when encounters an error, it will rollback with ROLLBACK_IN_PROGRESS
너무 커서 S3를 통해서 import 해야함
At least one resource is required
Infrastructure as Code (IaC)
the process of managing and provisioning computer data centers automatically through machine-readable definition files(ex: json, YAML) rather than physical hardware (자기들이 원하는 규격을 코드로 관리), Resources(Mandatory) 에다가 원하는 서비스 적으면 됨
(7:26)
CloudWatch
A collection of monitoring services for logs, Dashboards, Alarms, and Metrics
Logs : CPU Utilization log data
Metrics : Represents a time-ordered set of data points. ex) CPU Utilization over time
Events : trigger an event based on a condition
Alarms : when a defined threshold
Dashboards : create visualizations based on metrics
collection of monitoring tools 임
cloudwatch Agent needs to be installed on EC2 host to track Memory Usage and Disk Size
Logs
By default, logs 사라지지 않고 무한히 저장됨
CloudTrail
is a service that enables governance, compliance, operational auditing, and risk auditing of your AWS account
identify which users and accounds made the call (where,when, who, what)
can be set to deliver events to a CloudWatch log.
who to blame
can be encrypted using KMS
Event history
logs for last 90 days via event history
90일 이상 더 사용하고싶으면, trail 생성
Amazon Anthena -> GUI
Management Events
Configuring security
ex) IAM AttachRolePolicy
Registering devices, set up logging
turned on by default
Data Events
Turned off by default
Lambda
Run code without provisioning or managing servers, and automatically start and stop when needed.
Serverless Functions and pay per invocation
serverless functions
더 시간이 오래걸리고 OS 환경을 커스터마이징 하기 위해선 Fargate 를 써라 Fargete > Lambda
Defaults and Limits
By Default, you can have 1000 lambda concurrently
'' , run in NO VPC.
By Limit, timeout maximum of 15mins
128~3008MB increment
Cold Starts
cause delays in the User Experience
During the time there will be a delay when the function will initially run which is called a Cold Start
(8:16)
SQS
Fully managed queing service that enables you to decouple and scale microservices systems and serverless applications
used to provide asynchronous(병렬적) Communication
Queueing : will delete messages once they are consumed. Not real-time have to pull ex) SQS
Streaming : can react to events. stream for long periods of time, so complex operations (Real time) ex: Kinesis, Kafka, Nats
Application Integration, is a solution for the distributed queuing of messages generated by your application.
Pull based
AWS SDK which publishes messages onto the queue
Limits
1byte ~ 256 KB
Amazon SQS extended Client Library for JAVA
let you send message 256kb ~ 2gb
Standard Queues
allow you a nearly unlimited number of transactions per second.
guarantees that a message will be delivered at least once
more than one copy of a message could be potentially delivered out of order.
message가 동일한 순서대로 전송되기를 노력함
FIFO Queues
FIFO queues support multiple ordered message groups within a single queue
limited to 300 transactions per second.
Visibility Timeout
동일한 업무를 다른누군가가 하는것을 막기 위해
job이 queue에서 보이지 않는 시간 = visibility timeout, 한 업무가 처리되면 삭제됨, 만약 한 업무가 visibility timeout 기간전에 처리되지 않는다면, 그 메세지는 다시 보여질것이다 다른 reader 에게
Timeout can be 0 seconds to a maximum of 12 hours
Short vs Long Polling
short polling(default) returns messages immediately, even if the message queue being polled is empty. (message 바로 받길 원할때 사용)
Long polling : can reduce the cost
SNS
(8:31)
messaging system, the messages do not send directly to reveivers, 대신에, evend bus 에 거쳐서 group 으로 categorize 하고 구독자한테 보내지는 형태임,
subscriber 는 pull 을 하지 않고 publisher가 push 한다 subscriber 에게
decouple microservices, distributed systems
( 8:32)
Publishers use the AWS API via AWS CLI or SDK
SNS Topics
allow you to group multiple subscriptions together
can encrypt topics via KMS
multiple protocol 사용 가능
SNS Subscriptions
E-mail(subscriber 형태)
protocol 선택 가능
place sns messages into SQS queue
AWS Lambda triggers a lambda function
Elasticache
(8:40)
Managed caching service either runs Redis or Memcached
caching engines : Memcached, Redis
In-memory caching service
Resources only within the same VPC may connect to Elasticache to ensure low latencies
코드 수정이 필요함
Caching
process of storing data in a cache. A cache is a temporary storage area. Caches are optimized for fast retrieval with the trade off that data is not durable
In-Memory Data Store
The trade off is high volatility(low durability, risk of data loss), but access to data is very fast
Memcached
HTML, simple key/value store. very simple and very fast
Redis
many different kids of operations, 빠르긴 한데 memcached 가 더 빠름
very good for leaderboards, keep track of unread notification data
High Availability
(8:43)
should run our instances in Multi-AZ, Elastic Load Balancer can route traffic to operational AZs.
