-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge branch 'main' of github.com:misostack/nextjsvietnam.com
- Loading branch information
Showing
5 changed files
with
703 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,34 @@ | ||
| --- | ||
| title: "Aws Series Automation" | ||
| type: "post" | ||
| date: 2024-01-03T14:40:26+07:00 | ||
| description: "In this topic you will learn about automation in AWS Infrastructure" | ||
| keywords: ["aws", "solution architecture", "aws solution architect associate"] | ||
| categories: ["systemdesign", "aws"] | ||
| tags: ["aws"] | ||
| image: "https://gist.github.com/assets/31009750/d03115b2-879f-465f-8804-cde93a12ec14" | ||
| --- | ||
|
|
||
| Automation Benefit: | ||
|
|
||
| - Time | ||
| - Consistency | ||
| - Security | ||
|
|
||
|  | ||
|
|
||
| ## CloudFormation | ||
|
|
||
| - Allows you to provision resources quickly and consistently, and manage them throughout their lifecycles, by treating infrastructure as code. | ||
|
|
||
|  | ||
|
|
||
|  | ||
|
|
||
| ## Elastic Beanstalk | ||
|
|
||
| - Easy-to-use all in one service for deploying and scaling web applications and services developed with a variety of supported languages | ||
|
|
||
| ## System Manager | ||
|
|
||
| - Gives you the ability to easily patch, update, manage and configure your EC2 instances along with on-premise architecture. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,53 @@ | ||
| --- | ||
| title: "Aws Series Caching" | ||
| type: "post" | ||
| date: 2024-01-03T15:20:47+07:00 | ||
| description: "In this topic you will learn about caching in AWS architecture" | ||
| keywords: ["aws", "solution architecture", "aws solution architect associate"] | ||
| categories: ["systemdesign", "aws"] | ||
| tags: ["aws"] | ||
| image: "https://gist.github.com/assets/31009750/c20c75e0-9149-403e-bdc8-fb4e9ee704ae" | ||
| --- | ||
|
|
||
| What can we cache: | ||
|
|
||
| 1. External: data that's going to be returned to our users | ||
| 2. Internal: eg, we can speed up our databases, the less we talk to the database, the better. | ||
|
|
||
| Caching solutions | ||
|
|
||
|  | ||
|
|
||
| ## Global Caching with CloudFront | ||
|
|
||
| - CDN service, help to reduce latency and provide high transfer speed using AWS edge locations. | ||
| - Https is default | ||
| - Global distribution | ||
| - Can be used to front AWS endpoint along with non-AWS applications | ||
| - Expiring content with TTL configuration | ||
|
|
||
|  | ||
|
|
||
|  | ||
|
|
||
| ## Elastic Cache | ||
|
|
||
| - A managed version of two opensource: memcached and redis | ||
| - And for RDS | ||
|
|
||
|  | ||
|
|
||
| ## DAX | ||
|
|
||
| - DynamoDB Accelerator | ||
| - In Memory Cache: ml to nano | ||
| - Live inside VPC | ||
| - You can control size of node, TTL, | ||
|
|
||
| ## IP Caching with Global Accelerators | ||
|
|
||
| - A service that send user's traffic to the global AWS Infrastructure via accelerators. Anycast IP. | ||
|
|
||
|  | ||
|  | ||
|  |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,144 @@ | ||
| --- | ||
| title: "Aws Series Governance" | ||
| type: "post" | ||
| date: 2024-01-03T23:05:24+07:00 | ||
| description: "In this topic you will learn how to use AWS Organization" | ||
| keywords: ["aws", "solution architecture", "aws solution architect associate"] | ||
| categories: ["systemdesign", "aws"] | ||
| tags: ["aws"] | ||
| image: "/common/no-image.png" | ||
| --- | ||
|
|
||
| ## Account Types | ||
|
|
||
| - Management Account is the primary account that hosts and manage organization (payer account) | ||
| - Member Account is all AWS accounts that belong to the organization | ||
|
|
||
| ## Features | ||
|
|
||
| - Consolidated Billing | ||
| - Usage Discounts | ||
| - Shared Savings | ||
|
|
||
| ## Main concepts | ||
|
|
||
| - Multi Account | ||
| - Tag Enforcement | ||
| - Organization Unit(ou): group of accounts | ||
| - Service Controler Policies(SCP): JSON policies that get applied to OUs or accounts to restrict actions that are or are not allowed | ||
| - Management Account: SCP do affect the management account like they do all member accounts. | ||
| - Account Best Practices: create a centralized logging account for organization CloudTrail logs. Also, levelrage cross-account roles for accessing member accounts. | ||
|
|
||
|  | ||
|
|
||
| **Example of SCP** | ||
|
|
||
|  | ||
|
|
||
| ## Sharing resources using AWS RAM | ||
|
|
||
| > AWS RAM(Resource Access Manager) | ||
| - A Free service that allows you to share resources with other accounts inside or outside your organization. It is actually shared not duplicating | ||
|
|
||
| > What could be shared? | ||
| - Transit gateways | ||
| - VPC subnets | ||
| - License Manager | ||
| - Route 53 Resolver(Rules and Endpoints) | ||
| - Dedicated Hosts | ||
| - ... | ||
|
|
||
| > Ownership and Participants | ||
| - Ownership: create and manage VPC resources that get shared. Can not delete or modify resourced deployed by participant accounts. | ||
| - Participants: able to provision services in the shared VPC subnets. Can not modify or delete the shared resources. | ||
|
|
||
| ## Setting up cross account role access | ||
|
|
||
| > Cross-account role access gives you the ability to setup temporately credentials that can be revoked as needed | ||
|  | ||
|  | ||
|  | ||
|  | ||
|  | ||
|
|
||
| ## AWS config | ||
|
|
||
| - An inventory management and control tool | ||
| - Allow to show configuration history | ||
| - Ability to create rules to make sure resources conform to your requirements | ||
| - Capable of receiving alerts via SNS | ||
| - Configured per Region | ||
| - Results can be aggregated across regions and AWS accounts | ||
|
|
||
|  | ||
|
|
||
|  | ||
|
|
||
|  | ||
|
|
||
| Examples | ||
|
|
||
|  | ||
|
|
||
| ## AWS Directory Service | ||
|
|
||
| - A fully managed version of Active Directory | ||
|
|
||
|  | ||
|
|
||
| There 2 types: | ||
|
|
||
| - Managed Microsoft AD | ||
| - AD Connector | ||
|
|
||
| ## AWS Cost Explorer | ||
|
|
||
|  | ||
|
|
||
| ## AWS Budgets | ||
|
|
||
| - The best way to let users know they are getting close to overspending | ||
|
|
||
|  | ||
|
|
||
| ## Optimize AWS CUR | ||
|
|
||
| > Cost and Usage Report | ||
|  | ||
|
|
||
| ## AWS Trusted Advisor | ||
|
|
||
|  | ||
|
|
||
| ## AWS Control Tower and GuardRails | ||
|
|
||
| - Automated multi-account governance, guardrails, account orchestration | ||
|
|
||
|  | ||
|
|
||
| ## Manage software license in AWS using AWS License Manager | ||
|
|
||
|  | ||
|
|
||
| ## AWS Health and Personal Health Dashboard | ||
|
|
||
|  | ||
|
|
||
| ## AWS Service Catalog and AWS Proton | ||
|
|
||
| ### Catalog | ||
|
|
||
|  | ||
|
|
||
| ### AWS Proton | ||
|
|
||
|  | ||
|
|
||
| ## AWS Well Architected Framework | ||
|
|
||
|  |
Oops, something went wrong.