AWS CP

Aws Cp (AWS Cloud particionar) - CLF 02

CSP (Cloud Serivce Provider) - AWS, GCP, AZURE

AWS Certification levels-

1. Foundation (AWS CP)

2. Associate
3. Professional
4. Speciality

AWS CP - CLF 02

Number of Questions: 65

Duration: 90 minutes + 30 minutes

Min Score to pass: 700/1000

Note: there are upto 15 questions which are unscored.

Type of question: Single answer/ Double answer

AWS FREE Tier:

12 months duration, but you have to use every service in AWS with in the limits

Lab 1: AWS Free Tier Account Creation

IAM (Identity Access Management)

It is used to provide access like roles, permissions and assign policies to AWS users

IAM Identies

1. IAM Groups
2. IAM Users
3. IAM Roles
4. IAM Permissions Policies / Policies [AWS and Organization]

Root user : Root user is the one who will create an AWS account and he will only manage the bill
console. He is also called as admin

IAM user: this user is created by Root user.

LAB 2: IAM Demonstration

S3 (Simple Storage Service)

This is a storage service in AWS, S3 is a bucket which contains object. Where object is a file or a
folder.

5GB is the limit for S3 in free tier account

S3 is not about storate, it is used to deploy static files like HTML with CSS also

LAB-3: Demonstration of s3 bucket with bucket versioning and static file hosting.

Types of cloud:

1. Public Cloud (AWS , GCP , AZURE) - third party CSP’s

2. Private Cloud – Owned by specific organization and can be collaborated with public cloud
3. Hybrid Cloud (public + Private)

Cloud Deployment Models:

1. Iaas ( Infrastructure as a service)

IT infrastructure – Storage, Database, networking, security, serives..
2. Paas (Platform as a service)
to code, execute and test the application
3. Saas (Software as a service)
to access the application after deployment in cloud

Cloud – it is a storage medium which can be accessed from anywhere

Cloud Computing:

Using on demand IT infrastructure based on pay as you go model.

On demand (cloud)

On premises(local)

AWS Global Infrastructure:

Regions

Every regions contains AZs (Availability zone)

Every AZs contains Local Zone

Local Zone some times called wave length zone

Block all public access

Amazon EC2 (Elastic compute cloud)

- It is virtual server in cloud

- It is a web service / web server where AWS User or Subscribes can utilize the resources like
storage, security, networking etc…
- In EC2, an instance will be created, stopped and terminated

Lab – 4 :

Demonstration on EC2 instance with Linux AMI (Amazon Machine Image)

Security group(SG):

It is a fire wall which contains incoming rules and out going rules [ incoming / outgoing rules]

Note: For every region, there will be one default security Group.

us-east-2 (ohio)  3 AZs (us-east-2a, us-east-2b, us-east-2c)

Note: For every region, there will be one VPC (virtual private cloud)

.pem (privacy enhanced mail) : this file will be generated by AWS directly

.ppk (putty private key)

Puttygen s/w is used to convert .pem file into .ppk file.

Key pair is used to provide security to the EC2 instance ans it used to check authentication while
connecting to the EC2 instance using SSH (secure shell)

Note : for every avalibality zone, ther will be one default subnet
LAB- 05: Demonstration on EC2 Instance with Linux AMI and Userdata

DynamoDB:

1. This AWS Service is used to store unstructured data (no SQL – Not only SQL)
2. Dynamo DB is schema less database in which records will be inserted in the form of
JSON(Java Script Object Notation)
3. DynamoDB contains Table and primary key.
Primary key = Partition key+ Sork key (optional)
Key is an attribute or more than attribute used to uniquely identify the records in the table

Mysql/posgresql | Mongo DB | Dynamo DB

Database | database | database

Tables | collections | tables

Records/tuples | documents | items

Columns/fields | attributes/key | attributes

Amazon RDS (relation database service) :

It is a serivice which provides database connectivite through the internet

RDS makes it very easy to setup relationships in cloud instead of concentration on data base
features you can concentrate more on application to provide high availability, security,
compatability.

