\documentclass[10pt,a4paper]{article}

% Packages
\usepackage{fancyhdr}           % For header and footer
\usepackage{multicol}           % Allows multicols in tables
\usepackage{tabularx}           % Intelligent column widths
\usepackage{tabulary}           % Used in header and footer
\usepackage{hhline}             % Border under tables
\usepackage{graphicx}           % For images
\usepackage{xcolor}             % For hex colours
%\usepackage[utf8x]{inputenc}    % For unicode character support
\usepackage[T1]{fontenc}        % Without this we get weird character replacements
\usepackage{colortbl}           % For coloured tables
\usepackage{setspace}           % For line height
\usepackage{lastpage}           % Needed for total page number
\usepackage{seqsplit}           % Splits long words.
%\usepackage{opensans}          % Can't make this work so far. Shame. Would be lovely.
\usepackage[normalem]{ulem}     % For underlining links
% Most of the following are not required for the majority
% of cheat sheets but are needed for some symbol support.
\usepackage{amsmath}            % Symbols
\usepackage{MnSymbol}           % Symbols
\usepackage{wasysym}            % Symbols
%\usepackage[english,german,french,spanish,italian]{babel}              % Languages

% Document Info
\author{bdupvik5}
\pdfinfo{
  /Title (aws-associate-developer-cert.pdf)
  /Creator (Cheatography)
  /Author (bdupvik5)
  /Subject (AWS Associate Developer Cert Cheat Sheet)
}

% Lengths and widths
\addtolength{\textwidth}{6cm}
\addtolength{\textheight}{-1cm}
\addtolength{\hoffset}{-3cm}
\addtolength{\voffset}{-2cm}
\setlength{\tabcolsep}{0.2cm} % Space between columns
\setlength{\headsep}{-12pt} % Reduce space between header and content
\setlength{\headheight}{85pt} % If less, LaTeX automatically increases it
\renewcommand{\footrulewidth}{0pt} % Remove footer line
\renewcommand{\headrulewidth}{0pt} % Remove header line
\renewcommand{\seqinsert}{\ifmmode\allowbreak\else\-\fi} % Hyphens in seqsplit
% This two commands together give roughly
% the right line height in the tables
\renewcommand{\arraystretch}{1.3}
\onehalfspacing

% Commands
\newcommand{\SetRowColor}[1]{\noalign{\gdef\RowColorName{#1}}\rowcolor{\RowColorName}} % Shortcut for row colour
\newcommand{\mymulticolumn}[3]{\multicolumn{#1}{>{\columncolor{\RowColorName}}#2}{#3}} % For coloured multi-cols
\newcolumntype{x}[1]{>{\raggedright}p{#1}} % New column types for ragged-right paragraph columns
\newcommand{\tn}{\tabularnewline} % Required as custom column type in use

% Font and Colours
\definecolor{HeadBackground}{HTML}{333333}
\definecolor{FootBackground}{HTML}{666666}
\definecolor{TextColor}{HTML}{333333}
\definecolor{DarkBackground}{HTML}{46A32F}
\definecolor{LightBackground}{HTML}{F3F9F2}
\renewcommand{\familydefault}{\sfdefault}
\color{TextColor}

% Header and Footer
\pagestyle{fancy}
\fancyhead{} % Set header to blank
\fancyfoot{} % Set footer to blank
\fancyhead[L]{
\noindent
\begin{multicols}{3}
\begin{tabulary}{5.8cm}{C}
    \SetRowColor{DarkBackground}
    \vspace{-7pt}
    {\parbox{\dimexpr\textwidth-2\fboxsep\relax}{\noindent
        \hspace*{-6pt}\includegraphics[width=5.8cm]{/web/www.cheatography.com/public/images/cheatography_logo.pdf}}
    }
\end{tabulary}
\columnbreak
\begin{tabulary}{11cm}{L}
    \vspace{-2pt}\large{\bf{\textcolor{DarkBackground}{\textrm{AWS Associate Developer Cert Cheat Sheet}}}} \\
    \normalsize{by \textcolor{DarkBackground}{bdupvik5} via \textcolor{DarkBackground}{\uline{cheatography.com/122164/cs/22603/}}}
\end{tabulary}
\end{multicols}}

\fancyfoot[L]{ \footnotesize
\noindent
\begin{multicols}{3}
\begin{tabulary}{5.8cm}{LL}
  \SetRowColor{FootBackground}
  \mymulticolumn{2}{p{5.377cm}}{\bf\textcolor{white}{Cheatographer}}  \\
  \vspace{-2pt}bdupvik5 \\
  \uline{cheatography.com/bdupvik5} \\
  \end{tabulary}
\vfill
\columnbreak
\begin{tabulary}{5.8cm}{L}
  \SetRowColor{FootBackground}
  \mymulticolumn{1}{p{5.377cm}}{\bf\textcolor{white}{Cheat Sheet}}  \\
   \vspace{-2pt}Not Yet Published.\\
   Updated 1st May, 2020.\\
   Page {\thepage} of \pageref{LastPage}.
\end{tabulary}
\vfill
\columnbreak
\begin{tabulary}{5.8cm}{L}
  \SetRowColor{FootBackground}
  \mymulticolumn{1}{p{5.377cm}}{\bf\textcolor{white}{Sponsor}}  \\
  \SetRowColor{white}
  \vspace{-5pt}
  %\includegraphics[width=48px,height=48px]{dave.jpeg}
  Measure your website readability!\\
  www.readability-score.com
\end{tabulary}
\end{multicols}}




\begin{document}
\raggedright
\raggedcolumns

% Set font size to small. Switch to any value
% from this page to resize cheat sheet text:
% www.emerson.emory.edu/services/latex/latex_169.html
\footnotesize % Small font.

