The Complete AWS Solutions Architect Associate Course

The AWS Cloud operates 44 Availability Zones within 16 geographic Regions around the world, with announced plans for 17 more Availability Zones and six more Regions in Bahrain, China, France, Hong Kong, Sweden, and a second AWS GovCloud Region in the US.

The AWS Free Tier enables you to gain free, hands-on experience with the AWS platform, products, and services.

Before we start using our Free Tier account to perform lab sessions, it is important that we ascertain some of the important free tier limitations, that will surely create an awareness and help us to keep our monthly bills under control.

Learn how to access Regions and Availability Zones through AWS Management Console.

To start with, let's see the list of topics covered in this section.

Amazon Elastic Compute Cloud (Amazon EC2) is a web service that provides secure, resizable compute capacity in the cloud. It is designed to make web-scale cloud computing easier for developers.

There are four ways to pay for Amazon EC2 instances: On-Demand, Reserved Instances, and Spot Instances. You can also pay for Dedicated Hosts which provide you with EC2 instance capacity on physical servers dedicated for your use.

Amazon EC2 provides a wide selection of instance types optimized to fit different use cases. Instance types comprise varying combinations of CPU, memory, storage, and networking capacity and give you the flexibility to choose the appropriate mix of resources for your applications. Each instance type includes one or more instance sizes, allowing you to scale your resources to the requirements of your target workload.

An Amazon Machine Image (AMI) provides the information required to launch an instance, which is a virtual server in the cloud. You specify an AMI when you launch an instance, and you can launch as many instances from the AMI as you need. You can also launch instances from as many different AMIs as you need.

An AMI includes the following:

• A template for the root volume for the instance (for example, an operating system, an application server, and applications)

• Launch permissions that control which AWS accounts can use the AMI to launch instances

• A block device mapping that specifies the volumes to attach to the instance when it's launched

In this demonstration, we'll explore different options on AWS Management Console to choose AMIs to launch our instances.

A security group acts as a virtual firewall for your instance to control inbound and outbound traffic.

Let's now see how to create and configure Security Groups for our instances.

A placement group is a logical grouping of instances within a single Availability Zone. Placement groups are recommended for applications that benefit from low network latency, high network throughput, or both.

This brief demonstration showcases steps involved in creating a Placement Group.

The time has come when we have to start launching some EC2 Instances and understand each and every component that is being included in this entire process. To begin with, we will launch an Amazon EC2 Linux Instance. 

This video will cover following steps:

1. Choosing an Amazon Machine Image (AMI)
2. Choosing an Instance Type
3. Configuring Instance Details

This lecture is in the continuation of previous one, where we configure rest of the instance details.

In this last part, we complete rest of the configuration while including following steps:

1. Add Storage
2. Add Tags
3. Configure Security Groups
4. Review
5. Create a New Key Pair

and finally, we launch our EC2 instance.

It's time for us to connect to this Amazon EC2 Linux Instance from our local machine using SSH. To start with, we'll see how this connection is being established from macOS.

Learn how to initiate an SSH connection from Window OS to the same Amazon EC2 Linux Instance using Putty.

After completing this lab session, it's important to either stop or terminate this Linux instance to avoid charges in case if the free tier limit gets exceeded.

Let's now see the entire process to launch an Amazon EC2 Windows Instance.

Learn how to initiate a RDP connection from macOS towards this Amazon EC2 Windows Instance using a third-party client software.

Learn how to connect to a Windows Instance while establishing a RDP connection from Window's local machine.

This lab session shows steps involved in changing the Instance Type of an already running instance.

Let's now understand the advantages of using Elastic IPs over the Public one. This lecture demonstrates the static behavior of Elastic IPs.

In this lecture, we will understand how we can make use of Elastic IPs to perform manual failover across instances running in different Availability Zones, within a single Region. Also, we will learn pricing and some of the restrictions associated with them.

Let's see and understand another method to access your AWS resources - Command Line Interface (CLI).

We'll start with the installation process. This lecture is intended for those who are using macOS.

This video shows step-by-step procedure to install CLI on your Windows machines.

After you are done with the installation, you need to perform configuration. This lecture showcases all pertinent steps.

Let's understand how to create and configure Security Groups and Key Pairs via CLI.

Finally, we are going to launch an instance via this command line interface.

AWS Lambda is a compute service that lets you run code without provisioning or managing servers. AWS Lambda executes your code only when needed and scales automatically, from a few requests per day to thousands per second. You pay only for the compute time you consume - there is no charge when your code is not running.

With Elastic Beanstalk, you can quickly deploy and manage applications in the AWS Cloud without worrying about the infrastructure that runs those applications. AWS Elastic Beanstalk reduces management complexity without restricting choice or control. You simply upload your application, and Elastic Beanstalk automatically handles the details of capacity provisioning, load balancing, scaling, and application health monitoring.

