CloudFormation

• when encounters an error, it will rollback with ROLLBACK_IN_PROGRESS
• 너무 커서 S3를 통해서 import 해야함
• At least one resource is required

Infrastructure as Code (IaC)

• the process of managing and provisioning computer data centers automatically through machine-readable definition files(ex: json, YAML) rather than physical hardware (자기들이 원하는 규격을 코드로 관리), Resources(Mandatory) 에다가 원하는 서비스 적으면 됨
  (7:26)

CloudWatch

• A collection of monitoring services for logs, Dashboards, Alarms, and Metrics
• Logs : CPU Utilization log data
• Metrics : Represents a time-ordered set of data points. ex) CPU Utilization over time
• Events : trigger an event based on a condition
• Alarms : when a defined threshold
• Dashboards : create visualizations based on metrics
• collection of monitoring tools 임
• cloudwatch Agent needs to be installed on EC2 host to track Memory Usage and Disk Size

Logs

• By default, logs 사라지지 않고 무한히 저장됨

CloudTrail

• is a service that enables governance, compliance, operational auditing, and risk auditing of your AWS account
• identify which users and accounds made the call (where,when, who, what)
• can be set to deliver events to a CloudWatch log.
• who to blame
• can be encrypted using KMS

Event history

• logs for last 90 days via event history
• 90일 이상 더 사용하고싶으면, trail 생성
• Amazon Anthena -> GUI

Management Events

• Configuring security
  ex) IAM AttachRolePolicy
• Registering devices, set up logging
• turned on by default

Data Events

• Turned off by default

Lambda

• Run code without provisioning or managing servers, and automatically start and stop when needed.
• Serverless Functions and pay per invocation
• serverless functions
• 더 시간이 오래걸리고 OS 환경을 커스터마이징 하기 위해선 Fargate 를 써라 Fargete > Lambda

Defaults and Limits

• By Default, you can have 1000 lambda concurrently
• '' , run in NO VPC.
• By Limit, timeout maximum of 15mins
• 128~3008MB increment

Cold Starts

• cause delays in the User Experience
• During the time there will be a delay when the function will initially run which is called a Cold Start
  (8:16)

SQS

• Fully managed queing service that enables you to decouple and scale microservices systems and serverless applications
• used to provide asynchronous(병렬적) Communication
• Queueing : will delete messages once they are consumed. Not real-time have to pull ex) SQS
• Streaming : can react to events. stream for long periods of time, so complex operations (Real time) ex: Kinesis, Kafka, Nats
• Application Integration, is a solution for the distributed queuing of messages generated by your application.
• Pull based
• AWS SDK which publishes messages onto the queue

Limits

• 1byte ~ 256 KB
• Amazon SQS extended Client Library for JAVA
• let you send message 256kb ~ 2gb

Standard Queues

• allow you a nearly unlimited number of transactions per second.
• guarantees that a message will be delivered at least once
• more than one copy of a message could be potentially delivered out of order.
• message가 동일한 순서대로 전송되기를 노력함

FIFO Queues

• FIFO queues support multiple ordered message groups within a single queue
• limited to 300 transactions per second.

Visibility Timeout

• 동일한 업무를 다른누군가가 하는것을 막기 위해
• job이 queue에서 보이지 않는 시간 = visibility timeout, 한 업무가 처리되면 삭제됨, 만약 한 업무가 visibility timeout 기간전에 처리되지 않는다면, 그 메세지는 다시 보여질것이다 다른 reader 에게
• Timeout can be 0 seconds to a maximum of 12 hours

Short vs Long Polling

• short polling(default) returns messages immediately, even if the message queue being polled is empty. (message 바로 받길 원할때 사용)
• Long polling : can reduce the cost

SNS

(8:31)

• messaging system, the messages do not send directly to reveivers, 대신에, evend bus 에 거쳐서 group 으로 categorize 하고 구독자한테 보내지는 형태임,
• subscriber 는 pull 을 하지 않고 publisher가 push 한다 subscriber 에게
• highly available, durable, secure pub/sub messaging.
• decouple microservices, distributed systems
  ( 8:32)
• Publishers use the AWS API via AWS CLI or SDK

SNS Topics

• allow you to group multiple subscriptions together
• can encrypt topics via KMS
• multiple protocol 사용 가능

SNS Subscriptions

• E-mail(subscriber 형태)
• protocol 선택 가능
• place sns messages into SQS queue
• AWS Lambda triggers a lambda function

Elasticache

(8:40)

• Managed caching service either runs Redis or Memcached
• caching engines : Memcached, Redis
• In-memory caching service
• Resources only within the same VPC may connect to Elasticache to ensure low latencies
• 코드 수정이 필요함

