Tips and tricks AWS Solutions Architect Associate #11

ByChristophe

ECS

  • Fargate: Serverless option; AWS manages infrastructure, you specify RAM/CPU.

  • EC2: User manages underlying instances.

Networking & Access

  • NLB (Network Load Balancer): High performance, static public IP, supports TCP/UDP.

  • NAT Instance: EC2-based; allows private instances to access Internet.

  • NAT Gateway: Managed, scalable, must be in public subnet, controlled by NACLs.

  • Direct Connect: Dedicated physical link from on-prem to VPC (1/10/100 Gbps).

  • Transit Gateway: Hub to interconnect VPCs and VPNs.

  • Site-to-Site VPN: On-premises network → VPC.

  • PrivateLink: Secure access to services via NLB, multi-tenant friendly.

  • VPC Peering: Connects two VPCs; non-transitive.

  • VPC Endpoint: Access AWS services privately, without going through Internet.

Load Balancing

  • ELB: General load balancer service.

  • ALB (Application LB): Layer 7, supports target groups, integrates with WAF.

  • Session Distribution: Sticky sessions not ideal with Auto Scaling Groups.

  • NLB + ALB: Avoid chaining NLB before ALB; better to use Global Accelerator (GA).

In short:

  • ECS offers choice between Fargate (serverless) and EC2 (user-managed).

  • Connectivity options range from NAT/NLB/VPC endpoints to Transit Gateway, VPN, Direct Connect, and PrivateLink.

  • Load balancing comes via ALB (L7, smart routing) and NLB (L4, perf/UDP), with GA preferred for global setups

Similar Posts

Tips and tricks AWS Solutions Architect Associate #16

ByChristophe

Snow Family (Offline Data Transfer) Snowcone: Small device (~8 TB) → data transfer to S3/EC2. Snowball Edge: Larger device (~20–80 TB), with compute/storage options. Snowmobile: Truck-sized (up to 100 PB) for massive data migration. FSx (Managed File Systems) FSx for Windows Server: Supports AD integration, SQL Server, SMB protocol. ❌ No NFS. ✅ Multi-AZ. FSx…

Tips and tricks AWS Solutions Architect Associate #14

ByChristophe

VPC & Networking VPC Sharing: Plusieurs comptes partagent le même VPC pour réduire duplication et coûts. Private IP ranges (RFC1918): 10.0.0.0/8 172.16.0.0 – 172.31.255.255 (/12) 192.168.0.0/16 Elastic IP: IP publique fixe attachée à une ressource (ex: EC2). Instance Connect: Se connecter à une instance EC2 depuis la console (SSH intégré). VPC Endpoints Interface Endpoint: Uses…

Tips and tricks AWS Solutions Architect Associate #3

ByChristophe

Cloud Front   CloudFront Functions These two types of functions can be executed during the processing of incoming or outgoing requests in AWS, and are integrated within CloudFront. cloud functions javascript < 1 ms cache key header rewrite no access to resource like subnet, database lambda edge functions change request and response 5-10s access to…

Tips and tricks AWS Solutions Architect Associate #10

ByChristophe

inesis (KDS, Firehose, Analytics) Kinesis Data Streams (KDS): Real-time data streaming; replayable up to 7 days. Kinesis Firehose: Delivers streaming data to S3, Redshift, or HTTP endpoints (fully managed, no storage). Kinesis Data Analytics: Real-time (RT) analytics on streaming data. EventBridge: Event bus that integrates AWS services with third-party apps. Autoscaling: Adjusts shard capacity automatically….

Leave a Reply

Your email address will not be published. Required fields are marked *