Well done on completing all lectures of this extensive yet important section. Let's summarize some of the key concepts.

This lecture contains the steps involved in setting up a Classic Load Balancer from scratch.

Let's have an overview of Elastic Load Balancing concepts.

We'll start with configuration of our Classic Load Balancer. Following are the steps involved (in this lecture):

1. Creating SGs both for Load Balancer and EC2 Instances
2. Generating a free SSL/TLS certificate
3. Defining Load Balancer
4. Assigning it the preconfigured security group
5. Uploading SSL/TLS certificate to this very Load Balancer

We'll now configure the health check options, add EC2 Instances, enable Cross-Zone Load Balancing and Connection Draining. Finally, we will review and launch this Classic Load Balancer.

We'll test this Classic Load Balancer's functionality after going through some of its important attributes like Stickiness and Access Logs etc.

After diving deep into Classic Load Balancer concepts and setup, it's time for us to see how an Application Load Balancer is been configured.

Over here, we'll create two different Security Groups - one for Application Load Balancer and another one for EC2 Instances. Thereafter, we'll be launching two separate EC2 Instances (in two different Availability Zones) that would be registered as Targets in the Target Group later on.

In second part, we will be completing the entire configuration and launching process of our Application Load Balancer. Thereafter, we will test it to check whether it gives us the desired output.

As we have finished this entire section on Elastic Load Balancing, it's time for us to review key takeaways and summarize all important points we have discussed so far.

Let's start with a theoretical overview of Auto Scaling, where we'll be understanding different components of it and its various benefits.

We'll start with a practical demonstration to understand how a Target Tracking Policy can change your fleet size based upon the metric type and threshold value you define. To start with, we would be launching an instance while installing  applications upon it, extract an image/AMI from it, create a Load Balancer and create a Launch Configuration.

This video explains you how to configure an Auto Scaling Group and apply Target Tracking Policy to it.

Finally, we would be increasing the CPU utilization of our instances (in Auto Scaling Group) to check whether the Target Tracking Policy initiates a Scale-Out event.

Let's now see how you can implement scheduled based policies that will eventually scale-out or scale-in your instances based upon time of day.

In this lecture, you would be understanding the how to configure Simple and Step Scaling Policies for your Auto Scaling Group.

Finally, we'll be completing this configuration and testing it functionality by increasing CPU utilization of the instances.

Over here, we'll be going through three effective strategies to scale-out and scale-in our architecture manually.

Congratulations for completing this entire section. Let's now see the summary of it.

We'll start with a brief understanding of this feature and in that ways it can be implemented in your architecture.

Let's understand the theory behind following components of IAM: Policies, Users, Groups and Roles.

This is a practical demonstration on creating IAM users through AWS Management Console.

In this practical demonstration, we will understand how IAM Groups are being created and how they help you manage permissions for multiple IAM users effectively.

Let's now see how IAM Roles can be very effective in helping applications or services access other services without needing to store any passwords or access keys.

In this video, we'll see how to create a Customer Managed Policy which can help you to define granular level of access for your IAM Users, Groups and Roles.

Let's now configure the Multi-Factor Authentication (MFA) which acts as a second level of sign-in mechanism for IAM and root users.

It's time for us to understand some of the best practices that will surely help us to implement IAM more effectively and precisely.

Good job for competing all lectures in this section. Let's have a brief summarization to refresh all concepts we have gone through so far.

Let's see the list of all topics to be covered in this entire section.

This lecture covers some of the basic concepts of VPC, including its definition, components and benefits.

Let's understand three different types of IP Addresses used in structuring our VPC: Private, Public and Elastic.

It's extremely important for us to have a clear understanding of different types of Subnets, Public and Private, that we carve out within our VPC, as they help us to create and maintain separate layers of resources.

Let's learn differences between two different types of VPCs - Default and Non-Default, and know exact characteristics of them.

Route Tables bind our entire network and help us make pertinent routing decisions.

An Internet Gateway creates a path towards the internet. Hence, it is one of the crucial components of our VPC.

Let's now understand the relevance of NAT Devices, that help instances/databases in Private Subnet download the patches/updates securely. Also, we'll get to know clear differences between NAT Gateway and NAT Instance,

In this lecture, we'll understand the importance of using Network Access Controls Lists (ACLs) to secure of architecture.

How to create and configure custom ACLs with inbound and outbound rules of your preference?

This is when the real action begins. Let's deep dive in and lean how to plan, design and create our first Non-Default/Custom VPC from scratch.

This is the continuation of the steps involved in building our Non-Default VPC.

Congratulations on completing this extensive yet important section. Let's summarize by going through some of the key points.

After we complete our VPC lab, it's important to delete those resources that may incur us charges.

Let's understand how VPC Peering can be used to connect two VPCs together.

This is a practical demonstration that showcases how VPC Peering connections are being established between VPCs.

How you're being charged for the usage of VPC?