Amazon AWS Concepts: Difference between revisions
(→API) |
|||
Line 74: | Line 74: | ||
==Signing API Calls== | ==Signing API Calls== | ||
{{External|[https://docs.aws.amazon.com/general/latest/gr/signing_aws_api_requests.html Signing AWS API Requests]}} | |||
All API calls are signed for authentication and authorization with a user's [[Amazon_AWS_Security_Concepts#API_Access_Keys|API access key]]. | All API calls are signed for authentication and authorization with a user's [[Amazon_AWS_Security_Concepts#API_Access_Keys|API access key]]. |
Revision as of 01:57, 26 November 2019
Internal
AWS Security Concepts
Region
AWS has data centers in different areas of the world.
Amazon regions:
- Asia Pacific (Tokyo) ap-northeast-1
- Asia Pacific (Singapore) ap-southeast-1
- Asia Pacific (Sydney) ap-southeast-2,
- EU (Frankfurt) eu-central-1
- EU (Ireland) eu-west-1
- South America (Sao Paulo) sa-east-1
- US East (N. Virginia) us-east-1
- US West (N. California) us-west-1
- US West (Oregon) us-west-2
Region Operations
Profile
Profile Operations: Amazon Profile Operations.
Availability Zones
An availability zone is a distinct location within a region engineered to be isolated from failures in other availability zones. Think about it as location: by placing resources in different availability zones you can protect the application from the failure of a single location. Each region provides low-latency network connectivity with other zones within the same region. Example of availability zones within a region: us-west-2b.
Availability zones play an essential role in how subnets are used in a VPC.
An auto-scaling group can span multiple availability zones.
Availability Zone Operations
Amazon Resource Name (ARN)
Tags
AWS resources can be tagged with key-value pairs. This is useful for tracking cost allocation among your AWS resources.
AWS Management Console
The AWS management console interacts over backend via API calls.
AWS Service
As part of a service configuration, the user may be in the situation to pass an IAM role to the service.
Services:
AWS Types
Example: AWS::EC2::KeyPair::KeyName.
API
The only way to access AWS resources is via API calls: the AWS management console, AWS CLI and custom applications that are using various SDKs all interact via resources in the same way.
Signing API Calls
All API calls are signed for authentication and authorization with a user's API access key.