AWS Transit Gateway is used to simplify your AWS network architecture (topology) by allowing to have transitive peering between hundreds and thousands of VPC and on-premise data centers.Continue reading “[AWS Architect] (15) AWS Transit Gateway”
A VPC Endpoint is a gateway object within a VPC and can be used to connect to AWS public services without the need for Internet Gateway or a public subnet without leaving the AWS network.Continue reading “[AWS Architect] (14) VPC Endpoints”
VPC Peering allows direct communication between VPCs using OSI Layer 3 (Network). Once the VPCs are connected, 2 VPCs can communicate using private IP addresses.
- VPC Peers can span AWS accounts and even regions with some limitations.
- Data is encrypted and transits via the AWS global backbone.
Here is the confusing part. AWS provides multiple auto scaling services: notably ASW Auto Scaling and EC2 Auto Scaling.
- AWS Auto Scaling lets you configure and manage scaling for your scalable AWS resources through a scaling plan.
- EC2 Auto Scaling is an AWS service that automatically increases or decreases the number of on-demand instances based on chosen CloudWatch metrics.
Load balancing is a method used to distribute incoming connections across a group of servers or services.
- Elastic Load Balancing (ELB) automates distributing traffic evenly to all instances in multiple AZs within a region.
- SSL can be directly applied to ELB – can help reduce the compute power on an EC2 instance.
Cloud Front is a Content Delivery Network (CDN) – lower latency, higher transfer speed, and reduced server load. It has built-in DDoS (distributed denial of service) attack protection.
- CloudFront is a global service.
- The domain name is created when a distribution is created and is used to view contents in a browser.
- Objects are cached for the life of the Time to Live (TTL).
- You can invalidate (clear) cached contents manually with some costs.
Route 53 configures and manages domains: domain registration, DNS (Domain Name System) service, and health checking. – DNS uses port 53. That is how the name comes from.
- Route 53 is commonly used with ELB (Elastic Load Balancer) and CloudFront.
- Split-View DNS option (Hosted zones) allows maintaining both a private and a public hosted zone with the same domain name.
- The private hosted zones are allowed with VPCs. Associated VPCs can see the interval version of a website by using the private zone’s A record.
- A public hosted zone holds the information about how to route the public domain name. The host (www) portion is not included in a public zone’s naming convention.
- In Route 53, the TTL (Time to Live) is the amount of time that the DNS resolver will cache the record.
- When creating an A record, you need to specify TTL, a routing policy, and IP values.
Domain Name System (DNS)
DNS is a process of mapping a human-friendly domain name to an IP address.
- DNS Root Servers: A group of servers to answer the root zone. Top Level Domains (TLDs) are controlled by the root zone database – Internet Assigned Numbers Authority (IANA).
- Domain Registrars: All domain names must be unique. A registrar is an authority that can assign domain names to top-level domains and ensure its uniqueness. Each domain name becomes registered in a central database (WhoIS server).