young call girls in Rajiv Chowk🔝 9953056974 🔝 Delhi escort Service
CUH Final Semester Internship PPT on AWS Solution Architect and Developer
1. Central University Of Haryana
Final Semester Internship PPT
On
AWS Solution Architect and Developer
By
Shivji Prasad 11515
Department :CSE
School of Engineering
CUH
6. High-Performance Architecture
❖ Elastic and Scalable Compute Workload
➢ The ability to acquire resources as you need them and release resources when you no longer
need them.
➢ Service Like Lambda,ECS,EC2 , Fargate and so on
❖ High-Performance & Scalable Storage Workload
➢ Amazon FSx for Lustre is a fully managed high performance file system used for High Performance Computing
(HPC), machine learning and video redering applications. FSx for Lustre offers millions of IOPS, sub-millisecond
latencies and up to hundreds of GB/s of throughput.
❖ High-Performance & Scalable Networking Workload
➢ EFA, GLobal Accelerator and Route53 and CloudFront
➢ Placement Group
■ Cluster Placement Group
❖ High-Performance & Scalable Database Workload
➢ RDS Aurora and Aurora Severless, In-memory cache
7. Design Secure Application
❖ Design secure access to AWS resources
❖ Design Secure application tiers
❖ Choose appropriate Data security Options
Design secure access to AWS
8. Design secure access to AWS
❖ AWS Organisation
➢ It is used to manage several Aws account using SCP
❖ AWS SDK and AWS CLI
➢ It is used access AWS Software Development Kit and Command Line Interface
❖ AWS STS
➢ Security Token Service is a web service that enables you to request temporary, limited-privilege credentials for AWS
(IAM) users or for users that you authenticate (federated users).
❖ AWS Security Groups
➢ Firewall at Instance Level
❖ AWS NACL
➢ Firewall at subnet level
❖ AWS NAT Gateway
➢ A NAT gateway is a Network Address Translation (NAT) service. You can use a NAT gateway
so that instances in a private subnet can connect to services outside your VPC but external
services cannot initiate a connection with those instances.
9. Design Secure application tiers
❖ Using SSL with Application Load Balancer
➢ SSL load balancer performs the decryption of requests and encryption of responses that the
web or application server. It encrypts the server's response before returning to client.
❖ Using WAF:
➢ AWS WAF is a web application firewall that helps protect your web applications or APIs
against common web exploits and bots that may affect availability, compromise security,
consume excessive resources
❖ Using Firewall Manager
➢ AWS Firewall Manager is a security management service which allows you to centrally
configure and manage firewall rules across your accounts and applications in AWS
Organizations.
❖ Using Shield:
➢ AWS Shield is a managed Distributed Denial of Service (DDoS) protection service that
safeguards applications running on AWS.
10. Choose appropriate Data security Options
❖ EBS encryption tightly integrates with KMS
❖ Server-Side Encryption with S3 managed keys (SEE-S3)
❖ Server-Side Encryption with KMS managed keys(SEE-KMS)
❖ Server-Side Encryption with Customer provide Key
❖ Client-Side Encryption with KMS managed Keys(CSE-KMS)
❖ Client-Side Encryption with Customer provide Key(CSE-C)
12. Identify cost-effective compute solution
❖ Spot Fleets = set of Spot Instances + (optional) On-Demand Instances
❖ Spot Instances: short workloads, cheap, can lose instances (less reliable)
❖ Spot Block :reverse instance for 1 to 6 hours
❖ Dedicated Hosts: book an entire physical server, control instance placement
❖ Dedicated Instances: no other customers will share your hardware
❖ On-Demand Instances: short workload, predictable pricing
❖ Reserved: (MINIMUM 1 year)
➢ Reserved Instances: long workloads
➢ Convertible Reserved Instances: long workloads with flexible instances
➢ Scheduled Reserved Instances: example – every Thursday between 3 and 6 pm