AWS Essentials - Part 0 [ Course Summary in AWS Cloud ]

Introduction to AWS

Welcome to this course on AWS Essentials!

Here you will first learn about Cloud Computing and its characteristics. Then you will understand What is AWS, its application, and its usage. Following that, you will learn in detail about the different kinds of products AWS supports.

Hope you had great learning! To summarize, you first

• Learned about Cloud Computing & its characteristics
• What is AWS & its application & usage?

Following that deep-dived into the different offerings -

• Compute
• Mobile Services
• Networking & Content Delivery
• Developer Tools
• Management Tools
• Security & Compliance
• Application Services
• Messaging

If you like what you read please Like , share, and Subscribe to our newsletter and CodeOn Youtube Channel

AWS Essentials - Part 10 [ Mobile Services in AWS Cloud ]

AWS allows to easily build advanced cloud-powered applications for mobile devices! You might want to run the app on your preferred device efficiently, quickly, and securely. AWS offers the environment for this.

Stream Real-Time Data – Gather real-time clickstream logs and react quickly. Store Shared Data – Store and query NoSQL data to users and devices. Authorize Access – Securely access cloud resources. Send Push Notifications – Keep users active by transmitting messages reliably. Deliver Media – Detect mobile devices automatically and render content quickly on a global basis. Analyze User Behavior – Track engagement and active users. Synchronize Data – Sync user preferences across devices. Manage Media – Store and share user-generated photos and other media items. Authenticate Users – Manage identity providers and users.

 Everything You Need to Build Mobile Apps

Bountiful Cloud Services AWS provides a wide set of highly scalable, fully managed services that include data warehousing, content delivery, streaming, monitoring, databases, storage, logic, and machine learning in-app without the need to manage any infrastructure.

The Tools To Help You Build AWS allows you to add cloud services to mobile apps easily.

• Develop a serverless mobile backend
• Manage user identity and sign-in
• Transmit push notifications
• Track usage patterns and maximize your app with in-app analytics.
• Test against a huge set of real devices.

 AWS Offerings

• AWS Mobile Hub - Build, Test, and Monitor Apps
• Amazon Cognito - User Identity and App Data Synchronization
• AWS Mobile SDK - Mobile Software Development Kit
• Amazon API Gateway - Build, Deploy, and Manage APIs
• Amazon Pinpoint - Push Notifications for Mobile Apps
• AWS Device Farm - Test Android, FireOS, and iOS Apps on Real Devices in the Cloud

 Mobile Hub

AWS Mobile Hub provides an integrated console that helps you

• Build
• Test and
• Monitor & manage mobile apps.

Mobile Hub provisions and configures the necessary AWS services and creates a working sample app.

Cognito

Amazon Cognito reduces the task of

• Authenticating users, storing and managing
• Synchronizing data across several applications, platforms, and devices.

This functions both offline or online and enables to save user-specific data securely such as game state and application preferences.

Cognito supports unauthenticated guest users and works with several existing identity providers.

AWS Essentials - Part 9 [ Application Services in AWS Cloud ]

AWS Application services have a broad range of services that helps in enhancing the rendering of the application overcloud. Main offerings include -

Amazon Elastic Transcoder - Simple Scalable Media Transcoding Amazon API Gateway - Build, Deploy, and Manage APIs AWS Step Functions - Coordinate Distributed Applications

 Step Functions

Offers a graphical console to set up and visualize the components of the application as a series of steps.

• Easy to create and run multi-step applications.
• Coordinate the components of microservices and distributed applications using visual workflows.
• Create applications from single components that each perform a discrete function to change and scale applications quickly.
• Triggers and tracks each step automatically, and retries when errors are noticed, which ensures your application executes as intended and in order.
• Logs the state of every single step. When things go wrong, it is simple to diagnose and debug issues fast. You can change and include steps without the need to write code, effortlessly evolve the application and innovate rapidly.
• Manages the underlying infrastructure and operations to ensure the application is available at all scales.

API Gateway

Fully managed service that allows developers to create, publish, maintain, monitor, and secure APIs easily at any scale.

• Serves as a “front door” for applications to access functionality, data, or business logic from your back-end services, like, code running on AWS Lambda, workloads running on Amazon EC2, or any Web application.
• Takes care of processing and accepting of concurrent API calls, including API version management, monitoring, traffic management, and authorization and access control
• Pay only for the API calls received and the data transferred.

How does AWS API Gateway work?

API Gateway Benefits

• Low-Cost and Efficient
• Performance at Any Scale
• Easily Monitor API Activity
• Streamline API Development
• Secure and Flexible
• Flexible Security Controls
• Create RESTful Endpoints
• Run Your APIs Without Servers

 Elastic Transcoder

Media transcoding in the cloud.

Businesses and developers could transcode or convert media files from their source format into versions that will playback on devices such as PCs, tablets, and smartphones.

It is designed to be user-friendly, economical, and highly scalable.

AWS Essentials - Part 8 [ Messaging in AWS]

• Fully managed message queues for safe communication between microservices and applications
• Quick, flexible, fully managed push notification service to transmit specific messages or to fan-out messages to numerous recipients
• Run targeted campaigns to create user engagement in mobile applications
• cost-effective email service created on the scalable and reliable infrastructure

Key offerings -

• Simple Email Service (SES) - Email Sending and Receiving
• Pinpoint - Push Notifications for Mobile Applications
• Simple Notification Service (SNS) - Pub or Sub, Mobile Push and SMS
• Simple Queue Service (SQS) - Managed Message Queues

AWS Essentials - Part 7 [ IOT ]

AWS has developed IoT-specific services that assist to gather and send data to the cloud. The IoT services make it comfortable to load and analyze information and offer the capability to manage devices and stress on developing applications that suit the requirements.

