AcademyCloudFoundations_Modules.pdf
Document Details
2022
Tags
Full Transcript
Course Introduction AWS Academy Cloud Foundations © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. Module overview Topics Activities...
Course Introduction AWS Academy Cloud Foundations © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. Module overview Topics Activities AWS Documentation scavenger hunt Course objectives and overview AWS certification exam information AWS Documentation © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. 2 Module objectives After completing this module, you should be able to: Recognize the purpose of the AWS Academy Cloud Foundations course Recognize the course structure Recognize the AWS certification process Navigate the AWS Documentation website © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. 3 Section 1: Course objectives and overview Course Introduction © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. Course prerequisites General Required Knowledge IT technical knowledge IT business knowledge Preferred Knowledge Familiarity with cloud computing concepts Working knowledge of distributed systems Familiarity with general networking concepts Working knowledge of multi-tier architectures © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. 5 Course objectives After completing this course, you should be able to: Define the AWS Cloud. Explain the AWS pricing philosophy. Identify the global infrastructure components of AWS. Describe security and compliance measures of the AWS Cloud including AWS Identity and Access Management (IAM). Create an AWS Virtual Private Cloud (Amazon VPC). Demonstrate when to use Amazon Elastic Compute Cloud (EC2), AWS Lambda and AWS Elastic Beanstalk. Differentiate between Amazon S3, Amazon EBS, Amazon EFS and Amazon S3 Glacier. Demonstrate when to use AWS Database services including Amazon Relational Database Service (RDS), Amazon DynamoDB, Amazon Redshift, and Amazon Aurora. Explain AWS Cloud architectural principles. Explore key concepts related to Elastic Load Balancing (ELB), Amazon CloudWatch, and Auto Scaling. © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. 6 Course outline Module 1: Cloud Concepts Overview Module 6: Compute Module 2: Cloud Economics and Billing Module 7: Storage Module 3: AWS Global Infrastructure Module 8: Databases Overview Module 9: Cloud Architecture Module 4: AWS Cloud Security Module 10: Automatic Scaling and Module 5: Networking and Content Monitoring Delivery © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. 7 Module 1: Cloud Concepts Overview Module sections: Introduction to cloud computing Advantages of cloud computing Introduction to Amazon Web Services (AWS) Moving to the AWS Cloud – The AWS Cloud Adoption Framework (AWS CAF) © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. 8 Module 2: Cloud Economics and Billing Module sections: Fundamentals of pricing Total Cost of Ownership AWS Organizations AWS Billing and Cost Management Technical support © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. 9 Module 3: AWS Global Infrastructure Overview Module sections: AWS Global Infrastructure AWS services and service category overview © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. 10 Module 4: AWS Cloud Security Module sections: AWS shared responsibility model AWS Identity and Access Management (IAM) Securing a new AWS account Securing accounts Securing data on AWS Working to ensure compliance © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. 11 Module 5: Networking and Content Delivery Module sections: Networking basics Amazon VPC VPC networking VPC security Amazon Route 53 Amazon CloudFront © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. 12 Module 6: Compute Module sections: Compute services overview Amazon EC2 Amazon EC2 cost optimization Container services Introduction to AWS Lambda Introduction to AWS Elastic Beanstalk © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. 13 Module 7: Storage Module sections: Amazon Elastic Block Store (Amazon EBS) Amazon Simple Storage Service (Amazon S3) Amazon Elastic File System (Amazon EFS) Amazon Simple Storage Service Glacier © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. 14 Module 8: Databases Module sections: Amazon Relational Database Service (Amazon RDS) Amazon DynamoDB Amazon Redshift Amazon Aurora © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. 15 Module 9: Cloud Architecture Module sections: AWS Well-Architected Framework Reliability and availability AWS Trusted Advisor © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. 16 Module 10: Automatic Scaling and Monitoring Module sections: Elastic Load Balancing Amazon CloudWatch Amazon EC2 Auto Scaling © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. 17 Section 2: AWS certification exam information Course Introduction © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. AWS certification exams This course helps prepare you for the AWS Cloud Practitioner certification exam © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. 19 AWS Certified Cloud Practitioner exam Details about the exam—including how to register for it—are at https://aws.amazon.com/certification/certified-cloud-practitioner/ Download and carefully read the AWS Certified Cloud Practitioner Exam Guide at https://d1.awsstatic.com/training-and-certification/Docs - Cloud Practitioner/AWS_Certified_Cloud_Practitioner-Exam_Guide_EN_v1.6.pdf Download the sample exam questions at https://d1.awsstatic.com/training-and-certification/Docs - Cloud Practitioner/AWS Certified Cloud Practioner_Sample Questions_v1.1_FINAL.PDF See the recommended path to attain the certification at https://aws.amazon.com/training/path- cloudpractitioner/ AWS Academy Cloud Foundations covers much of the same material found in the Cloud Practitioner Essentials course, but in greater depth. There is additional free digital training available at https://www.aws.training/. © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. 20 Section 3: AWS Documentation Course Introduction © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. AWS Documentation Find user guides, developer guides, API references, tutorials, and more at https://docs.aws.amazon.com/ Whitepapers are also available at https://aws.amazon.com/whitepapers/, including these which are recommended reading for the AWS Cloud Practitioner exam: Overview of Amazon Web Services: https://d0.awsstatic.com/whitepapers/aws-overview.pdf Architecting for the Cloud: AWS Best Practices: https://d1.awsstatic.com/whitepapers/AWS_Cloud_Best_Practices.pdf How AWS Pricing Works: https://d0.awsstatic.com/whitepapers/aws_pricing_overview.pdf The Total Cost of (Non) Ownership of Web Applications in the Cloud: https://media.amazonwebservices.com/AWS_TCO_Web_Applications.pdf © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. 