TOT SMK 2021

Indonesia

Review module
AWS Academy Cloud Foundations [3099]

1. Module 1 - Cloud Concepts Overview

➢ Cloud computing
• IaaS - Infrastructure as a Service
• PaaS - Platform as a Service
• SaaS - Software as a Service
➢ AWS Cloud
• secure cloud platform (compute, storage, network, database, etc)
• on-demand access
• flexibility
• pay as you go
• services work together
➢ Benefit of AWS Cloud
• Trade capital expense for variable expense
• Benefit from massive economies of scale –
• Stop guessing capacity
• Increase speed and agility
• Stop spending money running and maintaining data centers
• Go global in minutes
➢ Economics of Cloud
• Capital Expenditure (CapEx)
• Operationg Expenditure (OpEx)
➢ AWS Global Infrastructure
• Regions
• Availability Zones
• AWS Edge Locations
➢ Interactiong with AWS Services
• AWS Management Console -
https://console.aws.amazon.com/console/home
• AWS CLI - https://aws.amazon.com/cli
• AWS SDK (.NET, Java, Python etc.) - https://aws.amazon.com/tools

1
2. Module 2 - Cloud Economics and Billing
➢ Fundamentals of Pricing
• compute, storage and outbound data transfer
• Start early with cost optimization
• Maximize the power of flexibility
• Use the right pricing model for the job
a) On-Demand Instances
b) Savings Plans
c) Spot Instances
d) Reservations
➢ Total Cost of Ownership
• Compare cost (infra vs AWS)
• Budgeting moving to the cloud
• Server cost
• storage cost
• network cost
• IT Labor cost
➢ AWS Organizations
• feature
• pricing
• accessing
➢ AWS Billing & Cost Management
• Analyzing Costs with Cost Explorer
• AWS Budgets
• Manage Your payments
➢ Technical Support Models
• Basic – no case support
• Developer
• Business
• Enterprise
3. Module 3 - AWS Global Infrastructure Overview
➢ AWS Global Infrastructure
➢ AWS Services & Service Categories
• Foundational services application, platform, foundation, infrasturucture
• foundation services – compute, networking and storage

2
4. Module 4 - AWS Cloud Security
➢ AWS Shared Responsibility Model
• AWS responsibility “Security of the Cloud”
• Customer responsibility “Security in the Cloud”
➢ AWS Identity and Access Management (IAM)
• Fine-grained access control to AWS resources (users and control
access)
• Analyze access
• Multi-factor authentication for highly privileged users
• Integrate with your corporate directory (employee and application)
• Essential component: user, group, policy and role
➢ Securing a New AWS Account
• stop using account root user
• enable Multi-Function Authentication (MFA)
• use AWS CloudTrail
• enable billing report
➢ Securing Account
• AWS Organizations
• AWS Key Management Services (KMS)
• Amazon Cognito
• AWS Shield
➢ Securing Data
• encryption
➢ Working to Ensure Compliance
• AWS Config – access, edit, evaluate
• AWS Artifact – a resource for compliance-related
5. Module 5 - Networking and Content Delivery
➢ Networking Basics
➢ Amazon VPC
• VPC
• Subnet
• allocated IP addressess
• Public IP
• Elastic network interface
• Route tables
➢ VPC Networking
• internet gateway
• NAT gateway
• AWS Direct Connect
• AWS Transit Gateway

3
 ➢ VPC Security
• security groups (SG)
• Network ACL
➢ Route 53
• use case: multi-region deployment
➢ CloudFront
6. Module 6 - Compute
➢ Compute Services
• instances
• container
• serverless
• edge / hybrd
(https://aws.amazon.com/products/compute/)
➢ Amazon EC2
• EC2 pricing:
a) On-demand - Pay by the second or hour for instances launched
b) Reserved - Purchase discount instances in advance for 1-3 years
c) Spot - Leverage unused capacity in a region for large discount
➢ Amazon EC2 Cost Optimization
• Use Amazon EC2 Spot Instances to reduce EC2 costs
• Use Compute Savings Plans to reduce EC2, Fargate and Lambda costs
➢ Container Services
➢ AWS Lambda
• serverless
• running code without provisioning infrastructure
➢ AWS Elastic Beanstalk
• easy-to-use service for deploying and scaling web applications and
services developed with Java, .NET, PHP, Node.js, Python, etc
• quickly deploy applications without having to worry about underlying
resources
• Handles provisioning, load balancing, scaling and monitoring

7. Module 7 - Storage
➢ AWS Elastic Block Store -EBS
• Enables redundancy within an AZ
• Allows users to take snapshots of its data
• Offers encryption of its volumes
• Provides multiple volume types

4
 • EBS types:
a) General purpose SSD
b) Provisioned IOPS SSD
c) Throughput optimized HDD
d) Cold HDD
➢ AWS S3
S3:
• store objects
• stores data across multiple availability zones
• enables high availability and durability
➢ AWS EFS
• Fully managed service
• Designed for Linux workloads
• Supports up to petabyte scale
• Stores data across multiple AZs
➢ AWS S3 Glacier
• storearchiving data within S3
• 90 days minimum storage duration change
• 5x cheaper than S3
• can send files directly or through lifecycle rules in S3
➢ S3 clases:
• S3 Standard
• S3 Intelligent-Tiering
• S3 Standard-IA
• S3 One Zone-IA
• S3 Glacier
• S3 Glacier Deep Archive
(https://aws.amazon.com/s3/storage-classes/)
8. Module 8 - Databases
➢ Amazon RDS
Supports deployment across multiple availability zones
Platforms:
• MySQL
• PostgresSQL
• MariaDB
• Oracle Database
• SQL Server
• Amazon Aurora

5
 ➢ Amazon DynamoDB
• Fully managed NoSQL database service
• Enables extremely low latency at virtually any scale
• Provides both key-value and document database
• Supports automated scaling based on configuration
• Offers in-memory cache with the DynamoDB Accelerator
➢ Amazon Redshift
• query and combine exabytes of structured and semi-structured data
across your data warehouse
➢ Amazon Aurora
• MySQL and PostgreSQL-compatible relational database built for the cloud.
• Performance and availability of commercial-grade databases at 1/10th the cost
➢ Amazon DocumentDB
➢ Amazon Neptune
➢ Amazon ElastiCache
• allows you to seamlessly set up, run, and scale popular open-Source
compatible in-memory data stores in the cloud
➢ Amazon Database Migration service
• Scheme Conversion Tool (when performing heterogeneous migrations)
9. Module 9 - Cloud Architecture
➢ AWS Well-Architected Framework Pillar
• Operational Excellence
• Security
• Reliability - fault tolerance and high availability
• Performance Efficiency
• Cost Optimization
➢ Reliability & High Availability
➢ AWS Trusted Advisor
• An online tool that provides you real time guidance to help you
provision your resources following AWS best practices
10.Module 10 - Auto Scaling and Monitoring
➢ Elastic Load Balancing
• automatically distributes incoming application traffic across multiple
targets, such as Amazon EC2 instances, containers, IP addresses,
Lambda functions, and virtual appliances

➢ Amazon CloudWatch

6
 • a monitoring and observability service built for DevOps engineers,
developers, site reliability engineers (SREs), and IT managers
➢ Amazon EC2 Auto Scaling
• helps you maintain application availability and allows you to
automatically add or remove EC2 instances according to conditions you
define

Thanks

Reference:
https://docs.aws.amazon.com/
https://digitalcloud.training/aws-cloud-practitioner-training-what-to-expect-in-
the-exam/