Improve AWS Roadmap content (#7400)

* Introduction.

* EC2.

* VPC

* IAM

* Autoscaling.
pull/7427/head
Vedansh 1 month ago committed by GitHub
parent 5b29181d95
commit 78a642f8bd
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
  1. 5
      src/data/roadmaps/aws/content/100-introduction/100-cloud-computing.md
  2. 4
      src/data/roadmaps/aws/content/100-introduction/103-aws/101-shared-respons.md
  3. 2
      src/data/roadmaps/aws/content/100-introduction/103-aws/102-well-architected.md
  4. 6
      src/data/roadmaps/aws/content/100-introduction/103-aws/index.md
  5. 8
      src/data/roadmaps/aws/content/100-introduction/index.md
  6. 2
      src/data/roadmaps/aws/content/101-ec2/100-instance-types.md
  7. 4
      src/data/roadmaps/aws/content/101-ec2/101-cpu-credits.md
  8. 4
      src/data/roadmaps/aws/content/101-ec2/106-purchasing-options.md
  9. 2
      src/data/roadmaps/aws/content/101-ec2/index.md
  10. 2
      src/data/roadmaps/aws/content/102-vpc/100-cidr-blocks.md
  11. 4
      src/data/roadmaps/aws/content/102-vpc/101-subnets/100-private.md
  12. 4
      src/data/roadmaps/aws/content/102-vpc/101-subnets/101-public.md
  13. 4
      src/data/roadmaps/aws/content/102-vpc/101-subnets/index.md
  14. 4
      src/data/roadmaps/aws/content/102-vpc/103-security-groups.md
  15. 4
      src/data/roadmaps/aws/content/102-vpc/104-internet-gateway.md
  16. 4
      src/data/roadmaps/aws/content/102-vpc/105-nat-gateway.md
  17. 4
      src/data/roadmaps/aws/content/102-vpc/index.md
  18. 4
      src/data/roadmaps/aws/content/103-iam/100-policies/100-identity-based.md
  19. 4
      src/data/roadmaps/aws/content/103-iam/100-policies/101-resource-based.md
  20. 4
      src/data/roadmaps/aws/content/103-iam/101-users-groups.md
  21. 4
      src/data/roadmaps/aws/content/103-iam/102-roles/100-instance-profiles.md
  22. 4
      src/data/roadmaps/aws/content/103-iam/102-roles/101-assuming-roles.md
  23. 4
      src/data/roadmaps/aws/content/104-autoscaling/100-amis.md
  24. 4
      src/data/roadmaps/aws/content/104-autoscaling/101-launch-templates.md
  25. 4
      src/data/roadmaps/aws/content/104-autoscaling/102-autoscaling-groups.md
  26. 4
      src/data/roadmaps/aws/content/104-autoscaling/103-scaling-policies.md
  27. 4
      src/data/roadmaps/aws/content/104-autoscaling/104-elb.md
  28. 4
      src/data/roadmaps/aws/content/104-autoscaling/index.md

@ -1,3 +1,8 @@
# What is Cloud Computing?
Cloud Computing refers to the delivery of computing services over the internet instead of using local servers. It offers reliable, scalable, and inexpensive cloud computing services which include data storage, databases, applications, analytics, machine learning, and even setting up virtual servers. The biggest names providing cloud computing services are Amazon Web Services (AWS), Microsoft Azure, Google Cloud, and others. The main selling point is that you only pay for the services you use, helping you manage your expenses more effectively.
Visit the following resources to learn more:
- [@article@What is Cloud Computing - IBM](https://www.ibm.com/topics/cloud-computing)
- [@article@Cloud Computing - AWS](https://aws.amazon.com/what-is-cloud-computing/)

@ -1,3 +1,7 @@
# Shared Responsibility Model
In Amazon Web Services (AWS), the concept of 'Shared Responsibility' pertains to the distribution of security and compliance responsibilities between AWS and the user/client. Under this model, AWS is responsible for the security "of" the cloud — including the infrastructure, hardware, software, networking, and facilities that run AWS cloud services. On the other hand, the user is responsible for security "in" the cloud — this includes managing and configuring the customer-controlled services, protecting account credentials, and securing customer data. This shared model aims to lessen operational burden for users and provide flexible security controls.
Visit the following resources to learn more:
- [@official@Shared Responsibility Model](https://aws.amazon.com/compliance/shared-responsibility-model/)