22 Activity - AWS Navigate the AWS Documentation website Documentation Start from the main page at https://docs.aws.amazon.com Scavenger Hunt Five challenge questions for the class appear in the following slides © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. 23 AWS Documentation Question #1: What guides and references exist for the Amazon EC2 service? Scavenger Hunt – Question 1 © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. 24 AWS Documentation Question #1: What guides and references exist for the Amazon EC2 service? Scavenger Hunt – Question 1 Answer Answer https://docs.aws.amazon.com/ec2/?id=docs_gateway: User Guides for Linux and Windows API Reference AWS CLI Reference EC2 Instance Connect Reference User Guide for Auto Scaling VM Import/Export User Guide © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. 25 AWS Documentation Question #2: Can you find the documentation that describes how to create an Amazon S3 bucket? Scavenger Hunt – Question 2 © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. 26 AWS Documentation Question #2: Can you find the documentation that describes how to create an Amazon S3 bucket? Scavenger Hunt – Question 2 Answer Answer https://docs.aws.amazon.com/AmazonS3/latest/gsg/Cr eatingABucket.html: From https://docs.aws.amazon.com/ click S3 Click the Getting Started Guide Click Create a Bucket © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. 27 AWS Documentation Question #3: Can you find a one-sentence summary of the AWS Cloud9 service? Scavenger Hunt – Question 3 © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. 28 AWS Documentation Question #3: Can you find a one-sentence summary of the AWS Cloud9 service? Scavenger Hunt – Question 3 Answer Answer https://docs.aws.amazon.com/cloud9/?id=docs_gatewa y: AWS Cloud9 is a cloud-based integrated development environment (IDE) that you use to write, run, and debug code. © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. 29 AWS Documentation Question #4: Which programming languages does the AWS Lambda service API support? Scavenger Hunt – Question 4 © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. 30 AWS Documentation Question #4: Which programming languages does the AWS Lambda service API support? Scavenger Hunt – Question 4 Answer Answer https://docs.aws.amazon.com/lambda/latest/dg/gettin gstarted-tools.html: From the main AWS Documentation page, click the AWS Lambda link Click the API Reference link Click Getting Started > Tools to find a table that lists the following languages: Node.js, Java, C#, Python, Ruby, Go, and PowerShell © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. 31 AWS Documentation Question #5: Find the tutorial that describes how to run a serverless Hello World application, then scroll through Scavenger Hunt – the documented steps. What two AWS services does Question 5 the tutorial have you use? © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. 32 AWS Documentation Question #5: Find the tutorial that describes how to run a serverless Hello World application, then scroll through Scavenger Hunt – the documented steps. What two AWS services does Question 5 Answer the tutorial have you use? Answer https://aws.amazon.com/getting- started/tutorials/run-serverless-code/: From the main AWS Documentation page, click Tutorials and Projects In the Websites & Web Apps area, click the tutorial. The tutorial has you use AWS Lambda and Amazon CloudWatch. © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. 33 Module wrap-up Course Introduction © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. Module summary In summary, in this module, you learned how to: Recognize the purpose of the AWS Academy Cloud Foundations course Recognize the course structure Recognize the AWS certification process Navigate the AWS Documentation website © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. 35 Additional resources AWS Certification: https://aws.amazon.com/certification/ AWS Certified Cloud Practitioner: https://aws.amazon.com/certification/certified-cloud-practitioner/ AWS Documentation: https://docs.aws.amazon.com/ © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. 36 Thank you Corrections, feedback, or other questions? Contact us at https://support.aws.amazon.com/#/contacts/aws-academy. All trademarks are the property of their owners. © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. 37 Module 1: Cloud Concepts Overview AWS Academy Cloud Foundations © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. Module overview Topics Introduction to cloud computing Advantages of cloud computing Introduction to Amazon Web Services (AWS) AWS Cloud Adoption Framework (AWS CAF) Knowledge check © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. 2 Module objectives After completing this module, you should be able to: Define different types of cloud computing models Describe six advantages of cloud computing Recognize the main AWS service categories and core services Review the AWS Cloud Adoption Framework (AWS CAF) © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. 3 Section 1: Introduction to cloud computing Module 1: Cloud Concepts Overview © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. What is cloud computing? © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. 5 Cloud computing defined Cloud computing is the on-demand delivery of compute power, database, storage, applications, and other IT resources via the internet with pay-as-you-go pricing. © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. 6 Infrastructure as software Cloud computing enables you to stop thinking of your infrastructure as hardware, and instead think of (and use) it as software. © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. 7 Traditional computing model Infrastructure as hardware Hardware solutions: Require space, staff, physical security, planning, capital expenditure Have a long hardware procurement cycle Require you to provision capacity by guessing theoretical maximum peaks © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. 8 Cloud computing model Infrastructure as software Software solutions: Are flexible Can change more quickly, easily, and cost-effectively than hardware solutions Eliminate the undifferentiated heavy-lifting tasks © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. 9 Cloud service models IaaS PaaS SaaS (infrastructure as (platform as a (software as a a service) service) service) More control Less control over IT resources over IT resources © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. 10 Cloud computing deployment models Cloud Hybrid On-premises (private cloud) © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. 11 Similarities between AWS and traditional IT Traditional, on-premises IT space AWS Security Security groups Firewalls ACLs Administrators Network ACLs IAM Networking Router Network pipeline Switch Elastic Load Balancing Amazon VPC On-premises Compute servers Amazon EC2 AMI instances RDBM Storage and DAS SAN NAS S database Amazon Amazon Amazon Amazon EBS EFS S3 RDS © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. 