Cloud Practitioner Domain -1

Cloud Practitioner Domain 1 consists of Basic Cloud Concept and It Contains 28% of Questions.

  • Cloud computing is the on-demand delivery of compute power, database storage, applications, and other IT resources through a cloud services platform via the Internet with pay-as-you-go pricing.

Six Advantages of Cloud Computing

  • Trade capital expense for variable expense :- Instead of having to invest heavily in data canters and servers before you know how you’re going to use them, you can pay only when you consume computing resources, and pay only for how much you consume
  • Benefit from massive economies of scale   :- Start from the lowest configuration initially and then start increasing the configuration of resources as your utilization increases.
  • No need to Guess Capacity :- Eliminate guessing on your infrastructure capacity needs. If you guess your infrastructure capacity before deploying them you may end up with idle resources. With cloud computing, You can access as much or as little capacity as you need, and scale up and down as required with only a few minutes’ notice.
  • Better Speed and Agility :- In a cloud computing environment, new resources can be launched with a simple click which means that you reduce the time to make those resources available to your developers from weeks to just minutes. This results in a dramatic increase in agility for the organization, since the cost and time it takes to experiment and develop is significantly lower.
  • Reduce the cost of Having a datacentre :- Cloud computing enables customer to focus on their business not on the infrastructure .  Cloud computing lets them focus on their own customers, rather than on the heavy lifting of racking, stacking, and powering servers.
  • Go Global in Minutes :- Easily deploy your application in multiple regions around the world with just a few clicks. This means you can provide lower latency and a better experience for your customers at minimal cost.

Cloud Computing Models

  • IAAS (Infrastructure As A Service ):- Infrastructure as a Service (IaaS) provide access to networking features, computers (virtual or on dedicated hardware), and data storage space.
  • PAAS (Platform As A Service ) :- Platform as a Service (PaaS) eliminates the need of having a underlying infrastructure for an App so that one can focus on the deployment of app as well as its management.
  • SAAS (Software As A Service ) :- Best example of SAAS is Gmail . Everyone has the same UI but different content . Software as a Service (SaaS) provides a complete product that is run and managed by the service provider

Cloud Computing Deployment Model

  • On Premise :- To Deploy resources or application with the help of virtualization technique and resource management tool in own data centre. It is also refer as Private cloud.
  • Public Cloud :- Build and deploy application on the cloud with the help of low level infra in the beginning . All part of cloud application is built and run in the cloud. Example of public cloud is AWS,Microsoft Azure and Google Cloud Platform.
  • Hybrid :- In this model some part of your application is deployed in the cloud and some part is in on premise. Hence this deployment is a way to connect infrastructure and application between cloud-based resources and existing resources that are not located in the cloud.

AWS Global Infrastructure

  • AWS Region is a physical location or geographical area consists of two or more Availability Zones, designed to be isolated from other AWS region hence provides the greater Fault Tolerance and stability. AWS Currently has 20 Active Regions around the globe.
  • Availability Zones consist of one or more discrete data centers, each with redundant power, networking, and connectivity, housed in separate facilities. Each Availability Zone is designed as an independent failure zone.AZs in a region are connected thorough each other with low latency network. AWS Currently has 60 AZs.
  • Edge Locations are the endpoints for AWS which are used for caching the content. Basically it consists of Amazon Content Delivery Network called as CloudFront.

How do we Interact with AWS
We can interact with AWS in following 3 ways

  • Using AWS Web Console
  • Using AWS Command Line Interface (AWS CLI)
  • Using AWS SDKs


  • When you first create an AWS account you sign up with your email address . This credentials is called as root credentials and It has super admin privilege. AWS recommend not to use this credentials in day to day work.
  • IAM Stands for Identity and Access management is global service which enables you to manage access to AWS services and resources securely.Instead of using root credentials you should create an IAM user with least privilege using IAM Policies.
  • IAM Policy is a JSON formatted object in AWS that, when associated with an identity or resource, defines their permissions.
  • Using IAM, you can create and manage AWS users and groups, and use permissions to allow and deny their access to AWS resources.Since AWS IAM is a global service when you create a user or groups those are created globally.

IAM Role
An IAM role is an IAM identity that you can create in your account that has specific permissions.An IAM role is similar to an IAM user, in that it is an AWS identity with permission policies that determine what the identity can and cannot do in AWS

  • AWS recommend to use IAM Role instead of access key and secret key to communicate between various aws resources.
  • We can attach IAM Role to EC2 instances any time and when you do this , it reflects immediately.
  • IAM Roles are universal it does not depend upon the region.