\begin{multicols*}{2}

\begin{tabularx}{8.4cm}{X}
\SetRowColor{DarkBackground}
\mymulticolumn{1}{x{8.4cm}}{\bf\textcolor{white}{EC2 + IAM}}  \tn
\SetRowColor{white}
\mymulticolumn{1}{x{8.4cm}}{*Region - Us-east(Ohio)  AZ: US-east-2 AZ are separate from other AZs to prevent disaster \newline % Row Count 2 (+ 2)
*AWS consoles are region scoped except R53,IAM \& S3) \newline % Row Count 4 (+ 2)
*IAM (Identity \& Access Mgt) - Root user never used,IAM policies are written in JSON,GLOBAL  \newline % Row Count 6 (+ 2)
*IAM - give users least privileges as possible, has predefined managed policies \newline % Row Count 8 (+ 2)
*IAM Federation - for big companies' users, uses SAML method (similar to AD) \newline % Row Count 10 (+ 2)
*IAM - Don't use in code, one IAM user per person, one IAM role per app \newline % Row Count 12 (+ 2)
*EC2 - Virtual machine, ssh -i EC2tutorial.pem ec2-user@3.20.222.124 \newline % Row Count 14 (+ 2)
*EC2 security groups - Network security in AWS (Inbound/Outbound traffic), acts as firewall \newline % Row Count 16 (+ 2)
*EC2 security groups - Can be attached to multiple instances,Locked down to region/VPC combo, If app times out then its a sec grp issue,  if connection refused error then its a app error or some other issue,use separate one for ssh, all outbound traffic is allowed by default, all inbound are blocked by default. Security groups can have other security groups referenced. \newline % Row Count 24 (+ 8)
*Public IP - unique across whole web, can be identified on internet \newline % Row Count 26 (+ 2)
*Private IP - can be identified on company's network only \newline % Row Count 28 (+ 2)
*Elastic IP - once the instance is stopped it loses its IP. So use ElasticIP as its fixed public IP.Attached to one instance at a time. It can be remapped to another instance. Max upto 5 elastic IPs. Poor arch decision. \newline % Row Count 33 (+ 5)
} \tn 
\end{tabularx}
\par\addvspace{1.3em}

\vfill
\columnbreak
\begin{tabularx}{8.4cm}{X}
\SetRowColor{DarkBackground}
\mymulticolumn{1}{x{8.4cm}}{\bf\textcolor{white}{EC2 + IAM (cont)}}  \tn
\SetRowColor{white}
\mymulticolumn{1}{x{8.4cm}}{*EC2 User data - set of things to run when the instance boots up. Runs only at startup. Runs with user's root user \newline % Row Count 3 (+ 3)
*EC2 Launch Types - OnDemand, Reserved (1 to 3 yrs) for dbs, Convertible Reserved, Scheduled Reserved(every sunday football game), Spot Instances(bid price, will lose if outbid, 2 min notification to shutdown),Dedicated Instances (may share hardware),Dedicates hosts (will not share hardware,BYOLicense) \newline % Row Count 10 (+ 7)
*Ec2 pricing - per hr, region in , instance type,OS. Also pay for factors like data trnsfer, storage, load balancers, fixed IP public addresses \newline % Row Count 13 (+ 3)
*AMI - Amazon Image,Custom AMIs - no need for user data, packages/apps are already installed so faster deploy time. Built for specific region. \newline % Row Count 16 (+ 3)
*EC2 characteristics - GPU,CPU,RAM,I/O,Network. M instances are balanced. R instances are heavy in RAM. T2/T3 are burstable instances which when need more CPU it will perform. You get burstable credits. T2 unlimited have unlimited burstable credits.% Row Count 21 (+ 5)
} \tn 
\hhline{>{\arrayrulecolor{DarkBackground}}-}
\end{tabularx}
\par\addvspace{1.3em}

\begin{tabularx}{8.4cm}{X}
\SetRowColor{DarkBackground}
\mymulticolumn{1}{x{8.4cm}}{\bf\textcolor{white}{Route 53 + RDS + ElastiCache + VPC}}  \tn
\SetRowColor{white}
\mymulticolumn{1}{x{8.4cm}}{Route 53 - Managed DNS.Redirects URLs. Common are A : Url to IPV4 AAAA: URL to IPV6. CNAME: URL to URL and Alias: AWS resource. Use alias over CNAME for AWS resources. \newline % Row Count 4 (+ 4)
RDS - Relational Database Service. Managed DB service.use SQL as query language. Allows you to create dbs on the cloud that are managed by AWS. Oracle,PostGRE,MSSQL,Maria etc and Aurora (AWS) are supported. \newline % Row Count 9 (+ 5)
RDS advantages - Managed service, OS patching, Continous backups and Restore to point in time, Monitoring dashboards, Read replicas, Multi AZ setup for disaster recovery,Scaling (vertical \& Horizontal). BUT can't ssh into instances. \newline % Row Count 14 (+ 5)
RDS Read replicas - Upto 5 replicas within same or cross AZ or cross region. Replication is ASYNC so reads are eventually consistent. Replicas can be promoted to own DB. Apps must update the connection string to leverage read replicas. \newline % Row Count 19 (+ 5)
RDS Multi AZ (Disaster recovery) - SYNC replication. One DNS name - auto app failover to standby. Increase availability. Failover in case of  loss of AZ, loss of network, instance or storage failure. Not used for scaling. No manual intervention in apps. \newline % Row Count 25 (+ 6)
RDS backups - Auto-enabled. Daily full snapshot of the db.Capture transaction logs in real time.Ability to restore to  any point in time. 7 days retention. Can be increased to 35. \newline % Row Count 29 (+ 4)
DB Snapshots -  Manually triggered by user. retention of backup as long as you want. \newline % Row Count 31 (+ 2)
} \tn 
\end{tabularx}
\par\addvspace{1.3em}

\vfill
\columnbreak
\begin{tabularx}{8.4cm}{X}
\SetRowColor{DarkBackground}
\mymulticolumn{1}{x{8.4cm}}{\bf\textcolor{white}{Route 53 + RDS + ElastiCache + VPC (cont)}}  \tn
\SetRowColor{white}
\mymulticolumn{1}{x{8.4cm}}{RDS Encryption - At rest with KMS. SSl certs to encrypt data in flight. To enforce SSL in postgre rds.force ssI in parameter groups. In MYSQL  grant  USAGE  on '{\emph{.}}' TO 'mysql'@' REQUIRE SSL. \newline % Row Count 4 (+ 4)
RDS Security - Deployed in private subnets not in public. Security is enforced by security groups similar to EC2 instances.Sec grps controls who can communicate with RDS. IAM controls who can manage RDS. Traditional Username and password can be used to login to db. IAM users can now be used for MySQL/Aurora. \newline % Row Count 11 (+ 7)
RDS vs Aurora - Aurora is expensive but efficient. Aurora can have 15 replicas and replication process is faster. Postgres and MySQL are supported as Aurora. Means drivers will work as if  Aurora was a Postgre or MySQL db. Aurora is cloud optimizied. \newline % Row Count 17 (+ 6)
ElastiCache - is for managing in-memory dbs Redis or Memcached as RDS is for Relational dbs. \newline % Row Count 19 (+ 2)
Caches are in-memory dbs with high performance, low latency. Helps reduce load off read intensive workloads. makes app state less. Write scaling using sharding. Read scaling using replicas. \newline % Row Count 23 (+ 4)
Elasticache Architecture - Apps reads data from EC and if not present reads data from RDS and writes data to EC. Cache must have an invalidation strategy to make sure only most current data is used in there. \newline % Row Count 28 (+ 5)
Redis - in-memory key value store. Super low latency. Cache survives reboot by \seqsplit{default.(Persistence).Support} for read replicas. Multi AZ with auto failover. \newline % Row Count 32 (+ 4)
} \tn 
\end{tabularx}
\par\addvspace{1.3em}

