ryan-han.com โŒ ๐Ÿก’ integer.blog โญ•๏ธ

AWS ์ž๊ฒฉ์ฆ ๊ณต๋ถ€๋ฒ•

2018/08/25

๋ธ”๋กœ๊ทธ ์˜ฎ๊ฒผ์Šต๋‹ˆ๋‹ค! ๐Ÿก’ integer.blog

AWS Certified Solution Architect Associate ์ž๊ฒฉ์ฆ ์ค€๋น„ ๋ฐฉ๋ฒ•๊ณผ ๊ณผ์ •์„ ๊ธฐ๋ก
๋ชจ๋“  ์ž๋ฃŒ๋Š” ์ค‘์š”ํ•˜๊ณ  ์œ ์šฉํ•œ ์ˆœ์„œ๋กœ ์ •๋ ฌํ•จ.

Index

0. ๋‚ด๊ฐ€ ์ •ํ•œ ํ•™์Šต ์ˆœ์„œ
1. ํ•„์ˆ˜ ํ•™์Šต ์ž๋ฃŒ
2. ์ถ”๊ฐ€ ํ•™์Šต ์ž๋ฃŒ
3. ํ•ฉ๊ฒฉ ํ›„๊ธฐ ๋ชจ์Œ
4. ๊ธฐํƒ€ ๋งํฌ
5. ํ•„์ˆ˜ ํ•™์Šต ์ฃผ์ œ

0. ๋‚ด๊ฐ€ ์ •ํ•œ ํ•™์Šต ์ˆœ์„œ

0.1. ์ค€๋น„

  1. AWS ์šฉ์–ด ์•Œ์•„๋ณด๊ธฐ ๋ฅผ ํ†ตํ•ด AWS ์„œ๋น„์Šค๋“ค์„ ๊ฐœ๋žต์ ์œผ๋กœ ์ดํ•ด

0.2. ์–•๊ณ  ๋น ๋ฅธ ํ•™์Šต

‘์–•๊ณ  ๋น ๋ฅธ ํ•™์Šต’ ๋‹จ๊ณ„์—์„œ๋Š” ์—ฌ๋Ÿฌ ๋ฆฌ์†Œ์Šค์—์„œ ๊ณต๋ถ€ํ•œ ๋‚ด์šฉ๋“ค์„ ํ•˜๋‚˜์˜ ์„œ๋น„์Šค๋ช….md (์˜ˆ๋ฅผ ๋“ค์–ด EC2.md) ํŒŒ์ผ์— ์ •๋ฆฌ.

  1. ๋น„๊ณต์‹ AWS SAA ์ˆ˜ํ—˜๊ฐ€์ด๋“œ์— ์ •๋ฆฌ๋œ Domain ๋ณ„ ๋ชฉ์ฐจ๋ฅผ ๋ณด๊ณ  ํ•™์Šตํ•  ํŒŒํŠธ ๊ฒฐ์ • (์‹œํ—˜์€ 5๊ฐœ์˜ Domain์œผ๋กœ ๋‚˜๋‰˜์–ด ์žˆ๊ณ , ์ด Domain ์ˆœ์„œ์— ๋”ฐ๋ผ ํ•™์Šตํ•˜๋Š” ๊ฒƒ์ด ๊ฐ€์žฅ ํšจ์œจ์ )
  2. ํ•ด๋‹น ํŒŒํŠธ๋ฅผ ์•„๋งˆ์กด ์›น ์„œ๋น„์Šค๋ฅผ ๋‹ค๋ฃจ๋Š” ๊ธฐ์ˆ ์—์„œ ๋จผ์ € ์ฝ๊ณ  ์ดํ•ดํ•˜๊ธฐ
  3. AWS ๊ณต์‹ ์„ค๋ช…์„œ์—์„œ ํ•ด๋‹น ํŒŒํŠธ ํ•™์Šต
  4. ํ•ด๋‹น ํŒŒํŠธ์˜ ๊ฐ•์˜๋ฅผ A Cloud Guru CSAA ๊ฐ•์˜์—์„œ ๋“ฃ๊ธฐ
  5. Jayendra’s Blog์˜ ํ•ด๋‹น ํŒŒํŠธ ๋…ธํŠธ๋ฅผ ์ฝ๊ณ , ๋…ธํŠธ ๋งˆ์ง€๋ง‰์— ํฌํ•จ๋œ ๊ด€๋ จ ๋ฌธ์ œ๋“ค ํ’€์–ด๋ณด๊ธฐ
  6. ‘์–•๊ณ  ๋น ๋ฅธ ํ•™์Šต’ ๋‹จ๊ณ„ ์‹œ์ž‘๋ถ€ํ„ฐ ์ž‘์„ฑํ•ด์˜จ ๊ฐ ํŒŒํŠธ ์ •๋ฆฌ ํŒŒ์ผ(์„œ๋น„์Šค๋ช….md) ๋งˆ๋ฌด๋ฆฌ