12 Section 1 key Cloud computing is the on-demand delivery of IT resources via the internet with pay-as-you-go takeaways pricing. Cloud computing enables you to think of (and use) your infrastructure as software. There are three cloud service models: IaaS, PaaS, and SaaS. There are three cloud deployment models: cloud, hybrid, and on-premises or private cloud. Almost anything you can implement with traditional IT can also be implemented as an AWS cloud computing service. © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. 13 Section 2: Advantages of cloud computing Module 1: Cloud Concepts Overview © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. Trade capital expense for variable expense Capital Data center investment Pay only for the amount based on forecast you consume © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. 15 Massive economies of scale Because of aggregate usage from all customers, AWS can achieve higher economies of scale and pass savings on to customers. AWS Cloud Economies of scale Savings © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. 16 Stop guessing capacity Overestimated Underestimated Scaling on server capacity server capacity demand © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. 17 Increase speed and agility Launch Weeks between wanting Minutes between wanting resources and having resources resources and having resources © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. 18 Stop spending money on running and maintaining data centers Investment Running data centers Business and customers © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. 19 Go global in minutes © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. 20 Section 2 key Trade capital expense for variable expense takeaways Benefit from massive economies of scale Stop guessing capacity Increase speed and agility Stop spending money on running and maintaining data centers Go global in minutes © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. 21 Section 3: Introduction to Amazon Web Services (AWS) Module 1: Cloud Concepts Overview © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. What are web services? A web service is any piece of software that makes itself available over the internet and uses a standardized format—such as Extensible Markup Language (XML) or JavaScript Object Notation (JSON)—for the request and the response of an application programming interface (API) interaction. Request message Internet Response message Client Web service © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. 23 What is AWS? AWS is a secure cloud platform that offers a broad set of global cloud-based products. AWS provides you with on-demand access to compute, storage, network, database, and other IT resources and management tools. AWS offers flexibility. You pay only for the individual services you need, for as long as you use them. AWS services work together like building blocks. © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. 24 Categories of AWS services Analytics Application AR and VR Blockchain Business Compute Integration Applications Cost Customer Database Developer Tools End User Game Tech Management Engagement Computing Internet Machine Management and Media Services Migration and Mobile of Things Learning Governance Transfer Networking and Robotics Satellite Security, Identity, and Storage Content Delivery Compliance © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. 25 Simple solution example Networking Compute Database Storage AWS Cloud Virtual Private Cloud (VPC) Amazon DynamoDB Users Amazon S3 Amazon EC2 © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. 26 Choosing a service The service you select depends on your business goals and technology requirements. Amazon VMware Cloud EC2 AWS on AWS Lambda Amazon ECS ? AWS Elastic Beanstalk Amazon EKS Amazon AWS Fargate AWS Outposts Lightsail AWS Batch © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. 27 Services covered in this course Compute services – Storage services – Management and Amazon EC2 Amazon S3 Governance services – AWS Lambda Amazon S3 Glacier AWS Trusted Advisor AWS Elastic Beanstalk Amazon EFS AWS CloudWatch Amazon EC2 Auto Scaling Amazon EBS AWS CloudTrail Amazon ECS AWS Well-Architected Tool Amazon EKS Database services – AWS Auto Scaling Amazon ECR Amazon RDS AWS Command Line Interface AWS Fargate Amazon DynamoDB AWS Config Amazon Redshift AWS Management Console Amazon Aurora AWS Organizations Security, Identity, and Compliance services – Networking and Content AWS Cost Management AWS IAM Delivery services – services – Amazon Cognito Amazon VPC AWS Cost & Usage AWS Shield Amazon Route 53 Report AWS Artifact Amazon CloudFront AWS Budgets AWS KMS Elastic Load Balancing AWS Cost Explorer © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. 28 Three ways to interact with AWS AWS Management Console graphical interface Easy-to-use Command Line Interface (AWS CLI) Access to services by discrete commands or scripts Software Development Kits (SDKs) Access services directly from your code (such as Java, Python, and others) © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. 29 Section 3 key AWS is a secure cloud platform that offers a broad set of global cloud-based products called services takeaways that are designed to work together. There are many categories of AWS services, and each category has many services to choose from. Choose a service based on your business goals and technology requirements. There are three ways to interact with AWS services. © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. 30 Section 4: Moving to the AWS Cloud – The AWS Cloud Adoption Framework (AWS CAF) Module 1: Cloud Concepts Overview © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. AWS Cloud Adoption Framework (AWS CAF) AWS CAF provides guidance and best practices to help organizations build a comprehensive approach to cloud computing across the organization and throughout the IT lifecycle to accelerate successful cloud adoption. AWS CAF perspectives AWS CAF is organized into six perspectives. Perspectives consist of sets of capabilities. © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. 32 Six core perspectives Focus on business Focus on technical capabilities capabilities © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. 33 Business perspective We must ensure that IT is aligned with business needs, and that IT investments can be traced to demonstrable business results. IT finance IT strategy Benefits realization Business risk management Business managers, finance Business perspective capabilities managers, budget owners, and strategy stakeholders © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. 