0% found this document useful (0 votes)

166 views

Introduction To Cloud Course Slides

Uploaded by

Duo Duo

Available Formats

Download as PDF, TXT or read online on Scribd

0% found this document useful (0 votes)

166 views

Introduction To Cloud Course Slides

Uploaded by

Duo Duo

Available Formats

Download as PDF, TXT or read online on Scribd

You are on page 1/ 327

SECTION 1

Let's Get Started!

© Digital Cloud Training | https://digitalcloud.training

What is Cloud Computing and
AWS?

© Digital Cloud Training | https://digitalcloud.training

What is Cloud Computing?

Non-Cloud Services Cloud Services

You don’t own or manage
the infrastructure on
which the service runs
Email Server Gmail

Cloud services are offered

on a subscription /
consumption model
File Server
Dropbox

The service scales automatically

as demand changes
Customer Relationship
Management (CRM) Salesforce.com
© Digital Cloud Training | https://digitalcloud.training
Key Characteristics of Cloud

Name Description
On-demand, self-service A user can consume cloud resources, as needed, automatically,
and without human interaction
Broad network access Capabilities are available over the network using standard
mechanisms. Can be the Internet or a Wide Area Network (WAN)
Resource pooling The providers resources are pooled and serve multiple
consumers using a multi-tenant model
Rapid elasticity Capabilities can scale “elastically” based on demand

Measured service Resource usage is monitored and metered

© Digital Cloud Training | https://digitalcloud.training

Private Cloud
Data center

Billing and Multi Configuration Lifecycle Security and

reporting tenancy management management identity

Self Service Service Monitoring Costs:

Orchestration
service Catalog automation and logging • Data center
• Security
• Power
• Connectivity
• Physical hardware
• Software licensing
• Maintenance contracts
Network & Firewall Virtualization Cluster Storage & Backup • Staff

© Digital Cloud Training | https://digitalcloud.training

Public Cloud
Examples include AWS, Microsoft
Azure, Google Cloud Platform
Benefits:
• Variable expense, instead of capital expense Public Cloud
• Economies of scale
AWS Cloud
• Massive elasticity

Corporate Office
Compute
Storage

Network Database
Internet

Connected using either the

Internet or a private link

© Digital Cloud Training | https://digitalcloud.training

Cloud Service Models

Private Cloud – Managed by you

Infrastructure as a Service (IaaS) – Managed virtual machines

Platform as a Service (PaaS) – Just bring your code

Software as a Service (SaaS) – Everything is managed for you

© Digital Cloud Training | https://digitalcloud.training

Cloud Service Models: Comparison
Private Cloud IaaS PaaS SaaS
.NET Application
.NET Application .NET Application .NET Application

Data Data Data

You simply consume the
.NET Framework .NET Framework service –
little responsibility +
Windows OS Windows OS You simply upload your little control
code/data to create your
application
Hypervisor
You manage from the
virtual server upwards

You manage everything -

greater responsibility +
greater control
© Digital Cloud Training | https://digitalcloud.training
Amazon Web Services (AWS)
• Amazon Web Services (AWS): A Hyperscale public
cloud provider with over 200 services

• Market Leadership and Growth: AWS is the leading

cloud service provider with the largest market share

• Global Infrastructure: AWS infrastructure is spread

globally across many Regions and availability zones

• Innovation and Expansion: AWS is known for its rapid

pace of innovation, introducing new services and
features regularly

© Digital Cloud Training | https://digitalcloud.training

AWS Global Infrastructure

Region – us-east-1 A Region is a separate

physical location in the world There are many Regions
Availability Availability Availability around the world
Zone Zone Zone

Region – eu-west-1

Availability Availability Availability

Zone Zone Zone

An Availability Zone is
composed of one or Region – ap-southeast-2
more data centers
Availability Availability Availability
Zone Zone Zone
Each region consists of
multiple Availability Zones

© Digital Cloud Training | https://digitalcloud.training

Managing AWS: Management Console

AWS Management Console

© Digital Cloud Training | https://digitalcloud.training

Managing AWS: Command Line

AWS Command Line Interface (AWS CLI)

aws ec2 run-instances --image-id ami-xxxxxxxx --count 1 --instance-type t2.micro

This command launches a virtual server

(EC2 instance) on Amazon EC2

aws s3 ls s3://mys3databucket

This command lists the contents of a

storage container (bucket) on Amazon S3

© Digital Cloud Training | https://digitalcloud.training

Managing AWS: Code/SDK

Software Development Kit (SDK)

A developer writes code in an

integrated development
environment (IDE)

The code leverages an AWS Software

Development Kit (SDK) to work with
cloud services

© Digital Cloud Training | https://digitalcloud.training

AWS Account Overview

© Digital Cloud Training | https://digitalcloud.training

AWS Account Overview
It’s an IAM best practice to create individual users
and to avoid using the Root account

AWS Account

Unique email
address required

AWS IAM

User Group Role Policy

IAM can be used to create users,

Account Root User
groups, roles and policies

The Root user has full control

over the account
© Digital Cloud Training | https://digitalcloud.training
AWS Account Overview Authentication: IAM principals
authenticate to IAM using the
console, API, or CLI

AWS Account
AWS Management
Console
Authorization: IAM principals
can then create resources
AWS IAM
across AWS Regions

us-west-1 us-east-1 ap-southeast-2

EC2 RDS EC2 RDS EC2 RDS

S3 ALB S3 ALB S3 ALB

All AWS identities and resources are created

within the AWS account
© Digital Cloud Training | https://digitalcloud.training
Create your AWS Free Tier
Account

© Digital Cloud Training | https://digitalcloud.training

What you need…

Credit card for setting up the account and

paying any bills

Unique email address for this account Check if you can use a
dynamic alias with an
[email protected] existing email address

[email protected]
[email protected]
AWS account name / alias

Phone to receive an SMS verification code

© Digital Cloud Training | https://digitalcloud.training
Configure Account and
Create a Budget

© Digital Cloud Training | https://digitalcloud.training

Account Configuration
• Configure Account Alias

• Enable access to billing for IAM users

• Update billing preferences

• Create a budget and alarm

© Digital Cloud Training | https://digitalcloud.training

Install Tools and AWS CLI

© Digital Cloud Training | https://digitalcloud.training

Install Tools and Configure AWS CLI

✓ Download the code (last lesson of this section)

✓ Install Visual Studio Code

✓ Install the AWS CLI

✓ Access AWS CloudShell

© Digital Cloud Training | https://digitalcloud.training

Command Line Practice

© Digital Cloud Training | https://digitalcloud.training

SECTION 2

Cloud Computing and AWS

© Digital Cloud Training | https://digitalcloud.training

The AWS Global Infrastructure

© Digital Cloud Training | https://digitalcloud.training

AWS Global Infrastructure

Region – us-east-1 A Region is a separate

physical location in the world There are many Regions
Availability Availability Availability
Zone Zone Zone around the world
Region – eu-west-1

Availability Availability Availability

Zone Zone Zone

An Availability Zone is
composed of one or Region – ap-southeast-2
more data centers
Availability Availability Availability
Zone Zone Zone
Each region consists of
multiple Availability Zones

© Digital Cloud Training | https://digitalcloud.training

AWS Global Infrastructure
Region

Availability Zone
AWS Local
Corporate data center Zone
VPC
AWS Outposts Availability Zone
Subnet
Outpost subnet

Instances

AWS Wavelength Low latency

Zone

VPC
Low latency
Subnet
Servers

5G
© Digital Cloud Training | https://digitalcloud.training
AWS Global Infrastructure

Region

Availability Zone Redundant

Public subnet Private subnet Power
Redundant
Networking Sources

Availability Zone
Public subnet Private subnet
Redundant
Redundant Power
Networking Sources

© Digital Cloud Training | https://digitalcloud.training

Amazon CloudFront

Region

CloudFront Origins Edge

location Global
Users
Regional
Amazon EC2 Edge Cache

Edge Global
Amazon S3 location Users
Regional
Edge Cache
Edge
location

Global
Users
© Digital Cloud Training | https://digitalcloud.training
Deploying Services Globally

Region – us-east-1

Region – eu-west-1

Region – us-west-1

Region – ap-
southeast-2

Launch virtual servers and AWS Management

databases Console

© Digital Cloud Training | https://digitalcloud.training

The AWS Shared
Responsibility Model

© Digital Cloud Training | https://digitalcloud.training

The AWS Shared Responsibility Model

© Digital Cloud Training | https://digitalcloud.training

The AWS Shared Responsibility Model
CUSTOMER RESPONSIBILITY

Role Multi-Factor Patch

Bucket with
Authentication management
objects Security Group

Auto Scaling

Staff training Data encryption IAM User Network ACL SSL encryption Elastic load
EC2 Instance balancer

AWS RESPONSIBILITY

Data center Data center Database

security Server
Network switch Storage

Server
Network router Disk drive

© Digital Cloud Training | https://digitalcloud.training

Application Programming
Interfaces (APIs)

© Digital Cloud Training | https://digitalcloud.training

Ports and Protocols

A protocol is a language used for

communication over a network

Port: 80/443
Protocol: HTTP(S)

Computer Amazon

A port is like an open door behind

which a specific service is waiting
for connections

© Digital Cloud Training | https://digitalcloud.training

HTTP Methods
• GET: The GET method retrieves information

• POST: The POST method is used to submit data

• PUT: The PUT method replaces data

• DELETE: The DELETE method deletes data

© Digital Cloud Training | https://digitalcloud.training

HTTP Request

Browser issues an HTTP GET

request to the web server

Computer Amazon
The web server returns
the website content

© Digital Cloud Training | https://digitalcloud.training

What are APIs?
• Stands for Application Programming Interface
• APIs are a set of rules and protocols that allow
computer programs talk to each other
• APIs assist with sharing information and data
between these programs
• APIs leverage standard protocols such as HTTP

© Digital Cloud Training | https://digitalcloud.training

AWS Example
Create a new user account

AWS creates the new

user account
Browser sends HTTP
requests to the API

The API defines specific

actions you can request

Every action you take on

AWS is an API call
© Digital Cloud Training | https://digitalcloud.training
API Actions (AWS examples)
Amazon S3 (Simple Storage Service):
• GetObject: Retrieves objects from Amazon S3
• PutObject: Adds an object to a bucket

HTTP GET (s3:GetObject)

Image downloaded
Amazon S3
HTTP PUT (s3:PutObject)
Image uploaded

Amazon S3

© Digital Cloud Training | https://digitalcloud.training

Flight Aggregator Example
Fight aggregator such as
Momondo or Skyscanner

User searches
for flights
Fight aggregator
makes API calls to
airlines to find tickets

API API API API

© Digital Cloud Training | https://digitalcloud.training

AWS Pricing Fundamentals

© Digital Cloud Training | https://digitalcloud.training

AWS Pricing Fundamentals

Compute Storage Outbound Data Transfer

Amount of resources Quantity of data stored Quantity of data that is

such as CPU and RAM / allocated transferred out from all
and duration services

© Digital Cloud Training | https://digitalcloud.training

AWS Pricing Fundamentals
Pay-as-you-go
• Easily adapt to changing business needs
• Improved responsiveness to change
• Adapt based on needs, not forecasts

© Digital Cloud Training | https://digitalcloud.training

AWS Pricing Fundamentals
Save when you reserve
• Invest in reserved capacity (e.g. RDS and EC2)
• Save up to 75% compared to on-demand (pay-as-
you-go)
• The more you pay upfront the greater the discount

© Digital Cloud Training | https://digitalcloud.training

AWS Pricing Fundamentals
Pay less by using more
• Pay less using volume-based discounts
• Tiered pricing means the more you use the lower
the unit pricing

© Digital Cloud Training | https://digitalcloud.training

The 6 Advantages of Cloud
Computing

© Digital Cloud Training | https://digitalcloud.training

The 6 Advantages of Cloud Computing
1. Trade capital expense for variable expense

CAPEX OPEX

Purchase servers Pay as you go

Tax deductible over Tax deductible in same

depreciation lifetime year
© Digital Cloud Training | https://digitalcloud.training
The 6 Advantages of Cloud Computing
2. Benefit from massive economies of scale

© Digital Cloud Training | https://digitalcloud.training

The 6 Advantages of Cloud Computing
2. Benefit from massive economies of scale

• Aggregated usage across hundreds of thousands of

customers = lower variable costs for customers

© Digital Cloud Training | https://digitalcloud.training

The 6 Advantages of Cloud Computing
3. Stop guessing capacity

What
thought you
Wasted
needed
resources

What you
really needed

© Digital Cloud Training | https://digitalcloud.training

The 6 Advantages of Cloud Computing
4. Increase speed and agility

Speed = deploy resources easily and quickly

Agility = react to change ; speed to market

© Digital Cloud Training | https://digitalcloud.training

The 6 Advantages of Cloud Computing
5. Stop spending money running and maintaining data
centers

Data Center
Innovation
Management

© Digital Cloud Training | https://digitalcloud.training

The 6 Advantages of Cloud Computing
6. Go global in minutes

© Digital Cloud Training | https://digitalcloud.training

SECTION 3

AWS Authentication and Access Control

© Digital Cloud Training | https://digitalcloud.training

AWS Identity and Access
Management (IAM)

© Digital Cloud Training | https://digitalcloud.training

AWS Identity and Access Management (IAM)
IAM Principals must be authenticated to
send requests (with a few exceptions)
AWS Account

RunInstances
User Role Federated Application
AWS IAM User Actions are
EC2
authorized
A principal is a person or application that on AWS
can make a request for an action or GetBucket resources
Console
operation on an AWS resource
S3

CLI
CreateUser
AWS determines whether Identity- Resource-
to authorize the request based policy based policy
API IAM
(allow/deny)

© Digital Cloud Training | https://digitalcloud.training

Users, User Groups, Roles and Policies

AWS Account

Roles are used for delegation

The user gains the and are assumed
permissions applied to the
group through the policy
Policies define the permissions
User Group for the identities or resources
they are associated with
User User Groups Role Policy

User

Identity-based policies
can be applied to users,
groups, and roles

© Digital Cloud Training | https://digitalcloud.training

IAM Users

The root user has full permissions.