AWS Greengrass helps to operate data caching, messaging and local compute for connected devices in a safe way.

AWS IoT Platform is a managed cloud platform that allows connected devices to interact with other devices and cloud applications securely and easily. AWS IoT can support many devices and a lot of messages.

AWS IoT Button is a programmable button that is based on the Amazon Dash Button hardware. The Wi-Fi device is effortless to configure. AWS IoT Button is offered to developers to use Amazon SNS, Amazon DynamoDB, AWS Lambda, AWS IoT, and several other Amazon Web Services without the need to write device-specific code.

This video will give you more knowledge on AWS IoT

AWS Essentials - Part 6 [ Security, Identity and Compliance ]

• AWS offers data center and network architecture built to meet the requirements of the most ***security-sensitive organizations***.
• The AWS cloud provides a platform to scale and innovate, while still maintaining a secure environment.
• Pay only for the services been used.

·         Security, Identity, and Compliance Products

·  

·         Amazon Inspector - automated security assessment service, that aids to enhance the compliance and security of applications deployed on AWS.

·         AWS Identity and Access Management (IAM) - controls users' access to AWS services. Allows to create, manage users and groups, and deny or grant access.

·         AWS Artifact - the portal offers on-demand access to AWS compliance and security documents (audit artifacts).

·         Amazon Cloud Directory - set up flexible cloud-native directories to organize hierarchies of data along numerous dimensions.

·         AWS Certificate Manager - seamlessly manage, provision, and deploy Secure Sockets Layer (SSL)/Transport Layer Security (TLS) certificates.

·         AWS CloudHSM - fulfill regulatory, contractual, and corporate compliance requirements for data security by utilizing a dedicated Hardware Security Module (HSM). AWS Directory Service - allows AWS resources and directory-aware workloads to utilize managed Active Directory in AWS Cloud for Microsoft Active Directory.

·         AWS WAF - web application firewall that aids in protecting web applications from web threats that could eat up excessive resources, or compromise security, hinder application availability.

AWS Essentials - Part 5 [ Networking and Content Delivery in AWS ]

 This ensures the provision of

• Global Content Delivery Network (CDN) service that speeds up delivery of video content, APIs, websites, or other web assets.
• A logically isolated section of AWS cloud, where you can open AWS resources in a virtual network.
• Offer more safe and economical ways to route end users to web applications by translating names into IP addresses.
• Set up a dedicated network connection from a location to AWS.

Networking and Content Delivery in AWS

Services offered -

• Elastic Load Balancing: High Scale Load Balancing
• Amazon Route 53: Scalable Domain Name System
• Amazon Cloud Front: Global Content Delivery Network
• AWS Direct Connect: Dedicated Network Connection to AWS
• Amazon VPC: Isolated Cloud Resources

AWS Essentials - Part 4 [ Management Tools in AWS ]

AWS offers a wide set of services for IT and System administrators to seamlessly manage and monitor -

• Infrastructure logs and metrics using alarms and real-time dashboards.
• Hybrid infrastructure resources

AWS also allows to track, monitor, and enforce security and compliance.

Services

• Amazon EC2 Systems Manager: Configure and Manage EC2 Instances and On-premises Servers
• AWS CloudTrail: Track User Activity and API Usage
• AWS Config: Track Resource Inventory and Changes
• AWS Service Catalog: Create and Use Standardized Products
• AWS Personal Health Dashboard: Personalized view of AWS service health
• Amazon CloudWatch: Monitor Resources and Applications
• AWS Cloud Formation: Create and Manage Resources with Templates
• AWS OpsWorks: Automate Operations with Chef
• AWS Trusted Advisor: Optimize Performance and Security

Amazon CloudWatch

Understand Cloudwatch by viewing this video.

Amazon CloudWatch is a monitoring service designed for AWS cloud resources and the applications operate on AWS. Amazon CloudWatch can be used to:

• Automatically react to changes in AWS resources.
• Collect, monitor log files, and set alarms
• Collect and track metrics

Attain system-wide visibility into operational health, application performance, and resource utilization.

Amazon CloudWatch monitors AWS resources such as

• Amazon RDS DB instances
• Amazon DynamoDB tables
• Amazon EC2 instances
• Custom metrics or logs created by services and applications

Amazon CloudTrail

AWS CloudTrail is a service that allows risk auditing, operational auditing, compliance, and governance of AWS account.

• Routinely monitor and retain events specific to API calls throughout the AWS infrastructure.
• Offers history of AWS API calls for your account, which includes API calls done through the AWS SDKs, AWS Management Console, command-line tools, and various AWS services.
• Reduces troubleshooting, security analysis, and resource change tracking.

Benefits:

• Security Automation
• Visibility Into User and Resource Activity
• Security Analysis and Troubleshooting
• Simplified Compliance

AWS Essentials - Part 3 [ Compute in AWS Cloud ]

Compute in AWS Cloud

Compute forms the nucleus of creating and executing business.

AWS provides several compute products that allow to deploy, run, and scale applications as virtual servers, code, or containers.

Compute Covers

• Simple websites and applications on one or a few servers
• Control and manage cluster or server-level functions such as deployment and scaling
• Manage stateful or stateless applications packaged as Docker containers
• Stateless, event-initiated applications that require fast response times

AWS Compute Offerings

Different Compute services offered by AWS.