34 People perspective We must prioritize training, staffing, and organizational changes to build an agile Resource management organization. Incentive management Career management Training management Organizational change management Human resources, staffing, and people managers People perspective capabilities © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. 35 Governance perspective We must ensure that skills and processes align IT strategy and goals with business strategy and Portfolio management goals so the organization can maximize the business value of its IT investment and minimize business risks. Program and project management Business performance measurement License management Governance perspective capabilities CIO, program managers, enterprise architects, business analysts, and portfolio managers © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. 36 Platform perspective We must understand and communicate the nature of IT systems and their relationships. Compute provisioning We must be able to describe the architecture of the target state environment in detail. Network provisioning Storage provisioning Database provisioning Systems and solution architecture CTO, IT managers, and Application development solutions architects Platform perspective capabilities © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. 37 Security perspective We must ensure that the organization meets its security objectives. Identity and access management Detective control Infrastructure security Data protection CISO, IT security managers, Incident response and IT security analysts Security perspective capabilities © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. 38 Operations perspective We align with and support the operations of the Service monitoring business, and define how day-to-day, quarter- to-quarter, and year-to-year business will be Application performance monitoring conducted. Resource inventory management Release management/ change management Reporting and analytics Business continuity/ Disaster recovery IT operations managers and IT service catalog IT support managers Operations perspective capabilities © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. 39 Section 4 key Cloud adoption is not instantaneous for most organizations and requires a thoughtful, deliberate takeaways strategy and alignment across the whole organization. The AWS CAF was created to help organizations develop efficient and effective plans for their cloud adoption journey. The AWS CAF organizes guidance into six areas of focus, called perspectives. Perspectives consist of sets of business or technology capabilities that are the responsibility of key stakeholders. © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. 40 Module wrap-up Module 1: Cloud Concepts Overview © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. Module summary In summary, in this module you learned how to: Define different types of cloud computing models Describe six advantages of cloud computing Recognize the main AWS service categories and core services Review the AWS Cloud Adoption Framework © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. 42 Complete the knowledge check © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. 43 Sample exam question Why is AWS more economical than traditional data centers for applications with varying compute workloads? Choice Response A Amazon Elastic Compute Cloud (Amazon EC2) costs are billed on a monthly basis. B Customers retain full administrative access to their Amazon EC2 instances. C Amazon EC2 instances can be launched on-demand when needed. D Customers can permanently run enough instances to handle peak workloads. © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. 44 Sample exam question answer Why is AWS more economical than traditional data centers for applications with varying compute workloads? The correct answer is C. The keywords in the question are AWS is more economical than traditional data centers for applications with varying. © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. 45 Additional resources What is AWS? YouTube video: https://www.youtube.com/watch?v=mZ5H8sn_2ZI&feature=youtu.be Cloud computing with AWS website: https://aws.amazon.com/what-is-aws/ Overview of Amazon Web Services whitepaper: https://d1.awsstatic.com/whitepapers/aws-overview.pdf An Overview of the AWS Cloud Adoption Framework whitepaper: https://d1.awsstatic.com/whitepapers/aws_cloud_adoption_framework.pdf 6 Strategies for Migrating Applications to the Cloud AWS Cloud Enterprise Strategy blog post: https://aws.amazon.com/blogs/enterprise-strategy/6-strategies- for-migrating-applications-to-the-cloud/ © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. 46 Thank you Corrections, feedback, or other questions? Contact us at https://support.aws.amazon.com/#/contacts/aws-academy. All trademarks are the property of their owners. © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. 47 Module 2: Cloud Economics and Billing AWS Academy Cloud Foundations © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. Module overview Topics Activities Fundamentals of pricing AWS Pricing Calculator Total Cost of Ownership Support plans scavenger hunt AWS Organizations AWS Billing and Cost Management Technical Support Demo Overview of the Billing Dashboard Knowledge check © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. 2 Module objectives After completing this module, you should be able to: Explain the AWS pricing philosophy Recognize fundamental pricing characteristics Indicate the elements of total cost of ownership Discuss the results of the AWS Pricing Calculator Identify how to set up an organizational structure that simplifies billing and account visibility to review cost data. Identify the functionality in the AWS Billing Dashboard Describe how to use AWS Bills, AWS Cost Explorer, AWS Budgets, and AWS Cost and Usage Reports Identify the various AWS technical support plans and features © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. 3 Section 1: Fundamentals of pricing Module 2: Cloud Economics and Billing © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. AWS pricing model Three fundamental drivers of cost with AWS Compute Storage Data transfer Charged per hour/second* Charged typically per GB Outbound is aggregated and charged Varies by instance type Inbound has no charge (with some exceptions) *Linux only Charged typically per GB © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. 5 How do you pay for AWS? Pay for what you use Pay less when you reserve Pay less when you use more and as AWS grows © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. 6 Pay for what you use Pay only for the services that you consume, with no large upfront expenses. On premises AWS © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. 