It’s a best practice to avoid using
the root user account + enable MFA
Email used Account Root User
for signup
Friendly name:
Andrea

Eric Ethan Andrea Amazon Resource Name:

AWS IAM arn:aws:iam::625148252389
:user/Andrea
Up to 5000 individual user
accounts can be created. Users
have no permissions by default

Authentication via username/password for

console or access keys for API/CLI
© Digital Cloud Training | https://digitalcloud.training
IAM User Groups

Admin Group Development Group Operations Group

The user gains the

Eric Sunil Ethan Lee Andrea
permissions applied to the
group through the policy

User Groups are The main reason to use groups

collections of users is to apply permissions to
users using policies

© Digital Cloud Training | https://digitalcloud.training

IAM Authentication Methods
John is authenticated and
Username: John can perform operations in
Password: Eo28720*! the console
MFA Token: (optional)

John AWS IAM AWS Management

Console

CLI Access key ID: AKIAXP4J2EKUQIQJTJLV

Secret access key:
wiMjGpewNMRHFi9ud0pJwh7NBX4F6i
AWS IAM AWS API

API
Access keys are used for
programmatic access

© Digital Cloud Training | https://digitalcloud.training

Root User vs IAM User

User Login Details Permissions

Root User Email address Full - Unrestricted

Friendly name: John

IAM User AWS account ID or Alias

IAM Permissions
Policy

© Digital Cloud Training | https://digitalcloud.training

Creating IAM Users
and Groups

© Digital Cloud Training | https://digitalcloud.training

IAM Roles and Policies

© Digital Cloud Training | https://digitalcloud.training

IAM Roles
An IAM role is an IAM identity that
that has specific permissions

AWS Account

Roles are assumed by users,

IAM Users
applications, and services

sts:AssumeRole

IAM Role

Once assumed, the identity

“becomes” the role and gain S3 Bucket
the roles’ permissions

© Digital Cloud Training | https://digitalcloud.training

IAM Policies Policies are documents
that define permissions
and are written in JSON

All permissions are

AdministratorAccess implicitly denied by default

Identity-based policies
can be applied to users,
groups, and roles Resource-based policies
User Group Role apply to resources such
as S3 buckets

Bucket Policy

S3 Bucket
© Digital Cloud Training | https://digitalcloud.training
Switching IAM Roles

© Digital Cloud Training | https://digitalcloud.training

IAM Identity Center

© Digital Cloud Training | https://digitalcloud.training

IAM Identity Center
Identity sources can be Identity Center
IAM Identity Center is the successor
directory, Active Directory and
to AWS Single Sign-On (SSO)
Corporate Office / DC standard providers using SAML 2.0

Enables centralized permissions

management and SSO AWS Organizations
Active Directory
(self-managed)
AD Connector or AWS
Managed Microsoft AD IAM Identity Center AWS AWS
Account A Account B

AWS Account C
Azure AD

Built-in SSO integrations to

AWS Account D
business applications

© Digital Cloud Training | https://digitalcloud.training

IAM vs IAM Identity Center
Feature/Use Case AWS IAM IAM Identity Center
Primary Purpose Manage access to AWS services and Centralize identity management and
resources provide single sign-on access to AWS
accounts and business applications
Identity Federation Supports federation with external IdPs Built-in federation with external IdPs,
using SAML and OpenID Connect streamlined for ease of setup and
management
Multi-Account Access Requires more complex setup for Simplifies granting users access to multiple
cross-account access AWS accounts and applications with a
single login
Integration with Limited to AWS services; requires Provides SSO access to commonly used
Business Applications custom setup for non-AWS business applications (like Salesforce,
applications Office 365) in addition to AWS accounts
Single Sign-On (SSO) Enables SSO through federation, but Offers a more user-friendly and simplified
Capability setup is complex and manual SSO setup for both AWS and non-AWS
applications

© Digital Cloud Training | https://digitalcloud.training

IAM vs IAM Identity Center – Use Cases
AWS IAM IAM Identity Center
• Managing AWS resources and • Providing SSO access to AWS and
permissions non-AWS applications
• Creating and managing IAM • Centralizing identity management
users and roles within AWS across multiple AWS accounts
• Federating with external IdPs for • Integrating with external directory
SSO to AWS services services
• Programmatic Access • Streamlining Access to Business
Management Applications
• Fine-grained access control • Enhancing User Experience with a
User Portal

© Digital Cloud Training | https://digitalcloud.training

IAM Identity Center in
Action

© Digital Cloud Training | https://digitalcloud.training

Server Virtualization

© Digital Cloud Training | https://digitalcloud.training

Server Without Virtualization

Limitations:
• OS is tied to hardware
• Underutilized resources
Application / Service App / Service • Higher costs
• Scalability constraints
Operating System Operating System • Longer deployment times

Hardware
Server

© Digital Cloud Training | https://digitalcloud.training

Server With Virtualization

Application
Many VMs can run on the
Operating System
same physical hardware

This is known as a virtual Web service

server or virtual machine Operating System
The hypervisor allocates
physical resources to the VM
The hypervisor creates a Hypervisor
layer of abstraction

Server
© Digital Cloud Training | https://digitalcloud.training
Server With Virtualization

Hypervisor

Server
© Digital Cloud Training | https://digitalcloud.training
Server Virtualization: Portability

Benefits:
• VM is portable
• Better resource utilization
• Lower costs
• Improved scalability
• Quick deployment times

Hypervisor Hypervisor

Server Server
© Digital Cloud Training | https://digitalcloud.training
Scaling Up vs Scaling Out

© Digital Cloud Training | https://digitalcloud.training

Stateful vs Stateless Applications

Stateless Stateful
No “state” is Amazon stores
recorded about information
the user's session about activity

Person checks a Person browses /

weather website purchases on Amazon

© Digital Cloud Training | https://digitalcloud.training

Stateful vs Stateless Applications
No data is stored on the
web server, it is stateless

eCommerce Application

Database Server Application Server Web Server

User

The cart items are

stored in cookies
When the user purchases, the application
on the computer
layer processes the order and records the
data in the database. This is stateful

© Digital Cloud Training | https://digitalcloud.training

Stateful vs Stateless Applications
No data is stored on the
web server, it is stateless

eCommerce Application

Database Server Application Server Web Server

User

The cart items are

stored in cookies
When the user purchases, the application
on the computer
layer processes the order and records the
data in the database. This is stateful

© Digital Cloud Training | https://digitalcloud.training

Scalability and Elasticity: Scaling Up

Web service

Operating System

© Digital Cloud Training | https://digitalcloud.training

Scalability and Elasticity: Scaling Up

Web service

Scaling up means adding Operating System

resources to the server

© Digital Cloud Training | https://digitalcloud.training

Scalability and Elasticity: Scaling Out

Web service Web service Web service

Operating System Operating System Operating System

Web service Web service Web service

Operating System Operating System Operating System

© Digital Cloud Training | https://digitalcloud.training

Scaling Up vs Out

c5.xlarge, 4
vCPU, 8 GB
RAM

t2.micro, 1
vCPU, 1 GB
RAM
Scaling UP Scaling OUT
© Digital Cloud Training | https://digitalcloud.training
Which scaling model should be used?

Scale UP

EC2 with MySQL DB

Scale OUT

EC2 with Static Website

© Digital Cloud Training | https://digitalcloud.training
High Availability and Fault
Tolerance

© Digital Cloud Training | https://digitalcloud.training

High Availability vs Fault Tolerance

High Availability Fault Tolerance

• Minimal service interruption • No service interruption
• Designed with no single • Specialized hardware with
point of failure (redundancy) instantaneous failover
• Uptime measured in %, e.g. • No downtime
99.99% • Synchronous replication
• Synchronous or • Higher cost compared to HA
asynchronous replication • Examples of FT:
• Lower cost compared to FT • Fault tolerant NICs
• Services that create HA: • Disk mirroring (RAID 1)
• Elastic Load Balancing • Synchronous DB replication
• EC2 Auto Scaling • Redundant power
• Amazon Route 53
© Digital Cloud Training | https://digitalcloud.training
Fault Tolerance

Redundant components Processor (CPU) Memory (RAM)

allow the system to
continue to operate

Hard Disk Drive Hard Disk Drive

Network Card

The system may fail if there is

no built-in redundancy

© Digital Cloud Training | https://digitalcloud.training

High Availability and Fault Tolerance
Cloud
Availability Zone Think of an availability zone as
a separate data center

Web Server 1

User 1

Web Server 2

Availability Zone
User 2
Load Balancer

Web Server 3
User 3

Web Server 4
© Digital Cloud Training | https://digitalcloud.training
High Availability and Fault Tolerance
Cloud
Availability Zone Think of an availability zone as
a separate data center

Auto Scaling launches Web Server 1

a new web server
User 1

Web Server 5

Availability Zone
User 2
Auto Scaling Load Balancer

Web Server 3
User 3

Web Server 1

User 1

Web Server 5

User 2
Load Balancer

User 3

© Digital Cloud Training | https://digitalcloud.training

Durability and Availability

Durability Availability
Durability is protection Availability is a measurement
against: of:
• Data loss • The amount of time the
• Data corruption data is available to access
• S3 offers 11 9s durability • Expressed as a percent of
(99.999999999) time per year
• E.g. 99.99%
If you store 10 million objects in S3,
then you can expect to lose one
object every 10,000 years!