0.3. ์‹œํ—˜ ๋Œ€๋น„ ํ•™์Šต

  1. AWS FAQs๋กœ ๋น ๋ฅด๊ฒŒ ๋ณต์Šตํ•˜๊ธฐ
  2. A Cloud Guru CSAA ๊ฐ•์˜์˜ ํ€ด์ฆˆ ํ’€๊ธฐ
  3. A Cloud Guru CSAA ์—ฐ์Šต๋ฌธ์ œ ๊ฐ•์˜์˜ ๋ฌธ์ œ ํ’€๊ธฐ
  4. ๋คํ”„ ๋ฌธ์ œ์ง‘ + ์ •๋‹ต์ฒดํฌ ์‚ฌ์ดํŠธ๋กœ ์‹œํ—˜ ๋Œ€๋น„
  5. Jayendra’s Blog์—์„œ Cheet Sheet ๋ฐ ๋‚ด์šฉ ์ •๋ฆฌ๋ณด๊ณ  ๋ถ€์กฑํ•œ ๋ถ€๋ถ„ ์ ๊ฒ€ํ•˜๊ธฐ

0.4. ์ƒ์‹œ ํ•™์Šต

  1. AWS ๊ณต์‹ ํ•œ๊ตญ ๋ธ”๋กœ๊ทธ - ๋งค์ผ ์•„์นจ ์‹ ๋ฌธ ์ฝ๋“ฏ์ด ๋ฐฉ๋ฌธ
  2. AWS This is my architecture - ์‹ค์ œ AWS ์‚ฌ์šฉ ๊ธฐ์—…๋“ค์˜ ์•„ํ‚คํ…์ณ๋ฅผ 8๋ถ„ ์ด๋‚ด์˜ ๋™์˜์ƒ์—์„œ ๋„ํ‘œ๋ฅผ ํ†ตํ•ด ์„ค๋ช…. ๊ณต๋ถ€ํ•˜๋‹ค ์ง€์น  ๋•Œ ๋ฐฉ๋ฌธ.
  3. A Cloud Guru ์ˆ˜๊ฐ•์ƒ๋“ค ์‹œํ—˜ ํ›„๊ธฐ - ์‹œํ—˜ ๋‚ด์šฉ์— ๋Œ€ํ•œ ํ›„๊ธฐ๊ฐ€ ๋งŽ์œผ๋ฏ€๋กœ ์‹œ๊ฐ„ ์—ญ์ˆœ์œผ๋กœ ์ฐธ๊ณ .

1. ํ•„์ˆ˜ ํ•™์Šต ์ž๋ฃŒ

2. ์ถ”๊ฐ€ ํ•™์Šต ์ž๋ฃŒ

3. ํ•ฉ๊ฒฉ ํ›„๊ธฐ ๋ชจ์Œ (์œ ์šฉํ•œ ์ˆœ์„œ๋กœ ์ •๋ ฌ)

