Plan and execute for applications migrations

  • vmware vCenter plugin - for migration to EC2 and extend reach of vCenter to new geos without procurement

  • Storage Gateway - Gateway-stored - sits on vm system then takes snapshots stored to migrate VMs to EC2 with consistent snapshots

  • Data Pipeline - provision & terminate; on-prem; scheduled; components: data node, activity, precondition, schedule

  • Server Migration Service - takes in a vm ware instance and output an AMI; manages sync process

  • Cloud Data Migration - unmanaged tools including rsync, S3/Glacier CLI

  • Import/Export Disk - from physical storage shipped to AWS to an encrupted form on S3 bucket, Glacier, or EBS Snapshot; export to s3 encrypted only

Demonstrate ability to design hybrid cloud architectures

  • VPN - transition from VPN to DX = raise BGP cost for VPN

  • Direct Connect - private vif = private addr; public vif = public services

  • VPC - vpc sizes; reserved CIDR; peering not transitive

STS Use Cases

  • SSO to console; no SAML? Broker with STS:AssumeRole; requires IAM user; very similiar to acct -> acct setup

  • SS0 to API; no SAML? Broker with GetFederationToken; requires IAM user

  • SSO to AD or other SAML? no broker; AssumeRoleWithSAML

  • WIF? auth with IdP; AssumeRoleWithWebIdentity