Caching

• process of storing data in a cache. A cache is a temporary storage area. Caches are optimized for fast retrieval with the trade off that data is not durable

In-Memory Data Store

• The trade off is high volatility(low durability, risk of data loss), but access to data is very fast

Memcached

• HTML, simple key/value store. very simple and very fast

Redis

• many different kids of operations, 빠르긴 한데 memcached 가 더 빠름
• very good for leaderboards, keep track of unread notification data

High Availability

(8:43)

• should run our instances in Multi-AZ, Elastic Load Balancer can route traffic to operational AZs.
• should run instances in another region, we can route traffic to another Region via Route53
• should use Auto Scaling Groups to increase the amount of instances to meet the demand of traffic
• should use Auto Scaling Groups to ensure a minimum amount of instances are running and have ELB route traffic to healthy instances
• should use CloudFront to cache static content for faster delivery in nearby regions. We can also run our instances in nearby regions and route traffic using a geolocation policy in Route53

Scale Up

• 사이즈 자체를 키우는것
• simpler to manage
• lower availablity (if a single instance fail service becomes unavailable)

Scale Out

• 동일한 규격 여러개 붙여
• More Complexity to manage
• Higher availablity (if 하나 망가져도 괜춘)

Elastic Beanstalk

• 인프라 걱정 없이 웹앱 관리
• Elastic LoadBalancer
• Autoscaling Groups
• RDS DB, EC2, Docker

API Gateway

(9:04)

• Fully managed service to create, publish, maintain, monitor, and secure APIs at any scale
• 안전한 API 생성
• front door for applications to access data, logic, or back-end services

Key Features

• handles concurrent API calls
• highly scalable and cost effective
• allows you to track and control any usage of the API
• Expose HTTPS endpoints to define a RESTful API

Caching

(9:09)

• enable to cache your endpoints response to API calls.
• when enabled on a stage, API Gateway caches responses from your endpoint for a specified time-to-live(TTL) period.
• API Gateway responds to requests by looking up the response from the cache.
• Reduces the number of calls made to your endpoint.
• Improves latency of the requests made to your API.

Cross Origin Resources Sharing(CORS)

• akkiws restructed resouces on a webpage to be requested from a different domain than the initial resource
• always enforces by the client.
• if using javascript/AJAX then uses multiple domains with an API gateway

Same Origin Policy

• is a concept in the application security model, where a web browser permits scripts contained in a first web page, to access data in a second webpage
• are used to help prevent Cross-Site Scripting attacks

Kinesis

• Scalable and durable real-time data streaming service
• fully managed solution for collecting, processing, and analyzing streaming data
• KPL(Kinesis Producer Library) is a java library to write data to a stream

Kinesis Data Streams

(9:15)

• can be persist from 24 hours(default)to 168 hours
• can have multiple consumers

Firehose Delivery Stream

(9:17)

• Data immediately disappears once it's consumed
• you choose one consumer from a predefined list
• can convert incoming data to other to a few files formats

Video Streams

(9:19)

• Ingest video and audio encoded data from various devices and or service.

Kinesis - Data Analytics

(9:20)

• custom SQL of real-time analysis

Storage Gateway

• connects an on-premises software appliance with cloud-based storage
• scalable and cost effective storage
• is available as a virtual machine image(VM)
• Supports both VMware ESXi and Microsoft Hyper-V
• connects on-premise storage to cloud storage(hybrid)

File Gateway (NFS)

(9:24)

• Access your files through Network File System or SMB mount point
• let S3 act a local file system using NFS, extends your local hard drive to S3

Volume Gateway (ISCSI)

(9:24:50)

• Used for backups and has two types : Stored and Cached
• VG presents your applications with disk volumes using the Internet Small Computer Systems Interface block protocol
• asynchronously baked up as point-in-time snapshots and stored in the cloud as AWS EBS Snapshots
• Snapshots are incremental backups that capture only changed blocks in the volume
• All snapshot storage is also compressed to help minimize your storage charges

Stored Volumes Gateway

(9:25)

• Primary data is stored locally(on-Premise), while asynchronously backing up that data to AWS
• Any data written to stored volumes in stored on your on-premises storage hardware.
• EBS snapshots are backed up to AWS S3
• Stored Volumes can be between 1GB - 16TB in size

Cached Volumes Gateway

(9:27)

• use S3 as your primary data storage, while retaining frequently accessed data locally in your storage gateway
• Create storage volumes up to 32TB in size and attach them as iSCSI devices from your on-premises servers

Tape Gateway (VTL)

(9:28)

• cost-effective solution to archive your data in the AWS Cloud
• Store data on virtual tape cartridges that you create on your tape gateway
• backups up virtual tapes to S3 Glacier for long archive storage