{"id":19711967,"url":"https://github.com/ricoledan/aws-certification-reference","last_synced_at":"2025-10-09T20:34:31.219Z","repository":{"id":117356984,"uuid":"345541887","full_name":"Ricoledan/aws-certification-reference","owner":"Ricoledan","description":"☁️ reference information for AWS certification.","archived":false,"fork":false,"pushed_at":"2021-03-13T21:19:32.000Z","size":6,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":1,"default_branch":"main","last_synced_at":"2025-06-17T23:06:26.020Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":"","language":null,"has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/Ricoledan.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2021-03-08T05:33:12.000Z","updated_at":"2021-03-13T21:19:34.000Z","dependencies_parsed_at":null,"dependency_job_id":"a0f944af-f93e-4076-ba50-820ab86d136b","html_url":"https://github.com/Ricoledan/aws-certification-reference","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/Ricoledan/aws-certification-reference","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Ricoledan%2Faws-certification-reference","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Ricoledan%2Faws-certification-reference/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Ricoledan%2Faws-certification-reference/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Ricoledan%2Faws-certification-reference/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/Ricoledan","download_url":"https://codeload.github.com/Ricoledan/aws-certification-reference/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Ricoledan%2Faws-certification-reference/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":279002000,"owners_count":26083258,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-10-09T02:00:07.460Z","response_time":59,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-11-11T22:14:42.219Z","updated_at":"2025-10-09T20:34:31.204Z","avatar_url":"https://github.com/Ricoledan.png","language":null,"funding_links":[],"categories":[],"sub_categories":[],"readme":"# aws-certification-reference\r\n\r\n## What is Cloud Computing?\r\n\r\n- Cloud computing is the on-demand delivery of compute power, database storage, applications, and other IT resources\r\n- Pay-As-You-Go Pricing\r\n- Can provision exactly the right type and size of computing resources you need\r\n\r\n## Deployment Models of the cloud\r\n\r\n### Private Cloud\r\n\r\n- cloud services used by a single organization, not exposed to public\r\n- complete control\r\n- security for sensitive applications\r\n- meet specific business needs\r\n\r\n### Public Cloud\r\n\r\n- cloud resources owned and operated by a third-party cloud service provider delievered over the internet\r\n\r\n### Hybrid Cloud\r\n\r\n- keep some servers on premises and extend some capabilities to the cloud\r\n- control over sensitive assets in your private infrastructure\r\n- flexibility and cost-effectiveness of the public cloud\r\n\r\n## The Five Characteristics of Cloud Computing\r\n\r\n### On-demand self service\r\n\r\n- users can provision resources and use them without human interaxction from the service provider\r\n\r\n### Broad network access\r\n\r\n- resources available over the network, and can be accessed by diverse client platforms\r\n\r\n### Multi-tenancy and resource pooling\r\n\r\n- multiple customers can share the same infrastructure and applications with security and privacy\r\n- multiple customers are serviced from the same physical resources\r\n\r\n### Rapid elasticity and scalability\r\n\r\n- automatically and quickly acquire and dispose resources when needed\r\n- quickly and easily scale based on demand\r\n\r\n### Measured service\r\n\r\n- usage is measured, users pay correctly for what they have used\r\n\r\n## Six Advantages of Cloud Computing\r\n\r\n- trade capital expense (CAPEX) for operational expence (OPEX)\r\n\r\n  - pay on-demand: don't own hardware\r\n  - reduced total cost of ownership (TCO) \u0026 Operational Expense (OPEX)\r\n\r\n- Benefit from massive economies of scale\r\n  - prices are reduced as AWS is more efficient due to large scale\r\n- Stop guessing capacity\r\n  - scale based on actual measured usage\r\n- Increase speed and ability\r\n- Stop spending money running and maintaining data centers\r\n- Go global in minutes: leverage the AWS global infrastructure\r\n\r\n## Problems solved by the Cloud\r\n\r\n- Flexibility: change resource types when needed\r\n- Cost-Effectiveness: pay as you go, for what use\r\n- Scalability: accomodate larger loads by making hardware stronger or adding additional nodes\r\n- Elasticity: ability to scale out and scale-in when needed\r\n- High-availability and fault-tolerance: build across data centers\r\n- Agility: rapidly develop, test and launch software applications\r\n\r\n## Types of Cloud Computing\r\n\r\n- Infrastructure as a Service (IaaS)\r\n  - provide building blocks for cloud IT\r\n  - provides networking, computers, data storage space\r\n  - highest level of flexibility\r\n  - easy parallel with traditional on-premise IT\r\n- Platform as a service (PaaS)\r\n  - removes the need for your organization to manage the underlying infrastructure\r\n  - focus on the deployment and management of your applications\r\n- Software as a Service (SaaS)\r\n  - completed product that is run