Sie sind auf Seite 1von 17

TheOrionPapers

AWS Solutions Architect (Associate)


Exam Course Manual

Enter
TheOrionPapers

Linux Academy
Keller, Texas
United States of America

March 31, 2017

To All Linux Academy Students:

Welcome to Linux Academy's AWS Certified Solutions Architect (associate level) prep course. As part of
this course, we are introducing an exciting innovation in AWS instruction - called The Orion Papers.

The Orion Papers is a non-linear, visual, interactive guide designed to enhance your learning and
understanding of AWS. This guide can be used independently of the video lessons, but is meant to be
supplemental and used in conjunction with the video lessons and live labs provided on linuxacademy.com.

Thank you for joining us on this AWS adventure!

Sincerely,

T homas B . H aslett
Thomas B. Haslett
Course Author

Continue
TheOrionPapers
Appendix
CSA Concepts Terminology About the Exam Helpful Links Live Labs Exit

Welcome to the Appendix for the Orion Papers

Here you will find helpful resources and links


to aid in your exploration of AWS.

Select a resource in the navigation panel above


to explore various parts of this appendix.
TheOrionPapers
Account & Services Layer

Physical & Networking Layer AWS Root


AWS Users Account Holder AWS Users
(prod. account) (dev. account)
AWS Account & Services Layer
Account Connection Tools
The Account & Services Layer
represents how you create, access,
and manage an AWS account and it's
services. From how you interact with AWS Console AWS CLI
an AWS account and managing user
rights, to how you access and use
various AWS services and features.

This layer is all about account


management & managing services. Open Internet Open Internet

AWS Infrastructure " Container"

Appendix

IAM IAM

Cross
Account Access
AWS Account AWS Account
(i.e. Production Account) (i.e. Development Account)

On-premise Data Center

Hybrid
Enviornments

On-Premise
Servers
TheOrionPapers
Account & Services Layer

Physical & Networking Layer Customers AWS Users


(front end/public access) (back end/private access)

AWS Physical & Networking Layer

The Physical & Networking Layer Web Browser Terminal


represents the global infrastructure of (http) (ssh/rdp)
AWS in terms of where resources are
physically located around the world
and how data flows through the AWS Open Internet
network.

This layer is all about how AWS is


organized, and how internal and
external communication with AWS AWS Region AWS Region
works.
i.e. us-east-1 i.e. us-west-1

Appendix
AWS Infrasructure " Container"

AWS Region AWS Region


i.e. eu-central-1 i.e. ap-northeast-1

On-premise Data Center


AWS Edge Location AWS Edge Location

Hybrid
Enviornments

On-Premise
Servers
TheOrionPapers
Account & Services Layer

Physical & Networking Layer Customers AWS Users


(front end/public access) Open Internet (back end/private access)

AWS Physical & Networking Layer


(Networking)
Web Browser Terminal
Moving into a pure networking view, (http) (ssh/rdp)
this diagram represents how data is
routed through AWS's networking
infrastructure for highly available
and fault tolerant web application. AWS Account
Identifying the methods of access for (i.e. Production Account)
both customers (front end) and
developers (back end). Route 53 Content Delivery (CDN)
(DNS)

Go Back

Appendix CloudFront

Static Web Hosting/DNS Failover


AWS Infrasructure " Container"

S3

On-premise Data Center


VPC 1 VPC Peering VPC 2
(DEFAULT VPC) (user created)

Hybrid
Enviornments

On-Premise
Servers
TheOrionPapers
Account & Services Layer

Physical & Networking Layer

AWS Physical & Networking Layer


(Hybrid Environments)

Hybrid architecture allows you to


combine resources located in the AWS Infrasructure " Container"
AWS cloud with resources located
on-premise, and use them as if they
were located in the same
environment.

Go Back

Appendix VPC

Subnet 1 Subnet 2

On-premise Data Center

Virtual
Private Network

On-Premise
Servers

AWS
Direct Connect

AWS
On-Premise Storage Gateway
Servers
Availability Zone Availability Zone
TheOrionPapers
Account & Services Layer

Physical & Networking Layer AWS Root


AWS Users Account Holder
(prod. account)
AWS Account & Services Layer
(IAM) Account Connection Tools

Moving into a more detailed view of


IAM, here you can view an example of
various ways different users and AWS Console AWS CLI
resources access an S3 bucket.
Including all the IAM components
required, such as Users, Groups,
Roles, Policies, and API Keys.
Open Internet Open Internet

Go Back AWS Infrastructure " Container"

Appendix

IAM
Essentials Root user has
UNLIMITED access
to all AWS resources
IAM User IAM Group by default

IAM API Keys

On-premise Data Center

Federate with SAML


providers (i.e. Active
Directory) for temporary
Hybrid and single sign on access
IAM Policy
Enviornments
Non-AWS Account
S3
holders who may Bucket
need AWS Access
EC2 IAM Role
TheOrionPapers
Account & Services Layer

Physical & Networking Layer AWS Root


AWS Users Account Holder
(prod. account)
AWS Account & Services Layer
(storage services) Account Connection Tools

AWS's main storage service is S3. As


represented in the diagram, S3 has
many different methods of importing, AWS Console AWS CLI
exporting, and syncing data with
on-premise networks.