@ -4,4 +4,4 @@ AWS Well-Architected Framework is a set of strategic guidelines provided by Amaz
Visit the following resources to learn more:
- [@article@AWS Well-Architected](https://aws.amazon.com/architecture/well-architected)
- [@official@AWS Well-Architected](https://aws.amazon.com/architecture/well-architected)

@ -1,10 +1,10 @@
# Introduction to AWS
AWS (Amazon Web Services) offers a broad set of global cloud-based products including compute, storage, databases, analytics, networking, mobile, developer tools, management tools, IoT, security, and enterprise applications: on-demand, available in seconds, with pay-as-you-go pricing. From data warehousing to deployment tools, directories to content delivery, over 200 AWS services are available. New services can be provisioned quickly, without the upfront fixed expense. This allows enterprises, start-ups, small and medium-sized businesses, and customers in the public sector to access the building blocks they need to respond quickly to changing business requirements. This whitepaper provides you with an overview of the benets of the AWS Cloud and introduces you to the services that make up the platform.
AWS (Amazon Web Services) offers a broad set of global cloud-based products including compute, storage, databases, analytics, networking, mobile, developer tools, management tools, IoT, security, and enterprise applications: on-demand, available in seconds, with pay-as-you-go pricing. From data warehousing to deployment tools, directories to content delivery, over 200 AWS services are available. New services can be provisioned quickly, without the upfront fixed expense. This allows enterprises, start-ups, small and medium-sized businesses, and customers in the public sector to access the building blocks they need to respond quickly to changing business requirements. This whitepaper provides you with an overview of the benefits of the AWS Cloud and introduces you to the services that make up the platform.
Learn more from the following links:
- [@article@AWS Documentation](https://docs.aws.amazon.com/)
- [@article@Introduction of AWS](https://docs.aws.amazon.com/whitepapers/latest/aws-overview/introduction.html)
- [@official@AWS Documentation](https://docs.aws.amazon.com/)
- [@official@Introduction of AWS](https://docs.aws.amazon.com/whitepapers/latest/aws-overview/introduction.html)
- [@video@AWS Tutorial for Beginners](https://www.youtube.com/watch?v=zA8guDqfv40)
- [@feed@Explore top posts about AWS](https://app.daily.dev/tags/aws?ref=roadmapsh)

@ -1,10 +1,10 @@
# Introduction
AWS (Amazon Web Services) offers a broad set of global cloud-based products including compute, storage, databases, analytics, networking, mobile, developer tools, management tools, IoT, security, and enterprise applications: on-demand, available in seconds, with pay-as-you-go pricing. From data warehousing to deployment tools, directories to content delivery, over 200 AWS services are available. New services can be provisioned quickly, without the upfront fixed expense. This allows enterprises, start-ups, small and medium-sized businesses, and customers in the public sector to access the building blocks they need to respond quickly to changing business requirements. This whitepaper provides you with an overview of the benets of the AWS Cloud and introduces you to the services that make up the platform.
AWS (Amazon Web Services) offers a broad set of global cloud-based products including compute, storage, databases, analytics, networking, mobile, developer tools, management tools, IoT, security, and enterprise applications: on-demand, available in seconds, with pay-as-you-go pricing. From data warehousing to deployment tools, directories to content delivery, over 200 AWS services are available. New services can be provisioned quickly, without the upfront fixed expense. This allows enterprises, start-ups, small and medium-sized businesses, and customers in the public sector to access the building blocks they need to respond quickly to changing business requirements. This whitepaper provides you with an overview of the benefits of the AWS Cloud and introduces you to the services that make up the platform.
Learn more from the following links:
- [@article@How to create an AWS Account](https://grapplingdev.com/tutorials/how-to-create-aws-account)
- [@article@AWS Documentation](https://docs.aws.amazon.com/)
- [@article@Introduction of AWS](https://docs.aws.amazon.com/whitepapers/latest/aws-overview/introduction.html)
- [@official@AWS Documentation](https://docs.aws.amazon.com/)
- [@official@Introduction of AWS](https://docs.aws.amazon.com/whitepapers/latest/aws-overview/introduction.html)
- [@article@How to Create an AWS Account](https://grapplingdev.com/tutorials/how-to-create-aws-account)
- [@video@AWS Tutorial for Beginners](https://www.youtube.com/watch?v=zA8guDqfv40)