should run instances in another region, we can route traffic to another Region via Route53
should use Auto Scaling Groups to increase the amount of instances to meet the demand of traffic
should use Auto Scaling Groups to ensure a minimum amount of instances are running and have ELB route traffic to healthy instances
should use CloudFront to cache static content for faster delivery in nearby regions. We can also run our instances in nearby regions and route traffic using a geolocation policy in Route53
Scale Up
사이즈 자체를 키우는것
simpler to manage
lower availablity (if a single instance fail service becomes unavailable)
Scale Out
동일한 규격 여러개 붙여
More Complexity to manage
Higher availablity (if 하나 망가져도 괜춘)
Elastic Beanstalk
인프라 걱정 없이 웹앱 관리
Elastic LoadBalancer
Autoscaling Groups
RDS DB, EC2, Docker
API Gateway
(9:04)
Fully managed service to create, publish, maintain, monitor, and secure APIs at any scale
안전한 API 생성
front door for applications to access data, logic, or back-end services
Key Features
handles concurrent API calls
highly scalable and cost effective
allows you to track and control any usage of the API
Expose HTTPS endpoints to define a RESTful API
Caching
(9:09)
enable to cache your endpoints response to API calls.
when enabled on a stage, API Gateway caches responses from your endpoint for a specified time-to-live(TTL) period.
API Gateway responds to requests by looking up the response from the cache.
Reduces the number of calls made to your endpoint.
Improves latency of the requests made to your API.
Cross Origin Resources Sharing(CORS)
akkiws restructed resouces on a webpage to be requested from a different domain than the initial resource
always enforces by the client.
if using javascript/AJAX then uses multiple domains with an API gateway
Same Origin Policy
is a concept in the application security model, where a web browser permits scripts contained in a first web page, to access data in a second webpage
are used to help prevent Cross-Site Scripting attacks
Kinesis
Scalable and durable real-time data streaming service
fully managed solution for collecting, processing, and analyzing streaming data
KPL(Kinesis Producer Library) is a java library to write data to a stream
Kinesis Data Streams
(9:15)
can be persist from 24 hours(default)to 168 hours
can have multiple consumers
Firehose Delivery Stream
(9:17)
Data immediately disappears once it's consumed
you choose one consumer from a predefined list
can convert incoming data to other to a few files formats
Video Streams
(9:19)
Ingest video and audio encoded data from various devices and or service.
Kinesis - Data Analytics
(9:20)
custom SQL of real-time analysis
Storage Gateway
connects an on-premises software appliance with cloud-based storage
scalable and cost effective storage
is available as a virtual machine image(VM)
Supports both VMware ESXi and Microsoft Hyper-V
connects on-premise storage to cloud storage(hybrid)
File Gateway (NFS)
(9:24)
Access your files through Network File System or SMB mount point
let S3 act a local file system using NFS, extends your local hard drive to S3
Volume Gateway (ISCSI)
(9:24:50)
Used for backups and has two types : Stored and Cached
VG presents your applications with disk volumes using the Internet Small Computer Systems Interface block protocol
asynchronously baked up as point-in-time snapshots and stored in the cloud as AWS EBS Snapshots
Snapshots are incremental backups that capture only changed blocks in the volume
All snapshot storage is also compressed to help minimize your storage charges
Stored Volumes Gateway
(9:25)
Primary data is stored locally(on-Premise), while asynchronously backing up that data to AWS
Any data written to stored volumes in stored on your on-premises storage hardware.
EBS snapshots are backed up to AWS S3
Stored Volumes can be between 1GB - 16TB in size
Cached Volumes Gateway
(9:27)
use S3 as your primary data storage, while retaining frequently accessed data locally in your storage gateway
Create storage volumes up to 32TB in size and attach them as iSCSI devices from your on-premises servers
Tape Gateway (VTL)
(9:28)
cost-effective solution to archive your data in the AWS Cloud
Store data on virtual tape cartridges that you create on your tape gateway
backups up virtual tapes to S3 Glacier for long archive storage