\vfill
\columnbreak
\begin{tabularx}{8.4cm}{X}
\SetRowColor{DarkBackground}
\mymulticolumn{1}{x{8.4cm}}{\bf\textcolor{white}{Route 53 + RDS + ElastiCache + VPC (cont)}}  \tn
\SetRowColor{white}
\mymulticolumn{1}{x{8.4cm}}{Memcached - Cache dpesnt survive reboots. \newline % Row Count 1 (+ 1)
EC patterns - Lazy loading \& Write through.  \newline % Row Count 2 (+ 1)
Laxy loading pros- load only when necessary. Cache isn't filled with unused data. Node failures are not fatal. \newline % Row Count 5 (+ 3)
Lazy loading cons - Cache miss penalty results in 3 trips. Noticeable delay for that miss. Data can be updated in db but outdated in cache. \newline % Row Count 8 (+ 3)
Write through pros - Data in cache is never stale. Write vs Read penalty (each write requires 2 calls). \newline % Row Count 11 (+ 3)
Write through cons - Missing data unless it is added/updated in db. Mitigation for this is to implement lazy loading as well. Cache becomes too big. \newline % Row Count 14 (+ 3)
VPC - Within region you are able to create Virtual Private Cloud. Each VPC contains subnets(networks). Each subnet must be mapped to AZ. Its common to have a private/public subnet.(private/public IP). Its common to have many subnets per AZ. \newline % Row Count 19 (+ 5)
Public subnets contains LBs,Static websites,Files,public auth layers. \newline % Row Count 21 (+ 2)
Private subnets contains web app servers, dbs. \newline % Row Count 22 (+ 1)
Private and public subnets can communicate if they are in the same VPC.% Row Count 24 (+ 2)
} \tn 
\hhline{>{\arrayrulecolor{DarkBackground}}-}
\end{tabularx}
\par\addvspace{1.3em}

\begin{tabularx}{8.4cm}{X}
\SetRowColor{DarkBackground}
\mymulticolumn{1}{x{8.4cm}}{\bf\textcolor{white}{Elastic Beanstalk}}  \tn
\SetRowColor{white}
\mymulticolumn{1}{x{8.4cm}}{EB uses all base AWS components like EC2,ASG,IAM,LB,VPC,RDS etc. Dashboard to view all these. \newline % Row Count 2 (+ 2)
EB is free but pay for underlying instances. \newline % Row Count 3 (+ 1)
Instance config/OS is handled by EB and Deployment is handled by EB but can be configured. \newline % Row Count 5 (+ 2)
3 arch models - Single instance (Dev) ,ASG + LB (prod/pre-prod) , ASG (non-web prod apps) \newline % Row Count 7 (+ 2)
EB has Environments \& Applications.Every deployment gets an application version. You can deploy application versions to Environments and can promote  application version to  next environment. \newline % Row Count 11 (+ 4)
Rollback feature to get to prev app version. \newline % Row Count 12 (+ 1)
EB supports many platforms and Single/Multi docker containers. \newline % Row Count 14 (+ 2)
Deployment Options - All at once,Rolling, Rolling with additional batches, Immutable \newline % Row Count 16 (+ 2)
All at once - Fastest Deployment, Downtime, Great for quick iterations in dev, No additional cost \newline % Row Count 18 (+ 2)
Rolling - Application is running below capacity, can set bucket sizes, will run both apps simultaneously, No additional cost, Will take long time to deploy \newline % Row Count 22 (+ 4)
Rolling with additional batches - App runs at capacity,Additional cost,will run both apps simultaneously,Longer deployment \newline % Row Count 25 (+ 3)
Immutable - Zero downtime, New code is deployed to new instance on temp ASG,High cost double capacity,Longest deployment, Quick rollback feature (just terminate new ASG), great for prod. \newline % Row Count 29 (+ 4)
Blue/Green Deployment - Not a direct feature of EB.Zero Downtime.Create stage environment and release new code there. Route 53 can direct little traffic to new version to test it. \newline % Row Count 33 (+ 4)
} \tn 
\end{tabularx}
\par\addvspace{1.3em}

\vfill
\columnbreak
\begin{tabularx}{8.4cm}{X}
\SetRowColor{DarkBackground}
\mymulticolumn{1}{x{8.4cm}}{\bf\textcolor{white}{Elastic Beanstalk (cont)}}  \tn
\SetRowColor{white}
\mymulticolumn{1}{x{8.4cm}}{EB Extensions - A zip file containing our code must be deployed to EB. All parameters set in UI can be configured using files. Requirements are that it should be in the .ebextesions/ directory in the root of source code. It should be in YAML/JSON format. .Config extensions. Ability to modify def settings and add resources like RDS,Dynamodb,ElastiCache etc. .ebextesnions will get deleted if environment gets deleted. \newline % Row Count 9 (+ 9)
EB CLI - command eb create, eb status, eb deploy. \newline % Row Count 10 (+ 1)
Under the hood EB relies on CloudFormation. \newline % Row Count 11 (+ 1)
EB Deployment Mechanism - You have to describe dependencies e.g. req.txt fpr python or package.json for node.js. Pacakage code as zip. EC2 will resolve depencies which can be slow. To optmize this package dependencies with code to improve deployment performance and speed. \newline % Row Count 17 (+ 6)
EB with https - SSL certs can be loaded to LB through EB console or LB config. Can be done by code through \seqsplit{.ebextensions/securelistener-alb.config.} It can be provisioned through ACM or CLI. Must configure security group rule to allow incoming  port 443 (https port). \newline % Row Count 23 (+ 6)
EB redirect from http to https - Configre instances to do redirect. Configure ALB to redirect with a rule. Make sure health checks are not redirected. \newline % Row Count 27 (+ 4)
EB lIfecycle Policy - can store at most 1000 app versions.To remove old versions use lifecycle policy based on no of versions or days to retain version. Versions currently used wont be deleted. Option  not to delete the source bundle in S3 to prevent loss of data. \newline % Row Count 33 (+ 6)
} \tn 
\end{tabularx}
\par\addvspace{1.3em}