and managed by the service provider\r\n\r\n## Example of Cloud Computing Types\r\n\r\n- Infrastructure as a Service:\r\n  - Amazon EC2 (AWS)\r\n  - GCP, Azure, Rackspace, Digital Ocean, Linode\r\n- Platform as a Service:\r\n  - Elastic Beanstalk (AWS)\r\n  - Heroku, Google App Engine, Windows Azure\r\n- Software as a Service:\r\n  - Many AWS services\r\n\r\n## Pricing of the Cloud -- Quick Overview\r\n\r\n- AWS has 3 pricing fundamentals (pay-as-you-go)\r\n  - Compute:\r\n    - pay for compute time\r\n  - Storage:\r\n    - pay for data stored\r\n  - Data transfer OUT of the cloud\r\n    - data transfer IN is free\r\n- solves the expensive issue of traditional IT\r\n\r\n## AWS Cloud Number Facts\r\n\r\n- In 2019, AWS had $35.02 billion in annual revenue\r\n- AWS accounts for 47% of the market (Microsoft 2nd at 22%)\r\n- Pioneer and Leader of the AWS Cloud Market for the 9th consecutive year\r\n- Over 1,000,000 active users\r\n\r\n## Use Cases\r\n\r\n- AWS enables you to build sophisticated, scalable applications\r\n- applicable to a diverse set of industries\r\n- use cases include:\r\n  - enterprise IT, backup \u0026 storage, big data analytics\r\n  - host websites, mobile \u0026 social apps\r\n  - gaming\r\n\r\n## Global Infrastructure\r\n\r\n- Regions\r\n- Availability Zones\r\n- Data Centers\r\n- Edge Locations / Points of Presence\r\n\r\n## Regions\r\n\r\n- a region is a cluster of data centers\r\n- most AWS services are region-specific\r\n\r\n### How to choose an AWS Region?\r\n\r\n- compliance with data governance and legal requirements: data leaves a region without your explicit permission\r\n\r\n- proximity to customers: reduced latency\r\n\r\n- available services: within a Region: new services and new features aren't available in every Region\r\n\r\n- pricing: pricing varies region to region and is transparent in the service pricing page\r\n\r\n## Availability Zones\r\n\r\n- each region has many availability zones (avg 3, min 2, max 6)\r\n- each availability zone is one or more discrete data centers with redundant power, networking and connectivity\r\n- seperate from each other, isolated from disasters\r\n\r\n## Point of Presence\r\n\r\n- Amazon has 216 POP (205 edge locations \u0026 11 regional caches) in 84 cities across 42 countries\r\n\r\n### Example Global and Regional Services\r\n\r\n- Global:\r\n\r\n  - IAM\r\n  - Route 53 (DNS service)\r\n  - Cloudfront (CDN)\r\n  - WAF (Web Application Firewall)\r\n\r\n- Region-scoped:\r\n\r\n  - EC2 (IaaS)\r\n  - Elastic Beanstalk (PaaS)\r\n  - Lambda (FaaS)\r\n  - Rekognition (SaaS)\r\n\r\n## Shared Responsibility Model\r\n\r\n- Customer is responsible for security in the cloud\r\n- AWS is responsible for security of the cloud\r\n\r\n## Acceptable Use Policy\r\n\r\n- no illegal, harmful, or offensive use or content\r\n- no security violations\r\n- no network abuse\r\n- no e-mail or other message abuse\r\n\r\n## IAM: Users \u0026 Groups\r\n\r\n- IAM = identity and access managment, global service\r\n- root account created by default shouldn't be used or shared\r\n- users are people within your organization and can be grouped\r\n- groups only contain users not other groups\r\n- users can belong to multiple groups\r\n\r\n## Permissions\r\n\r\n- users or groups can be assigned JSON documents called policies\r\n- policies define permissions of users\r\n- least privilege principle: don't give more permissions than a user needs\r\n\r\n## Password Policy\r\n\r\n- in aws you can setup a password policy:\r\n  - set min length\r\n  - require specific character types\r\n- allow all IAM users to change their own passwords\r\n- require users to change their password after some time\r\n- prevent password re-use\r\n\r\n## Multi Factor Authentication\r\n\r\n- protect root and IAM users\r\n- MFA = password + security device\r\n\r\n## EC2\r\n\r\n- EC2 is one of the most popular of the AWS offerings\r\n- main consists in the capability of:\r\n  - renting VMs (EC2)\r\n  - storing data on virtual drives (EBS)\r\n  - distributing load across machines (ELB)\r\n  - scaling th services using an auto-scaling group (ASG)\r\n\r\n## Security Groups\r\n\r\n- SGs are a fundamental concept of network security in aws\r\n- controls how traffic is allowed in or out of EC2 machines\r\n- fundamental skill to learn to troubleshoot networking issues\r\n\r\n## Security Groups Deep Dive\r\n\r\n- SGs are acting like a \"firewall\"\r\n- regulate:\r\n  - access to ports\r\n  - authorized IP ranges - IPv4 \u0026 IPv6\r\n  - control of inbound network (from other to instance)\r\n  - control of outbound network (from instance to other)\r\n\r\n### Good to know\r\n\r\n- can be attached to multiple instances\r\n- locked down to a region/vpc combination\r\n- lives outside of EC2\r\n- good practice to maintain one seperate SG for SSH access\r\n- if your application is not accessible (time out), it's a sg issue\r\n- if connection refused error, it's an application error or not launched\r\n- by default all inbound traffic is blocked, outbound authorized\r\n\r\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fricoledan%2Faws-certification-reference","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fricoledan%2Faws-certification-reference","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fricoledan%2Faws-certification-reference/lists"}