@ -2,6 +2,6 @@
AWS EC2 instances come in a variety of types optimized to fit different use cases. They are grouped into categories depending on their performance capacity and pricing structure. There are five categories of instance types including General Purpose, Compute Optimized, Memory Optimized, Storage Optimized, and Accelerated Computing instances. Each category is suited best for specific workloads and they consist of different instance types each given a specific name, for example, 't2.micro'. Each instance type has a specific amount of CPU, memory, storage, and network capacity. Understanding the workloads of your applications can help you determine which instance type would be best suited to your needs.
Learn more from the following resources:
Visit the following resources to learn more:
- [@official@AWS EC2 Instance Types](https://aws.amazon.com/ec2/instance-types)

@ -2,7 +2,7 @@
AWS EC2 instances earn CPU Credits when they are idle and consume CPU credits when they are active. A CPU credit provides the performance of a full CPU core for one minute. T2 and T3 instances accrue CPU Credits and use them to burst beyond their baseline performance. For example, a t2.micro instance receives credits continuously at a rate of 6 CPU Credits per hour. The credit balance of an instance can be saved for up to 7 days. When the instance does not have any CPU credits, it performs at the baseline. It's important to note that CPU credit pricing is different and additional to the instance pricing. AWS also offers Unlimited mode for instances that need to burst beyond the baseline performance for extended periods.
Learn more from the following link:
Visit the following resources to learn more:
- [@article@Burstable performance instances and CPU credits](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/burstable-credits-baseline-concepts.html)
- [@official@Burstable Performance Instances and CPU Credits](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/burstable-credits-baseline-concepts.html)
- [@feed@Explore top posts about Computing](https://app.daily.dev/tags/computing?ref=roadmapsh)

@ -1,3 +1,7 @@
# Purchasing Options
Amazon EC2 provides several purchasing options to fit different workload needs. The **On-Demand** option allows clients to pay for compute capacity per hour with no long-term commitments. **Reserved Instances** provide a significant discount compared to On-Demand pricing and are ideal for applications required steady state usage. **Spot Instances** allow clients to bid for unused Amazon EC2 capacity and can provide significant savings if flexibility is possible in starting and stopping times. **Dedicated Hosts** are physical EC2 servers dedicated to specific clients, suitable for regulatory requirements and licenses which do not support multi-tenant virtualization, and **Savings Plans** offer reduced rates for committing to a consistent amount of usage for 1 or 3 years.
Visit the following resources to learn more:
- [@official@Purchasing Options](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-purchasing-options.html)

@ -2,6 +2,6 @@
Amazon Elastic Compute Cloud (EC2) is a web service that provides secure, resizable compute capacity in the cloud. It is designed to make web-scale cloud computing easier for developers. EC2’s simple web service interface allows you to obtain and configure capacity with minimal friction. EC2 enables you to scale your compute capacity, develop and deploy applications faster, and run applications on AWS's reliable computing environment. You have the control of your computing resources and can access various configurations of CPU, Memory, Storage, and Networking capacity for your instances.
Learn more from the following resources:
Visit the following resources to learn more:
- [@official@EC2 - User Guide](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/concepts.html)

@ -2,7 +2,7 @@
"CIDR" stands for Classless Inter-Domain Routing. In AWS VPC, a CIDR block is the IP address block from which private IPv4 addresses and public IPv4 addresses are allocated when you create a VPC. The CIDR block can range from /28 (16 IP addresses) to /16 (65,536 IP addresses). It represents a network segment and is associated with a network boundary. Upon creation, you cannot change the CIDR block of your VPC, but you can add additional CIDR blocks to it if needed. A VPC's CIDR block should not overlap with any of the existing network's CIDR blocks.
## References
Visit the following resources to learn more:
- [@official@cidr.xyz: Interactive CIDR range visualizer](https://cidr.xyz/)
- [@official@VPC - CIRD Blocks](https://docs.aws.amazon.com/pt_br/vpc/latest/userguide/vpc-cidr-blocks.html)

