Notes, Docs, CLI Commands and, Flashcards for AWS certified solutions architect - Associate Level
It's a centralised control of an AWS account
It's a global service
It controls access to AWS Services via policies that can be attached to IAM Identities
It's a shared Access to our AWS account.
It has granular Permissions:
It allows Multifactor Authentication (MFA)
It allows to set up our own password rotation policy
It supports PCI DSS Compliance (see Foundation, below)
Programmatic access by key ID and a secrete access key
Programmatic access by SSH public keys to authenticate access to AWS CodeCommit repositories
AWS Management Console access:, it uses email/password
~/.aws
folder.in progress
Session tokens from regional STS endpoints are valid in all AWS Regions.
If you use regional STS endpoints, no action is required.
S3 Request #/s Hard: 3500 PUTs/second
It allows to configure (enable, disable, ...) some of the RDS database engines specific features
It's currently available for MariaDB, MySQL, Oracle and, Microsoft SQL Server
It's not currently available for PostgreSQL and Aurora
One writer and multiple readers:
Parallel query:
Multiple writers:
They need to be enabled when a database cluster is made
Aurora separates computation capacity and storage
Storage volume (Replicas):
DB Instance Automatic multi-AZ failover:
Read/Write Capacity modes:
On-Demand mode:
Provisioned mode:
For more details
It's a OSI model layer 4 device:
It's fastest ELB:
It can allocate static IP @: it's easier to integrate with any security or firewall products
It supports registering targets outside of a VPC
It supports routing requests to multiple app. on a single EC2 instance:
It supports containerized applications
Sticky session: It's NOT available
Ressource Policy: - It defines who has access to a queue - By default, only the queue owner has access to it
It's a PaaS product (Platform as a Service)
It's Infrastucture as Code
It's a CI/CD system (Continuous Integration / Continuous Delivery)
It's like Cloud Formation for people that don't know anything about AWS
It manages the infrastructure for any provided code
It provides automated provisioning, monitoring, auto scaling, load balancing and, updating
It's an application container
E.g., We can upload our application code and Beanstalk will create all required AWS infrastructure for us