© Digital Cloud Training | https://digitalcloud.training

Amazon EC2 Overview

© Digital Cloud Training | https://digitalcloud.training

Amazon Elastic Compute Cloud (EC2)
EC2 instances run Windows,
Linux, or MacOS
An EC2 instance is
a virtual server

EC2 Instance EC2 Instance EC2 Instance Website

EC2 hosts are Windows OS

managed by AWS
EC2 Instance EC2 Instance EC2 Instance

EC2 Instance EC2 Instance EC2 Instance A selection of instance types

come with varying combinations
EC2 Host Server of CPU, memory, storage and
networking

© Digital Cloud Training | https://digitalcloud.training

Public, Private, and Elastic IP addresses

Type Description
Public IP address Lost when the instance is stopped

Used in Public Subnets

No charge

Associated with a private IP address on the instance

Cannot be moved between instances

Private IP address Retained when the instance is stopped

Used in Public and Private Subnets

Elastic IP address Static Public IP address

You are charged if not used

Associated with a private IP address on the instance

Can be moved between instances and Elastic Network Adapters

© Digital Cloud Training | https://digitalcloud.training

Public Subnets
Public Subnet Route Table
Destination Target
172.31.0.0/16 Local
VPC
0.0.0.0/0 igw-id
Availability Zone Public-IP or
Public subnet Elastic IP

EC2 Instance

Private subnet
Internet
gateway

© Digital Cloud Training | https://digitalcloud.training

Public Subnets
Public Subnet Route Table
Destination Target
172.31.0.0/16 Local
VPC
0.0.0.0/0 igw-id
Availability Zone
Public subnet
Elastic-IP
NAT gateway
Private-IP

Private subnet Private-IP

Internet
gateway Private Subnet Route Table
EC2 Instance Destination Target
172.31.0.0/16 Local

0.0.0.0/0 nat-gateway-id

© Digital Cloud Training | https://digitalcloud.training

Launching Amazon EC2
Instances

© Digital Cloud Training | https://digitalcloud.training

Launching an EC2 Instance
Select an instance type

EC2 Instance A snapshot is a point-in-

time backup of an instance Family Type vCPUs Memory (GiB)
An AMI defines
the configuration General purpose t2.micro 1 1
of the instance Compute optimized c5n.large 2 5.25
Amazon Machine Image Memory optimized r5ad.large 2 16
EBS Snapshot
(AMI)
Storage optimized d2.xlarge 4 30.5
GPU instances g2.2xlarge 8 15

You can customize your

Linux Microsoft instance and create a The instance type
Windows custom AMI defines the hardware
profile (and cost)

Customized AMI
© Digital Cloud Training | https://digitalcloud.training
Connecting to
Amazon EC2

© Digital Cloud Training | https://digitalcloud.training

Access Keys and IAM Roles
with EC2

© Digital Cloud Training | https://digitalcloud.training

Using Access Keys with Amazon EC2
AWS Cloud
The access key is VPC
associated with an
IAM account Availability Zone
Public subnet
AWS CLI configured
with access keys

S3 Bucket IAM User EC2 Instance

Private subnet

Policy

The access key will use the

permissions assigned to the IAM user

© Digital Cloud Training | https://digitalcloud.training

Using Access Keys with Amazon EC2
AWS Cloud
VPC
The role is assumed Availability Zone
by the EC2 instance
Public subnet
Credentials are not
stored on the instance

S3 Bucket IAM Role EC2 Instance

Private subnet

Policy

© Digital Cloud Training | https://digitalcloud.training

Practice with Access Keys and
IAM Roles

© Digital Cloud Training | https://digitalcloud.training

Create a Website with
User Data

© Digital Cloud Training | https://digitalcloud.training

Amazon EC2 User Data

AWS Management Console Batch and PowerShell scripts

The code is run when the can be run on Windows
instance starts for the first time

Limited to
16 KB
EC2 Instance with a web
service is launched
EC2 Instance

© Digital Cloud Training | https://digitalcloud.training

Amazon EC2 Auto Scaling

© Digital Cloud Training | https://digitalcloud.training

Amazon EC2 Auto Scaling
• Automatically launches and terminates
instances
• Maintain availability and scale capacity
• Works with EC2, ECS, and EKS
• Integrates with many AWS services, including:
• CloudWatch for monitoring and scaling
• Elastic Load Balancing for distributing connections
• EC2 Spot Instances for cost optimization
• Amazon VPC for deploying instances across AZs

© Digital Cloud Training | https://digitalcloud.training

Amazon EC2 Auto Scaling
1. Automatic scaling
2. Maintaining availability Auto Scaling launches
an extra instance

Availability Zone Availability Zone

Public subnet Public subnet

Auto Scaling group

EC2 Status
Checks fail

ASG replaces CloudWatch notifies

failed instance Auto Scaling

Metric reports Metrics Metrics

Amazon CloudWatch
CPU > 80%

© Digital Cloud Training | https://digitalcloud.training

Amazon EC2 Auto Scaling
• Scaling is horizontal (scales out)
• Provides elasticity and scalability
• Responds to EC2 status checks and CloudWatch
metrics
• Can scale based on demand (performance) or on a
schedule
• Scaling policies define how to respond to changes
in demand

© Digital Cloud Training | https://digitalcloud.training

Configuration of an Auto Scaling Group
A Launch Template Configure
purchase options
specifies the EC2 – On-demand vs
instance configuration Spot

Configure VPC
Launch Template Launch Config
and Subnets

AMI and instance type AMI and instance type

EBS volumes EBS volumes Attach Load
Security groups Security groups Balancer
Key pair Key pair
IAM instance profile Purchasing option (e.g. Spot)
User data IAM instance profile Configure health
Shutdown behavior User data checks EC2 & ELB
Termination protection
Placement group name
Capacity reservation Group size and
Tenancy Launch Configurations are scaling policies
Purchasing option (e.g. Spot)
replaced by launch templates
and have fewer features

© Digital Cloud Training | https://digitalcloud.training

Amazon EC2 Auto Scaling
• Health checks
• EC2 = EC2 status checks
• ELB = Uses the ELB health checks in addition to EC2
status checks
• Health check grace period
• How long to wait before checking the health status of
the instance
• Auto Scaling does not act on health checks until grace
period expires

© Digital Cloud Training | https://digitalcloud.training

Amazon EC2 Auto Scaling
Types of Auto Scaling:
• Manual – make changes to ASG size manually
• Dynamic – automatically scales based on demand
• Predictive – uses Machine Learning to predict
• Scheduled – scales based on a schedule

© Digital Cloud Training | https://digitalcloud.training

Create an Auto Scaling Group

© Digital Cloud Training | https://digitalcloud.training

Amazon Elastic Load
Balancing

© Digital Cloud Training | https://digitalcloud.training

Amazon Elastic Load Balancing
• Provides high availability and fault tolerance
• Targets include:
• Amazon EC2 instances
• Amazon ECS containers
• IP addresses
• Lambda functions
• Other load balancers

© Digital Cloud Training | https://digitalcloud.training

Amazon Elastic Load Balancing
Availability Zone
Public subnet

EC2 Auto Scaling ELB takes instance 1

terminates Instance 1 out of service (failed
instance 1 health check) User 1

Instance 2
Auto Scaling
Availability Zone User 2
Elastic Load Balancer
Public subnet

Instance 3 User 3
User 1 is connected
to instance 4

Instance 4

© Digital Cloud Training | https://digitalcloud.training

Amazon Elastic Load Balancing
Availability Zone
Public subnet

EC2 Auto Scaling

launches
Instance 5 User 1
instance 5

Instance 2
Auto Scaling User 2

Availability Zone
Public subnet
ELB

User 3
Instance 3

Instance 4 User 4

© Digital Cloud Training | https://digitalcloud.training

Types of Elastic Load Balancer (ELB)

Application Load Balancer

• Operates at the request level
Instance Protocol: Load Balancer Protocol: • Routes based on the content of the request (L7)
HTTP, HTTPS HTTP, HTTPS • Supports path-based routing, host-based routing,
query string parameter-based routing, and source
Internet Client
IP address-based routing
Application Load
• Supports instances, IP addresses, Lambda functions
Balancer
and containers as targets
Network Load Balancer
Instance Protocol: Load Balancer Protocol:
• Operates at the connection level
TCP, TCP_UDP TCP, TLS, UDP, TCP_UDP
• Routes connections based on IP protocol data (L4)
• Offers ultra high performance, low latency and TLS
Network Load Internet Client
offloading at scale
Balancer • Can have a static IP / Elastic IP
• Supports UDP and static IP addresses as targets

© Digital Cloud Training | https://digitalcloud.training

Types of Elastic Load Balancer (ELB)

Appliance Protocol: Load Balancer Protocol: Gateway Load Balancer

GENEVE All packets on all ports
• Used in front of virtual appliances such as firewalls,
IDS/IPS, and deep packet inspection systems
Virtual Appliance Gateway Load Balancer • Operates at Layer 3 – listens for all packets on all
VPC Endpoint
ports
• Forwards traffic to the TG specified in the listener
rules
• Exchanges traffic with appliances using the GENEVE
protocol on port 6081

© Digital Cloud Training | https://digitalcloud.training

ELB Use Cases
Application Load Balancer
• Web applications with L7 routing (HTTP/HTTPS)
• Microservices architectures (e.g. Docker containers)
• Lambda targets
Network Load Balancer
• TCP and UDP based applications
• Ultra-low latency
• Static IP addresses
• VPC endpoint services

© Digital Cloud Training | https://digitalcloud.training

ELB Use Cases
Gateway Load Balancer
• Deploy, scale and manage 3rd party virtual network appliances
• Centralized inspection and monitoring
• Firewalls, intrusion detection and prevention systems, and deep
packet inspection systems

© Digital Cloud Training | https://digitalcloud.training

Create an Application
Load Balancer

© Digital Cloud Training | https://digitalcloud.training

Create a Scaling Policy

© Digital Cloud Training | https://digitalcloud.training

SECTION 5

Amazon Virtual Private Cloud (VPC)

© Digital Cloud Training | https://digitalcloud.training

The OSI Model

© Digital Cloud Training | https://digitalcloud.training

The Open Systems Interconnection (OSI) Model

Web Server

MAC Address Table

MAC 1 = Port 1
MAC 2 = Port 4

Port 1 Port 3

Port 2 Port 4

Ethernet / 802.1x
(2) Data Link Layer MAC: 00-B0-D0-63-C2-26 MAC: 00-1B-62-45-E2-83

NIC NIC
(1) Physical Layer Cat 8 Cat 8
RJ45 Port RJ45 Port
cable Layer 2 Switch cable

© Digital Cloud Training | https://digitalcloud.training

The Open Systems Interconnection (OSI) Model
Destination Interface

24.1.1.0/24 eth0
Web Server
11.2.1.0/24 eth1

Route Table

Layer 3
Routers
(3) Network Layer IP address: 24.1.1.25 IP address: 11.2.1.10

(2) Data Link Layer MAC: 00-B0-D0-63-C2-26 MAC: 00-1B-62-45-E2-83

NIC NIC
(1) Physical Layer Cat 8 Cat 8
RJ45 Port RJ45 Port
cable Layer 2 Switch cable

© Digital Cloud Training | https://digitalcloud.training

The Open Systems Interconnection (OSI) Model
TCP three-way handshake

Web Server

(4) Transport Layer

(3) Network Layer IP address: 24.1.1.25 IP address: 11.2.1.10

(2) Data Link Layer MAC: 00-B0-D0-63-C2-26 MAC: 00-1B-62-45-E2-83

UDP

NIC NIC
(1) Physical Layer Cat 8 Cat 8
RJ45 Port RJ45 Port
cable Layer 2 Switch cable

© Digital Cloud Training | https://digitalcloud.training

The Open Systems Interconnection (OSI) Model
All People Seem To Need Data Processing
(7) Application Layer Data HTTP, FTP, SSH, DNS Network services to end user applications

(6) Presentation Layer Data SSL, FTP, SSH, HTML Data representation and encryption

(5) Session Layer Data TCP, RPC Interhost communication

(4) Transport Layer Segments TCP, UDP, TLS End-to-end connections and reliability

(3) Network Layer Packets IP, IPSec, ICMP Path determination (e.g. routing)

(2) Data Link Layer Frames MAC

Ethernet, 802.11 Physical addressing (e.g. MAC and LLC)

(1) Physical Layer Bits Coax, Fiber, Wireless Media, signal, binary transmission

© Digital Cloud Training | https://digitalcloud.training

TCP Encapsulation

OSI Layer
(5-7) Application Data (5-7) Data

TCP
(4) Transport Layer Data (4) Segments
Header
IP TCP
(3) Network Layer Data (3) Packets
Header Header
Ethernet IP TCP Ethernet
(2) Data Link Layer Data (2) Frames
Header Header Header Footer

(1) Physical Layer 01010111001010101101101101101011010100 (1) Bits

© Digital Cloud Training | https://digitalcloud.training

Routers, Switches, and
Firewalls

© Digital Cloud Training | https://digitalcloud.training

Routers and Switches
Destination Interface

IP Subnet A: 192.168.0.0/24 192.168.0.0/24 eth0 IP Subnet B: 10.0.0.0/24

10.0.0.0/24 eth1
192.168.0.1 Route Table 10.0.0.1

192.168.0.6 192.168.0.2 eth0 eth1 10.0.0.6 10.0.0.2

Switch Switch
Router

192.168.0.5
10.0.0.5 10.0.0.3
192.168.0.3

192.168.0.4 10.0.0.4

© Digital Cloud Training | https://digitalcloud.training

Firewalls
POLICY PROTOCOL PORT DESTINATION SOURCE
ALLOW HTTP 80 INTERNAL ANY
ALLOW HTTPS 443 INTERNAL ANY
DENY ANY ANY INTERNAL ANY

Firewall Rules
IP Subnet A IP Subnet B

Database Server Application Server Web Server

Firewall Firewall Firewall

The Internet

Database Server Application Server Web Server

© Digital Cloud Training | https://digitalcloud.training

IP Addressing

© Digital Cloud Training | https://digitalcloud.training

Structure of an IPv4 Address

11000000 10101000
IP addresses are written in
dotted decimal notation

Each part of the address is 192 168 0 1

a binary octet . . .