Amazon S3

  • Amazon S3 stands for simple storage service is object storage built to store and retrieve any amount of data from anywhere on the Internet. It’s offers an extremely durable, highly available, and infinitely scalable data storage infrastructure at very low costs.
  • You can store any amount of data in S3 but single object size should be of max 5TB.The largest file you can store in single PUT operation is of 5GB. If your object size is greater than 100MB you should use S3 multipart
  • S3 stores files or object is a Bucket. S3 Bucket name is universal so two people  can’t have same S3 bucket name.  
  • When you successfully upload an object to S3 it returns HTTP code status as 200.
  • Amazon S3 is a simple key-based object store. When you store data, you assign a unique object key that can later be used to retrieve the data.
  • S3 data consistency provides Read after Write consistency for PUTS of new objects (means you can read the object immediately when write operation is completed) and Eventual consistency for overwrite PUTS and DELETES (means if you overwrite or update an existing object or delete an object there is a chance that you will get older object).
  • Amazon S3 provides 99.99% of Availability and 99.999999999% (11 9’s) of durability.
  • Amazon S3 offers a range of storage classes,Amazon S3 Standard for general purpose storage of frequently accessed data, Amazon S3 Standard-Infrequent Access or Amazon S3 One Zone-Infrequent Access for long-lived, but less frequently accessed data, and Amazon S3 Glacier for long-term archive

Amazon S3 Storage Class Features

Amazon S3 Standard

  • 99.999999999% durability and 99.99% availability
  • Used for frequently access data.
  • Supports SSL for data in transit and encryption of data at rest

S3 Intelligent-Tiering

  • 99.999999999% durability and 99.9% availability
  • Automatically moves objects between two access tiers based on changing access patterns.
  • Ideal storage class for long-lived data with access patterns that are unknown or unpredictable.
  • Small monthly monitoring and auto-tiering fee.
  • Supports SSL for data in transit and encryption of data at rest.

S3 Standard-IA (Infrequent Access)

  • 99.999999999% durability and 99.9% availability
  • Used data that is accessed less frequently, but requires rapid access when needed
  • Ideal for long-term storage, backups and Disaster Recovery Solutions.
  • Cheaper than Standard S3
  • Supports SSL for data in transit and encryption of data at rest

S3 One Zone-IA

  • 99.999999999% durability and 99.5% availability
  • This is also suitable for data that is accessed less frequently, but requires rapid access when needed Unlike other S3 Storage Classes which store data in a minimum of three Availability Zones (AZs), S3 One Zone-IA stores data in a single AZ and costs 20% less than S3 Standard-IA.
  • Best suitable for storing data that is replicated from another AWS Region using S3 Cross-Region Replication.
  • Supports SSL for data in transit and encryption of data at rest.

S3 Glacier

  • Designed for durability of 99.999999999%.
  • Ideal for long-term archival Solution .
  • Supports SSL for data in transit and encryption of data at rest.

S3 Security :- You can use access control mechanisms such as bucket policies and Access Control Lists (ACLs) to selectively grant permissions to users and groups of users.

S3 Transfer Acceleration

  • Amazon S3 Transfer Acceleration enables fast, easy, and secure transfers of files over long distances between your client and your Amazon S3 bucket.
  • S3 Transfer Acceleration leverages Amazon CloudFront’s globally distributed AWS Edge Locations. As data arrives at an AWS Edge Location, data is routed to your Amazon S3 bucket over an optimized network path.

S3 Versioning

  • Versioning allows you to preserve, retrieve, and restore every version of every object stored in an Amazon S3 bucket.
  • Once you enable Versioning for a bucket, Amazon S3 preserves existing objects anytime you perform a PUT, POST, COPY, or DELETE operation on them.
  • By default, GET requests will retrieve the most recently written version. Older versions of an overwritten or deleted object can be retrieved by specifying a version in the request.

S3 LifeCycle Management

  • Used for reduction of Cost of storage. It provides the ability to define the life cycle of your object with a predefined policy and reduce your cost of storage.
  • You can set a life cycle transition policy to automatically migrate objects stored in the S3 Standard storage class to the S3 Standard-IA, S3 One Zone-IA, and/or S3 Glacier storage classes based on the age of the data.

S3 Cross Region Replication

  • Automatically Replicate data between S3 in different regions.
  • With CRR, you can set up replication at a bucket level, a shared prefix level, or an object level using S3 object tags.
  • CRR can also help if you have a compliance requirement to store copies of data hundreds of miles apart.

Host Static Website on S3:- You can host static websites (html , js and css ) on S3 .Websites which uses database connection cant be hosted on S3.