7 Pay less when you reserve Invest in Reserved Instances (RIs): Save up to 75 percent Options: EC2 All Upfront Reserved instance Instance (AURI) → largest discount Partial Upfront Reserved Instance (PURI) → lower On NURI PURI AURI discounts Demand No Upfront Payments Reserved Instance (NURI) → smaller discount © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. 8 Pay less by using more Realize volume-based discounts: Savings as usage increases. Tiered pricing for services like Amazon Simple Storage Service (Amazon S3), Amazon Elastic Block Store (Amazon EBS), or Amazon Elastic File System (Amazon EFS) → the more you use, the less you pay per GB. Multiple storage services deliver lower storage costs based on needs. © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. 9 Pay even less as AWS grows As AWS grows: AWS focuses on lowering cost of doing business. This practice results in AWS passing savings from economies of scale to you. Since 2006, AWS has lowered pricing 75 times (as of September 2019). Future higher-performing resources replace current resources for no extra charge. © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. 10 Custom pricing Meet varying needs through custom pricing. Available for high-volume projects with unique requirements. © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. 11 AWS Free Tier Enables you to gain free hands-on experience with the AWS platform, products, and services. Free for 1 year for new customers. Sign up for an Learn with 10- Start building AWS account minute tutorials with AWS © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. 12 Services with no charge Amazon VPC Elastic Beanstalk** Auto Scaling** AWS CloudFormation** AWS Identity and Access **Note: There might be Management (IAM) charges associated with other AWS services that are used with these services. © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. 13 Key takeaways There is no charge (with some exceptions) for: Inbound data transfer. Data transfer between services within the same AWS Region. Pay for what you use. Start and stop anytime. No long-term contracts are required. Some services are free, but the other AWS services that they provision might not be free. © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. 14 Section 2: Total Cost of Ownership Module 2: Cloud Economics and Billing © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. On-premises versus cloud Traditional Infrastructure AWS Cloud Equipment Resources and administration ≠ No upfront expense—pay for what you use Improve time to market and agility Scale up Self-service Contracts Cost and down infrastructure © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. 16 What is Total Cost of Ownership (TCO)? Total Cost of Ownership (TCO) is the financial estimate to help identify direct and indirect costs of a system. Why use TCO? To compare the costs of running an entire infrastructure environment or specific workload on-premises versus on AWS To budget and build the business case for moving to the cloud © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. 17 TCO considerations Hardware: Server, rack chassis Facilities cost Software: Operating system power distribution units (PDUs), 1 Server Costs top-of-rack (TOR) switches (and (OS), virtualization licenses (and maintenance) Space Power Cooling maintenance) Hardware: Storage disks, storage Facilities cost 2 Storage Costs area network (SAN) or Fibre Storage administration costs Channel (FC) switches Space Power Cooling Network hardware: Local area Facilities cost 3 Network Costs network (LAN) switches, load Network administration costs balancer bandwidth costs Space Power Cooling 4 IT Labor Costs Server administration costs © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. 18 On-premises versus all-in-cloud You could save up to 96 percent a year by moving your infrastructure to AWS. Your 3-year total savings would be $159,913. Server Storage Network IT-Labor Total 400000 350000 300000 250000 200000 150000 100000 50000 AWS cost includes business-level support and 0 a 3-year PURI EC2 instance On-Premises AWS © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. 19 AWS Pricing Calculator Use the AWS Pricing Calculator to: Estimate monthly costs Identify opportunities to reduce monthly costs Model your solutions before building them Explore price points and calculations behind your estimate Find the available instance types and contract terms that meet your needs Name your estimate and create and name Access the AWS Pricing Calculator groups of services © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. 20 Reading an estimate Your estimate is broken into: first 12 months total, total upfront, and total monthly. First 12 months total Total upfront Total monthly © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. 21 Activity: AWS Pricing Calculator activity Break up into groups of four or five and use the AWS Pricing Calculator and specifications provided to develop a cost estimate. Be prepared to report your findings back to the class. AWS Pricing calculator website © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. 22 Additional benefit considerations Hard benefits Soft Benefits Reduced spending on compute, Reuse of service and applications that storage, networking, security enable you to define (and redefine solutions) by using the same cloud Reductions in hardware and software service purchases (capex) Increased developer productivity Reductions in operational costs, Improved customer satisfaction backup, and disaster recovery Agile business processes that can Reduction in operations personnel quickly respond to new and emerging opportunities Increase in global reach © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. 23 Case study: Total Cost Of Ownership (1 of 6) Background: Growing global company with over 200 locations 500 million customers, $3 billion annual revenue © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. 24 Case study: Total Cost of Ownership (2 of 6) Background: Growing global company with over 200 locations 500 million customers, $3 billion annual revenue Challenge: Meet demand to rapidly deploy new solutions Constantly upgrade aging equipment © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. 25 Case study: Total Cost of Ownership (3 of 6) Background: Growing global company with over 200 locations 500 million customers, $3 billion annual revenue Challenge: Meet demand to rapidly deploy new solutions Constantly upgrade aging equipment Criteria: Broad solution to handle all workloads Ability to modify processes to improve efficiency and lower costs Eliminate busy work (such as patching software) Achieve a positive return on investment (ROI) © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. 