00000000 00000001

Most significant bit 1 1 1 1 1 1 1 1 Least significant bit

128 64 32 16 8 4 2 1
Binary Values

© Digital Cloud Training | https://digitalcloud.training

Networks and Hosts

An IPv4 address has a

network and host ID Host ID

192 168 0 1
. . .
Network ID

255 255 255 0

. . .
Subnet Mask The subnet mask is used to
define the network and host
ID

© Digital Cloud Training | https://digitalcloud.training

Networks and Hosts
All computers share the
same network ID and
have a unique host ID
Network 192 168 0 0
. . . 192.168.0.1

Subnet Mask 255 255

. . 255 . 0

24 bits
192.168.0.6 192.168.0.2

192.168.0.0/24

A network and subnet 192.168.0.5 192.168.0.3

mask can also be
written in this format 192.168.0.4

© Digital Cloud Training | https://digitalcloud.training

Private IP Address Ranges

10 0 0 0 10 255 255 255

172 16 0 0 172 31 255 255

192 168 0 0 192 168 255 255

These addresses are reserved

for private use according to
IETF RFC-1918

© Digital Cloud Training | https://digitalcloud.training

Amazon Virtual Private Cloud
(VPC)

© Digital Cloud Training | https://digitalcloud.training

Amazon VPC A VPC is a logically isolated portion
of the AWS cloud within a region

Region

VPC Main Route Table

Availability Zone Destination Target
Subnets are Public subnet 10.0.0.0/16 Local
created within AZs 0.0.0.0/0 igw-id
EC2 Instance
The route table is used
to configure the VPC
Availability Zone Router Internet router
gateway
Private subnet

EC2 Instance An Internet Gateway is

used to connect to the
Internet

You can launch EC2 instances

into your VPC subnets

© Digital Cloud Training | https://digitalcloud.training

Amazon VPC
Each VPC has a different CIDR stands for Classless
block of IP addresses Interdomain Routing
Region

VPC CIDR 10.0.0.0/16 VPC CIDR 10.1.0.0/16

Availability Zone Availability Zone Availability Zone Availability Zone

Public subnet Public subnet Public subnet Public subnet

10.0.1.0/24 10.0.2.0/24 10.1.1.0/24 10.1.2.0/24

Private subnet Private subnet Private subnet Private subnet

10.0.3.0/24 10.0.4.0/24 10.1.3.0/24 10.1.4.0/24

Each subnet has a block of IP addresses You can create multiple VPCs
from the CIDR block within each region

© Digital Cloud Training | https://digitalcloud.training

VPC CIDR Blocks and Subnets

VPC CIDR Block 10 0 0 0

10.0.0.0/16
/16 Subnet Mask 255 255 0 0

VPC subnets have a longer subnet

mask than the CIDR block by using
Subnets:
additional bits from the host portion
10.0.1.0/24

10.0.2.0/24 255 255 255 0

10.0.3.0/24

© Digital Cloud Training | https://digitalcloud.training

AWS Public and Private Services Private services can have
public IP addresses but
exist within the VPC

AWS Cloud
VPC

Availability Zone
Public subnet
Amazon DynamoDB Amazon S3

EC2 Instance Amazon RDS

Public services have public
IP addresses / endpoints
Private subnet
Internet
Public Internet
gateway

EC2 Instance Amazon Elastic File System

Amazon Route 53 Amazon CloudFront

© Digital Cloud Training | https://digitalcloud.training

Create a Custom VPC

© Digital Cloud Training | https://digitalcloud.training

Custom VPC

MyVPC
CIDR 10.0.0.0/16
Main Route Table
us-east-1a us-east-1b Destination Target
Public-1A Public-1B
10.0.0.0/16 Local
10.0.1.0/24 10.0.2.0/24 0.0.0.0/0 igw-id

Private-RT Route Table

Private-1A Private-1B
Destination Target
10.0.3.0/24 10.0.4.0/24 10.0.0.0/16 Local

MyIGW

© Digital Cloud Training | https://digitalcloud.training

Security Groups and Network
ACLs

© Digital Cloud Training | https://digitalcloud.training

Stateful vs Stateless Firewalls

PROTOCOL SOURCE IP DESTINATION IP SOURCE PORT DESTINATION PORT

HTTP 10.1.1.1 10.2.1.10 65188 80
HTTP 10.2.1.10 10.1.1.1 80 65188

Src Port: 80 Dest Port: 65188

Dest Port: 80 Src Port: 65188

Firewall Client
Web Server (10.2.1.10)
(10.1.1.1)
A stateful firewall A stateless firewall
allows the return checks for an allow
traffic automatically rule for both
connections

© Digital Cloud Training | https://digitalcloud.training

Security Groups and Network ACLs
VPC Security Groups apply at the Instance level

Availability Zone
Private subnet Public subnet
Security Security
Group B Group A
Security Groups NACLs apply at the
can be applied subnet level
to instances in Network ACL Network ACL
any subnet

Availability Zone
Router
Private subnet Public subnet Security
Security
Group B Group A NACLs apply only to
Security traffic entering /
Group A exiting the subnet
Network ACL Network ACL

© Digital Cloud Training | https://digitalcloud.training

Security Groups & Network Access Control Lists (NACLs)

Security Group Network ACL

Operates at the instance (interface) level Operates at the subnet level
Supports allow rules only Supports allow and deny rules
Stateful Stateless
Evaluates all rules Processes rules in order
Applies to an instance only if associated Automatically applies to all instances in
with a group the subnets its associated with

© Digital Cloud Training | https://digitalcloud.training

Using Security Groups
and NACLs

© Digital Cloud Training | https://digitalcloud.training

Cloud Computing
Deployment Models

© Digital Cloud Training | https://digitalcloud.training

Cloud Computing Deployment Models

Name Description Examples

Private Cloud An enterprise deploys their own infrastructure and VMware, Microsoft,
applications into their own data center RedHat, OpenStack

Public Cloud The IT services that you consume are hosted and AWS, Microsoft Azure,
delivered from a third-party and accessed over the Google Cloud Platform
Internet
Hybrid Cloud A combination of on-premises, private cloud, and
public cloud services are consumed
Multicloud Usage of two or more public clouds at a time, and
possibly multiple private clouds

© Digital Cloud Training | https://digitalcloud.training

Private Cloud Examples are VMware,
Microsoft, RedHat, OpenStack

Data center

Automation and Cloud management

Self Service Portal / Billing and Multi-tenancy
Configuration software layer
Service Catalog Reporting controller
Management

Benefits:
• Complete control of the
entire stack
• Security – in a few cases,
organizations may need to
keep all or some of their
applications and data in
Network & Firewall Virtualization Cluster Storage & Backup house

You build and manage the

cloud deployment

© Digital Cloud Training | https://digitalcloud.training

Cloud Deployment Models - Public Cloud
Examples are AWS, Microsoft
Azure, Google Cloud Platform
Benefits:
• Variable expense, instead of capital expense
Public Cloud
• Economies of scale
• Massive elasticity AWS Cloud

Corporate Office
Compute
Storage

Network Database
Internet

Connected using either the

Internet or a private link

© Digital Cloud Training | https://digitalcloud.training

Cloud Deployment Models - Hybrid Cloud
Benefits:
• Allows companies to keep the critical applications and sensitive data in a
traditional data center environment or private cloud
• Take advantage of public cloud resources like SaaS, for the latest applications,
and IaaS, for elastic virtual resources
• Facilitates portability of data, apps and services and more choices for
deployment models
Public Cloud
Private Cloud
AWS Cloud

Data center

Internet

Connected using either the

Internet or a private link
© Digital Cloud Training | https://digitalcloud.training
Cloud Deployment Models - Multicloud

Public Cloud

Private Cloud

The Internet

Public Cloud

Private Cloud
Organization
© Digital Cloud Training | https://digitalcloud.training
AWS VPN and AWS
Direct Connect

© Digital Cloud Training | https://digitalcloud.training

AWS Site-to-Site VPN
AWS VPN is a managed IPSec VPN

VPC
CIDR: 10.0.0.0/16

Public subnet
Supports static routes or
A Virtual Private Gateway is BGP peering/routing
Corporate data center
deployed on the AWS side

CIDR: 192.168.0.0/16

Private subnet Virtual Private VPN connection Customer

Gateway (VGW) gateway
Route Table

Destination Target
192.168.0.0/16 vgw-id
A customer gateway is deployed
on the customer side

A route table entry points to

the VGW

© Digital Cloud Training | https://digitalcloud.training

AWS Direct Connect (DX)
DX is a physical fibre connection to A cross-connect between the
AWS running at 1Gbps to 100Gbps AWS DX router and the
customer/partner DX router
AWS Cloud

Region Corporate data center

AWS Direct Connect location
VPC
AWS cage Customer /
Public subnet partner cage

Private subnet AWS Direct Customer / Customer

Connect partner router
endpoint
Router

A DX port (1000-Base-LX The customer router is

or 10GBASE-LR) must be connected to the DX
allocated in a DX location router in the DX location

© Digital Cloud Training | https://digitalcloud.training

AWS Direct Connect Benefits
• Enhanced security – uses private connectivity
between AWS and your data center / office

• Consistent network performance – increased

speed/latency & bandwidth/throughput

• Lower cost – can reduce costs for organizations

that transfer large volumes of data

© Digital Cloud Training | https://digitalcloud.training

SECTION 6

AWS Storage Services

© Digital Cloud Training | https://digitalcloud.training

Block vs File vs Object
Storage

© Digital Cloud Training | https://digitalcloud.training

Block Storage

Hard Disk Drive (HDD) Solid State Drive (SSD)

• Also known as magnetic drives • Uses flash memory

• Older technology • Newer technology
• Much slower than SSD • MUCH faster than HDD
• Much cheaper than SSD • More expensive than HDD

© Digital Cloud Training | https://digitalcloud.training

Block Storage

Disk Management
The Operating System
Volume D:
C: (OS) sees a volume. A
Hard drives are 8001000
GB GB200 GB volume can be
block-based partitioned and
storage systems formatted

Hard Disk
Drive (HDD)

Hard drives are block-based storage systems

The Operating System (OS) sees a file system that

is mapped to a local drive letter

The NAS “shares” file systems

over the network

NIC
Network Switch Network Attached
Storage Server (NAS)

© Digital Cloud Training | https://digitalcloud.training

Object Storage Systems

There is no hierarchy
User uploads objects of objects in the
using a web browser container

Objects can be files,

videos, images etc.

The HTTP protocol is

used with a REST API
(e.g. GET, PUT, POST, Object Storage
SELECT, DELETE) Container

© Digital Cloud Training | https://digitalcloud.training

Block vs File vs Object Storage

The OS sees volumes

A filesystem can be Massively scalable
that can be partitioned
shared by many users and low cost
and formatted
Block Storage File Storage Object Storage
Disk Management

C:Volume D: There is no hierarchy of

1000
800 GB GB 200 GB objects in the container

Object Storage
Container

The OS reads/writes at A filesystem is “mounted” to Cannot be mounted but can be

the block level. Disks the OS using a network share accessed programmatically
can be internal, or using the REST API
network attached

© Digital Cloud Training | https://digitalcloud.training

Amazon EBS and Instance
Stores

© Digital Cloud Training | https://digitalcloud.training

Amazon Elastic Block Store (EBS)
Availability Zone

EBS volumes exist within an The volume is automatically

Availability Zone replicated within the AZ
EBS Volume EBS Volume

The volume is attached

over a network
C: D:

EC2 Instance

© Digital Cloud Training | https://digitalcloud.training

Amazon EBS vs Instance Store EBS volumes are attached
over the network
Availability Zone

EBS Volume EBS volumes

offer persistent
storage
EBS Volume

Instance Store volumes are

physically attached to the host
and offer high -performance
EC2 Host Server

Instance Store volumes are

ephemeral (non-persistent)

© Digital Cloud Training | https://digitalcloud.training

Amazon EBS Snapshots
Region
Availability Zone A Snapshots are stored on
Amazon S3

Volume
EC2 Instance
Snapshot taken to capture a
Snap A Snap B Snap C
point-in-time state of an instance
Snapshots are
incremental
Availability Zone B

Volume A snapshot can be

EC2 Instance
You can create an EBS volume in used to create an AMI
another AZ from a snapshot AMI

© Digital Cloud Training | https://digitalcloud.training

Create and Attach
an EBS Volume

© Digital Cloud Training | https://digitalcloud.training

EBS Snapshots and
AMIs

© Digital Cloud Training | https://digitalcloud.training

Amazon Elastic File System (EFS)

© Digital Cloud Training | https://digitalcloud.training

Amazon Elastic File System (EFS)
Note: EFS supports Linux only

One Zone file systems have

mount targets in a single AZ EFS File system Regional file systems
(Regional) have mount targets in
Availability Zone
multiple AZs