• Amazon EC2 - Virtual Servers in the Cloud
• Amazon EC2 Container Service - Run and Manage Docker Containers
• AWS Lambda - Run Code in Response to Events
• Amazon EC2 Container Registry - Store and Retrieve Docker Images
• Amazon LightSail - Launch and Manage Virtual Private Servers
• Amazon VPC - Isolated Cloud Resources
• AWS Batch - Run Batch Jobs at Any Scale
• AWS Elastic Beanstalk - Run and Manage Web Apps
• Auto Scaling - Automatic Elasticity

What is Amazon EC2?

Whatever kind of application you run; you're certainly going to need servers. Sometimes you might need larger ones and sometimes you might need smaller ones. Sometimes you might not need many and other times you might need tens or hundreds. Whatever your requirements, wouldn't it be great to be able to obtain servers quickly and inexpensively? Traditionally, obtaining servers could be quite time-consuming and typically something that could take weeks or even months.

You have to research into the right kind of hardware to buy, maybe get budget approval and then purchase the hardware, have it racked and stacked and eventually, get access to your servers. and once you've purchased the servers, you are stuck with them.

Amazon Elastic Compute Cloud or Amazon EC2 makes it easy for you to obtain virtual servers also known as compute instances in the cloud quickly and inexpensively. You simply choose the instance type you want, the template you would like to use which could be based on Windows or Linux and launch the quantity you need.

You can do this with a few clicks from the AWS Management Console or automate the process via an API using SDK in your choice of language within minutes your instances will be running and you will have access with full administrative control just like any other server and with Amazon EC2 you pay only for what you use.

When you're done using your instances you stop them and you stop paying for them. Amazon EC2 provides a range of instance types designed for different use cases. These range from small and economical instances that is a great choice for low volume applications up to cluster compute instances designed for high-performance computing workloads and could-based supercomputing on demand.

Amazon EC2 provides instances optimized for computing, memory, storage and GPU processing to enable you to find the right price and performance combination for whatever workloads you want to run. It's also really easy to resize your instances if your business or application requirements change. Amazon EC2 offers a choice of flexible pricing options. With on-demand pricing, you pay only for what you use.

When you stop your instances, you stop paying, there are no long-term commitments or upfront fees. Reserved instance pricing lets you obtain a significant discount over the on-demand price in return for a low one-time payment.

Spot instance pricing lets you name the price you want to pay for instances using market-based pricing and can allow you to obtain compute capacity at a significant discount to the on-demand price. We know that security is very important for your applications and Amazon EC2 provides several built-in security features. Your instances are located in a Virtual Private Cloud or VPC that is a logically isolated network that you control.

Amazon VPC provides you with several network security tools you can use to control who can access your instances?

You can also connect securely to your on-premises network with a hardware-based VPN device. Amazon EC2 instances provide you with various amounts of directly attached temporary storage depending on the instance type and you can also use Amazon Elastic Block Store or EBS to provide persistent block storage for your Amazon EC2 instances.

Amazon EBS also offers you the ability to provision storage with a specific level of performance to meet the needs of your application. It can be difficult to predict the demand that your applications might experience and Amazon EC2 provides auto-scaling to help ensure that the demands of your application are met.

Auto-scaling lets you define metrics to increase or decrease the number of instances that you are running. You can choose standard metrics, such as network bandwidth or CPU utilization or a custom metric that you define. This helps you ensure that you can meet your application's demands without manual intervention and pay only for what you need.

You can sign up for an AWS account today and get started with Amazon EC2 in minutes and with the AWS Free Tier, you can try cloud computing for free.

Amazon Elastic Compute Cloud (EC2)

Amazon EC2 offers resizable cloud-based compute capability taking shape as virtual servers. There is a broad range of instance types that are easily manageable and exhibit different combinations of networking capacity, storage size, amount of memory, and CPU power.

Features

• Removes the necessity of upfront investment in computer hardware.
• Commission numerous instances simultaneously
• Pay only for the used quantity
• Change web-scale cloud computing easy

Applications

• Big data - e.g. Hadoop
• Database software - e.g. Aurora, DynamoDB
• Enterprise applications - e.g. SAP, Oracle
• Migrations from on-premises environments
• Open-source cluster management

Amazon EC2 Container Service (ECS)

Amazon ECS is a scalable, performance container management service to include Docker containers. It enables you to run applications at ease on a managed cluster of Amazon EC2 instances.

Amazon ECS removes the necessity to install, run, and scale cluster management infrastructure.

Applications

• Web applications
• Microservices
• Batch jobs
• Docker workloads

How does Amazon ECS work?

Containers deliver speed and agility for your business but can require a lot of heavy lifting running complex container orchestration software managing and upgrading the orchestration systems having disjointed processes for hybrid environments not to mention managing cost and security concerns your time and your developers time is better spent focusing on projects to help grow your business.

This is how amazon elastic container service can help amazon ECS is fully automated with no control plane to manage and with ECS anywhere customers can work with containers in both cloud and on-premises environments.

Combining ECS on Fargate customers don't have to manage hosts no patching upgrading or maintenance overhead EC2 delivers security cost control and simplicity while removing the burden from your teams end to end innovate faster reduce overhead and spend more time deploying projects critical to your business growth build pipelines with agility and speed for networking storage and automated scheduling that scale automatically ECS seamlessly integrates with other AWS services if you know AWS you know ECS and teams can also run containers on computing services such as ec2 using the ECS fully managed control plane.

Best of all there is no additional charge for Amazon ECS you only pay for the AWS resources you need to store and run your application get started with ECS today.