There are 6 data base technologies provided by RDS.

1. Mysql
2. Postgresql
3. Maria database
4. Aurora
5. Oracule
6. Microsoft sql server
 Lab – 07:

1) Creation of EC2 Instance with Linux AMI

2) Creation of RDS Instance and connecting to the RDS (MYSQL / POSTGRESSQL) using EC2
Instance

dbinstancejan31
root
klef1234
3306
awscp
dbinstancejan31.cdiyeam2ai2s.us-east-2.rds.amazonaws.com

creating a table:
create table student
(
id int primary key,
name varchar(30) not nul
);

Lab -8:

AWS Lambda:

This service is used for sever less computing, in this we are going to create function based
on any specific programming language or run time environments.

The main use of lambda is, server management will be done by lambda and the coding part
will be carried out by developer.

NOTE:

Every lambda function must be tested by using event, whatever the data is submitted while testing
the event will be saved under event variable. Event variable is of JSON(key value pair)

Lab- 09: Creating of cloud Watch Billing Alaram for Billing Alerts
VPC –

- It is a vurtiual network dedicated to your aws account.

- It provides a logically isolated region of AWS cloud where you launch your resources and
configure network setting.

Subnet:

- It is a segmented portion of larger network such as VPC where you can place and orginaze
resources.
- It allows you to partion ip network into smaller network or more network.
There are two types of subnet
1. Private
2. Public

Route Table: (path)

- It is a set of rules or routes that determine where network traffic is directed.

- In the context of vpc a route table is associated with a subnet and defines how traffic is
routed between the subnet and other networks, both within and outside the VPC

VPC PEER Connection:

- It define as network connection between more than one VPC.

- Using this connection resources in one VPC can access resource in another VPC using private
Ip address.

Lab -10: Demo on VPC peer connection between two EC2 instances.

Lab 11: demonstration on EC2 instance to upload an object in s3 bucket

Cloud Watch & CloudTrail:

Cloud watch: cloud watch is a monitoring services for AWS cloud resources and your application.

It may be used to gather metric, collect and monitor log files , create alarms and automatically

respond to change that may be occurred in AWS resources.

Cloud Trail: cloud trail is a AWS services that keeps records of activities taken by users , roles.

It provides a automatic way to track the event history of all AWS accounts in a single location

Athena:

This service is used to quiring Cloudtrail data and makes its easy to analysis directly in S3 bucket
using standard SQL quries.

Lab-12: Demonstration on AWS Lambda Function to copy the data from one S3 bucket to another S3
bucket.

1) Copying the object from one S3 bucket to another s3 bucket using lambda function (python
code)
2) Copying the object from one s3 bucket(source) to another s3 bucket (destination) using s3
trigger.
Input : S3 input bucket name, key

Lab -13: demonstration on EC2 instance with UNIX AMI

EBS (Elasstic Bean Stalk):

- It is a compute service that makes it easier for developers for manage the application.
- Developers can simply upload their code in cloud then let AWS EBS provision and handle the
configuration.

AWS Waf(web application firewall):

- It is a security system that controls incoming and outgoing traffic form web sites from AWS
cloud. And it protects applications form common web attacks.

Lab-14: Demonstration on EBS

Lab 15: demo on AWS Lambda Function to create EC2 instance.

EBS (Elastic Block Store):

- It allows to create network attach volumes for your EC2 instance.

- Since it uses network to communicate with compute node there could be a bit of latency.
- Elastic standards for scale up or scale down the volumes based on the requirements.
- There are two types of storages, HDD or SSD.

Auto Scaling:

- it monitors the yours application and automatically adjust the capacity to maintain the
steady performance, predictable performance at lowest possible cost.
- Using AWS auto scaling it is easy to set up applications scaling for multiple services.

ELV(Elastic Load balancer):

- It is a service in which incoming traffic will be efficiently distributed among the server which
will increase the speed.

Lab -16: Demo on Lambda function to create S3 bucket

Lab 17: Demo on auto scaling and load balancing