Instances can connect to

mount points in other
AZs in the Region

/efs-mnt /efs-mnt /efs-mnt

Instances connect
to a mount point
in the local AZ

EC2 Instance EC2 Instance EC2 Instance

The connection protocol is NFS

© Digital Cloud Training | https://digitalcloud.training
Amazon Elastic File System (EFS)
• Data consistency – write operations for Regional file
systems are durably stored across Availability Zones
• File locking – NFS client applications can use NFS v4
file locking for read and write operations on EFS files
• Storage classes – there are three options:
• EFS Standard – uses SSDs for low latency performance
• EFS Infrequent Access (IA) – cost effective option
• EFS Archive – even cheaper for less active data (archival)
• Durability – all storage classes offer 11 9s of
durability

© Digital Cloud Training | https://digitalcloud.training

Amazon Elastic File System (EFS)

Region Region

Corporate data center

EFS File system EFS File system
EFS file systems can be
replicated across Regions On-premises
client

Mount points can be On-premises computers

created but the file can also mount EFS file
system is read-only systems

EC2 Instance

© Digital Cloud Training | https://digitalcloud.training

Amazon Elastic File System (EFS)
• EFS Replication – data is replicated across Regions
for disaster recovery purposes with RPO/RTO in the
minutes
• Automatic Backup – EFS integrates with AWS
Backup for automatic file system backups
• Performance options – there are two options:
• Provisioned throughput – Specify a level of throughput
that the file system can drive independent of the file
system's size
• Bursting throughput – Throughput scales with the
amount of storage and supports bursting to higher levels

© Digital Cloud Training | https://digitalcloud.training

Create an Amazon EFS
File System

© Digital Cloud Training | https://digitalcloud.training

Amazon Simple Storage
Service (S3)

© Digital Cloud Training | https://digitalcloud.training

Amazon Simple Storage Service (S3)
A bucket is a
container for
objects
S3 Bucket

An object is a
file you upload
Object

Accessing objects in a bucket:

Object
You can store https://bucket.s3.aws-region.amazonaws.com/key
millions of objects
https://s3.aws-region.amazonaws.com/bucket/key
in a bucket
Object

The HTTP protocol is used with a

REST API (e.g. GET, PUT, POST,
SELECT, DELETE)

© Digital Cloud Training | https://digitalcloud.training

Amazon Simple Storage Service (S3)
EC2 instances connect using
A bucket is a container private addresses
for objects
Bucket
http://bucket.s3.aws-region.amazonaws.com Amazon S3
http://s3.aws-region.amazonaws.com/bucket
VPC
S3 Gateway Endpoint
Public subnet

Object
Internet EC2 Instance
An objects consists of: gateway
• Key (name of objects) Public Internet
• Version ID EC2 instances
Private subnet
• Value (actual data) connect using
• Metadata public addresses
• Subresources EC2 Instance
• Access control information

© Digital Cloud Training | https://digitalcloud.training Internet Client

File Storage vs Object Storage

File Share Object Store

http://bucket.s3.aws-region.amazonaws.com

• Data stored in directories • Data stored in buckets

• A hierarchy of directories can be formed • Flat namespace (no hierarchy)
• File systems are mounted to an operating system • Hierarchy can be mimicked with prefixes
• Function like local storage • Accessed by REST API and cannot be mounted
• Network connection is maintained • Network connection is completed after each
• Example is Amazon EFS request
• Example is Amazon S3

© Digital Cloud Training | https://digitalcloud.training

Working with S3 Buckets
and Objects

© Digital Cloud Training | https://digitalcloud.training

Create an Amazon S3
Static Website

© Digital Cloud Training | https://digitalcloud.training

SECTION 7

AWS Database Services

© Digital Cloud Training | https://digitalcloud.training

Database Types and
Use Cases

© Digital Cloud Training | https://digitalcloud.training

Relational vs Non-Relational
Key differences are how data are managed and how data are stored

Relational Non-Relational
Organized by tables, rows and columns Varied data storage models

Rigid schema (SQL) Flexible schema (NoSQL) – data stored in key-value

pairs, columns, documents or graphs
Rules enforced within database Rules can be defined in application code (outside
database)
Typically scaled vertically Scales horizontally

Supports complex queries and joins Unstructured, simple language that supports any kind
of schema
Amazon RDS, Oracle, MySQL, IBM DB2, PostgreSQL Amazon DynamoDB, MongoDB, Redis, Neo4j

© Digital Cloud Training | https://digitalcloud.training

Relational Databases

EmployeeID FirstName LastName JobRole Location

00001 Paul Peterson Senior Developer Atlanta
SQL is used for defining the
00002 Kaleigh Annette Assistant Manager Miami structure of the database
00003 Carl Wood Sales Support New York and its elements
00004 Vinni Jones Customer Service Dallas
00005 Stefanie Howard IT Architect Los Angeles

SQL provides the tools for inserting, updating, deleting,

and querying data within the database table
Example Structured Query Language (SQL) query:

SELECT FirstName
FROM employees
WHERE Location = Atlanta

© Digital Cloud Training | https://digitalcloud.training

Non-Relational Databases
NoSQL databases can be key/value and This is an example of a key/value store
document stores
Primary Key
Attributes
Partition Key Sort Key

clientid created sku category size color weight

[email protected] 1583975308 SKU-S523 T-Shirt Small Red Light

[email protected] 1583975613 SKU-J091 Pen Blue

[email protected] 1583975449 SKU-A234 Mug There is no rigid schema so attributes

can be missing or have different data
[email protected] 1583976311 SKU-R873 Chair types 4011

[email protected] 1583976323 SKU-I019 Plate 30

© Digital Cloud Training | https://digitalcloud.training

Graph Databases
Graph databases like Amazon Neptune are
designed to store, manage, and navigate
relationships in data

Graph databases use:

• Nodes to represent entities
• Edges to represent
relationships
• Properties to store information
about nodes and edges

© Digital Cloud Training | https://digitalcloud.training

Operational vs Analytical
Key differences are use cases and how the database is optimized

Operational / transactional Analytical

Online Transaction Processing (OLTP) Online Analytics Processing (OLAP) – the source data
comes from OLTP DBs
Production DBs that process transactions. E.g. adding Data warehouse. Typically, separated from the customer
customer records, checking stock availability (INSERT, facing DBs. Data is extracted for decision making
UPDATE, DELETE)
Short transactions and simple queries Long transactions and complex queries

Relational examples: Amazon RDS, Oracle, IBM DB2, Relational examples: Amazon RedShift, Teradata, HP
MySQL Vertica
Non-relational examples: MongoDB, Cassandra, Non-relational examples: Amazon EMR, MapReduce
Neo4j, HBase

© Digital Cloud Training | https://digitalcloud.training

Operational vs Analytical

COPY

Operational DBs receive Amazon RDS Data Warehouse is

data from applications used for analytics

COPY

Amazon RDS Amazon Redshift

COPY

Amazon RDS

© Digital Cloud Training | https://digitalcloud.training

AWS Databases

Data Store Use Case

Database on EC2 • Need full control over instance and database
• Third-party database engine (not available in RDS)
Amazon RDS • Need traditional relational database
• e.g. Oracle, PostgreSQL, Microsoft SQL, MariaDB, MySQL
• Data is well-formed and structured
Amazon DynamoDB • NoSQL database
• In-memory performance
• High I/O needs
• Dynamic scaling
Amazon RedShift • Data warehouse for large volumes of aggregated data

Amazon ElastiCache • Fast temporary storage for small amounts of data

• In-memory database

© Digital Cloud Training | https://digitalcloud.training

Amazon Relational Database
Service (RDS)

© Digital Cloud Training | https://digitalcloud.training

Amazon RDS
• Managed relational database service
• Used for online transaction processing (OLTP)
use cases
• Runs on Amazon EC2 instances

A DB instance can contain You must choose the

multiple user-created databases DB instance type

RDS uses Amazon EBS volumes Backups can be taken using

for storage EBS snapshots

© Digital Cloud Training | https://digitalcloud.training

Amazon RDS
Amazon RDS offers a choice of database engines:
• Amazon Aurora – (MySQL and PostgreSQL compatible)
• MySQL – One of the most popular open-source relational
database management systems
• PostgreSQL – An advanced open-source relational database that
supports both SQL (relational) and JSON (non-relational) querying
• Oracle – Offers support for Oracle Database under two licensing
models: "License Included" and "Bring Your Own License (BYOL)"
• Microsoft SQL Server – Supports several editions of Microsoft SQL
Server
• MariaDB – A community-developed fork of MySQL intended to
remain free under the GNU GPL

© Digital Cloud Training | https://digitalcloud.training

Amazon RDS – Scaling up (vertically)

RDS scales up by changing

the instance type Scaling up is required for
better write performance

M4 Instance
db.m4.2xlarge 4
M4 instance
vCPUs, 32 GiB RAM
db.m4.large 2 vCPUs,
8 GiB RAM The database must shut
down and restart

© Digital Cloud Training | https://digitalcloud.training

Amazon RDS – Scaling out (horizontally)

Reads can be directed

Applications write to
to the Read Replica
the primary

RDS Primary RDS Read Replica

RDS scales reads horizontally

with Read Replicas

© Digital Cloud Training | https://digitalcloud.training

Amazon RDS Multi AZ Multi-AZ deployments enable
automatic disaster recovery (DR)
VPC

Availability Zone

Multi-AZ standby instances are

in a different AZ to the primary

RDS Standby Application Application

Synchronous replication DB reads

DB writes
Availability Zone

. Asynchronous replication Read Replicas can be in the

same or a different AZ

RDS Primary RDS Read Replica

© Digital Cloud Training | https://digitalcloud.training

Create an Amazon RDS
Database

© Digital Cloud Training | https://digitalcloud.training

Amazon DynamoDB

© Digital Cloud Training | https://digitalcloud.training

Amazon DynamoDB

• DynamoDB is a fully managed NoSQL database service

• DynamoDB is a fully serverless service

• Key/value store and document store

• Low latency access to data (milliseconds)

• Offers push button scaling with no downtime

Data is stored in partitions

which are replicated across
multiple AZs in a Region

© Digital Cloud Training | https://digitalcloud.training

DynamoDB Features
DynamoDB Feature Benefit
Serverless Fully managed, fault tolerant, service

Highly available 99.99% availability SLA – 99.999% for Global Tables!

NoSQL type of database Flexible schema, good for when data is not well structured or unpredictable

Horizontal scaling Seamless scalability to any scale with push button scaling or Auto Scaling

Captures a time-ordered sequence of item-level modifications in a DynamoDB

DynamoDB Streams
table

Transaction options Strongly consistent or eventually consistent reads, support for ACID transactions
Point-in-time recovery down to the second in last 35 days; On-demand backup
Backup
and restore
Global Tables Fully managed multi-region, multi-master solution

© Digital Cloud Training | https://digitalcloud.training

DynamoDB Core Components

The basic DynamoDB components are:

Tables
userid orderid book price date

Items user001 1000092 ISBN100.. 9.99 2020.04..

user002 1000102 ISBN100.. 2020.03..

Attributes 24.99

user003 1000168 ISBN2X0.. 12.50 2020.04..

