<S2, L5>
AWS Global Infrastructure
- Compute (EC2, Lamba)
- Storage (S3)
- Databases (D.S., dynamo D.B, redshift)
- Migration & Transfer
- Network & Content Delivery (Route 53, VPC)
- Management & Governance
- Machine Learning
- Analytics
- Security, Identity & Compliance (Identity Access Management)
- Desktop & App Streaming
Exam Tips
Understand the difference between a region, an Availability Zone and Edge Location
1. Region
- A physical location, consist of two or more AZ
2. AZ
- one or more discrete data centers
3. Edge Location
- endpoints for AWS, used for caching content, consists of CloudFront, Amazon's Content Delivery Network (CDN)
<S3, L8>
Identity Access Management(IAM)
- allows you to manage users and their level of access to the AWS console
Features
1. Centralized control of your AWS account
2. Shared Access to your AWS account
3. Granular Permissions
4. Identity Federation
<S3, L9>
Exam Tips
1. IAM is universal
2. Root Account is simply the account created when first set up your AWS account, complete Admin access
3. New Users have NO permissions - (you are going to have to assign permissions using policies)
4. New Users are assigned Access Key ID & Secret Access Keys (optional)
5. These(4) are not the same as a password. You cannot use the Access Key ID & Secret Access Key to Login into the console
6. You only get to view these(4) once.
7. Setup Multifactor Authentication on your root account
8. Create and customize your own password rotation policies
<S3, L11>
Summary
IAM > Users, Groups, Roles, Policies
(Policies made by JSON)
<Quiz>
3. Power User Access allows *Access to all AWS services except for management of groups and users within IAM.
5. You are a solutions architect working for a large engineering company who are moving their existing legacy hardware to AWS. You have configured their first AWS account and you have set up IAM. Your company will be primarily based out of West Germany, however they will have a small subsidiary operating out of South Korea and you will need an AWS environment configured there as well. Which of the following statements is true;
*You will need to configure Users and Policy Documents only once, as these are applied globally
6. You have a client who is considering moving to AWS services and do not yet have an account. What is the first thing the company should do to set up an AWS Account?
*Set up an account using their company email address
Lecture from Udemy AWS Certified Solutions Architect - Associate 2018
'What I Learned > AWS' 카테고리의 다른 글
| [1D1H-AWS] 20190204 - S3 Cross Region Replication/ Lifecycle Management Lab/CloudFront (0) | 2019.02.05 |
|---|---|
| [1D1H-AWS] 20190202 - S3 Bucket/Version Control (0) | 2019.02.03 |
| 20190124 TIL - Connecting AWS EC2 Windows Instance (0) | 2019.01.25 |
| 20190117_TIL (0) | 2019.01.18 |
| 20190116_TIL (0) | 2019.01.17 |
