Notes for my Cloud certifications.

Project maintained by rishabkumar7 Hosted on GitHub Pages — Theme by mattgraham

AWS Certfied Developer Associate

IAM: Identity and Access Management

When accessing AWS, the root account should never be used. Users must be created with the proper permissions. IAM is central to AWS.

For big enterprises:


IAM policies define permissions for an action regardless of the method that you use to perform the operation.

Policy types

AWS Policy Simulator

Best practices:

EC2: Virtual Machines

By default, your EC2 machine comes with:

When you SSH into your EC2 machine:

If your machine is stopped and then restarted, the public IP will change

EC2 User Data

EC2 Meta Data

EC2 Instance Launch Types

On Demand Instance:

Which host is right for me?

EC2 Pricing


What’s AMI?

Why you use a custom AMI?

EC2 Instances Overview

T2 Unlimited

Security Groups

The fundamental of network security in AWS

Security groups act as a firewall on EC2 Instances

They regulate:

ELB: Elastic Load Balancers

Load balancers are servers that forward internet traffic to multiple servers (EC2 Instances) downstream

Why use a load balancer?

AN ELB (EC2 Load Balancer) is a managed load balancer

It costs less to setup your own load balancer but it will be a lot more effort on your end. It is integrated with many AWS offerings / services

Types of load balancers on AWS

Health Checks

Application Load Balancer (v2)

Load Balancers Good to Know

ASG: Auto Scaling Group

In real-life, the load on your websites and applications can change. You can create and get rid of servers very quickly

The goal of an Auto Scaling Group (ASG) is to:

ASGs have the following attributes

Auto Scaling Alarms

New Auto Scaling Rules

Auto Scaling Custom Metric

ASG Summary

EBS Volume

EBS Volume

EBS Volume Types

EBS Volume Resizing

EBS Snapshots

EBS Encryption

EBS vs. Instance Store

EBS Summary

Route 53

Route 53 is a managed DNS (Domain Name System)

DNS is a collection of rules and records which helps clients understand how to reach a server through URLs.

In AWS, the most common records are (will be on exam):

Route 53 can use:

Route53 has advanced features such as:

Prefer Alias over CNAME for AWS resources (for performance reasons)

RDS: Relational Database Service

A managed DB service for DB use SQL a query

It allows you to create databases in the cloud that are

Advantages of RDS over deploying a database in EC2

RDS Read replicas for read scalability

RDS Multi AZ (Disaster Recovery)

RDS Backups

RDS Encryption

RDS Security

RDS vs. Aurora


Overview: The same way RDS is to get managed Relational Databases, ElastiCache is to get managed Redis or Memcached. Caches are in-memory databases with really high performance, low latency. They help reduce loads off of databases for read intensive workloads. They help make your application stateless.

Solution Architecture - DB Cache

Redis Overview

Memcached Overview

VPC: Virtual Private Cloud

Within a region, you’re able to create VPCs. Each VPC contain subnets (networks). Each subnet must be mapped to an AZ. It’s common to have a public ip and private ip subnet. It’s common to have many subnets per AZ.

Public Subnets usually contain:

Private Subnets usually contain:

Public and Private subnets can communicate if they’re in the same VPC

AWS VPC Summary

S3 Buckets

AWS S3 - Versioning

S3 Encryption for Objects

Encryption in transit (SSL)

S3 Security

S3 Bucket Policies

S3 Websites

S3 Cors

AWS S3 - Consistency Model

AWS S3 - Other

AWS S3 Performance

CLI: Command Line Interface

Add user credentials locally using this command:

If you are using multiple AWS accounts, you can add custom profiles with seperate credentials using this command:


CLI STS Decode Errors

SDK: Software Development Kit

If you want to perform actions on AWS directly from your application’s code without using a CLI, you can use an SDK

Official SDKs:

SDK Takeaways

SDK Credentials Security

Exponential Backoff

Elastic Beanstalk

Elastic Beanstalk is a developer centric view of deploying application on AWS.

# CICD: Continuous Integration and Deployment

Orchestration == CICD


What is CloudFormation?

Note: This is an introduction to CloudFormation

Benefits of CloudFormation

How CloudFormation works

Deploying CloudFormation templates

CloudFormation Building Blocks

#### CloudFormation Resources

FAQ for resources

CloudFormation Parameters

How to reference a parameter

CloudFormation Mappings

When would you use Mapping vs. Parameters?

CF Outputs

Outputs examples
Cross Stack Reference

CloudFormation Conditions

Defining Conditions

CloudFormation Intrinsic Functions

CloudFormation Rollbacks


CloudWatch is used for monitoring.

Why is monitoring important?

Monitoring in AWS

CloudWatch Metrics

CloudWatch EC2 Detailed monitoring

AWS CloudWatch Custom Metrics

Alarms are used to trigger notifications for any metric

AWS CloudWatch Logs

AWS CloudWatch Events

DynamoDB (No-SQL):

Developer Associate Specific Topics

AWS Lambda

AWS Lambda language support

AWS Lambda Pricing: example

Lambda – Synchronous Invocations

Lambda - Synchronous Invocations - Services

Lambda – Asynchronous Invocations

Lambda - Asynchronous Invocations - Services


Lambda Execution Role (IAM Role)

Lambda Resource Based Policies

Lambda Environment Variables

Lambda Functions /tmp space

Lambda Function Dependencies

AWS Lambda Limits to Know - per region

AWS Lambda Best Practices

API Gateway

API Gateway – Integrations High Level

API Gateway - Endpoint Types

API Gateway – Deployment Stages

API Gateway – Stage Variables

API Gateway - Integration Types

Amazon Cognito

Cognito User Pools (CUP) – User Features

Cognito User Pools – Hosted Authentication UI

Cognito Identity Pools (Federated Identities)

Cognito Identity Pools – IAM Roles

Cognito User Pools vs Identity Pools


Docker Containers Management

ECS Clusters

ECS Task Definitions



ECS Task Placement Process

ECS Task Placement Strategies

ECS – Service Auto Scaling