EC2 Basics

  • Amazon Elastic Compute Cloud (Amazon EC2) is a web service that provides resizable compute capacity in the cloud
  • Security Groups are virtual firewall for EC2.If you want to access the EC2 you need to open respective port such as PORT 22 for SSH,Port 3389 for RDP or PORT 3386 for MySQL,PORT 80 for HTTP and PORT 443 for HTTPS.

EC2 Pricing Model

  • On-Demand means launch the resources whenever you want with no long term commitment.On demand Instances are best suitable for Applications with short-term, spiky, or unpredictable workloads that cannot be interrupted .
  • Dedicated instance If you need dedicated hardware for your application. Of course it cost you more.Dedicated hosts is although costliest in these three option but if you have existing server bound software Licenses you can use this to reduce the overall cost.They can also help you to meet compliance requirements
  • Spot Instances means you purchase instances at discounted hourly rate by bidding. Spot instances are used for the application that have flexible start and end times.
    • If the spot instance is terminated by AWS you will not charged for the partial hour of usage however if you terminate it on your own you will be charged for full hr in which instance ran.
  • Reserve instances (RI)means you are Purchasing the instances with 1 yr. or 3 yr. commitment .Reserve Instances are best suited for application which have predictable load and steady state usage.Reserve instance are of three of types
    • Standard RI :- It Can save your cost up to 75% than on demand instances . The more you pay upfront and the longer the contract the greater the discount it.
    • Convertible RI :- It can save your cost up to 55% than on demand instances . It Can be exchanged during the term for another Convertible Reserved Instance with new attributes including instance family, instance type, platform, scope, or tenancy.
    • Scheduled RI :- These are available to launch within the time window you reserve. It is useful in the scenario where you have predicable defined capacity for a day or a week or a month .

Ec2 Instance type

Amazon EBS

  • Amazon Elastic Block Store (Amazon EBS) provides block level storage volumes for use with EC2 instances.
  • EBS volumes are highly available and reliable storage volumes that can be attached to any running instance that is in the same Availability Zone.
  • Amazon EBS is recommended when data must be quickly accessible and requires long-term persis-tence .Such as file systems, databases, or for any applications that require fine granular updates and access to raw, unformatted, block-level storage.
  • Two types of EBS Volumes are in AWS , SSD stands for Solid State Drives and HDD stands for Hard Disk Drives. HDD Hard drive cannot be used as boot volume.
    • General Purpose SSD (gp2) :- Balances price and performance for a wide variety of workloads.Recommended for Dev and Test workload.Volume size can vary from 1 GiB to 16 TiB .
    • Provisioned IOPS SSD (io1):- Highest-performance SSD volume for mission-critical low-latency or high-throughput workloads.Most suitable for Large data base workload such as MSSQL,MySQL,MongoDB,oracle etc. Volume size can vary from 4 GiB to 16 TiB
    • Throughput Optimized HDD (st1) :- Low-cost HDD volume designed for frequently accessed, throughput-intensive workloads .Used for Streaming workloads requiring consistent, fast throughput at a low price such as Big data , Data Warehouses,Log processing.Volume size can vary from 500 GiB to 16 TiB.st1 cannot be used as boot volume.
    • Cold HDD (sc1) :- Lowest cost HDD volume designed for less frequently accessed workloads.Used for throughput-oriented storage for large volumes of data that is infrequently accessed.Volume size can vary from 500 GiB to 16 TiB.sc1 cannot be used as boot volume.

AWS Load Balancer

Elastic Load Balancing automatically distributes incoming application traffic across multiple targets, such as Amazon EC2 instances, containers, IP addresses, and Lambda functions.AWS has 3 types of Load Balancers

  • Calssic Load Balancer :- Classic Load Balancer provides basic load balancing across multiple Amazon EC2 instances and operates at both the request level and connection level.
    • Classic Load Balancer is intended for applications that were built within the EC2-Classic network.
    • Can be used in Development and QA/Test Environment.
  • Application Load Balancer :- Application Load Balancer operates at the request level (layer 7), routing traffic to targets – EC2 instances, containers, IP addresses and Lambda functions based on the content of the request.
    • Ideal for Production workload (HTTP and HTTPS) as well as micro service or Container based application.
    • Support Server Name Indiacation SNI.
  • Network Load Balancer :- Network Load Balancer operates at the connection level (Layer 4), routing connections to targets – Amazon EC2 instances, microservices, and containers – within Amazon Virtual Private Cloud (Amazon VPC) based on IP protocol data
    • Used for production workload specially where you need Static IP Support of Load balancer.