@ -1,3 +1,7 @@
# Private Subnet
Private subnets in AWS are isolated network segments within your VPC that do not have direct access to the internet. You can use private subnets to run services and applications that should not be directly accessible from the outside world, but still need to communicate with other resources within your VPC. Any instances launched in a private subnet cannot directly send traffic to the internet without routing through a NAT device.
Visit the following resources to learn more:
- [@official@Subnets](https://docs.aws.amazon.com/vpc/latest/userguide/configure-subnets.html)

@ -1,3 +1,7 @@
# Public Subnet
In AWS, a subnet that's designated as `public` is one that has direct access to the Internet. Each subnet that you create runs on its own portion of the AWS network, and you can consider them as logically isolated sections. When a subnet is designated as public, it means an Internet Gateway is attached to it and thus instances within this subnet can easily communicate with the outside net. Each instance that you launch into a public subnet is automatically assigned a private IPv4 address and a public IPv4 address. These addresses don't change and remain with the instance, until it's stopped, terminated or replaced with a different address. This setup allows instances in the public subnet to communicate directly with the internet and other AWS services.
Visit the following resources to learn more:
- [@official@Subnets](https://docs.aws.amazon.com/vpc/latest/userguide/configure-subnets.html)

@ -1,3 +1,7 @@
# Subnets
Subnets or subnetworks in Amazon VPC (Virtual Private Cloud) are divisions of a VPC's IP address range. You can launch Amazon Elastic Compute Cloud (Amazon EC2) instances into a selected subnet. When you create a subnet, you specify the CIDR block for the subnet, which is a subset of the VPC CIDR block. Each subnet must be associated with a route table, which controls the traffic flow between the subnets. There are two types of subnets: public and private. A public subnet is one in which the associated route table directs the subnet to the Internet Gateway (IGW) of the VPC. A private subnet does not have a route to the IGW and hence has no direct route to the internet.
Visit the following resources to learn more:
- [@official@Subnets](https://docs.aws.amazon.com/vpc/latest/userguide/configure-subnets.html)

@ -1,3 +1,7 @@
# Security Groups
Security Groups in AWS act as a virtual firewall for your instance to control inbound and outbound traffic. When you launch an instance in a VPC, you can assign up to five security groups to the instance. Security Groups are stateful — if you send a request from your instance, the response traffic for that request is allowed to flow in regardless of inbound security group rules. You can specify allow rules, but not deny rules. You can specify separate rules for inbound and outbound traffic. Therefore, if you need to allow specific communication between your instances, you'll need to configure both outbound rules for the sender security group and inbound rules for the receiver security group.
Visit the following resources to learn more:
- [@official@Security Groups](https://docs.aws.amazon.com/vpc/latest/userguide/vpc-security-groups.html)

@ -1,3 +1,7 @@
# Internet Gateway
An **Internet Gateway** is a redundant, horizontally scalable component in AWS that performs bi-directional routing between a VPC and the Internet. It serves two purposes; routing outbound traffic from the VPC to the internet (NAT), and routing inbound traffic from the Internet to the VPC. It's automatically highly available and provides bandwidth and redundancy across all AWS Regions. It becomes associated with a VPC upon creation, and cannot be detached or attached to another VPC once created. Security to and from the Internet Gateway can be controlled using route tables and security groups or network ACLs.
Visit the following resources to learn more:
- [@article@Internet Gateway](https://www.cisco.com/c/en/us/products/routers/what-is-a-network-gateway.html)