26 Case study: Total Cost of Ownership (4 of 6) Background: Is a growing global company with over 200 locations Have 500 million customers, $3 billion (USD) annual revenue Challenge: Meet demand to rapidly deploy new solutions Constantly upgrade aging equipment Criteria: Have a broad solution to handle all workloads Be able to modify processes to improve efficiency and lower costs Eliminate busy work (such as patching software) Achieve a positive return on investment (ROI) Solution: Moved their on-premises data center to AWS Eliminated 205 servers (90 percent) Moved nearly all applications to AWS Used 3-year Amazon EC2 Reserved Instances © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. 27 Case study: Total Cost of Ownership (5 of 6) © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. 28 Case study: Total Cost of Ownership (6 of 6) Business Goals: Growth Enhanced 24/7 business Results: Operational efficiency Resource Speed to market Operational optimization One day to provision new efficiency businesses Robust security Continuous cost compliance Just minutes to push out a optimization and service reduction Enhanced disaster recovery Increased computing capacity © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. 29 Section 3: AWS Organizations Module 2: Cloud Economics and Billing © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. Introduction to AWS Organizations AWS Organizations © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. 31 AWS Organizations terminology *Organizational Units (OUs) © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. 32 Key features and benefits Policy-based account management Group based account management Application programming interfaces (APIs) AWS Organizations that automate account management Consolidated billing © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. 33 Security with AWS Organizations Service control policies Control access with IAM policies enable you (SCPs) enable you to AWS Identity and to allow or deny access allow or deny access to Access Management to AWS services for AWS services for (IAM). users, groups, and roles. individuals or group accounts in an organizational unit (OU). © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. 34 Organizations setup Step 1 Step 2 Step 3 Step 4 Create Create Create Test Organization organizational service restrictions units control policies © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. 35 Limits of AWS Organizations © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. 36 Accessing AWS Organizations AWS Management Console AWS Command Line Interface (AWS CLI) tools Software development kits AWS (SDKs) Organizations HTTPS Query application programming interfaces (API) © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. 37 Section 4: AWS Billing and Cost Management Module 2: Cloud Economics and Billing © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. Introducing AWS Billing and Cost Management © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. 39 AWS Billing Dashboard © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. 40 Tools AWS Budgets AWS Cost and Usage Report AWS Cost Explorer © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. 41 Monthly bills © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. 42 Cost Explorer © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. 43 Forecast and track costs © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. 44 Cost and usage reporting © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. 45 Recorded demo: Amazon Billing dashboard Amazon Billing dashboard demo © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. 46 Billing dashboard demonstration © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. 47 Section 5: Technical support Module 2: Cloud Economics and Billing © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. AWS support (1 of 2) Provide unique combination of tools and expertise: AWS Support AWS Support Plans Support is provided for: Experimenting with AWS Production use of AWS Business-critical use of AWS © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. 49 AWS support (2 of 2) Proactive guidance : Technical Account Manager (TAM) Best practices : AWS Trusted Advisor Account assistance : AWS Support Concierge © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. 50 Support plans AWS Support offers four support plans: Basic Support – Resource Center access, Service Health Dashboard, product FAQs, discussion forums, and support for health checks Developer Support: Support for early development on AWS Business Support: Customers that run production workloads Enterprise Support: Customers that run business and mission-critical workloads © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. 51 Case severity and response times © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. 52 Activity: Support plan scavenger hunt Break up into groups of four or five and develop a recommendation for the best support plan for one of the business cases that are provided. Be prepared to report your findings back to the class. © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. 53 Module wrap-up Module 2: Cloud Economics and Billing © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. Module summary Explored the fundamental of AWS pricing Reviewed TCO concepts Reviewed an AWS Pricing Calculator estimate Reviewed the Billing dashboard Reviewed Technical Support options and costs © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. 55 Complete the knowledge check © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. 56 Sample exam question Which AWS service provides infrastructure security optimization recommendations? Choice Response A AWS Price List Application Programming Interface (API) B Reserved Instances C AWS Trusted Advisor D Amazon Elastic Compute Cloud (Amazon EC2) Spot Fleet © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. 57 Sample exam question answer Which AWS service provides infrastructure security optimization recommendations? The correct answer is C. The keyword in the question is “recommendations”. © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. 58 Additional resources AWS Economics Center: http://aws.amazon.com/economics/ AWS Pricing Calculator: https://calculator.aws/#/ Case studies and research: http://aws.amazon.com/economics/ Additional pricing exercises: https://dx1572sre29wk.cloudfront.net/cost/ © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. 59 Thank you Corrections, feedback, or other questions? Contact us at https://support.aws.amazon.com/#/contacts/aws-academy. All trademarks are the property of their owners. © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. 60 Module 3: AWS Global Infrastructure Overview AWS Academy Cloud Foundations © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. Module overview Topics Activities AWS Management Console clickthrough AWS Global Infrastructure AWS service and service category overview Knowledge check Demo AWS Global Infrastructure © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. 