My reference page for notes produced when studying AWS material.
Well-Architected Framework
Let’s start with AWS well-architected framework because in AWS everything touches that concept. The six pillars of well-architected framework includes:
- Security
- Cost Optimization
- Reliability
- Performance Efficiency
- Operational Excellence
- Sustainability
Cloud Design Patterns
- Event-Driven – adds scalable, resilient, agile and cost effective solutions. Use Amazon SQS, SNS and EventBridge to build event driven application.
- This design relies on network and on availability of many services build applications therefore design solutions to handle component failure. This should include failure detection and automatic remediation. Techniques such as exponential back-off with jitter should be used to ease load on maybe already overloaded system.
- Orchestration – step functions can be used to implement this patterns. Step functions should also handle nested workflow logic, errors and retries. Step function can run up to a year and can maintain different versions. Amazon EventBridge may be a better choice when coordination of many state changes are required.
- Fanout – publishing messages to multiple endpoints.
- Sync and async – step functions can handle both. REST API are typically sync and information is lost if they fail. Use SQS because this service can retain messages.
Security
IAM – concept of users and policies. Policies are assigned to users. Can use existing policies or create new one. Role is another big concept. Allows to assign policies to role that a service can adapt when it is running. For example, can assign to role to Lambda when it is running.
Cognito – offers tow types of pools: users pools and identity pools. Users pool are user directories for sign-ups and sign-ins for app users. Identify pools provide AWS credentials to grant your users for other AWS services without direct login. You can use other auth providers like Google, Facebook with identity pools. When they are authenticated or unauthenticated we need to assign a specific role to each.
You can also use Cognito user pool.
Developing
DynamoDB – partition key is unique and required, sort key is optional and enables efficient queries on that column. Global tables are easily access to other regions. By default table is not global. You can enable streams and streams enabled triggers which could be used by lambda or other services.
Step Functions – are build on tasks and state machines.
Messaging and Event-Driven
SQS – Simple Queue Service – max message size 256kb. Max visibility 12 hours, max retention period is 14 days.
Two types:
- FIFO: first-in-first-out delivery, message ordering is preserved
- Standard: at-least-once delivery, message ordering isn’t preserved
SNS – Simple Notification Service
Two types:
- FIFO: first-in, first-out
- Standard: best-effort message ordering
Deployment, Scalability and Monitoring
Elastic Beanstalk – deploy infrastructure reliably and continuously. In case of EC2 default VPC is required.