@ -1,3 +1,7 @@
# NAT Gateway
AWS NAT Gateway is a managed service that provides source Network Address Translation (NAT) for instances in a private subnet so they can access the internet securely. It's designed to operate automatically, handling bandwidth scaling, failover, and managing carrier IP addresses. With NAT Gateway, instances within a VPC can access the internet for software updates, patches, etc, but inbound traffic from the internet is prevented, helping maintain the security and privacy of the private subnet. NAT Gateway is redundant within the Availability Zone, providing high availability. It supports TCP, UDP, and ICMP protocols, as well as Port Address Translation (PAT).
Visit the following resources to learn more:
- [@official@NAT Gateway](https://docs.aws.amazon.com/vpc/latest/userguide/vpc-nat-gateway.html)

@ -1,3 +1,7 @@
# VPC
Amazon VPC (Virtual Private Cloud) is a service that lets you launch AWS resources in a logically isolated virtual network that you define. It provides advanced security features such as security groups and network access control lists to enable inbound and outbound filtering at the instance and subnet level. Additionally, you can create a Hardware Virtual Private Network (VPN) connection between your corporate datacenter and your VPC to leverage the AWS cloud as an extension of your corporate datacenter.
Visit the following resources to learn more:
- [@official@VPC](https://aws.amazon.com/vpc/)

@ -1,3 +1,7 @@
# Identity-Based
"Identity-based policies" are one of the types of policies you can create in AWS (Amazon Web Services). They are attached directly to an identity (like an IAM user, group, or role) and control what actions that identity can perform, on which resources, and under what conditions. There are two types - inline and managed. Inline policies are created and managed individually, while managed policies are standalone policies that you can attach to multiple identities. This offers a flexible framework for managing permissions across your AWS resources. These policies are written in a language called JSON (JavaScript Object Notation).
Visit the following resources to learn more:
- [@official@Identity Based Policies](https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_identity-vs-resource.html)

@ -1,3 +1,7 @@
# Resource-Based
Resource-based policies are attached directly to the AWS resources that receive the permissions. The policy then specifies what actions are allowed or denied on that particular resource. In resource-based policies, you include a `Principal` element in the policy to indicate the IAM users or roles that are granted the permissions. While not all AWS services support resource-based policies, common services that do include Amazon S3 for bucket policies, AWS KMS for key policies, and Amazon SNS for topic policies.
Visit the following resources to learn more:
- [@official@Identity Based Policies](https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_identity-vs-resource.html)

@ -1,3 +1,7 @@
# Users / User Groups
In AWS Identity and Access Management (IAM), a **Users Group** is a collection of IAM users. Groups enable you to specify permissions for multiple users, making it easier to manage the permissions for those users. For example, you could have a group called "Developers" and give that group the necessary permissions for developing in your environment. If a new developer joins your organization, rather than defining permissions specifically for that user, you can add the user to the "Developers" group to assign those permissions. Remember, each AWS IAM user in a group inherits the permission policies attached to the group.
Visit the following resources to learn more:
- [@official@IAM - AWS](https://docs.aws.amazon.com/IAM/latest/UserGuide/introduction.html)

@ -1,3 +1,7 @@
# Instance Profiles
Instance profiles are AWS IAM entities that you can use to grant permissions to applications running on your EC2 instances. They effectively allow your instances to make secure API requests. An instance profile is essentially a container for an AWS Identity and Access Management (IAM) role that you can use to pass roles to EC2 instances at launch time. Once an IAM role is associated with an instance at launch time, we can't change the role. However, you can modify the permissions policies attached to the role, and the updated permissions do take effect immediately.
Visit the following resources to learn more:
- [@official@Instance Profiles](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_use_switch-role-ec2_instance-profiles.html)

@ -1,3 +1,7 @@
# Assuming Roles
Assuming roles in AWS allows one AWS identity to perform actions and access resources in another AWS account, without having to share security credentials. This is achieved using temporary security credentials. You assume a role by calling the `AWS Security Token Service (STS)` AssumeRole APIs, passing the ARN of the role to assume. After successfully assuming a role, STS returns temporary security credentials that you can use to make requests to any AWS service. The assumed role provides specific permissions that determine what the role user can and cannot do. Thus, users can switch between roles using AWS Management Console, AWS CLI, or AWS API.
Visit the following resources to learn more:
- [@official@Assuming Roles](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_manage-assume.html)

