AWS Certified Developer Associate Hints - Route 53, CloudFront, S3 (Part III)

AWS Route 53

  • Highly available, scalable, fully managed, and authoritative DNS service.
  • Route 53 is also a domain registrar.
  • Can check the health of resources.
  • The only AWS service with a 100% availability SLA.
  • Why is it called Route 53? The number 53 refers to the traditional DNS port.

Route 53 Records:

Each Route 53 record consists of:

  • Domain/Subdomain name
  • Record type
  • Value
  • Routing policy
  • TTL (Time-to-Live)

Route 53 Record Types:

  • A - Maps a hostname to IPv4.
  • AAAA - Maps a hostname to IPv6.
  • CNAME - Maps a hostname to another hostname; cannot be used for root domains.
  • NS - Defines name servers for the hosted zone.

Hosted Zones:

  • Public Hosted Zone - Routes traffic on the internet.
  • Private Hosted Zone - Routes traffic within one or more VPCs.

CNAME vs ALIAS:

  • CNAME - Maps a hostname to any other hostname (except for the root domain).
  • ALIAS - Maps a hostname to an AWS resource (including root domain support).

Route 53 Health Checks:

  • HTTP health checks for public resources.
  • Automated DNS failover.
  • Integrated with CloudWatch for monitoring.
  • Global health checkers (around 15) verify endpoint health.
  • Supported protocols: HTTP, HTTPS, TCP.
  • Health checks pass when the endpoint responds with 2xx or 3xx codes.
  • Health checks can validate text in the response.

Route 53 Routing Policies:

  • Simple - Routes traffic to a single resource.
  • Weighted - Distributes traffic based on assigned weights.
  • Latency-Based - Routes users to the lowest latency AWS region.
  • Failover - Routes traffic to a failover resource if the primary is unhealthy.
  • Geolocation - Routes based on user location.
  • Geo-Proximity - Routes based on proximity of users to resources.
  • IP-Based - Routes based on client IP address.
  • Multi-Value - Routes to multiple resources; returns up to 8 healthy records.

AWS CloudFront

  • Content Delivery Network (CDN).
  • Improves read performance by caching content at edge locations.
  • Integrates with AWS Shield and AWS WAF for DDoS protection.
  • 216 points of presence globally.

CloudFront Origins:

  • S3 Bucket - Distributes static files.
  • Custom Origin (HTTP) - Can be an ALB, EC2 instance, or an S3 website.

CloudFront vs S3 Cross-Region Replication:

  • CloudFront caches content globally for fast access.
  • S3 Cross-Region Replication is real-time but requires setup per region.

CloudFront Cache Policies:

  • Cache key - Unique identifier for cached objects.
  • Strategies: None, Whitelist, Include All-Except, All.

CloudFront Security:

  • Geo Restrictions - Allowlist or blocklist countries.
  • Signed URLs & Signed Cookies - Secure content access.
  • Field-Level Encryption - Encrypt sensitive data at edge locations.

Amazon S3

Common Use Cases:

  • Backup and storage.
  • Disaster recovery.
  • Big data analytics and data lakes.
  • Hosting static websites.

S3 Object Basics:

  • Objects are stored in buckets with globally unique names.
  • Objects have keys (full path and object name).
  • Max size: 5 TB (multipart upload for >5 GB files).
  • Metadata & tags - Useful for tracking and security.

S3 Security:

  • IAM policies - API access control.
  • Bucket policies - Allow cross-account access.
  • Access Control Lists (ACLs) - Fine-grained permissions.
  • Encryption: SSE-S3, SSE-KMS, SSE-C, client-side encryption.

S3 Storage Classes:

  • S3 Standard - High performance, general purpose.
  • S3 IA (Infrequent Access) - Lower cost for less frequent access.
  • S3 Glacier - Low-cost long-term storage.
  • S3 Intelligent-Tiering - Auto-moves data between tiers.

S3 Lifecycle Rules:

  • Transition Actions - Move objects between storage classes.
  • Expiration Actions - Auto-delete old files.

S3 Performance Optimization:

  • S3 Transfer Acceleration - Uses edge locations for faster uploads.
  • S3 Select - Filter data with SQL queries on S3 objects.

Conclusion

This post covers Route 53, CloudFront, and S3, essential AWS services for scalable networking, content delivery, and object storage. Mastering these topics is crucial for AWS Certified Developer Associate exam preparation.