AWS Lambda

AWS Lambda aims to run code without managing or provisioning servers.

• Lambda is the nucleus of serverless computing. To build and run services and applications without bothering about servers.
• Run code for virtually any type of backend service or application - with no administration.
• Upload the code and Lambda handles everything needed to run and scale the code with better availability.
• Pay only for the compute time that you use.
• Create code to automatically trigger from other AWS services, otherwise, call it directly from a mobile or web app.

Applications

• Web applications
• Mobile backends
• IoT backends
• Stream processing workloads
• File processing workloads

How does AWS Lambda work?

When you're building applications you want them to deliver a great experience for your users maybe you want your application to generate in-app purchase options during a gaming session rapidly validate street address updates or make image thumbnails available instantly after a user uploads photos to make this magic happen your application needs back-end code that runs in response to events like image uploads in-app activity website clicks or sensor outputs but managing the infrastructure to host and execute back-end code requires you to size provision and scale a bunch of servers manage operating system updates apply security patches and then monitor all this infrastructure for performance and availability wouldn't it be nice if you could just focus on building great applications without having to spend lots of time managing servers.

Introducing AWS Lambda AWS Lambda is a compute service that runs your backend code in response to events such as object uploads to Amazon s3 buckets updates to Amazon DynamoDB tables data and Amazon Kinesis dreams or in-app activity once you upload your code to lambda the service handles all the capacity scaling patching and administration of the infrastructure to run your code and provides visibility into performance by publishing real-time metrics and logs to Amazon Cloud Watch all you need to do is write the code.

AWS lambda is very low cost and does not require any upfront investment when you use AWS lambda you're simply charged a low fee per request and for the time your code runs measured in increments of 100 milliseconds getting started with AWS lambda is easy there are no new languages tools or frameworks to learn you can use any third-party library even native ones the code you run on AWS Lambda is called a lambda function you just upload your code as a zip file or design it in the integrated development environment in the AWS management console or you can select from a list of function samples pre-built for common use cases image conversion file compression and change notifications and built-in support for the AWS SDK makes it easy to call other AWS services once your function is loaded you select the event source to monitor such as an Amazon s3 bucket or Amazon DynamoDB table and within a few seconds lambda will be ready to trigger your function automatically

When an event occurs with lambda any event can trigger your function making it easy to build applications that respond quickly to new information to learn more about AWS lambda visit our website and you can get your first Lambda function up and running with a few clicks in the AWS management console and with the AWS free tier, you can try lambda for free.

AWS Essentials - Part 2 [ AWS Cloud - Products ]

AWS Cloud - Products

Let us explore different types of products in AWS.

Compute - AWS provides numerous compute products that allow you to deploy, run, and scale applications as virtual servers, code or containers.

Storage - Cloud storage is the secure, scalable and reliable component that includes the information used by applications.

Database - AWS provides fully managed NoSQL and relational databases, and in-memory cache to suit your application needs.

Developer Tools - AWS Developer tools is a set of services that are offered to allow developers to securely version control and store the source code of applications. Also, it aids to build, test and deploying the application automatically.



Management Tools - Aids you to manage the applications and resources.

Security and Compliance - Allows customers to know the proficient controls at AWS to maintain data protection and security in the cloud.

Messaging - Provides several messaging services and tools with diverse abilities.

Application Services - Offers a plethora of managed services for use with applications such as converting digital media into different formats, including search to your website, and hosting streaming applications.

AWS Essentials - Part 1 [ Introduction to AWS ]

AWS Essentials

Amazon Web Services is a leading cloud-based services platform and if you are aiming for a career in cloud technology, AWS Essentials is a great place to start. This course will introduce you to the various services and products offered by AWS.

Introduction to AWS

Welcome to this course on AWS Essentials!

Here you will first learn about Cloud Computing and its characteristics. Then you will understand What is AWS, its application and its usage. Following that, you will learn in detail about the different kinds of products AWS supports.

1. Compute
2. Storage
3. Database
4. Networking and Content Delivery
5. Developer Tools
6. Management Tools
7. Security and Compliance
8. Application Services
9. Messaging

AWS Cloud

Here you will get a chance to know more about the different offerings of AWS.

What is Cloud Computing?

Before drilling down further into AWS, let us first understand What is Cloud computing?

Cloud Computing

• It is the type of Internet-based computing that provides shared computer processing resources and data to computers and other devices on demand.
• It is a model for enabling ubiquitous, on-demand access to a shared pool of configurable computing resources (e.g., computer networks, servers, storage, applications and services) provisioned with minimal management effort.
• This relies on sharing of resources to achieve coherence and economy of scale, similar to a utility (like the electricity grid over an electricity network.)

Source - Wikipedia

Cloud Characteristics

National Institute of Standards and Technology (NIST) highlights various characteristics that are needed for a service to be regarded as “Cloud”.

1. On-demand self-service - Sign up and enjoy the services without delays.
2. Broad network access - Access service through standard platforms (laptop, mobile, desktop, etc.)
3. Resource pooling - Resources are pooled to multiple customers.
4. Rapid elasticity - Ability to meet demand peaks.
5. Measured Service - Billing is metered and delivered as a utility service.

Three unique categories within Cloud Computing:

• Software as a Service (SaaS)
• Platform as a Service (PaaS)
• Infrastructure as a Service (IaaS)

Software as a Service (SaaS)

1. Capability to run applications on a cloud infrastructure.
2. Applications are accessible from several client devices via either a thin client interface, like a web browser e.g., web-based email
3. The interplay between the outside world and organization. e.g., email newsletter campaign software
4. Software for a short term requirement. e.g., collaboration software for a particular project
5. “Vanilla” offerings where the solution is not differentiated.
6. The consumer does not control or manage the underlying cloud infrastructure, which includes servers, networks, operating systems and storage.