© Digital Cloud Training | https://digitalcloud.training

Amazon DynamoDB Pricing
Amazon DynamoDB pricing is primarily based on:
• Provisioned Throughput: You can choose provisioned
capacity, paying for the amount of reads and writes per
second that you allocate for your table
• On-Demand Capacity: You pay for the read and write
requests your application performs on your tables without
managing capacity planning
• Storage Costs: You pay for the data storage your tables
consume
• Additional features: Costs apply for using Global Tables,
DynamoDB Streams, backup and restore, and data transfer

© Digital Cloud Training | https://digitalcloud.training

Create an Amazon
DynamoDB Table

© Digital Cloud Training | https://digitalcloud.training

SECTION 8

Automation and DevOps on AWS

© Digital Cloud Training | https://digitalcloud.training

Infrastructure as Code with
AWS CloudFormation

© Digital Cloud Training | https://digitalcloud.training

AWS CloudFormation

Infrastructure patterns are CloudFormation builds

VPC
defined in a template file your infrastructure
using code according to the template
Public subnet

Auto Scaling
AWS CloudFormation group
Public subnet

© Digital Cloud Training | https://digitalcloud.training

AWS CloudFormation

Component Description
Templates The JSON or YAML text file that contains the instructions for building out
the AWS environment
Stacks The entire environment described by the template and created, updated,
and deleted as a single unit
StackSets AWS CloudFormation StackSets extends the functionality of stacks by
enabling you to create, update, or delete stacks across multiple accounts
and regions with a single operation
Change Sets A summary of proposed changes to your stack that will allow you to see
how those changes might impact your existing resources before
implementing them

© Digital Cloud Training | https://digitalcloud.training

Creating and Updating
Stacks

© Digital Cloud Training | https://digitalcloud.training

Deploy a VPC Using
CloudFormation

© Digital Cloud Training | https://digitalcloud.training

Platform as a Service with
AWS Elastic Beanstalk

© Digital Cloud Training | https://digitalcloud.training

Cloud Service Models: Comparison

IaaS PaaS

Java WebApp Java WebApp

Example is Example is AWS
Amazon EC2 Data Data Elastic Beanstalk

Java Runtime

Linux OS You simply upload your

code/data to create your
application
You manage from the
virtual server upwards

© Digital Cloud Training | https://digitalcloud.training

AWS Elastic Beanstalk
Upload source
code in ZIP file
Region
VPC
EB Environment

AWS Elastic Beanstalk

Developer
Availability Zone Client
Public subnet
Everything within the
environment is launched and
managed by Elastic Beanstalk

Availability Zone
Public subnet ALB

© Digital Cloud Training | https://digitalcloud.training

AWS Elastic Beanstalk
• Supports many application platforms including:
• Java, .NET, Node.js, PHP, Ruby, Python, Go, and Docker
• Uses core AWS services including EC2, ECS, Auto
Scaling, and Elastic Load Balancing
• Elastic Beanstalk provides a UI to monitor and
manage the health of applications
• Managed platform updates deploy the latest
versions of software and patches

© Digital Cloud Training | https://digitalcloud.training

AWS Elastic Beanstalk
There are several layers APPLICATION

Applications:
• Contain environments, environment
configurations, and application
versions
• You can have multiple application
versions held within an application

AWS Elastic Beanstalk
APPLICATION
Application version
• A specific reference to a section of
deployable code
• The application version will point
typically to an Amazon S3 bucket
Version 4
containing the code Versions can be Version 3
applied to any
Version 2
environment
Version 1

AWS Elastic Beanstalk
APPLICATION
Environments:
• An application version that has been PRODUCTION
DEVELOPMENT
deployed on AWS resources
• The resources are configured and
provisioned by AWS Elastic Beanstalk
Version 4
• The environment is comprised of all Versions can be Version 3
applied to any
the resources created by Elastic environment Version 2

Beanstalk and not just an EC2 instance Version 1

with your uploaded code

Web Servers and Workers

• Web servers are standard applications that listen for

and then process HTTP requests, typically over port 80

• Workers are specialized applications that have a

background processing task that listens for messages
on an Amazon SQS queue

• Workers should be used for long-running tasks

AWS Elastic Beanstalk

Elastic Beanstalk application

Web server places message in

the SQS queue Web Server Environment

SQS Queue Web Server

App User
Worker Environment
Inbound traffic on
port 80/443
The worker polls the queue Worker

Create an Elastic
Beanstalk Application

Continuous Integration and
Continuous Delivery (CI/CD)

Continuous Integration

Build servers build

and test code
Code repository could be
GitHub, CodeCommit etc.

AWS CodeCommit AWS CodeBuild

Developer Results returned to

pushes code Developer

Continuous Integration & Continuous Delivery
AWS CodePipeline

Build servers build Code released for Code pushed to

and test code deployment application

AWS CodeCommit AWS CodeBuild AWS CodeDeploy

Results returned
Developer to Developer
pushes code

Application Application

AWS CodePipeline with
AWS Elastic Beanstalk

AWS CodePipeline with Elastic Beanstalk

AWS CodePipeline

AWS CodeCommit AWS Elastic Beanstalk

EB Environment

Node.js App
Developer

SECTION 9

DNS, Caching, and Performance

Optimization

Bandwidth and Latency

Bandwidth is the rate

of data transfer for a Bandwidth can be
fixed period of time considered the width
1.5 Gbps
measured in Gbps of the communication
band

< distance >

Latency is the amount of time it takes to send data from one point to
another measured in microseconds or milliseconds

Bandwidth and Latency

Within a data Between data

center (meters) centers (miles/KMs)

< microseconds >

< milliseconds >

Bandwidth and Latency

Greater distance = higher latency

Bandwidth and Latency
Factors that contribute to network latency include:
• Propagation delay – the time it takes for the signal to
travel from source to destination (primarily determined by
distance)
• Transmission Delay – the time required to push all the
packet's bits into the wire, which depends on the packet
size and the data rate of the link (bandwidth)
• Queueing Delay – the time a packet spends waiting in a
queue until it can be processed or transmitted
• Processing Delay – the time routers or switches take to
process the packet

DNS and Amazon Route 53

The Domain Name System
IP addresses are the
addresses computers
use to communicate
http://dctlabs.com

52.134.26.12

Connection is made Web Server

using IP address
What’s the IP address
for dctlabs.com?
Name Type Value
dctlabs.com A 52.134.26.12
www.dctlabs.com A 52.134.26.12

DNS Zone File

DNS Server
© Digital Cloud Training | https://digitalcloud.training
Fully Qualified Domain Names (FQDNs)
Example is a subdomain com is an example of
a Top-Level Domain

www . example . com .

www is a hostname within The root domain is represented by a

the example subdomain “.” And is not usually visible in a DNS
name

Subdomains
support is a subdomain
of amazon.com A subdomain is subdivision of a
domain name for organizing a set
of related resources or services

support . amazon . com .

mail . google . com .

mail is a subdomain
of google.com

DNS Zones and Records
Record Type Description

A Maps a domain name to an IP address (e.g. dctlabs.com to 52.23.21.43)

CNAME Maps a domain name to another domain name (e.g. mail.dctlabs.com to mailserver1.net)

MX Returns the mail servers for a domain name

TXT Associates text with a domain name (used for verification, authorization etc.)

SRV Maps a domain name to a specific service or protocol (e.g. a Kerberos server)

NS Specifies the authoritative DNS servers for a particular domain

SOA Start of Authority record stores important information about the domain

Amazon Route 53

Health Checks Traffic Flow

Domain Registration Hosted zone

.net example.com
.com dctlabs.com
.org
EC2 Instances

DNS Resolution with Route 53

Amazon Route 53
A hosted zone represents a set of
records belonging to a domain
What’s the address
for example.com? example.com
Region

VPC
Address is 8.1.2.1
Availability Zone
Public subnet

HTTP GET to 8.1.2.1 Web Server:

8.1.2.1

Route 53 Routing Policies

Routing Policy What it does

Simple Simple DNS response providing the IP address associated with a name
Failover If primary is down (based on health checks), routes to secondary destination
Geolocation Uses geographic location client is in (e.g. Europe) to route to the closest region
Geoproximity Routes to the closest region within a geographic area
Latency Directs based on the lowest latency route to resources
Multivalue answer Returns several IP addresses and functions as a basic load balancer
Weighted Uses the relative weights assigned to resources
IP Based Route based on the originating IP address of the traffic

Amazon CloudFront

Content Delivery Network (CDN)

Video is uploaded
to YouTube CDNs improve performance by
caching content closer to users

The video is copied

to edge locations
around the world
Viewers are connected to the
closest edge location

Amazon CloudFront
Content from the origins gets
CloudFront Distribution
cached around the world
S3 Origin

Edge location
Beach.jpg

doc.html
Users are directed to the
Regional
Edge Cache cached copy of content
Manual.pdf

CloudFront Distribution
Edge location
Custom Origin

Regional
CloudFront reduces latency
Edge Cache
and improves performance

Amazon CloudFront
• CloudFront utilizes the AWS Global Network for low latency,
high performance connectivity
• Delivers static and dynamic content and optimizes delivery
based on content type
• Supports live streaming and video on demand (VOD)
• Lambda@Edge enables processing data with Lambda
functions closer to users
Viewer request Origin request

Viewer response CloudFront Cache Origin response S3 Origin

Amazon CloudFront
• Uses HTTPS and integrates with AWS ACM for managing SSL/TLS
certificates
• Integrates with AWS Shield and AWS WAF for additional security
protection
• Content can also be protected with features including signed cookies,
signed URLs, and origin access identity (OAI)

Custom Origin
AWS WAF AWS Shield

ACL

Amazon CloudFront

AWS Certificate Manager

© Digital Cloud Training | https://digitalcloud.training
Create a Secure CloudFront
Distribution

Amazon CloudFront Distribution
We will create:
• An Amazon S3 bucket
• An AWS Certificate Manager SSL/TLS
certificate
DNS resolution
• An Amazon CloudFront distribution
• A Route 53 alias record pointing to the Amazon Route 53
distribution

S3 Bucket Amazon CloudFront Client

AWS Global Accelerator

AWS Global Accelerator
User traffic ingresses using
the closest Edge Location
Resolve dctlabs.com Addresses:
51.45.2.12
53.58.31.89 Static anycast
Answer:
Users in US Edge location Global Accelerator IP addresses
51.45.2.12 Amazon Route 53
53.58.31.89 Connect via Edge Location

Requests are Users are redirected

routed to the to another endpoint
optimal endpoint
AWS Global Network

us-east-1 Traffic traverses eu-west-1

the AWS global
network

AWS Global Accelerator
• Network Layer: Operates at the network layer (Layer 4 of
the OSI model)
• IP Address: Provides static IP addresses as a fixed entry
point to your applications
• Performance: Improves performance by leveraging the AWS
global network backbone, reducing internet latency and
jitter
• Health Checks: Performs health checks and automatically
reroutes traffic to healthy endpoints
• Application Protocols: Supports TCP and UDP traffic,
making it suitable for a wide range of applications, including
those requiring non-HTTP protocols
• Use Cases: Ideal for non-HTTP use cases such as gaming
(UDP traffic), IoT, VoIP, or for services where having a static
IP address is beneficial

SECTION 10

Containers and Serverless Computing

Docker Containers and
Microservices

Server Virtualization vs Containers
Every VM/instance needs an operating
system which uses significant resources

Website

Windows OS

Docker Engine

Hypervisor Windows OS

Server Server

Docker Containers

Containers start Containers are very

up very quickly resource efficient

A container includes all the code,

Each container is isolated
settings, and dependencies for
from other containers
running the application Docker Engine

Windows OS

Server

Docker Containers
• Docker utilizes containerization to package an application
and its dependencies into a single container image
• Docker provides Docker Hub, a cloud-based registry
service for sharing container images and automating
workflows
• Containers are lightweight because they share the host
system's kernel
• Docker is ideal for microservices architectures and
building cloud-native applications

Cloud-Native Applications
Microservices
Microservices architecture:
Applications are structured as a
collection of loosely coupled, Programmable, API-based: Inter-
independently deployable services, Authentication Cognito User Pool service communication through APIs
each running its own process

SQS Queue Order Processing

Shopping Cart

S3 Static Website REST API

Order Table
Containers and Functions: Code Customer Service REST API
runs in Docker containers and
Lambda functions for isolation, Notification Shipping
elasticity, and cost-efficiency
Payment Gateway REST API
Payment
Processor

Microservices: Attributes and Benefits

Microservices Attribute Microservices Benefit

Use of Application Programming Interfaces (APIs) Easier integrations between application components;
assists with loose coupling

Independently deployable blocks of code Can be scaled and maintained independently

Business-oriented architecture Development organized around business capabilities;

teams may be cross-functional and services may be reused

Flexible use of technologies Each microservice can be written using different

technologies (e.g. programming languages)

Speed and agility Fast to deploy and update. Easy to include high availability
and fault tolerance for each microservice

Amazon Elastic
Container Service (ECS)

Amazon ECS
ECS Services are used to maintain
a desired count of tasks
Amazon Elastic Container Service

Availability Zone Availability Zone An Amazon ECS Cluster is a logical

An ECS Task is created grouping of tasks or services
ECS Cluster
from a Task Definition
ECS Service
Task Definition
{
"containerDefinitions": [
Amazon Elastic Container
{
"name": "wordpress",
ECS Container ECS Container
Registry
"links": [
"mysql"
instance instance
],
"image": "wordpress",
"essential": true,
Registry
"portMappings": [
{
"containerPort": 80, Task Task Task Task
"hostPort": 80
}
], An ECS Task is a running
"memory": 500,

}
"cpu": 10 Docker container Docker images can be Image Image
stored in Amazon ECR

Amazon ECS Key Features
• Serverless with AWS Fargate – managed for you and fully
scalable
• Fully managed container orchestration – control plane is
managed for you
• Docker support – run and manage Docker containers
with integration into the Docker Compose CLI
• Windows container support – ECS supports management
of Windows containers
• Elastic Load Balancing integration – distribute traffic
across containers using ALB or NLB
• Amazon ECS Anywhere – enables the use of Amazon ECS
control plane to manage on-premises implementations