\vfill
\columnbreak
\begin{tabularx}{8.4cm}{X}
\SetRowColor{DarkBackground}
\mymulticolumn{1}{x{8.4cm}}{\bf\textcolor{white}{Elastic Beanstalk (cont)}}  \tn
\SetRowColor{white}
\mymulticolumn{1}{x{8.4cm}}{Webserver vs worker environment - If your app performs long tasks then decouple the apps to two tiers. One tier is web app tier where work is requested and then using SQS queue it to second tier where the long task is procesed. Periodic Tasks can be defined in cron.yaml file. \newline % Row Count 6 (+ 6)
EB with RDS - EBS can provision a RDS but this RDS is specific to environment. So its better to decouple and create RDS alone and then provide it to EB with connection string. \newline % Row Count 10 (+ 4)
To migrate RDS coupled in EB to standalone RDS - \newline % Row Count 11 (+ 1)
Take RDS snapshot \newline % Row Count 12 (+ 1)
Enable deletion protection in RDS. \newline % Row Count 13 (+ 1)
Create new environment without RDS and point to existing old RDS. \newline % Row Count 15 (+ 2)
Perform blue/green deplyment and swap old/new environment. \newline % Row Count 17 (+ 2)
Terminate old environment. \newline % Row Count 18 (+ 1)
Delete cloud formation stack.% Row Count 19 (+ 1)
} \tn 
\hhline{>{\arrayrulecolor{DarkBackground}}-}
\end{tabularx}
\par\addvspace{1.3em}

\begin{tabularx}{8.4cm}{X}
\SetRowColor{DarkBackground}
\mymulticolumn{1}{x{8.4cm}}{\bf\textcolor{white}{AWS Monitoring}}  \tn
\SetRowColor{white}
\mymulticolumn{1}{x{8.4cm}}{{\bf{CloudWatch}}  \newline % Row Count 1 (+ 1)
Metrics - Collect \&track key metrics. EC2 detailed monitoring - default metrics every 5 mins. for extra cost you can have detailed monitoring at every 1 min. AWS free tier allows upto 10 detailed monitoing metrics. Dimension is an attribute of a metric.(instance id, environment etc). Upto 10 dimensions per metric. Custom metrics : use api call PutMetricData. Use exponential back-off in case of throttling errors. \newline % Row Count 10 (+ 9)
Logs - Collect, monitor, store and analyze log files. Apps can send logs using SDK. Logs can go to S3 for archival or to ElasticSearchCluster for further analytics. Log storage architecture - Log groups (name rep application), Log streams (instances within app/log files/containers). Log expiration policies. Need IAM policies to write to logs. Encryption of logs using KMS at group level. \newline % Row Count 18 (+ 8)
Events - Send notifications when certain events happen in AWS. Event pattern - event rules to react to a service doing something. e.g. code pipeline state change. Schedule cron jobs. Triggers to Lambda functions,SQS/SNS/Kinesis msgs. Creates JSON doc to give info about change. \newline % Row Count 24 (+ 6)
Alarms - React in realtime to metrics/events .  Alarm states are OK,INSUFFICIENT\_DATA,ALARM. can trigger notifications for any metric. \newline % Row Count 27 (+ 3)
{\bf{X-ray}} - Troubleshooting app performance and errors. Distributed tracing of micro-services. \newline % Row Count 29 (+ 2)
Visual analysis of apps.  \newline % Row Count 30 (+ 1)
} \tn 
\end{tabularx}
\par\addvspace{1.3em}

\vfill
\columnbreak
\begin{tabularx}{8.4cm}{X}
\SetRowColor{DarkBackground}
\mymulticolumn{1}{x{8.4cm}}{\bf\textcolor{white}{AWS Monitoring (cont)}}  \tn
\SetRowColor{white}
\mymulticolumn{1}{x{8.4cm}}{Advantages :  \newline % Row Count 1 (+ 1)
Troubleshooting performance issues \newline % Row Count 2 (+ 1)
Understand dependencies in microservice architecture. \newline % Row Count 4 (+ 2)
{\bf{CloudTrail}} - Internal monitoring of API calls. Audit changes to AWS resources by your users.% Row Count 6 (+ 2)
} \tn 
\hhline{>{\arrayrulecolor{DarkBackground}}-}
\end{tabularx}
\par\addvspace{1.3em}

\begin{tabularx}{8.4cm}{X}
\SetRowColor{DarkBackground}
\mymulticolumn{1}{x{8.4cm}}{\bf\textcolor{white}{ECS,ECR,Fargate \& Docker}}  \tn
\SetRowColor{white}
\mymulticolumn{1}{x{8.4cm}}{*This section is equivalent to ELB/CloudFormation in running docker apps \newline % Row Count 2 (+ 2)
*ECR - Elastic container registry to store private docker images \newline % Row Count 4 (+ 2)
*To manage containers we have 3 choices. They are below \newline % Row Count 6 (+ 2)
*ECS - Amazons own \newline % Row Count 7 (+ 1)
*Fargate - Amazon's serverless \newline % Row Count 8 (+ 1)
*EKS - Amazon's own Kubernetes (open source) \newline % Row Count 9 (+ 1)
*ECS clusters - grp of EC2 instances. Instance run Ecs agent (Docker container) which registers to cluster. When a cluster is created it creates instances with Docker in it. We must configure the file {\bf{ /etc/ecs/ecs.config }} with the cluster name to register instance with the cluster. \newline % Row Count 15 (+ 6)
*ECS tasks - containers running to create apps. \newline % Row Count 16 (+ 1)
*ECS task definitions - Json form tells ECS how to run docker container (Env var,CPU,ports etc). Task Role is important as it gives permissions. \newline % Row Count 19 (+ 3)
*ECS service -app definitions running on ECS cluster. tells how many tasks to run and how to run it. Can link to LB (Dynamic Port Mapping) \newline % Row Count 22 (+ 3)
*ECS-{}-\textgreater{}Clusters-{}-\textgreater{}Task Def(Container def)/Service-{}-\textgreater{}Tasks \newline % Row Count 24 (+ 2)
ECR - aws ecr get-login -{}-no include email -{}-region us-east-1a -{}- login command to authenticate docker to push images to your registry \newline % Row Count 27 (+ 3)
docker build \newline % Row Count 28 (+ 1)
docker tag \newline % Row Count 29 (+ 1)
docker push 3867{\bf{{\emph{}}}}.dkr.ecr.us-east-1.amazonaws.com/demo:latest \newline % Row Count 31 (+ 2)
} \tn 
\end{tabularx}
\par\addvspace{1.3em}