SaaS is not suitable in scenarios where the application

1. processes quick real-time data.
2. has a regulation or legislation that does not allow data to be hosted externally.
3. the existing on-premise solution that satisfies all of the requirements of an organization.

Platform as a Service (PaaS)

Computing platform that permits creating web applications effortlessly, fast, with no complexity of buying or maintaining the infrastructure and software.

1. Services to develop and test applications, as well as deploy, host and maintain applications in a similar integrated development environment.
2. Ability to deploy on cloud infrastructure with the help of programming languages, services, libraries, and tools.
3. Built-in scalability of deployed software with failover and load balancing.
4. Integration with databases and web services through common standards.

PaaS is not suitable in scenarios where the application -

• requires to be more portable concerning where it is hosted.
• performance needs customization of the underlying software and hardware.
• proprietary approaches or languages would affect the development process.

Infrastructure as a Service (IaaS)

Capableness to provide networks, processing, storage, and other fundamental computing resources, and ability to deploy, run arbitrary software that can include operating systems and applications. Here, the consumer is incapable of controlling or managing the underlying cloud infrastructure.

1. Resources are distributed as a service and enable dynamic scaling
2. Utility pricing model
3. Multiple users on one hardware Applicability-
4. New organizations with less capital could invest in hardware easily
5. Organizations growing rapidly
6. Pressure on the organization to restrict capital expenditure and to migrate to operating expenditure

IaaS is not suitable in cases where

• strict regulatory compliance is followed
• A very high level of performance is required.

More on Cloud Computing

Let's discuss some advantages to moving to the cloud

1. Variable as opposed to upfront
2. Fixed cost
3. Economics of scale can reduce Operating cost
4. It's easier to match capacity to demand
5. It allows you to focus on developing and deploying applications instead of the undifferentiated heavy lifting associated with managing an on-premises data centre.
6. It allows you to increase the velocity of your Agile development and allows a global presence right out of the gate.

Types of Cloud Services

Following are the different types of services that are offered by cloud

1. Infrastructure as a Service: This allows you to easily provision the IT components you require; including networking capabilities, computers, multi-tenant or dedicated, and data storage. It's flexible and allows you to control and manage your IT resources similar to the way you would in a traditional on-premises data centre, such as EC2, S3, and VPC.
2. Platform as a Service: It frees you from having to manage the underlying infrastructure and focus on the deployment and management of your application. It frees you from having to think about resource procurement, capacity planning, software maintenance, and patching. Examples of Platform as a Service on AWS include Route 53, Elastic Load Balancing, and Auto Scaling.
3. Software as a Service: It provides you with an application that is run and managed entirely by a service provider. Think of SaaS as an end-user application running in the cloud. In a SaaS environment, you have access to the capabilities of an application without the hassle of how it's maintained or its underlying infrastructure

Geographical displacement

Next, let's take a look at the infrastructure in terms of its geographical dispersement.

• Regions are geographical areas, such as California, that contain multiple data centres in what is called availability zones.
• Availability zones are separate physical data centres that may exist within a particular region but have separate infrastructure dependencies, such as the electrical power grid, flood plain, and any other factors that might isolate it from the potential of outages
• In addition to AZs, AWS supports numerous Edge locations. Throughout the globe, there are a lot more Edge locations than there are AZs. And these are small kinds of point of presence services used to deliver content, such as the Cloud Front and Content Distribution Network.
• Infrastructure usage is the idea that you pay only for what you use, such as EC2. EC2 has various options, one of which is on-demand, which is where you only pay for the instance as long as you're using the instance or it's running.
• Pricing concepts include paying for infrastructure usage, such as when using EC2; and data usage and transfer, such as when using Amazon S3 or DynamoDB.
• Designing for high availability is a stricter requirement than designing for fault tolerance. For example, in architecture with a single instance, with an auto-scaling group of one, an instance failure will heal itself or replace the instance since the rule might say, "always provide one instance." This is an example of fault tolerance and not high availability. If however, I have an auto-scaling group with two instances in different AZs and one fails, the traffic will automatically route to the second instance. This is an example of higher availability.
• Global infrastructure services include Identity and Access Management (IAM). Core services include networking, computing, storage, and databases, Application services include SNS, SQS, and SWF, Deployment and management services include Elastic Beanstalk and Cloud formation.

History of AWS

Extending IT Infrastructure to the AWS Cloud

Observe how the IT extends further to support Cloud computing in this video

Features of AWS

AWS offers numerous ways to create and manage resources. Following are the different ways to access the features offered by AWS.

AWS Management Console - A web interface for AWS.

AWS Command Line Interface (AWS CLI) - Commands for a wide set of AWS products.

***Command Line Tools***- Commands for individual AWS products.

AWS Software Development Kits (SDK) - APIs that are specific to programming language or platform.

Query APIs - Low-level APIs that are accessible using HTTP requests.

You will learn more about AWS Management Console and CLI in detail as you progress.

 AWS Management Console

AWS Command Line Interface

The AWS Command Line Interface is a unified tool that manages several AWS services from the command line and automates all the services through scripts.

AWS-shell is a command-line shell program to offer productivity and ease features to aid advanced and new users of the AWS Command Line Interface.