Databases on AWS

  • Relation Databases :- A Relational database is a collection of data items with pre-defined relationships between them. These items are organized as a set of tables with columns and rows. AWS Provides Relational Database service called as RDS with different engines as below
    • SQL Server
    • MySQL
    • mariaDB
    • Oracle
    • Aurora
    • PostgreSQL
  • RDS has following two features
    • Read Replica :- This feature of RDS is used for increasing the performance of your application by scaling the database (read only) horizontally . Suppose you have read heavy application and in the peak hour application performance is not up to mark since read and write operation is happening on the same database causing database performance down. You can have a read replica of RDS and carry out all the read operation from read replica. In this way you can off load on primary DB and improve your application performance.
    • In Read replica data replication is asynchronous .
    • Multi-AZ :- Multi AZ feature of RDS is used for disaster recovery. In this configuration aws keep two copy of database running on two different AZs in the same region like master and slave configuration. When disaster occurs AWS keep your DNS or host name same and point it to secondary database , in this way we can have zero downtime. Secondary or slave server is not visible on console.
    • In Multi AZ data replication is synchronous.
  • Non Relational Database :- A non-relational database is any database that does not follow the relational model provided by traditional relational database management systems.This is also called as NoSQL Databases. These type of database mainly consists of key value pair. Amazon Non relational database is called as DynamoDB.
    • Dynamo DB :- Its an AWS managed NoSQL Database. DynamoDB is a fast and flexible non relational database service for any scale.
    • OLAP stands for Online Analytical Processing which extracts data for analysis which help to make decision. OLAP runs complext query and hence it has long transactions. Amazon Redshift is example of OLAP.
    • OLTP Stands for Online Transactional Processing which actually deals with database modification operation such as Insert, Update, Delete information from the database. OLTP runs Simple queries and hence it has short transactions. MySQL,PostgreSQL ,AWS Aurora is an example of OLTP.
  • AWS Redshift :- Amazon Redshift is a fully managed, petabyte-scale data warehouse service in the AWS cloud.
  • ElastiCache:- Its a web service used to deploy , operate and scale an in-memory cache in the cloud. The service improves the performance of web application by allowing it to retrieve information from fast , managed , in-memory caches. ElastiCache supports two open source in-memory caching engines:
    • memcached
    • Redis

AWS DNS Service Route 53

Amazon Route 53 is a highly available and scalable Domain Name System (DNS) web service provided by AWS. You can use Route 53 to perform three main functions in any combination: domain registration, DNS routing, and health checking. Its a global service like IAM and Role.

AWS ElasticBeanstalk

  • AWS Elastic Beanstalk is an easy-to-use service for deploying and scaling web applications and services developed with Java, .NET, PHP, Node.js, Python, Ruby, Go, and Docker on familiar servers such as Apache, Nginx, Passenger, and IIS.
  • You can simply upload your code and Elastic Beanstalk automatically handles the deployment, from capacity provisioning, load balancing, auto-scaling to application health monitoring.
  • You retain full control over the AWS resources powering your application and can access the underlying resources at any time.
  • There is no additional charge for Elastic Beanstalk – you pay only for the AWS resources needed to store and run your applications

AWS CloudFormation (Infrastrcuture as a code)

  • AWS Cloudformation is a service which helps you to model and setup your cloud infrastructure using JSON or YAML or txt file. So that managing the resource will take less time and you concentrate on your application rather than managing the infrastructure.
  • You create a cloud formation template that contains all the interrelated AWS services necessary to run an application and Cloud formation takes care of provisioning and configuring those resources for you.
  • AWS CloudFormation is available at no additional charge, and you pay only for the AWS resources needed to run your applications.

Amazon Cloudfront

  • Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.
  • Amazon Cloud Front uses a global network of 166 Points of Presence (155 Edge Locations and 11 Regional Edge Caches) in 65 cities across 29 countries.
  • EdgeLocations :- CloudFront delivers your content through a worldwide network of data centers called edge locations.The regional edge caches are located between your origin web server and the global edge locations that serve content directly to your viewers. You can read and write to Edge Location servers.
  • Origin :- Origin is the location of all the files which cloudfront distributes. It can be EC2, LoadBalancers , a S3 Bucket or your on premise server.
  • Distribution :- You create a Cloud Front distribution to tell CloudFront where you want content to be delivered from, and the details about how to track and manage content delivery.Two types of distribution is available
    • Web Distribution :- Typically used for websites.
    • RTMP :- Used for media streaming using Adobe RTMP protocol.