\vfill
\columnbreak
\begin{tabularx}{8.4cm}{X}
\SetRowColor{DarkBackground}
\mymulticolumn{1}{x{8.4cm}}{\bf\textcolor{white}{ECS,ECR,Fargate \& Docker (cont)}}  \tn
\SetRowColor{white}
\mymulticolumn{1}{x{8.4cm}}{docker pull "imagename/tag" (Push and pull must be preceded by aws ecr login to get docker login credentials). \newline % Row Count 3 (+ 3)
Fargate - Serverless. No need to add instances.Just create task definition and increase number of tasks running. \newline % Row Count 6 (+ 3)
ECS + Xray - 1. ECS cluster X-ray daemon 2. ECS cluster X-ray container as sidecar 3. Fargate cluster X-ray container as sidecar . Portmappings - Port -2000 Protocol - UDP \newline % Row Count 10 (+ 4)
Environment variable - \seqsplit{AWS-X-ray\_Daemon\_Address} : x-ray\_daemon\_address :2000 \newline % Row Count 12 (+ 2)
Links : X-ray \newline % Row Count 13 (+ 1)
ECS + EB (Beanstalk) - You can run EB in Single/Multi Docker container mode.It will create ECS cluster ,EC2 instances, task definitions and execution, LB. Requires a config file Dockerrun.aws.json at the root of source code. EB has an option for containers under platform to make this posible. So this is configured when you create EB. \newline % Row Count 20 (+ 7)
For EC2 instances to run multiple containers you must NOT specify host port. Enable LB dynamic port mapping feature.Security grp should provide LB with access. Sec grps should only work at instance level and not at task level. Task def has IAM roles. \newline % Row Count 26 (+ 6)
ECS integrations - Can integrate with X-ray. X-ray must run as 2nd container. ECS integrates with cloudwatch logs. You need to set up logging at task def level. Each container will have separate log stream. \newline % Row Count 31 (+ 5)
} \tn 
\end{tabularx}
\par\addvspace{1.3em}

\vfill
\columnbreak
\begin{tabularx}{8.4cm}{X}
\SetRowColor{DarkBackground}
\mymulticolumn{1}{x{8.4cm}}{\bf\textcolor{white}{ECS,ECR,Fargate \& Docker (cont)}}  \tn
\SetRowColor{white}
\mymulticolumn{1}{x{8.4cm}}{CLI command to create ECS service - aws ecs create-service% Row Count 2 (+ 2)
} \tn 
\hhline{>{\arrayrulecolor{DarkBackground}}-}
\end{tabularx}
\par\addvspace{1.3em}

\begin{tabularx}{8.4cm}{X}
\SetRowColor{DarkBackground}
\mymulticolumn{1}{x{8.4cm}}{\bf\textcolor{white}{Integration \& Messaging : SQS,SNS \& Kinesis}}  \tn
\SetRowColor{white}
\mymulticolumn{1}{x{8.4cm}}{} \tn 
\hhline{>{\arrayrulecolor{DarkBackground}}-}
\end{tabularx}
\par\addvspace{1.3em}

\begin{tabularx}{8.4cm}{X}
\SetRowColor{DarkBackground}
\mymulticolumn{1}{x{8.4cm}}{\bf\textcolor{white}{DynamoDb}}  \tn
\SetRowColor{white}
\mymulticolumn{1}{x{8.4cm}}{} \tn 
\hhline{>{\arrayrulecolor{DarkBackground}}-}
\end{tabularx}
\par\addvspace{1.3em}

\begin{tabularx}{8.4cm}{X}
\SetRowColor{DarkBackground}
\mymulticolumn{1}{x{8.4cm}}{\bf\textcolor{white}{ELB + ASG + EBS}}  \tn
\SetRowColor{white}
\mymulticolumn{1}{x{8.4cm}}{LB - Spread Load, Single point of access (DNS) to the app, Handle failures of instances, Health checks , SSl (Https) , stickiness (cache), high availability across zones, separate public/private traffic \newline % Row Count 5 (+ 5)
ELB - takes care of upgrades, maintenance \& high availability \newline % Row Count 7 (+ 2)
ELB Types - \seqsplit{ALB(http/https/websockets)},NLB (TCP/IP) , Internal (private) and External (public) ELBs \newline % Row Count 9 (+ 2)
Health Check - They make LBs know if it can forward data to instances. Response 200 - OK. \newline % Row Count 11 (+ 2)
ALB - awesome for micro services and for containers (apps run on same machine). Has port mapping feature to redirect to dynamic port. Stickiness is enabled by ALB and not app. App servers don't see the client ip directly but see only ALB ip. The client IP is stored in X-Forwarded-For. \newline % Row Count 17 (+ 6)
LB Target Groups - Instances where LB should direct its traffic. \newline % Row Count 19 (+ 2)
NLB - TCP traffic. Less latency. Support for static /Elastic IP. Used for extreme performance. Default should be ALB. Both ALB \& NLB has static host name. Always use host name and don't resolve underlying IP. \newline % Row Count 24 (+ 5)
LBs can scale but not instantaneously, \newline % Row Count 25 (+ 1)
4xx errors are client induced. \newline % Row Count 26 (+ 1)
5xx errors are app induced. \newline % Row Count 27 (+ 1)
LB error 503 means at capacity. \newline % Row Count 28 (+ 1)
If LBs cant connect to your apps then check security groups. \newline % Row Count 30 (+ 2)
} \tn 
\end{tabularx}
\par\addvspace{1.3em}

\vfill
\columnbreak
\begin{tabularx}{8.4cm}{X}
\SetRowColor{DarkBackground}
\mymulticolumn{1}{x{8.4cm}}{\bf\textcolor{white}{ELB + ASG + EBS (cont)}}  \tn
\SetRowColor{white}
\mymulticolumn{1}{x{8.4cm}}{ASG - Scale out or Scale in instances based on increased/decreased load. Ensure we have minimum/max number of instances running. Automatically register new instances to a LB. \newline % Row Count 4 (+ 4)
ASG Launch configuration - AMI + Ins type, user data, security grp, EBS volume, SSH key pair \newline % Row Count 6 (+ 2)
Other ASG attributes - Min/max/initial capacity, Scaling policies, LB info, Network/subnet  info. \newline % Row Count 8 (+ 2)
ASG alarms - Based on cloud watch alarms we can write ASG scaling policies \newline % Row Count 10 (+ 2)
ASG new rules - New scaling rules based on CPU usage, avg network in/out. Easy to set up and makes more sense. \newline % Row Count 13 (+ 3)
ASG metric - Integration with cloud watch metrics to get custom metric from EC2 instance to alarm an ASG scaling policy. PUTMetric API. \newline % Row Count 16 (+ 3)
EBS - Elastic Block Store. Network drive not physical drive. Store instance data here so that you don't lose it when instances are terminated. Can be detached from instance and attached to another. Can be attached to only one instance at a time.Locked to AZ. Provisioned capacity (GB and IOPS) which can be increased over time. \newline % Row Count 23 (+ 7)
EBS 4 Types - GP2 (SDD General purpose. Balanced) , IOI - Mission critical low latency high performance ,STI (HDD frequently accessed) and SCI (HDD less frequency accessed).  \newline % Row Count 27 (+ 4)
You can resize EBS volumes but need to repartition it. \newline % Row Count 29 (+ 2)
EBS snapshot - backups. Snapshots backups only actual data. So if 100 GB EBS has only 5GB of data then only that 5 GB is snapshotted. Snapshots can be used for disaster recovery. \newline % Row Count 33 (+ 4)
} \tn 
\end{tabularx}
\par\addvspace{1.3em}