Key Features Include:

• Fuzzy auto-completion for Resource identifiers, Options, Commands.
• Dynamic in-line documentation
• Execution of OS shell commands
• Export executed commands to a text editor

If You Enjoyed Reading our Blog Please Subscribe to our Mailing List or You can Click any Ad to Support Us Directly By Ads Money.

Amazon Web Services Basics

Amazon Web Services (AWS) is Amazon’s cloud web hosting platform that offers flexible, reliable, scalable, easy-to-use and cost-effective solutions. This tutorial covers various important topics illustrating how AWS works and how it is beneficial to run your website on Amazon Web Services.

Audience

This tutorial is prepared for beginners who want to learn how Amazon Web Services works to provide reliable, flexible, and cost-effective cloud computing services.

Prerequisites

To benefit from this tutorial, you should have the desire to understand how Amazon Web Services can help you scale your cloud computing services.

In 2006, Amazon Web Services (AWS) started to offer IT services to the market in the form of web services, which is nowadays known as cloud computing. With this cloud, we need not plan for servers and other IT infrastructure which takes up much time in advance. Instead, these services can instantly spin up hundreds or thousands of servers in minutes and deliver results faster. We pay only for what we use with no up-front expenses and no long-term commitments, which makes AWS cost-efficient.

Today, AWS provides a highly reliable, scalable, low-cost infrastructure platform in the cloud that powers a multitude of businesses in 190 countries around the world.

What is Cloud Computing?

Cloud computing is an internet-based computing service in which large groups of remote servers are networked to allow centralized data storage and online access to computer services or resources.

Using cloud computing, organizations can use shared computing and storage resources rather than building, operating, and improving infrastructure on their own.

Cloud computing is a model that enables the following features.

1. Users can provision and release resources on-demand.
2. Resources can be scaled up or down automatically, depending on the load.
3. Resources are accessible over a network with proper security.
4. Cloud service providers can enable a pay-as-you-go model, where customers are charged based on the type of resources and per user.

Types of Clouds

There are three types of clouds − Public, Private, and Hybrid cloud.

Public Cloud

In the public cloud, the third-party service providers make resources and services available to their customers via the Internet. Customer data and related security are with the service providers’ owned infrastructure.

Private Cloud

A private cloud also provides almost similar features as a public cloud, but the data and services are managed by the organization or by the third party only for the customer’s organization. In this type of cloud, major control is over the infrastructure so security-related issues are minimized.

Hybrid Cloud

A hybrid cloud is a combination of both private and public clouds. The decision to run on private or public cloud usually depends on various parameters like the sensitivity of data and applications, industry certifications and required standards, regulations, etc.

Cloud Service Models

There are three types of service models in the cloud − IaaS, PaaS, and SaaS.

IaaS

IaaS stands for Infrastructure as a Service. It provides users with the capability to provision processing, storage, and network connectivity on demand. Using this service model, the customers can develop their own applications on these resources.

PaaS

PaaS stands for Platform as a Service. Here, the service provider provides various services like databases, queues, workflow engines, e-mails, etc. to their customers. The customer can then use these components for building their own applications. The services, availability of resources and data backup are handled by the service provider that helping the customers to focus more on their application's functionality.

SaaS

SaaS stands for Software as a Service. As the name suggests, here the third-party providers provide end-user applications to their customers with some administrative capability at the application level, such as the ability to create and manage their users. Also, some level of customizability is possible such as the customers can use their own corporate logos, colours, etc.

Advantages of Cloud Computing

Here is a list of some of the most important advantages that Cloud Computing has to offer −

1. Cost-Efficient − Building our own servers and tools is time-consuming as well as expensive as we need to order, pay for, install, and configure expensive hardware, long before we need it. However, using cloud computing, we only pay for the amount we use and when we use the computing resources. In this manner, cloud computing is cost-efficient.
2. Reliability − A cloud computing platform provides much more managed, reliable and consistent service than an in-house IT infrastructure. It guarantees 24x7 and 365 days of service. If any of the servers fails, then hosted applications and services can easily be transited to any of the available servers.
3. Unlimited Storage − Cloud computing provides almost unlimited storage capacity, i.e., we need not worry about running out of storage space or increasing our current storage space availability. We can access as much or as little as we need.
4. Backup & Recovery − Storing data in the cloud, backing it up, and restoring the same is relatively easier than storing it on a physical device. The cloud service providers also have enough technology to recover our data, so there is the convenience of recovering our data anytime.
5. Easy Access to Information − Once you register yourself in the cloud, you can access your account from anywhere in the world provided there is an internet connection at that point. Various storage and security facilities vary with the account type chosen.

Disadvantages of Cloud Computing

Although Cloud Computing provides a wonderful set of advantages, it has some drawbacks as well that often raise questions about its efficiency.

Security issues

Security is the major issue in cloud computing. The cloud service providers implement the best security standards and industry certifications, however, storing data and important files on external service providers always bears a risk.

AWS cloud infrastructure is designed to be the most flexible and secured cloud network. It provides a scalable and highly reliable platform that enables customers to deploy applications and data quickly and securely.

Technical issues

As cloud service providers offer services to several clients each day, sometimes the system can have some serious issues leading to business processes temporarily being suspended. Additionally, if the internet connection is offline then we will not be able to access any of the applications, servers, or data from the cloud.

Not easy to switch service providers

Cloud service providers promise vendors that the cloud will be flexible to use and integrate, however switching cloud services is not easy. Most organizations may find it difficult to host and integrate current cloud applications on another platform. Interoperability and support issues may arise such as applications developed on the Linux platform may not work properly on Microsoft Development Framework (.Net).

