Management,Monitoring n Governance
1. AWS Auto scaling
2.AWS Budgets
3.AWS CloudFormation
4.AWS CloudTrail
5.Amazon CloudWatch
6.AWS Config
7.AWS Cost and Usage Report (AWS CUR)
8.Amazon EventBridge (Formerly called Amazon CloudWatch Events)
9.AWS License Manager
10.AWS Managed Services
11.AWS Organizations
12.AWS Secrets Manager
13. AWS Systems Manager
14.AWS Systems Manager Parameter Store
15.AWS Trusted Advisor
a. AWS Opsworks (Automation tool)
b. AWS service catalog
c. AWS Personal Health Dashboard
d. AWS Service Health Dashboard
f. AWS control tower
e. Auto scaling (ASG)
AWS Auto scaling
Amazon EC2 Auto Scaling automatically responds to demand by "adding or removing EC2 instances" to ensure the right amount of compute capacity is available at any time.
This can help to automatically adjust the number of instances based on
the load on your application.
This is Example of Horizontal scaling
________________________________________________________________________________________
AWS Budgets
You can use AWS Budgets to track and take action on your AWS cost and usage.
________________________________________________________________________________________
AWS cloud formation (used for automation)
AWS CloudFormation enables you to create and provision
AWS infrastructure deployments "predictably and repeatedly"
AWS CloudFormation enables you to use a "template file" to create and
delete a collection of resources together as a single unit (a stack).
________________________________________________________________________________________
AWS cloudtrail (Used for Auditing)
AWS CloudTrail is a web service that records API activity made
on your account and delivers log files to an Amazon S3 bucket.
Like who made request, what request they made, when they made
Identity of api caller, time of call, source ip address of caller,
cloudtrail is enabled by default. cloudtrail is per AWS account.
You can consolidate logs from multiple accounts using an S3 bucket:
CloudTrail log file integrity validation feature
allows you to determine whether a CloudTrail log file was unchanged, deleted,
or modified since CloudTrail delivered it to the specified Amazon S3 bucket.
________________________________________________________________________________________
AWS cloudwatch
Used for performance monitoring, It is used to gain system-wide
"visibility into resource utilization"
It monitors the resources and applications we run on AWS in real time.
used to monitor and collect metrics and logs and also to set ALARMS.
________________________________________________________________________________________
AWS config
AWS Config is a service that enables you to assess, audit, and evaluate the "configurations of your AWS resources"
Config continuously monitors and records your AWS resource configurations
and allows you to automate the evaluation of recorded configurations
against desired configurations.
It can be used to manage configuration versions
With AWS Config, you can "discover existing and deleted AWS resources",
determine your overall compliance against rules, and dive into
configuration details of a resource at any point in time.
AWS Config enables compliance auditing, security analysis, resource
change tracking, and troubleshooting.
________________________________________________________________________________________
AWS cost n usage report (AWS CUR)
The AWS Cost and Usage Reports contains the most comprehensive set of cost
and usage data available.
You can use Cost and Usage Reports to publish your AWS billing reports to an
Amazon Simple Storage Service (Amazon S3) bucket that you own.
You can receive reports that break down your costs by the hour, day, or month,
by product or product resource, or by tags that you define yourself.
________________________________________________________________________________________
Amazon eventbridge
Amazon EventBridge is a serverless event bus service that you can use to
connect your applications with data from a variety of sources.
EventBridge receives an event, an "indicator of a change in environment",
and applies a rule to route the event to a target.
For example, when an Amazon EC2 instance changes from pending to running,
you can have a rule that sends the event to a Lambda function.
________________________________________________________________________________________
AWS License manager
AWS License Manager is a service that makes it easier for you to manage your software licenses from software vendors (for example, Microsoft, SAP, Oracle, and IBM) centrally across AWS and your on-premises environments.
This provides control and visibility into the usage of your licenses, enabling you to limit licensing overages and reduce the risk of non-compliance and misreporting.
________________________________________________________________________________________
AWS Managed services
By implementing best practices to maintain a customer’s infrastructure, AWS Managed Services helps to reduce their operational overhead and risk.