Amazon ECS Components

Elastic Container Service (ECS) Description

Cluster Logical grouping of tasks or services

Container instance EC2 instance running the the ECS agent

Task Definition Blueprint that describes how a docker container should

launch
Task A running container using settings in a task definition

Image A Docker image referenced in the task definition

Service Defines long running tasks – can control task count with
Auto Scaling and attach an ELB

Amazon ECS Images
• Containers are created from a read-only template called an
image which has the instructions for creating a Docker
container
• Images are built from a Dockerfile
• Only Docker containers are supported on ECS
Amazon Elastic
• Images are stored in a registry such as DockerHub or Amazon Container Registry
Elastic Container Registry (ECR) Registry
• ECR is a managed AWS Docker registry service that is secure,
scalable and reliable
• ECR supports private Docker repositories with resource-based Image Image
permissions using AWS IAM in order to access repositories and
images
• You can use the Docker CLI to push, pull and manage images

Amazon ECS Tasks and Task Definitions
• A task definition is required to run
Docker containers in Amazon ECS
• A task definition is a text file in JSON
format that describes one or more ECS Cluster
containers, up to a maximum of 10 Task Definition
{

• Task definitions use Docker images to "containerDefinitions": [

{
"name": "wordpress",
ECS Container
instance
launch containers ],
"links": [
"mysql"

"image": "wordpress",
"essential": true,
"portMappings": [
{
"containerPort": 80,
Task Task
"hostPort": 80
}
],
"memory": 500,
"cpu": 10
}

Launch Types – EC2 and Fargate
Registry: Registry:
ECR, Docker Hub, Self-hosted ECR, Docker Hub

ECS EC2 Cluster ECS Fargate Cluster

ECS Service ECS Service
ECS Container ECS Container
instance instance

Task Task Task Task Task Task Task Task

EC2 Launch Type: Fargate Launch Type:

• You explicitly provision EC2 instances • Fargate automatically provisions resources
• You’re responsible for managing EC2 instances • Fargate provisions and manages compute
• Charged per running EC2 instance • Charged for running tasks
• EFS, FSx, and EBS integration • EFS integration only
• You handle cluster optimization • Fargate handles cluster optimization
• More granular control over infrastructure • Limited control
© Digital Cloud Training | https://digitalcloud.training
ECS and IAM Roles
ECS EC2 Cluster
ECS Service
ECS Container instance The container instance IAM AmazonEC2ContainerServiceforEC2Role
role provides permissions to
the host
Instance IAM Role
Task

Task IAM Role

The ECS task IAM role provides

permissions to the container

NOTE: With the Fargate launch type the container

instance role is replaced with the Task Execution Role

Launch Docker Containers on
AWS Fargate

Serverless Services and
Event-Driven Architecture

Serverless Services
• With serverless there are no instances to manage
• You don’t need to provision hardware
• There is no management of operating systems or
software
• Capacity provisioning and patching is handled
automatically
• Provides automatic scaling and high availability
• Can be very cheap!

Serverless Services and Event-Driven Architecture

A notification is sent using

SNS and email

User uploads a
Serverless function
file through a
processes file SNS Topic
static website

Function processes the

message and stores
information in a database
S3 Static Website Lambda Function SQS Queue Lambda Function

Processed file is
stored in a bucket
S3 Bucket DynamoDB Table

AWS Lambda

Pricing is based on memory assigned and

Code is executed
the duration of function execution
Event is written to
Functions are invocated based on events CloudWatch Logs
and the code is then executed

Code can be uploaded

using zip or war formats

Lambda function Developer

AWS Lambda
• Languages – Lambda natively supports Java, Go,
PowerShell, Node.js, C#, Python, and Ruby code
• Execution Role (IAM Role) – this role grants the function
permissions to access AWS services and resources
• Monitoring and Logging – integrates with Amazon
CloudWatch
• Memory and Timeout – you can specify the amount of
memory allocated to a function and the maximum
execution time
• Note: The maximum execution time is 15 minutes

Lambda Function Invocation
• Lambda functions run in response to events from various AWS
services or direct invocation from the AWS SDKs or API
• Functions can be invoked synchronously or asynchronously:
• With synchronous invocation, applications wait for the function to
process the event and return a response
• With asynchronous invocation, Lambda queues the event for
processing and returns a response immediately
• Lambda scales horizontally by running multiple instances of a
function in parallel, up to the concurrency limit
Function is
Function invocation executed

Lambda

Connecting Lambda to an Amazon VPC
Must select the VPC, subnets,
and security group
Lambda functions are
Regional and do not have VPC
VPC access by default Availability Zone A NAT gateway is required
for internet connectivity
Private subnet Public subnet

ENI Instance NAT Gateway

Lambda Function

Availability Zone Internet

Lambda functions can be Private subnet Public subnet Gateway
connected to a VPC

ENI Instance

The function execution role must have

permissions create the ENIs
© Digital Cloud Training | https://digitalcloud.training
Create an AWS Lambda
Function

Application Integration Services

Event-Driven Architecture
Event routed to SNS for Order fulfillment notification
notification of order submission sent via SNS

EventBridge Amazon SNS

Lambda processes order and

updates DynamoDB table
User places order

eCommerce Website SQS Queue Lambda DynamoDB

Order information is placed in an SQS

queue awaiting fulfillment processing

Amazon Simple Queue Service (SQS)

Direct integration
Auto Scaling Group Auto Scaling Group

Web Tier App Tier

Decoupled integration
Auto Scaling Group EC2 instance Auto Scaling Group
polls SQS

SQS Queue

Web Tier App Tier

Amazon Simple Notification Service (SNS)
Subscribers
Transport
Protocols

This is another example Lambda

of decoupling

Amazon Simple Queue

Service
HTTP/HTTPS
Amazon Simple Topic
Publisher Notification Service Web Application
Email/Emai
l-JSON

Email
SMS

Text

Amazon EventBridge
Amazon EventBridge is a serverless event bus that connects
loosely coupled application components together

Event Sources Rules

AWS Services

Custom Apps

SaaS Apps EventBridge

event bus

Events
Targets

Application Integration Services Comparison

Service What it does Example use cases

Simple Queue Service Messaging queue; store and forward Building distributed / decoupled
patterns applications
Simple Notification Service Set up, operate, and send Send email notification when
notifications from the cloud CloudWatch alarm is triggered
Step Functions Coordination of AWS services with Order processing workflows
visual workflow
Amazon MQ Message broker service for Apache Need a message queue that supports
Active MQ and RabbitMQ industry standard APIs and protocols
Amazon EventBridge Serverless event bus for connecting Create event driven applications
applications and AWS services

Serverless Application with
REST API – Part 1

Serverless Application with REST API

Order submitted
through browser Record of order
added to table

API proxies request to

Lambda function
S3 Static Website REST API DynamoDB Table

Static website forwards

request to REST API Order information Function processes
placed in the queue message from queue

Lambda Function SQS Queue Lambda Function

Serverless Application with REST API

Record of order
added to table

DynamoDB Table
Submit a test event via
console and AWS CLI
Order information Function processes
placed in the queue message from queue

Lambda Function SQS Queue Lambda Function

Amazon API Gateway

REST API with Amazon API Gateway

Microservices
Single application
entry point Booking Service

REST API over HTTPS

Payment Service
Amazon API Gateway

Account Service

REST API with Amazon API Gateway
A resource represents a path in your API

Methods are created within resources and

represent client-facing interfaces by which the
client calls the API to access back-end resources

REST API with Amazon API Gateway

Notification

Support Email

S3 Website Amazon API Gateway Support Ticket

DynamoDB Table

Serverless Application with
REST API – Part 2

Serverless Application with REST API

Record of order
added to table

DynamoDB Table
Submit a test event via
console and AWS CLI
Order information Function processes
placed in the queue message from queue

Lambda Function SQS Queue Lambda Function

Serverless Application with REST API

Order submitted
through browser Record of order
added to table

API proxies request to

Lambda function
S3 Static Website REST API DynamoDB Table

Static website forwards

request to REST API Order information Function processes
placed in the queue message from queue

Lambda Function SQS Queue Lambda Function

Amazon EventBridge

Amazon EventBridge
Amazon EventBridge is a serverless event bus for
building event-driven applications

Event Sources Rules

AWS Services

Custom Apps

SaaS Apps EventBridge

event bus

Events
Targets
EventBridge ingests, filters, transforms, and delivers
events to build loosely-coupled applications

Amazon EventBridge
• Event Sources – supports events from AWS services,
SaaS applications, and custom applications
• Default and Custom Event Buses – Offers a default
bus for AWS events and supports creating custom
buses for personal or third-party app events
• Event Filtering and Routing – Events can be filtered
and routed to different targets based on content-
based filtering rules
• Scalability and Reliability – scales automatically with
the number of events, handling millions of events
per second

Amazon EventBridge with Amazon EC2

Event Source Rule

EC2 instance Send SNS
terminated event notification

Event Bus

Event Target

Amazon EventBridge with AWS CloudTrail

Event Source Rule

S3:PutBucketPolicy
Secure S3 bucket
API used

Event Bus

Event Target

Create Event Bus and Rule

SECTION 11

Machine Learning and AI

Using Generative AI as
a Learner

ChatGPT Overview
• ChatGPT is an AI language model developed by OpenAI that
can understand and generate human-like text
• It can converse, answer questions, and provide information
on a wide range of topics
• Plans:
• Free: access to GPT-3.5 model only
• Plus: $20/month with access to GPT-4 model (MUCH better)
• Team: $30/month, minimum 2 users, team data excluded from
training
• Can install plugins for a variety of functions
• Can create browse, create, and use GPTs (Plus/Team only)

Using AI as a Learning Tool

Benefits: Concerns:
• Immediate assistance with • Check when the model was
questions trained, facts could be out of
• Context aware so you can date
have a conversation • Sometimes it’s wrong and
• Extremely broad training sometimes it “hallucinates”
data

Prompt Engineering Tips
• Clarity and Specificity: The prompt should be clear and specific
about what is being asked or the kind of response that is desired
• Contextual Information: Including relevant context within the
prompt can significantly improve the quality of the response.
This might involve providing background information, setting the
scene, or explaining the purpose of the query
• Instructional Design: Sometimes, prompts are crafted to instruct
the AI in a specific way of responding. For example, ask the AI to
answer in the form of a list, a detailed explanation, a brief
summary, or even in a particular style or tone
• Iterative Refinement: Prompt engineering often involves an
iterative process, where prompts are continually refined based
on the responses they elicit

Code Generation
• Be Specific and Detailed: Clearly describe the functionality you want to
implement. Include specific details about the AWS services involved
• Define the Scope: Indicate the scope of the code you need. Do you want
a snippet, a function, a full script, or an entire application architecture?
• Mention the Programming Language and Tools: Specify the programming
language (e.g., Python, JavaScript, Java) and any specific libraries or SDKs
(like Boto3 for Python, AWS SDK for JavaScript)
• State AWS Services Clearly: Clearly mention which AWS services are
involved (e.g., Amazon S3, AWS Lambda, Amazon DynamoDB)
• Security and Best Practices: If you have specific security practices or best
practices you need to adhere to, include these in your prompt
• Error Handling and Logging: Indicate if you need error handling and
logging mechanisms in your code
• Testing and Validation: Always test and validate the generated code!

