AWS
AWS benefits:
-- Pay us you go, need front payment needed for hw etc
-- speed and agility, you can deploy service fast without waiting any hw deliver etc
-- economie of scale, cost is cheaper compare with buy your server
-- save cost to run data center
-- go global quickly
-- no need to worry about capacity, when a new service lunched, no need to guess what type of server needed
CDN -- AWS Cloud Front
VPC
Security Group: Stateful , only check inbound, it only has allow option.
Network ACK: Stateless, check both inbound and outbound. You can do blacklist IP range in Netwrok ACL, it has deny option.
EBS
EBS is used to attach to EC2 as volume and it is perseistent
EC2 pre requisite
1) VPC VPC -> Subnet (private or public in each AZ) -> Assign Subnet to corresponding Route table (if public, then rotue table should be GateWay; if private, then NAT)
2) Security Group Setup Security Group (allow traffic); one VPC can have mutiple Security Group
When Create DB, assign it to target VPC and subnet ; select the security group needed (can be mutiple).
DB Pre requiste
1) Create Security Group under you VPC and allow DB access
2) Create DB Subnet group (which subnet DB will be created )
When to lunch new DB, select the the VPC
AutoScalling
1) create lunch templete from existing running instance
2) create load balancer ; select vpc it needs route traffic to ; select security group which allow it to receive inbound traffic
3) create auto scalling group ; selete subnet which instances will be created (it only need to be in private subnet) ; attach to load balancer; set scaling policy ;
4) in Cloudwatch page to view the alarm and scalling event