In the last article we talked about the basics of cloud computing and we examined some of the core concepts of AWS. Now that we understand this, we can go into more detail. We will explain what makes AWS truly global and how that helps us to build fault tolerant and scalable infrastructure. Show
By: Mijndert Stuij What is the AWS Global Infrastructure?The AWS Global Infrastructure consists of multiple geographical locations which are called Regions. AWS Regions are divided up in Availability Zones which consist of one or more psychically separated data centers. These Regions and Availability Zones provide a way to build highly available, fault tolerant, and scalable infrastructures. All Availability Zones (AZs) are connected through low latency, high throughput, and highly redundant networking. AZs are physically separated by an unknown minimum distance to ensure availability of the network even in the event of catastrophic events like extreme weather. As of April 2020, AWS spans 70 Availability Zones within 22 Regions around the world. Points of PresenceAnother part of the AWS Global Infrastructure are Points of Presence (POP). The POPs are used for both AWS CloudFront to deliver content to end users at high speeds, and Lambda@Edge to run Lambda functions with the lowest possible latency. As of April 2020, there are 216 Points of Presence in 84 cities across 42 countries. Designing for failureUsing the AWS Global Infrastructure, it’s easy to design fault tolerant infrastructure. We can achieve this by having multiple EC2 instances in different Availability Zones or even Regions. In the unlikely event of an Availability Zone or entire Region failing, your applications are not impacted. Other services like Relational Database Service (RDS) can achieve fault tolerance because they have Multi-AZ deployment models built-in. Of course, there is always extra cost involved when having your servers and data stored in multiple AZs. Using Regions, you can also scale out your applications to make sure they are as close to your end-users as possible. If, for example, you have customers in both Europe and the United States you can easily replicate your infrastructure by launching it in a different region. VPC PeeringVPC networks in different regions can be tied together using VPC Peering. Instances in either VPC can communicate with each other as if they are in the same private network. You can create VPC peering connections between your own VPCs, with a VPC in another AWS account, or with a VPC in a different AWS region. It is neither a gateway nor a VPN connection and doesn’t need physical hardware, mitigating the need for maintenance. Example architectureThe following example is a simplified depiction of a fault tolerant architecture leveraging the AWS
Global Infrastructure. In this example 2 Regions with 2 Availability Zones each are used to load balance traffic to EC2 instances. Using VPC peering we can replicate the database to a different region. 
Want to know more? Course Hero uses AI to attempt to automatically extract content from documents to surface to you and others so you can study better, e.g., in search results, to enrich docs, and more. This preview shows page 187 - 190 out of 207 pages. Question: 587Which statement is true about AWS global infrastructure?A. Availability Zones can span multiple AWS Regions.B. A VPC can have different subnets in different AWS Regions.C. AWS Regions consist of multiple Availability Zones.D. A single subnet can span multiple Availability Zones.Answer: CExplanation:.Question: 588An external auditor has requested that a company provide a list of all its 1AM users, including thestatus of users' credentials and access keys What is the SIMPLEST way to provide this information?A. Create an 1AM user account for the auditor, granting the auditor administrator permissionsB. Take a screenshot of each user's page in the AWS Management Console, then provide thescreenshots to the auditorC. Download the 1AM credential report then provide the report to the auditor.D. Download the AWS Trusted Advisor report, then provide the report to the auditor Questions & Answers PDFP-188Answer: CExplanation:.Question: 589According to security best practices, how should an Amazon EC2 instance be given access to anAmazon S3 bucket?A. Hard code an 1AM user's secret key and access key directly in the application, and upload the file.B. Store the 1AM user's secret key and access key in a text file on the EC2 instance, read the keys,then upload the tile.C. Have the EC2 instance assume a role to obtain the privileges to upload the file.D. Modify the S3 bucket policy so that any service can upload to it at any timeAnswer: DExplanation:.Question: 590Which tool can be used to identity scheduled changes to the AWS infrastructure?A. AWS Personal Health DashboardB. AWS Trusted AdvisorC. Billing DashboardD. AWS ConfigAnswer: BExplanation:.Question: 591A user can increase operational efficiency in the AWS Cloud by:A. leveraging AWS managed services.B. right-sizing AWS infrastructure.C. manually creating all necessary resources.D. managing their own software licenses.Answer: B Questions & Answers PDFP-189Explanation:.Question: 592A company wants to be nodded when its AWS Cloud costs or usage exceed defined thresholds.Which AWS service will support these requirements?A. AWS BudgetsB. Cost ExplorerC. AWS CloudTrailD. Amazon MadeAnswer: AExplanation:.Question: 593A company needs to track the activity in its AWS accounts, and needs to know when an API call ismade against its AWS resources. Which AWS toolor service can be used to meet theserequirements?A. Amazon CloudWatchB. Amazon InspectorC. AWS CloudTrailD. AWS 1AMAnswer: CExplanation:Question: 594A workload on AWS will run for the foreseeable future by using a consistent number of Amazon EC2instances. What pricing model will minimize cost while ensuring that compute resources remainavailable? Upload your study docs or become a Course Hero member to access this document Upload your study docs or become a Course Hero member to access this document End of preview. Want to read all 207 pages? Upload your study docs or become a Course Hero member to access this document Tags Amazon Web Services, AWS, Amazon S3, Amazon Elastic Compute Cloud Newly uploaded documentsNewly uploaded documentsWhich of the following are parts of the AWS global infrastructure?The components are:. Availability Zones (AZs). Regions.. Edge Locations.. Regional Edge Caches.. Which statements below correctly describe the AWS global infrastructure Select 2?Which statements below correctly describe the AWS global infrastructure? SelectTWO. Availability Zones consistof one or more data centers. Regions have geographically dispersed Availability Zones.
What is the proper structure of an AWS global infrastructure?The AWS Global Infrastructure consists of multiple geographical locations which are called Regions. AWS Regions are divided up in Availability Zones which consist of one or more psychically separated data centers.
What are services provided by the AWS global infrastructure?The AWS Global Infrastructure gives you the flexibility of choosing how and where you want to run your workloads, and when you do you are using the same network, control plane, API's, and AWS services. If you would like to run your applications globally you can choose from any of the AWS Regions and AZs.
|
