vault backup: 2025-07-28 15:23:55

Author: aslamcodes

aws/account-management/cost-allocation tags.md

@@ -5,10 +5,12 @@ type:
 date: 19th July 2025
 done: false
 ---
-
 Set of tags that we can use to track down costs in a detailed level
 ![[Udemy ScreenShot 2025-07-06 12-27-40.jpeg]]
 
 Cost and usage reports
 - list usage by each service
-- daily exports to s3
+- daily exports to s3
+
+How to setup?
+- 

aws/account-management/resource group.md

@@ -0,0 +1,13 @@
+---
+dg-publish: true
+tags: 
+type: 
+date: 19th July 2025
+done: false
+---
+Group resources based on tags or cloudformation stacks
+SSM can use resource groups to act directly on it
+We can leverage tags to create resource group which can be used as targets for ssm run documents
+
+All the tag polices that are attached to your account will be relected in the tag policies seciont
+

aws/account-management/resource-group tag editor.md

@@ -0,0 +1,7 @@
+---
+tags: 
+type: 
+date: 2025-07-27
+done: false
+---
+You can use tag editor to find resources (optionally by tags) and edit their tags

aws/aws backbone.md

@@ -0,0 +1,13 @@
+---
+tags: 
+type: 
+date: 2025-07-27
+done: false
+---
+- **S3 Transfer Acceleration** and **Global Accelerator** use the AWS backbone to route user requests to the AWS edge location closest to them, then quickly transfer data over the private backbone to the destination region.
+    
+- **Inter-region VPC Peering** or **Transit Gateway inter-region attachments** use the backbone instead of the public internet.
+
+[[s3 Transfer accelerator and Global Accelerator]]
+[[VPC-peering]]
+[[Transit Gateway]]

aws/beanstalk/blue green deployment.md

@@ -4,3 +4,7 @@ type:
 date: 2025-07-20
 done: false
 ---
+> [!NOTE]  Setting up BG deployments 
+
+- No downtime switch overs
+- If you are going to use same application that going to gets deployed into prod, non prod, 

aws/beanstalk/rds-integration.md

@@ -13,4 +13,5 @@ done: false
 - You have to choose what happens when you decouple a database from environment
 	- Snapshot (Restore into a EB environment or standalone instances)
 	- Retain
-	- Delete (Dangerous)
+	- Delete (Dangerous)
+https://repost.aws/knowledge-center/decouple-rds-from-beanstalk

aws/cloud-formation/stacksets.md

@@ -5,16 +5,15 @@ type:
 date: 19th July 2025
 done: false
 ---
-
 > stacksets are the way to deploy stacks across multiple regions and accounts with single template
-
 - Requires an ADMIN account (AWS organisation)
 - The admin account creates stacksets
 - When updated, all the stacks will gets updated
-
 ![[Udemy ScreenShot 2025-07-04 15-03-51.jpeg]]
 # IAM Permissions
 - Self managed - IAM roles with trusted relationship in both admin and target accounts
 - Service managed - AWS organisations will take care of this
 - AWS organizations will automatically help deploying into new accounts **BUT** Trusted access must be enabled before any delegated admin accounts can deploy into any accounts
-![[Udemy ScreenShot 2025-07-04 15-09-17.jpeg]]
+![[Udemy ScreenShot 2025-07-04 15-09-17.jpeg]]
+- ACM automatically handles the renewal of certificates
+- You **can** mix **Spot** and **On-Demand** instances in a **Spot Fleet**, but **not** Spot and **Reserved** instances.

aws/cloudfront/oac vs oai.md

@@ -25,10 +25,10 @@ https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/private-conte
     {
       "Sid": "AllowCloudFrontAccess",
       "Effect": "Allow",
-      "Principal": {
-        "CanonicalUser": "OAI-Canonical-User-ID"
-		// "CanonicalUser": "E23ABCXYZ12345"
-      },
+	  "Principal": {
+		"CanonicalUser": "OAI-Canonical-User-ID"
+			// "CanonicalUser": "E23ABCXYZ12345"
+        },
       "Action": "s3:GetObject",
       "Resource": "arn:aws:s3:::your-bucket-name/*"
     }

aws/database/aurora provisioned vs serverless.md

@@ -0,0 +1,15 @@
+---
+tags: 
+type: 
+date: 2025-07-28
+done: false
+---
+| Feature            | Provisioned                       | Serverless v2                                  |
+| ------------------ | --------------------------------- | ---------------------------------------------- |
+| Setup Effort       | Medium                            | Low                                            |
+| Scaling            | Manual / Read-replica autoscaling | **Automatic, fine-grained**                    |
+| Billing Model      | Instance-based, hourly            | **Per-second, usage-based**                    |
+| Best For           | Steady-state, high throughput     | **Variable workloads, cost optimization**      |
+| Max Capacity       | Tied to instance sizes            | Up to **128 ACUs** (multi-threaded, high IOPS) |
+| Minimum Idle Cost  | Always incurs cost                | **Scales to 0** (minimum usage = 0.5 ACUs)     |
+| VPC/Network Access | Full control                      | Full VPC support                               |

aws/database/aurora.md

@@ -5,47 +5,38 @@ type:
 date: 19th July 2025
 done: false
 ---
-
 > Cost 20% more than RDS, delivers 5x and 3x performance improvement for MySQL and Postgres respectively
 
 - Cloud Optimised, or AWS Optimised
 - Drop in replacement for MySQL and Aurora (The drivers will work)
 - Automatically grows upto 128TB from 10GB, no need to worry about size
 - Can have upto 15 replicas, in sub-ms replica lag 
 - HA Native, Failover is instant
-
 # HA 
 - 6 Copies of data across 3 AZ
 - Self healing in peer-to-peer replication
 - One master instance takes the reads + 15 RR
 - When primary instances fail, Aurora failovers to one of the reader instances
-- Reader instances are replicated in sync
-
+- Reader instances are replicated in async
 - Continuos backup to s3
-
 # Aurora DB Cluster
 - Writer endpoint is a dns name, when the master fails the dns points to the right master after failover
-- Autoscaling canb e setup for Read replicas, Aurora has reader endpoint also. 
-
+- Autoscaling can e setup for Read replicas, Aurora has reader endpoint also. 
 # Aurora Backups and Restore
 - PITR latest 5mins
 - Retention perios 1-35 days, no disabling
-
 # Aurora Backtracking
 - In Place restore, unlike backup
-
 # Aurora DB cloning
 - Copy on write protocol
 - Testing with prod data
 - Old data: 
-
 # Encryption
 - Using KMS
 - If master is not encyrpted, then rr can't be encrypted
 - To encrypt an unencrypt db, you'll need to backup and restore with encryption
-
 # Failover
 - Assign a priority tier on a read replica
 - If two has the priority, auroro promotes the largest one.
 - If both have same cap, then random
-- RDS can be moved to Auroro
+- RDS can be moved to Auroro