This is the basic structure of AWS EC2, where EC2 stands for Elastic Compute Cloud. EC2 allow users to use virtual machines of different configurations as per their requirement. It allows various configuration options, mapping of individual servers, various pricing options, etc. We will discuss these in detail in the AWS Products section. Following is the diagrammatic representation of the architecture.

Note − In the above diagram S3 stands for Simple Storage Service. It allows the users to store and retrieve various types of data using API calls. It doesn’t contain any computing element. We will discuss this topic in detail in the AWS products section.

Load Balancing

Load balancing simply means to hardware or software load over web servers, that improver's the efficiency of the server as well as the application. Following is the diagrammatic representation of AWS architecture with load balancing.

The hardware load balancer is a very common network appliance used in traditional web application architectures.

AWS provides the Elastic Load Balancing service, it distributes the traffic to EC2 instances across multiple available sources and dynamic addition and removal of Amazon EC2 host from the load-balancing rotation.

Elastic Load Balancing can dynamically grow and shrink the load-balancing capacity to adjust to traffic demands and also support sticky sessions to address more advanced routing needs.

Amazon Cloud-front

It is responsible for content delivery, i.e. used to deliver the website. It may contain dynamic, static, and streaming content using a global network of edge locations. Requests for content at the user's end are automatically routed to the nearest edge location, which improves the performance.

Amazon Cloud-front is optimized to work with other Amazon Web Services, like Amazon S3 and Amazon EC2. It also works fine with any non-AWS origin server and stores the original files in a similar manner.

In Amazon Web Services, there are no contracts or monthly commitments. We pay only for as much or as little content as we deliver through the service.

Elastic Load Balancer

It is used to spread the traffic to web servers, which improves performance. AWS provides the Elastic Load Balancing service, in which traffic is distributed to EC2 instances over multiple availability zones, and dynamic addition and removal of Amazon EC2 host from the load-balancing rotation.

Elastic Load Balancing can dynamically grow and shrink the load-balancing capacity as per the traffic conditions.

Security Management

Amazon’s Elastic Compute Cloud (EC2) provides a feature called security groups, which is similar to an inbound network firewall, in which we have to specify the protocols, ports, and source IP ranges that are allowed to reach your EC2 instances.

Each EC2 instance can be assigned one or more security groups, each of which routes the appropriate traffic to each instance. Security groups can be configured using specific subnets or IP addresses which limits access to EC2 instances.

Elastic Caches

Amazon Elastic Cache is a web service that manages the memory cache in the cloud. In memory management, the cache has a very important role and helps to reduce the load on the services, improves the performance and scalability on the database tier by caching frequently used information.

Amazon RDS

Amazon RDS (Relational Database Service) provides similar access as that of MySQL, Oracle, or Microsoft SQL Server database engine. The same queries, applications, and tools can be used with Amazon RDS.

It automatically patches the database software and manages backups as per the user’s instruction. It also supports point-in-time recovery. There are no up-front investments required, and we pay only for the resources we use.

Hosting RDMS on EC2 Instances

Amazon RDS allows users to install RDBMS (Relational Database Management System) of their choice like MySQL, Oracle, SQL Server, DB2, etc. on an EC2 instance and can manage as required.

Amazon EC2 uses Amazon EBS (Elastic Block Storage) similar to network-attached storage. All data and logs running on EC2 instances should be placed on Amazon EBS volumes, which will be available even if the database host fails.

Amazon EBS volumes automatically provide redundancy within the availability zone, which increases the availability of simple disks. Further, if the volume is not sufficient for our databases needs, volume can be added to increase the performance of our database.

Using Amazon RDS, the service provider manages the storage and we only focus on managing the data.

Storage & Backups

AWS cloud provides various options for storing, accessing, and backing up web application data and assets. The Amazon S3 (Simple Storage Service) provides a simple web-services interface that can be used to store and retrieve any amount of data, at any time, from anywhere on the web.

Amazon S3 stores data as objects within resources called buckets. The user can store as many objects as per requirement within the bucket and can read, write and delete objects from the bucket.

Amazon EBS is effective for data that needs to be accessed as block storage and requires persistence beyond the life of the running instance, such as database partitions and application logs.

Amazon EBS volumes can be maximized up to 1 TB, and these volumes can be striped for larger volumes and increased performance. Provisioned IOPS volumes are designed to meet the needs of database workloads that are sensitive to storage performance and consistency.

Amazon EBS currently supports up to 1,000 IOPS per volume. We can stripe multiple volumes together to deliver thousands of IOPS per instance to an application.

Auto Scaling

The difference between AWS cloud architecture and the traditional hosting model is that AWS can dynamically scale the web application fleet on-demand to handle changes in traffic.

In the traditional hosting model, traffic forecasting models are generally used to provision hosts ahead of projected traffic. In AWS, instances can be provisioned on the fly according to a set of triggers for scaling the fleet out and back in. Amazon AutoScaling can create capacity groups of servers that can grow or shrink on demand.

Key Considerations for Web Hosting in AWS

Following are some of the key considerations for web hosting −

No physical network devices needed

In AWS, network devices like firewalls, routers, and load-balancers for AWS applications no longer reside on physical devices and are replaced with software solutions.

Multiple options are available to ensure quality software solutions. For load-balancing choose Zeus, HAProxy, Nginx, Pound, etc. For establishing a VPN connection choose OpenVPN, OpenSwan, Vyatta, etc.

No security concerns

AWS provides a more secured model, in which every host is locked down. In Amazon EC2, security groups are designed for each type of host in the architecture, and a large variety of simple and tiered security models can be created to enable minimum access among hosts within your architecture as per requirement.

