Notes on: Linux Academy: AWS CSAA: 15) Application & Messaging Services

Just a place to put some notes on the “AWS Certified Solutions Architect - Associate (New!)” course from https://linuxacademy.com

Application Services

Image: Architecture: AWS Account & Services Layer (Application Services)

SNS (Simple Notification Service)

Image: Architecture: Simple Notification Service

SNS Essentials:

- SNS coordinates and manages the sending and delivery of messages to specific endpoints

- We are able to use SNS to receive notifications when events occur in our AWS Environment

- SNS is integrated into many AWS services, so it is very easy to setup notifications based on events that occur in those services

- With CloudWatch and SNS, a full-environment monitoring solution can be created that notifies administrators of alerts, capacity issues, downtime, changes in the environment, and more!

- The service can also be used for publishing IOS/Android app notifications, and creating automation based off notifications

SNS Components:

- Topic:

+ The group of subscriptions that you send a message to

- Subscription:

+ An endpoint that a message is sent

+ Available endpoints include:

-- HTTP

-- HTTPS

-- Email

-- Email-JSON

-- SQS

-- Application, Mobile APP notifications (IOS/Android/Amazon/Microsoft)

-- Lambda

-- SMS (cellular text message)

- Publisher:

+ The “entity” that triggers the sending of a message

+ Examples include:

-- Human

-- S3 Event

-- Cloudwatch Alarm

Image: SNS Dashboard Common Actions

SNS Publisher:

- The “entity” that triggers the sending of a message

- Examples include:

-- Human

-- S3 Event

-- Cloudwatch Alarm

SNS Topic:

- The group of subscriptions that you send a message to

SNS Subscriber:

- An endpoint that a message is sent to

- Available endpoints include:

-- HTTP

-- HTTPS

-- Email

-- Email-JSON

-- SQS

-- Application, Mobile APP notifications (IOS/Android/Amazon/Microsoft)

-- Lambda

-- SMS (cellular text message)

SQS (Simple Queue Service)

Image: Architecture: Simple Queue Service

SQS Essentials:

- SQS provides the ability to have hosted/highly available queues that can be used for messages being sent between servers

- This allows for the creation of distributed/decoupled application components

- SQS is used to create decoupled application environments

- Messages between servers are retrieved through polling

Two types of polling:

- Long Polling (1-20 seconds):

-- Allows the SQS service to wait until a message is available in a queue before sending a response, and will return all messages from all SQS services

-- Long polling reduces API requests (over using short polling)

- Short Polling:

-- SQS samples a subset of servers and returns messages from just those servers

-- Will not return all possible messages in a poll

-- Increases API requests (over long polling), which increases costs

Other important SQS facts:

- Each message can contain up to 256KB of text (in any format)

- Amazon SQS guarantees delivery of each message at least once BUT DOES NOT guarantee the order (best effort) in which they are delivered to the queue

- It does not guarantee first-in-first-out order

- SQS is also highly available and redundant

SQS Workflow:

- Generally a “worker” instance will “poll” a queue to retrieve waiting messages for processing

- Auto Scaling can be applied based off of queue size so that if a component of your application has an increase in demand, the number of work instances can increase

Decoupled Architecture:

- Tightly Coupled System:

-- A system architecture of components that are not just linked together but are also dependent on each other

-- If one component fails all components fail

- Loosely Coupled/Decoupled Systems:

-- Multiple components that can process information without being connected

-- Components are not connected - if one fails the rest of the system can continue processing (fault tolerant/highly available)

- AWS Services that are used for distributed/decoupled system architectures:

-- SWF (Simple Work Flow Service)

-- SQS (Simple Queue Service)

Image: Tightly Coupled System / Loosely Coupled System

SQS Message:

- A set of instructions that will be relayed to the “worker” instances via the SNS Queue

- Can be up to 256KB of text (in any format)

- Each message is guaranteed to be delivered at least once:

-- Order is not guaranteed

-- Duplicates can occur

SQS Queue:

- A queue stores messages (for up to 14 days) that can be retrieved through “polling”

- Queues allow components of your application to work independently of each other (decoupled environments)

SWF (Simple Workflow Service)

Image: Architecture: Simple Workflow

Simple Workflow Essentials:

- SWF is a fully-managed “work flow” service provided by AWS

- A SWF workflow allows an architect/developer to implement distributed, asynchronous applications as a work flow

- A workflow coordinates and manages the execution of activities that can be run asynchronously across multiple computing devices

- SWF has consistent execution

- Guarantees the order in which tasks are executed

- There are no duplicate tasks

- The SWF service is primarily an API which an application can integrate its work flow service into. This allows the service to be used by non-AWS services, such as an on-premise data center

- A workflow execution can last up to 1 year

Components of SWF

- Workflow: A sequence of steps required to perform a specific task

-- A workflow is also commonly referred to as a decider

- Activities: A single step (or unit of work) in the workflow

- Tasks: What interacts with the “workers” that are part of a workflow

-- Activity task - Tells the worker to perform a function

-- Decision task - Tells the decider the state of the work flow execution, which allows the decider to determine the next activity to be performed

