AWS Certified Solutions Architect Study Guide. David Higby Clinton

Читать онлайн.
Название AWS Certified Solutions Architect Study Guide
Автор произведения David Higby Clinton
Жанр Зарубежная компьютерная литература
Серия
Издательство Зарубежная компьютерная литература
Год выпуска 0
isbn 9781119713104



Скачать книгу

us-east-2.amazonaws.com US West (N. California) us‐west‐1 us-west-1.amazonaws.com US West (Oregon) us‐west‐2 us-west-2.amazonaws.com Asia Pacific (Hong Kong) ap‐east‐1 ap-east-1.amazonaws.com Asia Pacific (Mumbai) ap‐south‐1 ap-south-1.amazonaws.com Asia Pacific (Seoul) ap‐northeast‐2 ap-northeast-2.amazonaws.com Asia Pacific (Osaka‐Local) ap‐northeast‐3 ap-northeast-3.amazonaws.com Asia Pacific (Singapore) ap‐southeast‐1 ap-southeast-1.amazonaws.com Asia Pacific (Sydney) ap‐southeast‐2 ap-southeast-2.amazonaws.com Asia Pacific (Tokyo) ap‐northeast‐1 ap-northeast-1.amazonaws.com Canada (Central) ca‐central‐1 ca-central-1.amazonaws.com China (Beijing) cn‐north‐1 cn-north-1.amazonaws.com.cn China (Ningxia) cn‐northwest‐1 cn-northwest-1.amazonaws.com.cn EU (Frankfurt) eu‐central‐1 eu-central-1.amazonaws.com EU (Ireland) eu‐west‐1 eu-west-1.amazonaws.com EU (London) eu‐west‐2 eu-west-2.amazonaws.com EU (Paris) eu‐west‐3 eu-west-3.amazonaws.com EU (Stockholm) eu‐north‐1 eu-north-1.amazonaws.com Middle East (Bahrain) me‐south‐1 me-south-1.amazon.aws.com

      

Endpoint addresses are used to access your AWS resources remotely from within application code or scripts. Prefixes like ec2, apigateway, or cloudformation are often added to the endpoints to specify a particular AWS service. Such an address might look like this: cloudformation.us-east-2.amazonaws.com. You can see a complete list of endpoint addresses and their prefixes at docs.aws.amazon.com/general/latest/gr/rande.html.

      Because low‐latency access is so important, certain AWS services are offered from designated edge network locations. These services include Amazon CloudFront, Amazon Route 53, AWS Firewall Manager, AWS Shield, and AWS WAF. For a complete and up‐to‐date list of available locations, see aws.amazon.com/about-aws/global-infrastructure/regional-product-services.

      Physical AWS data centers are exposed within your AWS account as availability zones. There might be half a dozen availability zones within a region, like us‐east‐1a and us‐east‐1b, each consisting of one or more data centers.

      You organize your resources from a region within one or more virtual private clouds (VPCs). A VPC is effectively a network address space within which you can create network subnets and associate them with availability zones. When configured properly, this architecture can provide effective resource isolation and durable replication.

      AWS has a lot of the basic regulatory, legal, and security groundwork covered before you even launch your first service.

      AWS has invested significant planning and funds into resources and expertise relating to infrastructure administration. Its heavily protected and secretive data centers, layers of redundancy, and carefully developed best‐practice protocols would be difficult or even impossible for a regular enterprise to replicate.

      Where applicable, resources on the AWS platform are compliant with dozens of national and international standards, frameworks, and certifications, including ISO 9001, FedRAMP, NIST, and GDPR. (See aws.amazon.com/compliance/programs for more information.)

      The AWS Shared Responsibility Model

      Of course, those guarantees cover only the underlying AWS platform. The way you decide to use AWS resources is your business—and therefore your responsibility. So, it's important to be familiar with the AWS Shared Responsibility Model.

Schematic illustration of the AWS Shared Responsibility Model.

      The AWS Service Level Agreement

      By