Weighted Routing to collect usage data or perform rolling deployments. Pricing starts with the Zones. You are charged per hosted zone. The rate per hosted zone changes after the first 25-hosted zones are created. The next charge is based on the number of queries it handles in million-query increments, with rates depending on the type of routing.
The last charge is Health Check Pricing. Health Check Pricing varies by Endpoint and type of check. Networking is an important topic for all AWS exams.
Specifically for this exam, you need to understand how to design, create, manage, and troubleshoot VPC and Subnets across Multiple Availability Zones.
You must know the components and services available for Hybrid Networking.
Route 53 is a critical exam item as well. Understand what it is used for and the features that make it essential to High Availability and top-notch performance for your end users.
In the next lesson, we turn our attention to the AWS Services used to secure and audit our AWS environments.
Kevin is a seasoned technologist with 15+ years experience mostly in software development.Recently, he has led several migrations from traditional data centers to AWS resulting in over $100K a year in savings. His new projects take advantage of cloud computing from the start which enables a faster time to market.
He enjoys sharing his experience and knowledge with others while constantly learning new things. He has been building elegant, high-performing software across many industries since high school. He currently writes apps in node.js and iOS apps in Objective C and designs complex architectures for AWS deployments.
Kevin currently serves as Chief Technology Officer for PropertyRoom.com, where he leads a small, agile team.