-
CIEM vs CSPM
Cloud Infrastructure Entitlement Management (CIEM) CIEM, or Cloud Infrastructure Entitlement Management, is a security solution that monitors and controls access, rights/permissions across multiple cloud environments. CIEM’s area of interest is the risk associated with excessive, unused, or misallocated privileges in the cloud environment. Key Features of CIEM Cloud Security Posture Management (CSPM)? Cloud Security Posture…
-
AWS Security – Firewalls
AWS Network Firewall vs WAF vs Security Groups vs NACLs AWS Network Firewall is stateful, fully managed, network firewall and intrusion detection and prevention service (IDS/IPS) for VPCs. AWS WAF is a web application firewall that helps protect web applications from attacks by allowing rules configuration that allow, block, or monitor (count) web requests based on defined conditions….
-
EBS
Amazon EBS Amazon Elastic Block Store (Amazon EBS) is block-level storage that you can attach to an Amazon EC2 instance. You can compare this to how you must attach an external drive to your laptop. This attachable storage is called an EBS volume. EBS volumes act similarly to external drives in more than one way….
-
NoSQL Databases
NoSQL Databases
-
Well-Architected Framework overview
Well-Architected Framework overview
-
Event-oriented architecture
Event-oriented architecture
-
AWS Services overview
AWS Services overview
-
Developer tools
Developer Tools
-
AWS Lambda Overview
AWS Lambda Overview
-
Elasticity and High Availability
Elasticity and High Availability
-
DynamoDB overview
DynamoDB overview
-
Containers and EKS
Kubernetes networking EKS
-
AWS Pricing
S3 Pricing Amazon S3 offers various pricing tiers and storage classes to suit different use cases and data access patterns. Here’s a summary of the pricing information: Storage Classes S3 Standard: $0.023 per GB-month (first 50 TB), $0.019 per GB-month (next 450 TB), and $0.015 per GB-month (over 500 TB) S3 Intelligent-Tiering: $0.13377 per GB-month…
-
Route53 policies
When you create a record, you choose a routing policy, which determines how Amazon Route 53 responds to queries: Simple routing policy – Use for a single resource that performs a given function for your domain, for example, a web server that serves content for the example.com website. You can use simple routing to create records in…
-
VPC Examples
VPC Examples with subnets and gateways
-
Security MFA
Supported MFA devices
-
Amazon S3 – III
Amazon S3 versioning As described earlier, Amazon S3 identifies objects in part by using the object name. For example, when you upload an employee photo to Amazon S3, you might name the object employee.jpg and store it in a bucket called employees. Without Amazon S3 versioning, every time you upload an object called employee.jpg to the employees…
-
Amazon S3 – II
Amazon S3 storage classes When you upload an object to Amazon S3 and you don’t specify the storage class, you upload it to the default storage class, often referred to as standard storage. In previous lessons, you learned about the default Amazon S3 standard storage class. Amazon S3 storage classes let you change your storage…
-
AWS Outposts Family
AWS Outposts is a family of fully managed solutions delivering AWS infrastructure and services to virtually any on-premises or edge location for a truly consistent hybrid experience. Outposts solutions allow you to extend and run native AWS services on premises, and is available in a variety of form factors, from 1U and 2U Outposts servers…
-
Compute resources
Serverless AWS Lambda Service that lets you run code without needing to provision or manage servers. While using AWS Lambda, you pay only for the compute time that you consume. Charges apply only when your code is running. You can also run code for virtually any type of application or backend service, all with zero…
-
Snow family
snow family products
-
AWS Cloud Adoption Framework
Six core perspectives of the Cloud Adoption Framework
-
Migration strategies II
Strategies for migration
-
Well-Architected Framework
The Well-Architected Framework is based on six pillars.
-
IAM Policies
IAM policies
-
Containers orchestration
In AWS, containers can run on EC2 instances. For example, you might have a large instance and run a few containers on that instance. Although running one instance is uncomplicated to manage, it lacks high availability and scalability. Most companies and organizations run many containers on many EC2 instances across several Availability Zones. If you’re…
-
Amazon FSx
Amazon FSx options
-
AWS Support Plans
aws support options
-
Amazon S3 – I
AWS S3 details
-
Amazon EC2
EC2 instance types and pricing.
-
AWS Storage
Types of Storage.
-
AWS Database options
Purpose-built databases for all application needs
-
Elastic Load Balancers
Elastic Load Balancers, Types and descriptions.
-
Migration Patterns
Cloud Migration Patterns.
-
AWS S3 – notes
S3 Security User Based Resources Based (can be account) IAM principal can access S3 object if: Bucket Policies Bucket setting for public access override policy to prevent data leaks (can be set at account level). Note: versioning is enabled at bucket level S3 Replication Version must be enabled. Buckets can be in different accounts but…
-
AWS Storage Gateway
AWS Storage Gateway gives your applications on-premises and in-cloud access to virtually unlimited cloud storage. Bridge between on-premise data and cloud data in S3, Hybrid cloud service to allow on-premise seamlessly use the AWS Cloud. Can use Storage Gateway to simplify storage management and reduce costs for key hybrid cloud storage use cases. These include…
-
AWS S3
AWS Simple Storage Service – S3 Buckets Object storage Naming conventions: Max object size of 5TB, if uploading more than 5GB must use multipart upload. Classes S3 Standard-IA and S3 One Zone-IA storage have a minimum billable object size of 128 KB S3 Standard-IA, and S3 One Zone-IA storage are charged for a minimum storage…
-
Storage
Types of storage Block storage – filesystem File storage – file storage/NFS Object storage – no folder structure Elastic Block Storage – EBS Storage can be be mounted and bootable, locked to a specific AZ. Attaches to an EC2 in the same AZ (io1/io2 can have multi-attach. Delete on termination is default for root filesystems…
-
AWS Services
List of AWS services
-
Cloud computing
Cloud computing basics
-
Security and compliance services
Security and compliance. Aws solutions.
-
Databases
Databases, RDS, NoSql