AWS Managed Services automates common activities such as change requests,
monitoring, patch management, security, and backup services, and provides
full-lifecycle services to provision, run, and support infrastructures.
________________________________________________________________________________________
AWS organisations
Provides quick and automated way to create and manage "Multiple AWS accounts".
Service control policies (SCPs) - offer central control over the maximum
available permissions for all of the accounts in your organization.
Tag policies - help you standardize tags across resources in your
organization’s accounts. Tags helps in billing department wise.
you can use the consolidated billing feature in AWS Organizations
to consolidate billing and payment for "multiple AWS accounts"
_______________________________________________________________________________________
AWS secret manager
AWS Secrets Manager helps you to securely "encrypt, store, and retrieve
credentials" for your databases and other services.
Instead of hardcoding credentials in your apps, you can make calls to
Secrets Manager to retrieve your credentials whenever needed.
Secrets Manager helps you protect access to your IT resources and data by
enabling you to rotate and manage access to your secrets.
________________________________________________________________________________________
AWS systems manager
AWS Systems Manager gives you visibility and control of your infrastructure on AWS.
Systems Manager provides a unified user interface so you can view
operational data from multiple AWS services and allows you to
automate operational tasks across your AWS resources.
________________________________________________________________________________________
AWS system manager parameter store
Parameter Store, a capability of AWS Systems Manager, provides secure,
storage for configuration data management and secrets management.
You can store data such as passwords, database strings, Amazon Machine Image (AMI) IDs, and license codes as parameter values.
You can store values as plain text or encrypted data.
________________________________________________________________________________________
AWS trusted advisor
Trusted Advisor provides real time guidance to help you provision
your resources following best practices. Advisor will advise you on
Trusted Advisor scans your AWS infrastructure and compares
is to AWS best practices in five categories:
Cost optimization, Performance, Security, Fault tolerance and service limits
________________________________________________________________________________________
AWS Opsworks (Automation tool)
AWS OpsWorks is a configuration management service that provides
managed instances of Chef and Puppet.
With Chef, you use code templates, or cookbooks, to describe the
desired configuration of instances or on-premises server.
OpsWorks automates the initial deployment of applications, as well
as the ongoing changes to the operating system and application infrastructure
________________________________________________________________________________________
AWS service catalog
AWS Service Catalog allows organizations to create and manage catalogs of
IT services that are approved for use on AWS.
These IT services can include everything from virtual machine images,servers,
software, and databases to complete multi-tier application architectures
________________________________________________________________________________________
AWS Personal Health Dashboard
AWS Health provides personalized information about events that can affect your AWS infrastructure, guides you through scheduled changes, and accelerates
the troubleshooting of issues that affect your AWS resources and accounts.
Also provides "proactive notification" to help you plan for scheduled activities.
________________________________________________________________________________________
AWS Service Health Dashboard
This shows the current status of services across regions
_____________________________________________________________________________________
AWS control tower
While AWS Organizations enables you to manage your environment across
multiple accounts centrally,
AWS Control Tower automates many of the steps required to build your
environment and govern at scale
AWS Control Tower offers a straightforward way to set up and govern an
AWS multi-account environment, following prescriptive best practices
AWS Control Tower is a service that enables you to enforce and
manage governance rules for security, operations, and compliance
at scale across all your organizations and accounts in the AWS Cloud.
Integrates with other services and features to setup the environment for you including:
AWS Organizations, SCPs, OUs, AWS Config, AWS CloudTrail, Amazon S3, Amazon SNS, AWS CloudFormation, AWS Service Catalog, AWS Single Sign-On (SSO).
_____________________________________________________________________________________
Auto Scaling (ASG)
AWS provides multiple services that you can use to scale your application.
Auto scaling is enabled by Amazon CloudWatch and is available at no additional charge beyond the service fees for CloudWatch and the other AWS resources that you use.
_____________________________________________________________________________________
AWS Billing and Cost Management is a web service that provides features that helps you pay your bills and optimize your costs. Amazon Web Services bills your account for usage, which ensures that you pay only for what you use.
No comments:
Post a Comment