\vfill
\columnbreak
\begin{tabularx}{8.4cm}{X}
\SetRowColor{DarkBackground}
\mymulticolumn{1}{x{8.4cm}}{\bf\textcolor{white}{ELB + ASG + EBS (cont)}}  \tn
\SetRowColor{white}
\mymulticolumn{1}{x{8.4cm}}{EBS encryption - Rest \& inflight. Snapshots are also encrypted. All volumes created from snapshot is also encrypted. We don't have to do encryption/decryption. \newline % Row Count 4 (+ 4)
Instance Store - Instances without EBS volumes. Better I/O. \newline % Row Count 6 (+ 2)
Migrating EBS across AZ means snapshot and then recreate in another AZ. \newline % Row Count 8 (+ 2)
EBS backups use high I/O so don't run them when your application is handling lot of traffic. \newline % Row Count 10 (+ 2)
Root EBS volumes (one that comes with instance) get deleted once instances are deleted. This can be disabled.% Row Count 13 (+ 3)
} \tn 
\hhline{>{\arrayrulecolor{DarkBackground}}-}
\end{tabularx}
\par\addvspace{1.3em}

\begin{tabularx}{8.4cm}{X}
\SetRowColor{DarkBackground}
\mymulticolumn{1}{x{8.4cm}}{\bf\textcolor{white}{Amazon S3}}  \tn
\SetRowColor{white}
\mymulticolumn{1}{x{8.4cm}}{S3 - Simple Service Storage \newline % Row Count 1 (+ 1)
S3 buckets - directories which stores files. Defined at region level. \newline % Row Count 3 (+ 2)
S3 objects - are files. They have Key which is the path of the file. Max 5TB. More than 5GB then it should be multi-part upload. \newline % Row Count 6 (+ 3)
S3 Versioning - Enabled at bucket level. Any file that is not versioned prior to enabling versioning will have version "null". \newline % Row Count 9 (+ 3)
S3 Encryption - SSE-S3,SSE-KMS,SSE-C,Client Side Encryption \newline % Row Count 11 (+ 2)
SSE-S3 - encrypt using keys handled by S3 \& AWS, Server-side enc,AES-256, Set Header {\bf{"x-amz-server-side-encryption" : "AES256" }} \newline % Row Count 14 (+ 3)
SSE-KMS - encrypt using keys handled by KMS , server-side , KMS gives user control + audit trail , Set Header {\bf{"x-amz-server-side-encryption" : "aws : KMS" }} \newline % Row Count 18 (+ 4)
SSE-C - server-side enc by keys managed by customer outside of AWS. S3 does not store enc keys. HTTPS must be used and data key must be provided in every Https header. \newline % Row Count 22 (+ 4)
Client -side - used SDK such as S3 encryption client library. Encr and Decr happens at clients place. \newline % Row Count 25 (+ 3)
Encryption in transit  is also called SSl/TLS. \newline % Row Count 26 (+ 1)
S3 security - user-based - IAM policies resource-based - Bucket Policies, Object ACL, Bucket ACL \newline % Row Count 28 (+ 2)
S3 Bucket Policies - used for providing access, force encryption, cross-account access. Written in JSON it can have Resources (buckets \& objects),Actions (set of API to allow/deny), Principal (user/account the policy applies to) \newline % Row Count 33 (+ 5)
} \tn 
\end{tabularx}
\par\addvspace{1.3em}

\vfill
\columnbreak
\begin{tabularx}{8.4cm}{X}
\SetRowColor{DarkBackground}
\mymulticolumn{1}{x{8.4cm}}{\bf\textcolor{white}{Amazon S3 (cont)}}  \tn
\SetRowColor{white}
\mymulticolumn{1}{x{8.4cm}}{S3 access logs can be stored in another bucket. \newline % Row Count 1 (+ 1)
Can be integrated with Cloud trail for API calls. Supports VPC endpoints. \newline % Row Count 3 (+ 2)
S3 websites - allows static websites. Url is {\bf{\textless{}bucket-name\textgreater{}.s3-website-\textless{}AWS region\textgreater{}.amazonaws.com }} . If you get 403 error then check bucket policies for public read. \newline % Row Count 7 (+ 4)
S3 CORS - If you request data from another S3 bucket you need to enable Cross Origin Resource Sharing. This allows to limit the number of websites that can  request your files in S3 (and limit costs).{\bf{Access-Control-Allow-Origin : \textless{}domain\textgreater{}}} \newline % Row Count 12 (+ 5)
S3 Consistency Model - Read after write consistency for PUTS (you can read imm after write) , Eventually consistent for PUTS and DELETES \newline % Row Count 15 (+ 3)
S3 can send notifications on changes to SQS,SNS \& Lambda. S3 has cross-region replication feature. \newline % Row Count 17 (+ 2)
S3 performance - upto 3500 RPS for PUTS \& 5500 RPS for GETS. Faster upload of \textgreater{}100MB use multi-part. Must use multi part if \textgreater{}5GB. Use cloudfront to cache S3 reads. S3 transfer acceleration(uses edge location) - just need to change the endpoint u write to. If using KMS encryption then  AWS limits applies. \newline % Row Count 24 (+ 7)
S3 \& Glacier Select - Glacier is for long term archival.Its another 'tier' within S3.If you retrieve from glacier you might need only a subset. Otherwise costs might be high. So SQL select queries can be used. No subqueries or joins are supported. Works in CSV,JSON or parquet format.% Row Count 30 (+ 6)
} \tn 
\hhline{>{\arrayrulecolor{DarkBackground}}-}
\end{tabularx}
\par\addvspace{1.3em}