Open Internet

Go Back AWS Infrastructure " Container"

Appendix
AWS Account
(i.e Production Account)
IAM

Storage " Transit" Services

Single Operation
Multi-Part Upload
Upload
AWS
Import/Export

On-premise Data Center Storage Services


Snowball
Snowball

Lifecycle Policies

Hybrid Storage
Storage Glacier
Enviornments Gateway S3
S3
On-Premise
Servers
TheOrionPapers
Account & Services Layer

Physical & Networking Layer AWS Root


AWS Users Account Holder
(prod. account)
AWS Account & Services Layer
(compute services) Account Connection Tools

AWS's main compute service is EC2 -


which are virtual servers you can
provision in the AWS cloud. AWS AWS Console AWS CLI
also offers a newer service called
Lambda, which is a serverless option
for a different kind of computing
requirements.
Open Internet

Go Back AWS Infrastructure " Container"

Appendix
AWS Account
(i.e Production Account)
IAM

AWS Compute Services

Virtual Server
Based Computing Serverless Computing

On-premise Data Center

EC2 Lambda

Hybrid
Enviornments

On-Premise
Servers
TheOrionPapers
Account & Services Layer

Physical & Networking Layer AWS Root


AWS Users Account Holder
(prod. account)
AWS Account & Services Layer
(Database Services) Account Connection Tools

AWS offers a wide range of database


services, with its primary offerings
including both RDS (SQL) and AWS Console AWS CLI
DynamoBB (NoSQL). Also included
in the database category are options
for high-performance (ElastiCache)
and data warehousing (Redshift)
datasets.
Open Internet

Go Back AWS Infrastructure " Container"

Appendix
AWS Account
(i.e Production Account)
IAM

AWS Compute Services

Fully-Managed Serverless
SQL Databases NoSQL Database

RDS DynamoDB
On-premise Data Center
In-Memory Petabyte-Scale
Cache Engine Data Warehouse

Hybrid
Enviornments
ElastiCache Redshift
On-Premise
Servers
TheOrionPapers
Account & Services Layer

Physical & Networking Layer AWS Root


AWS Users Account Holder
(prod. account)
AWS Account & Services Layer
(Application Services) Account Connection Tools

Application and messaging services


provided by AWS offer a great variety
of solutions - from receiving important AWS Console AWS CLI
alerts and creating decoupled
environments, to managing every task
required in workflow.

Open Internet

Go Back AWS Infrastructure " Container"

Appendix
AWS Account
(i.e Production Account)
IAM

AWS Compute Services

Queue
Notifications
Management

SNS SQS
On-premise Data Center
Workflow
Management

Hybrid
Enviornments
SWF
On-Premise
Servers
TheOrionPapers
Account & Services Layer

Physical & Networking Layer AWS Root


AWS Users Account Holder
(prod. account)
AWS Account & Services Layer
(Deployment Services) Account Connection Tools

CloudFormation and Elastic


BeanStalk offer two great options for
quick and efficient deployment of AWS Console AWS CLI
application infrastructure.

CloudFormation to manage
infrastructure as code, and Elastic
BeanStalk to easily deploy out simple
single tier applications. Open Internet

Go Back AWS Infrastructure " Container"

Appendix
AWS Account
(i.e Production Account)
IAM

AWS Deployment Services

Infrastructure Simple App


as Code Deployment

On-premise Data Center

CloudFormation Elastic BeanStalk

Hybrid
Enviornments

On-Premise
Servers
TheOrionPapers
Account & Services Layer

Physical & Networking Layer AWS Root


AWS Users Account Holder
(prod. account)
AWS Account & Services Layer
(Monitoring Services) Account Connection Tools

AWS offers two primary monitoring


services (CloudWatch and
CloudTrial), which can work together AWS Console AWS CLI
or independently, that allow you to
effectively keep tabs on the status of
your environment and who is taking
what actions inside of it.
Open Internet

Go Back AWS Infrastructure " Container"

Appendix
AWS Account
(i.e Production Account)
IAM

AWS Monitoring Services

Monitoring AWS
Resources Logging Actions

On-premise Data Center

CloudWatch CloudTrail

Hybrid
Enviornments

On-Premise
Servers
TheOrionPapers
Account & Services Layer

Physical & Networking Layer AWS Root


AWS Users Account Holder
(prod. account)
AWS Account & Services Layer
(Analytic Services) Account Connection Tools

AWS provides to primary service for


data analytics. Kinesis for real-time
data processing, and Elastic AWS Console AWS CLI
MapReduce for Hadoop framework
data processing.

Open Internet

Go Back AWS Infrastructure " Container"

Appendix
AWS Account
(i.e Production Account)
IAM

AWS Analytic Services

Real-time Data Hadoop Framework


Processing Data Processing

On-premise Data Center

Kinesis Elastic
MapReduce
Hybrid
Enviornments

On-Premise
Servers
Quick Reference Current Section = Lambda
Project Omega
OFF

Lesson Navigation

Start

Lambda Basics

Lambda Test

Finish

AWS Essentials Section (12):


Lambda

Section (12) Topics Include:


Introduction to AWS Lambda
Overview of Serverless Computing
Pricing/Cost Overview
Using Lambda to Execute Code

Back to Main
Customers
(front end/public access) Open Internet

Web Browser
(http)

Route 53
(DNS)

CloudFront Edge Edge Edge Edge


Essentials Location Location Location Location
AWS Infrasructure " Container"

AWS Account
(i.e. Production Account)

CloudFront " Origin"

ELB
S3
EC2