2 Module objectives After completing this module, you should be able to: Identify the difference between AWS Regions, Availability Zones, and edge locations Identify AWS service and service categories © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. 3 Section 1: AWS Global Infrastructure Module 3: AWS Global Infrastructure Overview © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. AWS Global Infrastructure The AWS Global Infrastructure is designed and built to deliver a flexible, reliable, scalable, and secure cloud computing environment with high-quality global network performance. AWS continually updates its global infrastructure footprint. Visit one of the following web pages for current infrastructure information: AWS Global Infrastructure Map: https://aws.amazon.com/about-aws/global- infrastructure/#AWS_Global_Infrastructure_Map Choose a circle on the map to view summary information about the Region represented by the circle. Regions and Availability Zones: https://aws.amazon.com/about-aws/global- infrastructure/regions_az/ Choose a tab to view a map of the selected geography and a list of Regions, Edge locations, Local zones, and Regional Caches. © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. 5 Educator-Led Demo: AWS Global Infrastructure Details © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. 6 AWS Regions An AWS Region is a geographical area. Data replication across Regions is controlled by you. Communication between Regions uses AWS backbone network infrastructure. Each Region provides full redundancy and connectivity to the network. A Region typically consists of two or more Availability Zones. Example: London Region © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. 7 Selecting a Region Data governance, legal requirements Proximity to customers (latency) Determine the right Region for your services, applications, and Services available within the Region data based on these factors Costs (vary by Region) © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. 8 Availability Zones Each Region has multiple Availability Zones. AWS Cloud Each Availability Zone is a fully isolated partition of Region eu-west-1 the AWS infrastructure. Availability Zone eu-west-1a Availability Zones consist of discrete data centers Data center They are designed for fault isolation Data center They are interconnected with other Availability Zones by using high-speed private networking Data center You choose your Availability Zones. Availability Zone eu-west-1b AWS recommends replicating data and resources across Availability Zones for resiliency. Availability Zone eu-west-1c © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. 9 AWS data centers AWS data centers are designed for security. Data centers are where the data resides and data processing occurs. Each data center has redundant power, networking, and connectivity, and is housed in a separate facility. A data center typically has 50,000 to 80,000 physical servers. © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. 10 Points of Presence AWS provides a global network of Points of Presence locations Consists of edge locations and a much smaller number of Regional edge caches Used with Amazon CloudFront A global Content Delivery Network (CDN), that delivers content to end users with reduced latency Regional edge caches used for content with infrequent access. © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. 11 AWS infrastructure features Elasticity and scalability Physically distinct Backup Elastic infrastructure; dynamic adaption of capacity generators Scalable infrastructure; adapts to accommodate growth Data center Data center Data center Data center Fault-tolerance Data center Data center Data center Data center Availability Zone Availability Zone Continues operating properly in the presence of a failure Built-in redundancy of components Data center Data center Network connectivity High availability Data center Data center Availability Zone High level of operational performance Minimized downtime Uninterruptible Cooling power supply AWS Region equipment No human intervention © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. 12 Key takeaways The AWS Global Infrastructure consists of Regions and Availability Zones. Your choice of a Region is typically based on compliance requirements or to reduce latency. Each Availability Zone is physically separate from other Availability Zones and has redundant power, networking, and connectivity. Edge locations, and Regional edge caches improve performance by caching content closer to users. © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. 13 Section 2: AWS services and service category overview Module 3: AWS Global Infrastructure Overview © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. AWS foundational services Applications Virtual desktops Collaboration and sharing Databases Analytics Application Deployment and Mobile Cluster services management Services computing Queuing Containers Identity Relational Platform Real-time Orchestration DevOps tools Sync Services App Streaming NoSQL Data Resource templates Mobile warehouse Transcoding Usage tracking Analytics Caching Data Email Monitoring and logs Notifications workflows Search Compute (virtual, Foundation Networking Storage (object, automatic scaling, and Services block, and archive) load balancing) Infrastructure Regions Availability Zones Edge locations © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. 15 AWS categories of services Analytics Application AR and VR Blockchain Business Compute Integration Applications Cost Customer Database Developer Tools End User Game Tech Management Engagement Computing Internet Machine Management and Media Services Migration and Mobile of Things Learning Governance Transfer Networking and Robotics Satellite Security, Identity, and Storage Content Delivery Compliance © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. 16 Storage service category AWS storage services Amazon Simple Storage Amazon Elastic Block Amazon Elastic Service (Amazon S3) Store (Amazon EBS) File System Photo from https://www.pexels.com/photo/black-and-grey-device-159282/ (Amazon EFS) Amazon Simple Storage Service Glacier © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. 17 Compute service category AWS Compute services Amazon EC2 Amazon EC2 Amazon Elastic Amazon EC2 Auto Scaling Container Service Container Registry Photo from https://www.pexels.com/photo/technology-computer-lines-board-50711/ (Amazon ECS) AWS Elastic AWS Lambda Amazon Elastic AWS Fargate Beanstalk Kubernetes Service (Amazon EKS) © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. 18 Database service category AWS Database services Amazon Relational Amazon Aurora Amazon Redshift Database Service Amazon DynamoDB Photo from https://aws.amazon.com/compliance/data-center/data-centers/ © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. 