4. ๊ธฐํƒ€ ๋งํฌ

5. ํ•„์ˆ˜ ํ•™์Šต ์ฃผ์ œ

Networking

  1. Be sure to create VPC from scratch. This is mandatory.
    • Create VPC and understand whats an CIDR.
    • Create public and private subnets, configure proper routes, security groups, NACLs.
    • Create Bastion for communication with instances
    • Create NAT Gateway or Instances for instances in private subnets to interact with internet
    • Create two tier architecture with application in public and database in private subnets
    • Create three tier architecture with web servers in public, application and database servers in private.
    • Make sure to understand how the communication happens between Internet, Public subnets, Private subnets, NAT, Bastion etc.
  2. Understand VPC endpoints and what services it can help interact
  3. Understand difference between NAT Gateway and NAT Instance
  4. Understand how NAT high availability can be achieved
  5. Understand CloudFront as CDN and the static and dynamic caching it provides, what can be its origin (it can point to on-premises sources)
  6. Understand Route 53 for routing, health checks and various routing policies it provides and their use cases mainly for high availability
  7. Be sure to cover ELB in deep. AWS has introduced ALB and NLB and there are lot of questions on ALB
  8. Understand ALB features with its ability for content based and URL based routing with support for dynamic port mapping with ECS

Storage

  1. Understand various storage options S3, EBS, Instance store, EFS, Glacier and what are the use cases and anti patterns for each
  2. Would recommend referring Storage Options whitepaper, although a bit dated 90% still holds right
  3. Understand various EBS volume types and their use cases in terms of IOPS and throughput. SSD for IOPS and HDD for throughput
  4. Understand Burst performance and I/O credits to handle occasional peaks
  5. Understand S3 features like different storage classes with lifecycle policies, static website hosting, versioning, Pre-Signed URLs for both upload and download, CORS
  6. Understand Glacier as an archival storage with various retrieval patterns
  7. Glacier Expedited retrieval now allows object retrieval within mins
  8. Understand Storage gateway and its different types

Compute

  1. Understand EC2 as a whole
  2. Understand Auto Scaling and ELB, how they work together to provide High Available and Scalable solution
  3. Understand EC2 various purchase types โ€“ Reserved, On-demand and Spot and their use cases
  4. Understand Reserved purchase types with the introduction of Scheduled and Convertible types
  5. Understand Lambda and serverless architecture, its features and use cases. How do you benefit from Lambda?
  6. Understand ECS with its ability to deploy containers and micro services architecture
  7. Know Elastic Beanstalk at a high level, what it provides and its ability to get an application running quickly

Databases

  1. Understand relational and NoSQLs data storage options which include RDS, DynamoDB, Aurora and their use cases
  2. Aurora has been added to the exam and most of time the questions refer to Aurora given its abilities for multiple read replicas and replication of data across AZs
  3. Understand S3 is not a storage option for database
  4. Understand RDS features โ€“ Read Replicas for scalability, Multi-AZ for High Availability, Automated Backups, underlying volume types
  5. Understand DynamoDB with its low latency performance, DAX
  6. Understand DynamoDB provisioned throughput for Read/Writes
  7. Know ElastiCache use cases, mainly for caching performance

Analytics

  1. Not much in deep, but understand what the services are and what they can do
  2. Understand Redshift as a business intelligence tool
  3. Know Kinesis for real time data capture and analytics
  4. Atleast know what AWS Glue does, so you can eliminate the answer

Security

  1. Understand IAM as a whole
  2. Focus on IAM role and its use case especially with EC2 instance
  3. Understand IAM identity providers and federation and use cases
  4. Understand MFA and How would implement two factor authentication for your application
  5. Understand encryption services
    • KMS for key management and envelope encryption
    • Focus on S3 with SSE, SSE-C, SSE-KMS
    • Know SQS now provides SSE support
  6. Refer Disaster Recovery whitepaper, be sure you know the different recovery types with impact on RTO/RPO.

Management Tools

  1. Understand CloudWatch monitoring to provide operational transparency
  2. Know which EC2 metrics it can track. Remember, it cannot track memory and disk space/swap utilization
  3. Understand CloudWatch is extendable with custom metrics
  4. Understand CloudTrail for Audit
  5. Have a basic understanding of CloudFormation, OpsWorks

Integration Tools

  1. Understand SQS as message queuing service and SNS as pub/sub notification service
  2. Understand SQS features like visibility, long poll vs short poll
  3. Focus on SQS as a decoupling service
  4. AWS has released SQS FIFO, make sure you know the differences between standard and FIFO

* Reference

๋ณธ๋ฌธ ๊ฐ ๋งํฌ ์ฐธ์กฐ