\begin{tabularx}{8.4cm}{X}
\SetRowColor{DarkBackground}
\mymulticolumn{1}{x{8.4cm}}{\bf\textcolor{white}{CICD (Continuous Integration Continuous Delivery)}}  \tn
\SetRowColor{white}
\mymulticolumn{1}{x{8.4cm}}{CICD - automating deployment with additional safety using CodeCommit,CodeBuild,CodePipeline,CodeDeploy \newline % Row Count 3 (+ 3)
CodeCommit - storing code. Version Control.Colloborate with other developers. Code is backed up. Fully viewable and auditable. Provides private repositories. No size limit on repositories. Secure (encryption,ACL).Integrated with Jenkins/CodeBuild and other CI tools. \newline % Row Count 9 (+ 6)
CodeBuild - building and testing code \newline % Row Count 10 (+ 1)
CodePipeline - automating pipeline from code to EB \newline % Row Count 12 (+ 2)
CodeDeploy - deploying code to EC2 fleets. \newline % Row Count 13 (+ 1)
CI - Find bugs early and fix, Deliver faster as the code is tested,Deploy often \newline % Row Count 15 (+ 2)
CD - Ensure that sw can be delivered reliably, Ensures deployments happen often and quick \newline % Row Count 17 (+ 2)
Code Commit security - Authentication using SSH,HTTPS using AWS cli or https cred,MFA can be enabled.IAM to repositories.ENcryption at rest  using KMS and in flight through https/ssh. \newline % Row Count 21 (+ 4)
Code commit notifications - SNS,cloud watch events or lambda. To automatically trigger a code analysis when code is commited and to check if there are no secrets there use AWS SNS/Lambda integ in code commit. \newline % Row Count 26 (+ 5)
Code Pipeline - Visual workflow, source - S3/GIT/Code commit. Made of stages. Each stage can have      seq or parallel actions. Manual approval can be define at any stage. \newline % Row Count 30 (+ 4)
} \tn 
\end{tabularx}
\par\addvspace{1.3em}

\vfill
\columnbreak
\begin{tabularx}{8.4cm}{X}
\SetRowColor{DarkBackground}
\mymulticolumn{1}{x{8.4cm}}{\bf\textcolor{white}{CICD (Continuous Integration Continuous Delivery) (cont)}}  \tn
\SetRowColor{white}
\mymulticolumn{1}{x{8.4cm}}{CodePipeline Artifacts - Each stage in pipeline can produce artifacts which are stored in S3. \newline % Row Count 2 (+ 2)
Pipeline troubleshooting - Stage changes happen in CloudWatch events. Events can create SNS notifications. If stage fails it stops and info can be seen in console. CloudTrail can be used to audit API calls. If pipeline cant perform actions make sure IAM service role has enough permissions. (IAM policies). \newline % Row Count 9 (+ 7)
Code Build - Continous scaling,Fully managed, Leverages docker. Secure as it integrates KMS for secure build artifacts,IAM for build permissions, VPC for nw security, CloudTrail for API calls logging. \newline % Row Count 14 (+ 5)
Code build - Source code from code \seqsplit{commit/S3/github/Codepipeline}. Build inst can be defined in code (buildspec.yaml). Output logs to S3 \& Cloudwatch logs. Cloudwatch events to trigger notifications if build fails. Cloudwatch alarms to notify if threshold failures. Can reproduce locally to troubleshoot using code build agent. \newline % Row Count 21 (+ 7)
Buildspec - buildspec.yaml must be at the root of the code. Environment variables - Secure secrets using SSM parameter store. Phases - Install (dependencies), Prebuild, Build ,postbuild (output). Cache dependencies to S3 to help speed up build. \newline % Row Count 26 (+ 5)
CodeDeploy - Each EC2 instance must run CodeDeploy agent. Agent continously polls CD for work. CD send appsec.yaml. App is pulled from github or S3. EC2 will run deployment instructions. \newline % Row Count 30 (+ 4)
} \tn 
\end{tabularx}
\par\addvspace{1.3em}

\vfill
\columnbreak
\begin{tabularx}{8.4cm}{X}
\SetRowColor{DarkBackground}
\mymulticolumn{1}{x{8.4cm}}{\bf\textcolor{white}{CICD (Continuous Integration Continuous Delivery) (cont)}}  \tn
\SetRowColor{white}
\mymulticolumn{1}{x{8.4cm}}{Code Deploy components - Application (must have unique name), platform (EC2/on-prem,Lanbda),dep group (group of ec2 inst) \newline % Row Count 3 (+ 3)
App Sec - File section (how to copy from git/S3) , Hooks (ApplicationStop,DownloadBundle,BeforeInstall,AfterInstall,Applicationstart,Validate service) \newline % Row Count 7 (+ 4)
Deployment Config - Configs : one a time(1 inst a time), Half at time,all at once, Custom \newline % Row Count 9 (+ 2)
Deploy targets - set of EC2 instances with tags, ASG,Mix of ASG/Tags, Customization in scripts using DEPLOYMENT\_GROUP\_NAME env variable. \newline % Row Count 12 (+ 3)
Codestar - Integrates solution that regroups Github, CodeCommit, Codebuild, Codepipeline, Codedeploy, CloudFormation \& Cloudwatch. \newline % Row Count 15 (+ 3)
Codestar helps create projects for Lambda,EC2,Beanstalk.% Row Count 17 (+ 2)
} \tn 
\hhline{>{\arrayrulecolor{DarkBackground}}-}
\end{tabularx}
\par\addvspace{1.3em}

