Plan and execute for applications migrations

  • vmware vCenter plugin - for migration to EC2 and extend reach of vCenter to new geos without procurement

  • Storage Gateway - Gateway-stored - sits on vm system then takes snapshots stored to migrate VMs to EC2 with consistent snapshots

  • Data Pipeline - provision & terminate; on-prem; scheduled; components: data node, activity, precondition, schedule

  • Server Migration Service - takes in a vm ware instance and output an AMI; manages sync process

  • Cloud Data Migration - unmanaged tools including rsync, S3/Glacier CLI

  • Import/Export Disk - from physical storage shipped to AWS to an encrupted form on S3 bucket, Glacier, or EBS Snapshot; export to s3 encrypted only

  • Database Migration Service - enables migration from lots of different databases (S3, Kinesis too) to AWS databases and from AWS to on-prem; runs on an EC2 instance

  • Schema Conversion Tool - enables heterogeneous database movement

On a related note, many of the migration services do run on-prem: DMS, Server Migration Server, Application Discovery Service, VM Import/export.

Demonstrate ability to design hybrid cloud architectures

  • VPN - transition from VPN to DX = raise BGP cost for VPN

  • Direct Connect - private vif = private addr; public vif = public services

  • VPC - vpc sizes; reserved CIDR; peering not transitive

STS Use Cases

  • SSO to console; no SAML? Broker with STS:AssumeRole; requires IAM user; very similiar to acct -> acct setup

  • SS0 to API; no SAML? Broker with GetFederationToken; requires IAM user

  • SSO to AD or other SAML? no broker; AssumeRoleWithSAML

  • WIF? auth with IdP; AssumeRoleWithWebIdentity