- Tags:
- Key value pairs attached to AWS resources.
- Tags are Metadata about resources.
- Tags can sometimes be inherited. Eg. Autoscaling, Cloudformation and Elastic Beanstalk.
- Tag names are case sensitive.
- Resource Group:
- Resource groups make it easy to group the resources using the tags that are attached to them.
- Contain information such as:
- Name
- Region
- Health checks.
- EC2: Public/Private IP addresses.
- ELB: Port configuration.
- RDS: Database engine etc.
- Resource Group Types:
- Classic Resource Groups:
- Are global
- Eg. See all resources across region for a team.
- System Manager
- Per region basis
- Execute commands against resources in a System manager Resource group.
AWS - Organizations
- Is an account management service that allows you to consolidate multiple AWS accounts under an Organization, that your create and manage.
- Centrally manage policies across multiple accounts.
- Control access to AWS services.
- Automate AWS account creation and management.
- Consolidated billing across multiple AWS accounts.
- Specifically allow or deny AWS services to an account using Service Control Policies (SCP). SCPs override policies defined within account.
- Available in two feature sets:
- Consolidated Billing
- All Features
- Currently a soft limit of 20 linked accounts for consolidated billing.
- All linked accounts are independent, they can not access resources of one another.
- One bill per AWS account.
- Easy to track charges and allocate costs.
- Take advantage of volume pricing discounts, since billing is done on combined usage.
- Reserved EC2 instances are distributed across all accounts.
- Paying account should be used for billing only. Do not deploy resources under paying account.
- CloudTrail is on per account basis, but can be aggregated by using S3 bucket to share logs and accessing them from Paying account.
AWS - Lambda
- AWS Lambda is a compute service where you can upload your code and run it as Lambda functions.
- AWS Lambda takes care of provisioning and managing the servers where you run your Lambda functions.
- You don’t have to worry about hardware or underlying software for running your application.
- You can use Lambda as:
- AWS internal event drive service, where Lambda runs your code in response to events created by AWS S3, AWS DynamoDB etc.
- Response to HTTP requests, where Lambda executes your code based on HTTP request made through API Gateway or AWS Sdk.
- Lambda events can trigger other Lambda events and AWS services.
- Lambda scales automatically.
- Lambda triggers:
- API Gateway
- AWS IoT
- Alexa Skill Sets
- Alexa Smart Home
- Application Load Balancer
- Cloudfront
- Cloudwatch events
- Cloudwatch Logs
- Code commit
- Cognito Sync Triggers
- DynamoDB
- Kinesis
- S3
- SNS
- SQS
- Supported programming languages:
- Node.js
- C#
- Java
- Python
- Lambda scales out (not-up) automatically.
- Lambda events are independent. 1 event = 1 function call.
- Lambda is serverless. You do not have to manage any servers.
- Lambda functions can trigger multiple other functions and AWS events.
- AWS X-ray allows you to debug what is happening.
- Lambda can do things globally.
- Max execution time of Lambda is 5 minutes. If a function runs more that this, it is automatically killed by AWS.
- Lambda needs Simple Microservice Permission to connect with API Gateway.
- Lambda will need permissions to connect to other AWS services etc.
AWS - Elastic File Storage (EFS)
- EFS is a file storage service for EC2 instances.
- With EFS storage capacity is elasting, growing and shrinking as per usage.
- EFS supports Network File System version 4 (NFS4) protocol.
- You are only charged for the storage you use. So, no pre-provisioning required.
- Can scale up to petabytes.
- Can support thousands of concurrent NFS connections.
- Data is stored across multiple AZs within a region.
- Read after write consistency.
- EC2 instances and EFS must be in same security group.
- Can apply user and directory level access permissions.
- Use case: Centralised file server.
Subscribe to:
Posts (Atom)