Amazon Web Services (AWS)

The magical keyword in the Information Technology industry is the ‘Cloud’ and Amazon Web Services (AWS) is definitely leading the game. Globally distributed organizations require high-available and fault-tolerant services that are possible with AWS. The pay-as-you-go option from AWS is another reason for organizations to subscribe to AWS services.

Amazon Web Services (AWS)

Fortune 500 companies are preferring Amazon Web Services (AWS) in addition to their traditional data centers and original applications. Seamless integration with existing systems is a major plus for AWS. The elasticity and scalability of the AWS help organizations build cost-effective cloud computing services. The on-demand delivery of IT resources and applications via the Internet with pay-as-you-go options is the key advantage of AWS. Agility, reliability, and elasticity are the benefits of AWS.

Access

Users can create an AWS account via there corporate or personal email. AWS services can be accessed via the AWS Management Console, AWS Command Line Interface (CLI), or AWS Software Development Kit (SDK). Users can subscribe or core services and integrated services and create instances. AWS Cloud Practitioner Certification will help to better understand the AWS and learn/share best practices with the community.

Core Services

  1. EC2 – Elastic Cloud Compute: Cloud storage for storing your applications and data
  2. EBS – Elastic Block Storage: Add on storage volumes with pay-as-you-go options
  3. S3 – Simple Storage Service: Managed Storage Service that is scalable for high volumes. Stores application data
  4. AWS Global Infrastructure: Regions, Availability Zones, Edge locations to facilitate provision in multiple locations
  5. VPC – Virtual Private Cloud: Private network with configuration, security control, subnets, route tables, and Internet Gateway
  6. AWS Security Groups: Has builtin firewalls and to specify which traffic to allow

Integrated Services

  1. Application Load Balancer (ALB): Enables routing of instances
  2. Auto Scaling: Automatically adjusts instances based on conditions and capacity management
  3. Route 53: DNS resolution strategies and routing
  4. RDS – Relational Database Services: Managed service to provide relational database services on Cloud.
  5. Lambda: Compute service without provisioning. Create an environment, routines, and functions. ETL and REST API
  6. BeanStalk: Platform-as-a-service for quick deployment of applications. Supports all programming languages
  7. SNS – Simple Notification Service: Send emails/alerts/mobile communications for alerting users
  8. Amazon Cloud Watch: Monitor AWS applications/services and set alarms
  9. Amazon Cloud Front: Content Delivery Network that has local caching and scale out options
  10. Amazon Cloud Formation: Infrasructure-as-a-service; Template with a resource stalk

Five Pillars of AWS Architecture

AWS Architecture and design principles are based on the five pillars for your systems:

  1. Security: Identify Access Management(IAM), Data protection, incident response, traceability, security at all levels
  2. Reliability: Ability to recover from disruption, Scale horizontally
  3. Performance Efficiency: Virtualize resources, deploy in multiple regions, serverless architecture
  4. Cost-Optimization: Maximize ROI, Optimization over time, Match supply with demand, Measure overall efficiency
  5. Operational Excellence: Fault-tolerant and high availability systems

High Availability Systems

The following are the services that support high availability systems through AWS:

  1. Elastic Load Balancer
  2. Route 53
  3. Amazon Cloud Watch
  4. Elastic IP Address
  5. AutoScaling

Fault-Tolerant Systems

The following are the services that support fault-tolerant systems through AWS:

  1. Amazon Simple Queue Service
  2. Amazon Simple Storage Service
  3. Amazon Relational Database Service

Amazon Shared Responsibility

Under AWS Shared Responsibility model, the user is responsible for user data, application, and guest operating system. AWS is responsible for managing Hypervisor, network, and physical resources.

  1. User Data
  2. Application
  3. Guest Operating System
  4. Hypervisor
  5. Network
  6. Physical

Identity and Access Management (IAM)

Identity and Access Management (IAM) in AWS is possible with users, groups, roles, and policy documents.

  1. User: Every user is given permanent credentials also with multi-factor authentication.
  2. Group: Multiple users are categorized into Groups.
  3. Role: Temporary credentials are given to roles based on the users and groups.
  4. Policy Documents: Policy documents establish rules for providing or denying access to the users/groups/roles.

AWS Security

AWS has a resilient infrastructure with high security and strong safeguards. Compliance management and cloud-based governance are possible with AWS Security. Distributed Denial of Service (DDoS), data encryption, key management service, hardware-based key storage, access control and management, and multi-factor authentication are some other features of AWS Security.

AWS Security also passed compliance requirements from many government authorities. Users can run their own scans on top of the AWS Security for compliance.

  1. Amazon Inspector: A tool to improve security and automated security assessment
  2. AWS Shield: Managed Distributed Denial of Service that safeguards applications. The basic AWS Shield is free for all users and the Advanced AWS Shield can be purchased.

AWS Pricing

AWS Pricing has multiple payment options for users. There are pay-as-you-consume or Pay per GB options. Users can pay less when they use more or pay less when paid all upfront. There are monthly payment options for users. Pricing Dashboard, Simple monthly calculator, and TCO calculator assist users in determining the services and duration.

Users can get discounts for reserved instances and there is no charge for inbound data transfer. The AWS free tier provides access for 12 months to try out their services. Users can map usage to pricing and see their pricing on the Consolidated Pricing dashboard.

AWS Support Plans

Amazon Trusted Advisor is a service to advise customers on fault-tolerance, security, performance, and cost-optimization. Users can view recommendations, weekly notifications, and download reports.

AWS Support Plans exist for Basic, Developer, Business, or Enterprise. Technical Account Manager, Trusted Advisor, and Account Assistance is available to users.

Constant Learning

AWS is an ocean and how users can best use those services for their business is constant learning. Good luck on your AWS journey!