@ -1,3 +1,7 @@
# AMIs
Amazon Machine Images (AMIs) are pre-configured templates for EC2 instances. When you launch an instance in EC2, you start with an AMI. An AMI includes details such as the operating system to use, applications to install, and the volume type and size. AMIs can be either public or private — public AMIs are available for anyone to use, while private AMIs are only available to specific AWS accounts. You can create your own custom AMIs, enabling you to quickly start and replicate a known configuration for your EC2 instances.
Visit the following resources to learn more:
- [@official@AMIs](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/AMIs.html)

@ -1,3 +1,7 @@
# Launch Templates
"Launch Templates" in AWS Auto Scaling are configurations that an Auto Scaling group uses to launch EC2 instances. They store the configuration information necessary to launch an instance, which includes the ID of the Amazon Machine Image (AMI), the instance type, a key pair, security groups, and the storage configuration. It helps in setting up new instances quickly and prevent configuration inconsistencies across instances. These templates can also be versioned, allowing updates and roll backs to previous configurations.
Visit the following resources to learn more:
- [@official@Launch Templates](https://aws.amazon.com/about-aws/whats-new/2017/11/introducing-launch-templates-for-amazon-ec2-instances/)

@ -1,3 +1,7 @@
# Auto-Scaling Groups
"Autoscaling Groups" in AWS, also known as Auto Scaling Groups (ASGs), are the main components used for scaling resources automatically according to your requirements in AWS. They contain a collection of Amazon Elastic Compute Cloud (EC2) instances that are treated as a logical grouping for the purpose of automatic scaling and management. The instances in an ASG are distributed across different availability zones in a region, ensuring a high level of fault tolerance. When defining an ASG, you specify its minimum, maximum, and desired number of EC2 instances. You also have to specify a launch configuration that determines what type of instances should be launched and from which Amazon Machine Image (AMI).
Visit the following resources to learn more:
- [@official@Auto Scaling Groups](https://docs.aws.amazon.com/eks/latest/best-practices/cas.html)

@ -1,3 +1,7 @@
# Scaling Policies
AWS Autoscaling supports various types of scaling policies that control how and when to scale. These include target tracking scaling policies, step scaling policies, and simple scaling policies. Target tracking scaling policies adjust the capacity based on specified dynamic conditions, maintaining the target value for the specified metric. Step scaling policies adjust the capacity based on a set of scaling adjustments, increasing or decreasing the capacity within the constraints of the minimum and maximum capacity. Meanwhile, simple scaling policies increase or decrease the capacity based on a single alarm.
Visit the following resources to learn more:
- [@official@AWS Autoscaling Policy](https://docs.aws.amazon.com/autoscaling/ec2/userguide/what-is-amazon-ec2-auto-scaling.html)

@ -1,3 +1,7 @@
# Elastic Load Balancers
Elastic Load Balancing (ELB) is a load-balancing service for Amazon Web Services (AWS) deployments. It automatically distributes incoming application traffic and scales resources to meet traffic demands. ELB helps to ensure that the incoming traffic is spread evenly across your Amazon EC2 instances, making your application more highly available and fault-tolerant. It supports routing and load balancing for HTTP/HTTPS, and TCP traffic. There are three types of load balancers that ELB offers - Application Load Balancer (ideal for HTTP and HTTPS traffic), Network Load Balancer (best for TCP traffic where extreme performance is required) and Classic Load Balancer (provides basic load balancing across multiple Amazon EC2 instances).
Visit the following resources to learn more:
- [@official@Elastic Load Balancers](https://aws.amazon.com/elasticloadbalancing/)

@ -1,3 +1,7 @@
# Auto-Scaling
AWS Auto Scaling is a service that automatically scales resources to meet the demands of your applications. It uses policies, health status, and schedules to determine when to add more instances, ensuring that your application always has the right amount of capacity. AWS Auto Scaling can scale resources across multiple services and manage the scaling process in real time. It optimizes for cost and performance, and with the help of Amazon CloudWatch, it adjusts capacity based on the demand patterns of your workloads.
Visit the following resources to learn more:
- [@official@AWS Autoscaling](https://docs.aws.amazon.com/autoscaling/ec2/userguide/what-is-amazon-ec2-auto-scaling.html)

Loading…
Cancel
Save