\begin{tabularx}{8.4cm}{X}
\SetRowColor{DarkBackground}
\mymulticolumn{1}{x{8.4cm}}{\bf\textcolor{white}{CloudFormation}}  \tn
\SetRowColor{white}
\mymulticolumn{1}{x{8.4cm}}{CloudFormation - Infra as code. \newline % Row Count 1 (+ 1)
{\bf{Benefits }} \newline % Row Count 2 (+ 1)
Infra as code - No manual creation of resources.Code is version controlled. Changes to infra are reviewed in code. \newline % Row Count 5 (+ 3)
Cost - you can see how much all resources in stack costs. You can estimate costs of your resources using template. Savings strategy : You can automate deletion of template at 5pm and creation at 8PM. \newline % Row Count 9 (+ 4)
Productivity \newline % Row Count 10 (+ 1)
Separation of concern - VPC stack,Network Stack, App stacks \newline % Row Count 12 (+ 2)
Reusable - use templates on web \newline % Row Count 13 (+ 1)
How CF works - Templates have to be uploaded in S3.To update a template re-upload a new version. Stacks are identified by name. Deleting stack deletes all artifacts. \newline % Row Count 17 (+ 4)
Deploying CF - Manually : Edit templates in CF designer, Using console to input parameters. \newline % Row Count 19 (+ 2)
Automated : Editing templates in YAML File, AWS CLI to deploy templates \newline % Row Count 21 (+ 2)
CF Building blocks - Templates Components : Resources,Parameters,Mappings,Outputs,Conditionals,Metadata. \newline % Row Count 24 (+ 3)
Resources - AWS resources declared in template. Resource type identifier {\bf{AWS:: \seqsplit{aws-product-name::data-type-name} }} e.g. AWS::EC2::instance \newline % Row Count 27 (+ 3)
Parameters -dynamic inputs. If CF resource config is going to change then use parameters. To reference a parameter use {\bf{Fn::Ref }} function. In YAML it is !Ref. \newline % Row Count 31 (+ 4)
} \tn 
\end{tabularx}
\par\addvspace{1.3em}

\vfill
\columnbreak
\begin{tabularx}{8.4cm}{X}
\SetRowColor{DarkBackground}
\mymulticolumn{1}{x{8.4cm}}{\bf\textcolor{white}{CloudFormation (cont)}}  \tn
\SetRowColor{white}
\mymulticolumn{1}{x{8.4cm}}{Pseudo Parameters - AWS provides these params by default. Some are {\bf{AWS::AccountId , AWS::Region , AWS::StackName}} \newline % Row Count 3 (+ 3)
Mappings - static variables, used to differentiate environments(dev,prod) or Regions (us-east-1,eu-central-1). To reference mappings use {\bf{Fn::FindInMap}}. In YAML it is !FindInMap{[}Mapname, Toplevelkey, secondlevelkey{]}. \newline % Row Count 8 (+ 5)
Outputs - References to what has been created. Can export to other stack and used for cross stack reference using {\bf{Fn::ImportValue}}. Cant delete the stack until the underlying cross-ref stack is also deleted. \newline % Row Count 13 (+ 5)
Conditions - list of condition to perform resource creation \newline % Row Count 15 (+ 2)
CF intrinsic functions - Ref , Fn::GetAtt, Fn::FindInMap, Fn::ImportValue, Fn::Join, Fn::Sub (substitute),Condition functions \newline % Row Count 18 (+ 3)
YAML \& JSON are used to create templates. \newline % Row Count 19 (+ 1)
CF Rollbacks - When stack creation fails - default it will roll back (gets deleted). Optional is to stop rollback and troubleshoot what happened. When stack update fails - The stack will rollback to previous known working state. You can see the logs what happened.% Row Count 25 (+ 6)
} \tn 
\hhline{>{\arrayrulecolor{DarkBackground}}-}
\end{tabularx}
\par\addvspace{1.3em}

\begin{tabularx}{8.4cm}{X}
\SetRowColor{DarkBackground}
\mymulticolumn{1}{x{8.4cm}}{\bf\textcolor{white}{Other Services}}  \tn
\SetRowColor{white}
\mymulticolumn{1}{x{8.4cm}}{CloudFront - Works with Content Delivery network. Improves read performance.Cached at edge.Prevents network attacks. Provides encryption. \newline % Row Count 3 (+ 3)
Simple Email Service (SES) - integrates with SNS,Lambda,S3 \newline % Row Count 5 (+ 2)
Step Functions -  Server less workflow to orchestrate Lambda functions,JSON state machine, max execution of 1 yr, integrate with EC2/ECS/API gateway \newline % Row Count 8 (+ 3)
Simple Workflow Service - not server less, Human approval possible, if you need external intervention or child processes then go with this otherwise Step functions. \newline % Row Count 12 (+ 4)
Other Dbs - RDS, Dynamo, \seqsplit{Inmemory(memcached/Redis)},Neptune(graph),OLAP(Redshift),DMS \newline % Row Count 14 (+ 2)
ACM - Certificate manager. Loads SSL certificates to LBs,API gateway,Cloud front distributions% Row Count 16 (+ 2)
} \tn 
\hhline{>{\arrayrulecolor{DarkBackground}}-}
\end{tabularx}
\par\addvspace{1.3em}

\begin{tabularx}{8.4cm}{X}
\SetRowColor{DarkBackground}
\mymulticolumn{1}{x{8.4cm}}{\bf\textcolor{white}{CLI , SDK , IAM Roles \& Policies}}  \tn
\SetRowColor{white}
\mymulticolumn{1}{x{8.4cm}}{} \tn 
\hhline{>{\arrayrulecolor{DarkBackground}}-}
\end{tabularx}
\par\addvspace{1.3em}

\begin{tabularx}{8.4cm}{X}
\SetRowColor{DarkBackground}
\mymulticolumn{1}{x{8.4cm}}{\bf\textcolor{white}{Lambda}}  \tn
\SetRowColor{white}
\mymulticolumn{1}{x{8.4cm}}{} \tn 
\hhline{>{\arrayrulecolor{DarkBackground}}-}
\end{tabularx}
\par\addvspace{1.3em}

\begin{tabularx}{8.4cm}{X}
\SetRowColor{DarkBackground}
\mymulticolumn{1}{x{8.4cm}}{\bf\textcolor{white}{API Gateway}}  \tn
\SetRowColor{white}
\mymulticolumn{1}{x{8.4cm}}{} \tn 
\hhline{>{\arrayrulecolor{DarkBackground}}-}
\end{tabularx}
\par\addvspace{1.3em}

\begin{tabularx}{8.4cm}{X}
\SetRowColor{DarkBackground}
\mymulticolumn{1}{x{8.4cm}}{\bf\textcolor{white}{Serverless App Model (SAM)}}  \tn
\SetRowColor{white}
\mymulticolumn{1}{x{8.4cm}}{} \tn 
\hhline{>{\arrayrulecolor{DarkBackground}}-}
\end{tabularx}
\par\addvspace{1.3em}

\begin{tabularx}{8.4cm}{X}
\SetRowColor{DarkBackground}
\mymulticolumn{1}{x{8.4cm}}{\bf\textcolor{white}{AWS Security \& Encryption : KMS, Parameter store}}  \tn
\SetRowColor{white}
\mymulticolumn{1}{x{8.4cm}}{} \tn 
\hhline{>{\arrayrulecolor{DarkBackground}}-}
\end{tabularx}
\par\addvspace{1.3em}


% That's all folks
\end{multicols*}

\end{document}