19 Networking and content delivery service category AWS networking and content delivery services Amazon VPC Elastic Load Amazon AWS Transit Balancing CloudFront Gateway Amazon AWS Direct AWS VPN Route 53 Connect Photo by Umberto on Unsplash © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. 20 Security, identity, and compliance service category AWS security, identity, and compliance services AWS Identity and Access AWS Amazon Cognito Management (IAM) Organizations Photo by Paweł Czerwiński on Unsplash AWS Artifact AWS Key AWS Shield Management Service © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. 21 AWS cost management service category AWS cost management services AWS Cost and AWS Budgets AWS Cost Photo by Alexander Mils on Unsplash Usage Report Explorer © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. 22 Management and governance service category AWS management and governance services AWS Management AWS Config Amazon AWS Auto Console CloudWatch Scaling Photo by Marta Branco from Pexels AWS Command AWS Trusted AWS Well- AWS Line Interface Advisor Architected Tool CloudTrail © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. 23 Activity: AWS Management Console clickthrough Photo by Pixabay from Pexels. © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. 24 Hands-on activity: AWS Management Console clickthrough 1. Launch the Sandbox hands-on environment and connect to the AWS Management Console. 2. Explore the AWS Management Console. A. Click the Services menu. B. Notice how services are grouped into service categories. For example, the EC2 service appears in the Compute service category. Question #1: Under which service category does the IAM service appear? Question #2: Under which service category does the Amazon VPC service appear? C. Click the Amazon VPC service. Notice that the dropdown menu in the top-right corner displays an AWS Region (for example, it might display N. Virginia). D. Click the Region menu and switch to a different Region. For example, choose EU (London). E. Click Subnets (on the left side of the screen). The Region has three subnets in it. Click the box next to one of the subnets. Notice that the bottom half of the screen now displays details about this subnet. Question #3: Does the subnet you selected exist at the level of the Region or at the level of the Availability Zone? F. Click Your VPCs. An existing VPC is already selected. Question #4: Does the VPC exist at the level of the Region or the level of the Availability Zone? Question #5: Which services are global instead of Regional? Check Amazon EC2, IAM, Lambda, and Route 53. © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. 25 Activity answer key Question #1: Under which service category does the IAM service appear? Answer: Security, Identity, & Compliance. Question #2: Under which service category does the Amazon VPC service appear? Answer: Networking & Content Delivery Question #3: Does the subnet that you selected exist at the level of the Region or the level of the Availability Zone? Answer: Subnets exist at the level of the Availability Zone. Question #4: Does the VPC exist at the level of the Region or the level of the Availability Zone? Answer: VPCs exist at the Region level. Question #5: Which of the following services are global instead of Regional? Check Amazon EC2, IAM, Lambda, and Route 53. Answer: IAM and Route 53 are global. Amazon EC2 and Lambda are Regional. © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. 26 Module wrap-up Module 3: AWS Global Infrastructure Overview © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. Module summary In summary, in this module you learned how to: Identify the difference between AWS Regions, Availability Zones, and edge locations Identify AWS service and service categories © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. 28 Complete the knowledge check © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. 29 Sample exam question Which component of AWS global infrastructure does Amazon CloudFront use to ensure low-latency delivery? Choice Response A AWS Regions B AWS edge locations C AWS Availability Zones D Amazon Virtual Private Cloud (Amazon VPC) © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. 30 Sample exam question answer Which component of AWS global infrastructure does Amazon CloudFront use to ensure low-latency delivery? The correct answer is B. The keywords in the question are component of AWS global infrastructure, CloudFront, low-latency. © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. 31 Additional resources AWS Global Infrastructure: https://aws.amazon.com/about-aws/global- infrastructure/ AWS Regional Services List: https://aws.amazon.com/about-aws/global- infrastructure/regional-product-services/ AWS Cloud Products: https://aws.amazon.com/products/ © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. 32 Thank you All trademarks are the property of their owners. © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. 33 Module 4: AWS Cloud Security AWS Academy Cloud Foundations © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. Module overview Topics Activities AWS shared responsibility model AWS shared responsibility model activity AWS Identity and Access Management (IAM) Securing a new AWS account Demo Securing accounts Recorded demonstration of IAM Securing data on AWS Working to ensure compliance Lab Introduction to AWS IAM Knowledge check © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. 2 Module objectives After completing this module, you should be able to: Recognize the shared responsibility model Identify the responsibility of the customer and AWS Recognize IAM users, groups, and roles Describe different types of security credentials in IAM Identify the steps to securing a new AWS account Explore IAM users and groups Recognize how to secure AWS data Recognize AWS compliance programs © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. 3 Section 1: AWS shared responsibility model Module 4: AWS Cloud Security © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. AWS shared responsibility model © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. 5 AWS responsibility: Security of the cloud AWS responsibilities: Physical security of data centers AWS services Controlled, need-based access Hardware and software infrastructure Compute Storage Database Networking Storage decommissioning, host operating system (OS) access logging, and auditing AWS Global Regions Infrastructure Availability Zones Network infrastructure Edge locations Intrusion detection Virtualization infrastructure Instance isolation © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. 6 Customer responsibility: Security in the cloud Customer responsibilities: Amazon Elastic Compute Cloud (Amazon EC2) instance operating system Customer data Including patching, maintenance Applications, IAM