Use Cases for Learners
1. Use ChatGPT to get answers to questions
2. Use ChatGPT to come up with project ideas
3. Get ChatGPT to create the code and instructions

Creating Projects and Code
with ChatGPT

AWS Machine Learning
and AI Services

AWS Rekognition
Identify objects Perform facial analysis

Celebrity recognition

AWS Rekognition in Event-Driven Architecture
Rekognition analyzes
the image

Upload to S3 triggers a
Lambda function
AWS Lambda Amazon Rekognition Amazon DynamoDB
A Lambda function
User uploads image processes the results
and creates an item in
DynamoDB
S3 Bucket
Amazon SNS AWS Lambda

Rekognition publishes result

status to an SNS Topic

AWS Rekognition
• Add image and video analysis to your applications
• Identify objects, people, text, scenes, and activities
in images and videos
• Processes videos stored in an Amazon S3 bucket
• Publish completion status to Amazon SNS Topic

Amazon Transcribe
• Add speech to text capabilities to applications
• Recorded speech can be converted to text before it
can be used in applications
• Uses a deep learning process called automatic
speech recognition (ASR) to convert speech to text
quickly and accurately

Amazon Translate
• Neural machine translation service that delivers
fast, high-quality, and affordable language
translation
• Uses deep learning models to deliver more accurate
and more natural sounding translation
• Localize content such as websites and applications
for your diverse users

Amazon Comprehend
• Natural-language processing (NLP) service
• Uses machine learning to uncover information in
unstructured data
• Can identify critical elements in data, including
references to language, people, and places, and the
text files can be categorized by relevant topics
• In real time, you can automatically and accurately
detect customer sentiment in your content

Amazon Lex
• Conversational AI for Chatbots
• Build conversational interfaces into any application
using voice and text
• Build bots to increase contact center productivity,
automate simple tasks, and drive operational
efficiencies across the enterprise

Amazon DevOps Guru
• Cloud operations service for improving application
operational performance and availability
• Detect behaviors that deviate from normal
operating patterns
• Benefits:
• Automatically detect operational issues
• Resolve issues with ML-powered insights
• Elastically scale operational analytics
• Uses ML to reduce alarm noise

Amazon CodeGuru Security
• Detect, track, and fix code security vulnerabilities
anywhere in the development cycle using ML and
automated reasoning
• Integrates with IDEs and CI/CD tools
• Automated bug tracking
• Assisted remediation through suggested code fixes
• Offers performance optimization recommendations
• Detects anomalies in application profiles

Process and Analyze Images

Rekognition analyzes
the image

Upload to S3 triggers a
Lambda function
AWS Lambda Amazon Rekognition

User uploads image

S3 Bucket Amazon DynamoDB

The Lambda function receives the results

and creates an item in DynamoDB

SECTION 12

Get Certified on AWS

Get Certified on AWS
Why work in cloud Why get AWS certified?
computing? 1. Demonstrate skills to
1. Job demand employers
2. Globally relevant skills 2. Differentiate yourself
3. Rewarding career paths 3. Gain knowledge
4. Great salaries 4. Develop practical skills

AWS Certification

Professional Specialty

Associate

Foundational

https://aws.amazon.com/certification/exams/
© Digital Cloud Training | https://digitalcloud.training
Take Action Now!

Prepare for your next AWS Build hands-on cloud Get ready for your next
certification with video skills in a secure cloud job with real-
courses & practice exams sandbox environment world projects in a
virtual classroom

Vladyslav Ukis - Establishing SRE Foundations_ a Step-By-Step Guide to Introducing Site Reliability Engineering in Software Delivery Organizations-Addison-Wesley Professional (2022)
No ratings yet
Vladyslav Ukis - Establishing SRE Foundations_ a Step-By-Step Guide to Introducing Site Reliability Engineering in Software Delivery Organizations-Addison-Wesley Professional (2022)
557 pages
Azure Kubernetes Service Course Resource 3
No ratings yet
Azure Kubernetes Service Course Resource 3
245 pages
Introduction To Cloud Platform
No ratings yet
Introduction To Cloud Platform
10 pages
Cloud Computing: Concepts, Technologies and Business Implications
No ratings yet
Cloud Computing: Concepts, Technologies and Business Implications
37 pages
ICT Digital Notes Oct 2023_48561650_2025_01_05_11_20
No ratings yet
ICT Digital Notes Oct 2023_48561650_2025_01_05_11_20
109 pages
Mod 1
No ratings yet
Mod 1
117 pages
Week-2 - Lecture Notes
No ratings yet
Week-2 - Lecture Notes
100 pages
Mct702 All Units
No ratings yet
Mct702 All Units
747 pages
Exploring Cloud Security Services
No ratings yet
Exploring Cloud Security Services
3 pages
togaf-v91-m4-enterprise-continuum
No ratings yet
togaf-v91-m4-enterprise-continuum
21 pages
Understanding Distributed Systems What Every Developer Should Know About Large Distributed Applications
No ratings yet
Understanding Distributed Systems What Every Developer Should Know About Large Distributed Applications
226 pages
Cloud Practitioner Exam Prep Workshop - Connie Notes
No ratings yet
Cloud Practitioner Exam Prep Workshop - Connie Notes
134 pages
Cloud On Board - Core Infra v5
No ratings yet
Cloud On Board - Core Infra v5
241 pages
OS Full
No ratings yet
OS Full
264 pages
Identity-Based Microsegmentation For Kubernetes
No ratings yet
Identity-Based Microsegmentation For Kubernetes
3 pages
Information Technology 2
No ratings yet
Information Technology 2
147 pages
Cloud Computing Notes
No ratings yet
Cloud Computing Notes
266 pages
Lab9 - Understanding Managed Disks - Azure
No ratings yet
Lab9 - Understanding Managed Disks - Azure
33 pages
Namnesh Network+
No ratings yet
Namnesh Network+
262 pages
Enterprise Architecture With Sparx
100% (1)
Enterprise Architecture With Sparx
324 pages
Five Strategies To Accelerate Kubernetes Deployment in The Enterprise
No ratings yet
Five Strategies To Accelerate Kubernetes Deployment in The Enterprise
15 pages
VMware Best Practices Kubernetes Security
No ratings yet
VMware Best Practices Kubernetes Security
8 pages
Module1_DistributedSystemModels
No ratings yet
Module1_DistributedSystemModels
147 pages
Cloud Study Jams Organizer Guide For GDSC Leads (EXTERNAL)
No ratings yet
Cloud Study Jams Organizer Guide For GDSC Leads (EXTERNAL)
32 pages
PPT3-4-Industry 4-0 and IoT-R1
No ratings yet
PPT3-4-Industry 4-0 and IoT-R1
118 pages
LINUX UNIT IV (1)
No ratings yet
LINUX UNIT IV (1)
148 pages
Cissp 2022 Update Dom3 Handout
No ratings yet
Cissp 2022 Update Dom3 Handout
162 pages
Platform As A Service (PaaS) - PPT (Not Daily)
100% (1)
Platform As A Service (PaaS) - PPT (Not Daily)
4 pages
Dev Ops
No ratings yet
Dev Ops
28 pages
Introduction To Laravel: Presenter: Mohammad Adil
No ratings yet
Introduction To Laravel: Presenter: Mohammad Adil
105 pages
Module 1
No ratings yet
Module 1
111 pages
ICC Lecture 03b Cloud Service Models and Deployment Models 12102022 101309am
No ratings yet
ICC Lecture 03b Cloud Service Models and Deployment Models 12102022 101309am
57 pages
20409JumpStartDay2 FINAL
No ratings yet
20409JumpStartDay2 FINAL
126 pages
Module 1 - Lecture - 7CSE1
No ratings yet
Module 1 - Lecture - 7CSE1
124 pages
SAFe 4 Agilist Exam Study Guide (4.6)
No ratings yet
SAFe 4 Agilist Exam Study Guide (4.6)
14 pages
Information and Communications Technology Book 2
No ratings yet
Information and Communications Technology Book 2
106 pages
UNIT - 3 - OS Theory
No ratings yet
UNIT - 3 - OS Theory
158 pages
Javascript
No ratings yet
Javascript
158 pages
Red Is To Elastic Ache
100% (1)
Red Is To Elastic Ache
27 pages
Docker
No ratings yet
Docker
193 pages
Datawarehouse To Data Lakehouse
No ratings yet
Datawarehouse To Data Lakehouse
48 pages
Concepts _ Kubernetes
No ratings yet
Concepts _ Kubernetes
609 pages
togaf-v91-m5-architecture-repository
No ratings yet
togaf-v91-m5-architecture-repository
14 pages
02 AKS SF AzureStack
No ratings yet
02 AKS SF AzureStack
45 pages
Gale Presents Udemy Course List 5 - 24
No ratings yet
Gale Presents Udemy Course List 5 - 24
113 pages
Introduction To Computer Science
No ratings yet
Introduction To Computer Science
108 pages
AWS GitLab DevOps
No ratings yet
AWS GitLab DevOps
13 pages
Study Material DF
No ratings yet
Study Material DF
152 pages
104 Whizcard (2023) Final Version
No ratings yet
104 Whizcard (2023) Final Version
152 pages
DataScienceWithPython Ed2018
No ratings yet
DataScienceWithPython Ed2018
66 pages
Supercharging Hyper-V Performance: For The Time-Strapped Admin
No ratings yet
Supercharging Hyper-V Performance: For The Time-Strapped Admin
24 pages
Cloud Computing
No ratings yet
Cloud Computing
12 pages
Os Full Slides
No ratings yet
Os Full Slides
368 pages
GCP Fund Module 8 Big Data and Machine Learning in The Cloud Coursera
No ratings yet
GCP Fund Module 8 Big Data and Machine Learning in The Cloud Coursera
38 pages
Ops 10
100% (1)
Ops 10
106 pages
ME 157 Full Course
No ratings yet
ME 157 Full Course
203 pages
SIC_AI_Chapter 3. Exploratory Data Analysis_v2.1
No ratings yet
SIC_AI_Chapter 3. Exploratory Data Analysis_v2.1
520 pages
1695204731-Foundation Course Handbook
No ratings yet
1695204731-Foundation Course Handbook
445 pages
About Kubernetes and Security Practices - Short Edition: First Edition, #1
From Everand
About Kubernetes and Security Practices - Short Edition: First Edition, #1
Ami Adi
No ratings yet
1.cloud Computing Fundamentals & 2.CRM Concepts
No ratings yet
1.cloud Computing Fundamentals & 2.CRM Concepts
26 pages
Eurocontrol Chmi Installation Guide 16-0-4
No ratings yet
Eurocontrol Chmi Installation Guide 16-0-4
43 pages
Manual Traccar Client
No ratings yet
Manual Traccar Client
7 pages
DataStage Tricks & Tips
No ratings yet
DataStage Tricks & Tips
41 pages
Data Transfer Scheme
No ratings yet
Data Transfer Scheme
20 pages
3-6 PROTOCOLS-Internet Control Message Protocol
No ratings yet
3-6 PROTOCOLS-Internet Control Message Protocol
16 pages
Modified Partial Product Generator For Redundant Binary Multiplier With High Modularity and Carry-Free Addition
No ratings yet
Modified Partial Product Generator For Redundant Binary Multiplier With High Modularity and Carry-Free Addition
7 pages
Screen Os To SRX Acceleration Playbook
No ratings yet
Screen Os To SRX Acceleration Playbook
13 pages
MT6572 Android Scatter
No ratings yet
MT6572 Android Scatter
6 pages
Keyboard Shortcuts Cheatsheet
No ratings yet
Keyboard Shortcuts Cheatsheet
2 pages
It Quiz Study Guide
No ratings yet
It Quiz Study Guide
172 pages
Exam: 000-297 Title: Ibm Websphere MQ V5.3 Solution Development Ver
No ratings yet
Exam: 000-297 Title: Ibm Websphere MQ V5.3 Solution Development Ver
44 pages
FUJITSU Server PRIMERGY RX2530 M5 Rack Server: Data Sheet
No ratings yet
FUJITSU Server PRIMERGY RX2530 M5 Rack Server: Data Sheet
15 pages
Liste 1
No ratings yet
Liste 1
1 page
Dxdiag Lumion
No ratings yet
Dxdiag Lumion
32 pages
Micro
No ratings yet
Micro
265 pages
MPD
No ratings yet
MPD
485 pages
Comandos Juniper
No ratings yet
Comandos Juniper
6 pages
Policy Center Getting Started Guide v8.5
100% (1)
Policy Center Getting Started Guide v8.5
80 pages
Tim E. Thering: Summary of Work Experience
No ratings yet
Tim E. Thering: Summary of Work Experience
4 pages
Amlogic DNLA User Guide v0.1 PDF
No ratings yet
Amlogic DNLA User Guide v0.1 PDF
7 pages
TCP - IP Internetworking With 'Gawk'
No ratings yet
TCP - IP Internetworking With 'Gawk'
61 pages
Install_007 (1)
No ratings yet
Install_007 (1)
12 pages
WWW Ftsystems NL
No ratings yet
WWW Ftsystems NL
3 pages
3750 Stack Upgrade Best Practice
No ratings yet
3750 Stack Upgrade Best Practice
12 pages
current_log
No ratings yet
current_log
44 pages
Dell Wyse Device Manager 5.7 Administrator's Guide
No ratings yet
Dell Wyse Device Manager 5.7 Administrator's Guide
259 pages
Red Hat Enterprise Linux-7-High Availability Add-On Reference-en-US PDF
No ratings yet
Red Hat Enterprise Linux-7-High Availability Add-On Reference-en-US PDF
166 pages
lastCleanException 20211111184546
No ratings yet
lastCleanException 20211111184546
1 page
Input and Output Devices
No ratings yet
Input and Output Devices
1 page
WTM Synch-E
No ratings yet
WTM Synch-E
11 pages