AWS Shared Security Model: https://d1.awsstatic.com/security-center/Shared_Responsibility_Model_V2.59d1eccec334b366627e9295b304202faf7b899b.jpg AWS is responsible for security of the cloud. This means AWS is required to protect and secure the infrastructure that runs all the services offered in the AWS Cloud. AWS is responsible for: The level of responsibility AWS has depends on the service. You’re responsible for security in the cloud.…
Series: AWS Cloud Solutions Architect
AWS IAM Policies & Roles
Policies are stored in AWS as JSON documents with several policy elements. When creating a policy, it is required to have each of the following elements inside a policy statement. Element Description Required Example Effect Specifies whether the statement results in an allow or an explicit deny ✔ “Effect”: “Deny” Action Describes the specific actions…
EC2 Pricing Options
One of the ways to reduce costs with Amazon EC2 is to choose the right pricing option for the way your applications run. There are three main purchasing options for EC2 instances: on-demand, reserved, and spot instances. On-Demand Instances (Pay As You Go) With On-Demand instances, billing begins whenever the instance is running, and billing…
AWS VPC Routing and Security
A Virtual Private Cloud (VPC) on AWS is an isolated network you create in the AWS cloud.When you create a VPC, you need to choose three main things. After you create your VPC, you need to create subnets inside of this network. Subnets are like virtual area networks (VLANs) in a traditional, on-premises network. In…
Storage Options on AWS
Storage Types on AWS AWS storage services are grouped into three different categories: block storage, file storage, and object storage. File Storage You place your files in a tree-like hierarchy that consists of folders and subfolders. Each file has metadata such as file name, file size, and the date the file was created. The file…
Monitoring with Amazon CloudWatch
What is CloudWatch? CloudWatch acts as one centralized place where metrics are gathered and analyzed from the different AWS services. Many AWS services send metrics automatically for free to CloudWatch at a rate of one data point per metric per 5-minute interval, without you needing to do anything to turn on that data collection. This…
Optimizing Solutions on AWS
The availability of a system is typically expressed as a percentage of uptime in a given year or as a number of nines. Below, you can see a list of the percentages of availability based on the downtime per year, as well as its notation in nines. Availability (%) Downtime (per year) 90% (“one nine”)…