- Worker: Responsible for receiving a task and taking action on it

-- Can be any type of component such as an EC2 instance, or even a person

API Gateway

Image: Architecture: API Gateway

API Gateway Essentials:

- API Gateway is a fully-managed service that allows you to create and manage your own APIs for you application

- API Gateway acts as a “front door” for your application, allowing access to data/logic/functionality from your back-end services

API Gateway Main Features:

- Build RESTful APIs with:

-- Resources

-- Methods (i.e. GET, POST, PUT)

-- Settings

- Deploy APIs to a “Stage” (different envs: i.e. dev, beta, production)

-- Each stage can have its own throttling, caching metering and logging

- Create a new API version by cloning an existing one

-- You can create and work on multiple versions of an API (API version control)

- Roll back to previous API deployments

-- A history of API deployments are kept

- Custom domain names

-- Custom domain names can point to an API or Stage

- Create and manage API keys for access AND meter usage of the API keys through Amazon CloudWatch logs

- Set throttling rules based on the number of request per second (for each HTTP method)

-- Request over the limit throttled (HTTP 429 response)

- Security using Signature v.4 to sign an authorize API calls

-- Temporary credentials generated through Amazon Cognito and Security Token Service (STS)

Benefits of API Gateway:

- Ability to cache API responses

- DDos protection via CloudFront

- SDK generation for IOS, Android, and JavaScript

- Supports Swagger (a very popular framework of API dev tools)

- Request/response data transformation (i.e. JSON IN to XML OUT)

API Gateway Caching:

- API Gateway will cache API responses so that duplicate API request do not have to hit your back-end

-- This reduces load on your back-end AND

-- Speeds up calls to your back-end

- You can configure a cache key and Time to Live (TTL) of the API response

- Caching can be setup on a per API or per stage basis

API Gateway: CloudFront

- API Gateway benefits from using CloudFront infrastructure:

-- Built in Distributed Denial of Service (DDoS) attack protection and mitigation

-- All CloudFront Edge Locations become entry points for your API into your back-end

- Summary: Benefits are reduced latency and improved projection

API Gateway: CloudWatch

- CloudWatch can be used to monitor API Gateway activity and usage

- Monitoring can be done on the API or Stage level

- Throttling rules are monitored by CloudWatch

- Monitoring metrics include such statistics as:

-- Caching

-- Latency

-- Detected errors

- Method-level metrics can be monitored

- You can create CloudWatch alarms based on these metrics

Quiz: Application Services Quiz

Q: An SQS Message is?

A: A set of instructions stored in an SQS queue that can be up to 256KB in size

E: An SQS message can be up to 256KB in size of text (in any format) and is used to relay instructions from one instance to another (via an SQS queue).

Q: How can you create different versions of an API using API Gateway and also create a full development lifecycle? (2 answers)

A1: Create a new API version by cloning an existing one

A2: Deploy APIs to stages: dev, beta, production

E: You can create lifecycle stages (dev, beta, production) for which to deploy APIs. Each stage can have it's own throttling, caching metering, and logging. You can also create a new API version by cloning an existing one. In addition, you can roll back to previous versions of an API.

Q: If your application's architecture is currently tightly coupled, what AWS service should you use to decouple the application?

A: SQS (Simple Queue Service) and, to a lesser extent, SWF (Simple Workflow) can be used to decouple application components.

Q: What are some of the essential elements of API Gateway?

A1: API Gateway is a fully managed service that allows you to create and manage your own APIs for your application

A2: API Gateway acts as a "front door" for your application.

E: API Gateway is a fully managed service that allows you to create and manage your own APIs for your application. API Gateway acts as a "front door" for your application, allowing access to data/logic/functionality from your back-end services.

Q: What best describes decoupled architecture?

A: A system architecture of multiple components that can process information without being connected.

E: A loosely coupled (or decoupled) system is one that has multiple components but can work independently of each other. So if one fails, the other components can continue to work.

Q: How long can an SWF workflow execution last?

A: 1 year

Q: What service should you choose if you want to send notifications via text message to a system administrator?

A: SNS

E: SNS (Simple Notification Service) is the AWS service that provides the ability to send notifications to various endpoints, with SMS (test messages) being one of them.

Q: What are some of the benefits of using API Gateway? (2 answers)

A1: Ability to cache API responses

A2: DDoS protection via CloudFront

E: Benefits of API Gateway include:

- Ability to cache API responses

- DDoS protection via CloudFront

- SDK generation for IOS, Android, and Javascript

- Supports Swagger (a framework of API dev tools)

- Request/response data transformation

T: SNS can be used to send push notifications to Android and iOS mobile devices.

Q: What is the purpose of an SWF decision task?

A: It tells the decider the state of the work flow execution.

E: A decision task is used to communicate (back to the decider) that a given task has been completed.