1. AWS Global Infrastructure

AWS regions, availability zones, and Edge locations:

  • Latency: Most Availability Zones are less than 2ms apart
  • Latency is designed to be close, so that you can use Placement Groups to have instances in different data centers close enough for high-bandwidth traffic.

Virtual Private Cloud:

VPC uses a mapping service which abstracts all of your VPC resource information from the underlying infrastructure. Because of this it is likely there is additional header overhead (VPC header, likely q in q) for all traffic in and out of your VPC.

This abstraction is why broadcast and multicast traffic are not supported.  There are tutorials on methods to use when your application requires broadcast, but the general exam answer is likely to be rearchitect your application to not require these protocols.

Pay attention to where services reside.

  • Outside you VPC: Edge locations, Route 53, Cloudfront, S3, Lambda, etc.
  • Inside your VPC: EC2, RDS, Workspaces
  • On VPC Endpoints in your VPC: DynamoDB, S3
  • On public endpoints outside your VPC: S3, SQS.  A good rule of thumb might be that region-based services where you don’t specify an AZ live outside the VPC.

What makes up “AWS Networking?”

Many of the exam questions in this section should be very similar to those from the Solution Architect exam – mostly understanding what services do.

Knowing your management plane risk is important.

  • AWS Console sits on underlying regional services:  Cloudfront, DynamoDB, S3, SQS
  • Preferring use of AWS SDK or AWS CLI could give you an additional chance of control during outages
  • Generally a control plane outage won’t affect standalone EC2 services, but will likely affect your ability to communicate with other AWS services.

[Back to AWS Networks Home]

2 thoughts on “1. AWS Global Infrastructure

  1. Pingback: AWS Certified Advanced Networking | AWS-Network-Notes

Leave a reply to David McHale Cancel reply