Availability of data centres

EC2 instances are easily available at most of the availability zones in the AWS region and provide a model for deploying your application across data centres for both high availability and reliability.

AWS Management Console is a web application for managing Amazon Web Services. AWS Management Console consists of a list of various services to choose from. It also provides all information related to our account like billing.

This console provides an inbuilt user interface to perform AWS tasks like working with Amazon S3 buckets, launching and connecting to Amazon EC2 instances, setting Amazon CloudWatch alarms, etc.

Following is the screenshot of the AWS management console for the Amazon EC2 service.

How to Access AWS?

Step 1 − Click on services. We get a list of various services.

Step 2 − Select the choice from the list of categories and we get their sub-categories such as Computer and Database category is selected in the following screenshots.

Step 3 − Select the service of your choice and the console of that service will open.

Customizing the Dashboard

Creating Services Shortcuts

Click the Edit menu on the navigation bar and a list of services appears. We can create their shortcuts by simply dragging them from the menu bar to the navigation bar.

Adding Services Shortcuts

When we drag the service from the menu bar to the navigation bar, the shortcut will be created and added. We can also arrange them in any order. In the following screenshot, we have created a shortcut for S3, EMR and DynamoDB services.

Deleting Services Shortcuts

To delete the shortcut, click the edit menu and drag the shortcut from the navigation bar to the service menu. The shortcut will be removed. In the following screenshot, we have removed the shortcut for EMR services.

Selecting a Region

Many of the services are region-specific and we need to select a region so that resources can be managed. Some of the services do not require a region to be selected like AWS Identity and Access Management (IAM).

To select a region, first, we need to select a service. Click the Oregon menu (on the left side of the console) and then select a region

Changing the Password

We can change the password of our AWS account. To change the password, the following are the steps.

Step 1 − Click the account name on the left side of the navigation bar.

Step 2 − Choose Security Credentials and a new page will open having various options. Select the password option to change the password and follow the instructions.

Step 3 − After signing in, a page opens again having certain options to change the password and follow the instructions.

When successful, we will receive a confirmation message.

Know Your Billing Information

Click the account name in the navigation bar and select the 'Billing & Cost Management' option.

Now a new page will open having all the information related to the money section. Using this service, we can pay AWS bills, monitor our usage and budget estimation.

The AWS Console mobile app, provided by Amazon Web Services, allows its users to view resources for select services and also supports a limited set of management functions for select resource types.

Following are the various services and support functions that can be accessed using the mobile app.

EC2 (Elastic Compute Cloud)

1. Browse, filter and search instances.
2. View configuration details.
3. Check the status of CloudWatch metrics and alarms.
4. Perform operations over instances like start, stop, reboot, termination.
5. Manage security group rules.
6. Manage Elastic IP Addresses.
7. View block devices.

Elastic Load Balancing

1. Browse, filter and search load balancers.
2. View configuration details of attached instances.
3. Add and remove instances from load balancers.

S3

1. Browse buckets and view their properties.
2. View properties of objects.

Route 53

1. Browse and view hosted zones.
2. Browse and view details of record sets.

RDS (Relational Database Service)

1. Browse, filter, search and reboot instances.
2. View configuration details, security and network settings.

Auto Scaling

1. View group details, policies, metrics and alarms.
2. Manage the number of instances as per the situation.

Elastic Beanstalk

1. View applications and events.
2. View environment configuration and swap environment CNAMEs.
3. Restart app servers.

DynamoDB

1. View tables and their details like metrics, index, alarms, etc.

CloudFormation

1. View stack status, tags, parameters, output, events, and resources.

OpsWorks

1. View configuration details of stack, layers, instances and applications.
2. View instances, their logs, and reboot them.

CloudWatch

1. View CloudWatch graphs of resources.
2. List CloudWatch alarms by status and time.
3. Action configurations for alarms.

Services Dashboard

1. Provides information on available services and their status.
2. All information related to the billing of the user.
3. Switch the users to see the resources in multiple accounts.

Features of AWS Mobile App

To have access to the AWS Mobile App, we must have an existing AWS account. Simply create an identity using the account credentials and select the region in the menu. This app allows us to stay signed in to multiple identities at the same time.

For security reasons, it is recommended to secure the device with a passcode and to use an IAM user's credentials to log in to the app. In case the device is lost, then the IAM user can be deactivated to prevent unauthorized access.

Root accounts cannot be deactivated via mobile console. While using AWS Multi-Factor Authentication (MFA), it is recommended to use either a hardware MFA device or a virtual MFA on a separate mobile device for account security reasons.

The latest version is 1.14. There is a feedback link in the App's menu to share our experiences and for any queries.

How to Use AWS Account?

Following are the steps to access AWS services −

1. Create an AWS account.
2. Sign-up for AWS services.
3. Create your password and access your account credentials.
4. Activate your services in the credits section.

Create an AWS Account

Amazon provides a fully functional free account for one year for users to use and learn the different components of AWS. You get access to AWS services like EC2, S3, DynamoDB, etc. for free. However, there are certain limitations based on the resources consumed.

Step 1 − To create an AWS account, open this link https://aws.amazon.com and sign-up for a new account and enter the required details.

If we already have an account, then we can sign in using the existing AWS password.

Step 2 − After providing an email address, complete this form. Amazon uses this information for billing, invoicing and identifying the account. After creating the account, sign-up for the services needed.

Step 3 − To sign-up for the services, enter the payment information. Amazon executes a minimal amount transaction against the card on the file to check that it is valid. This charge varies with the region.

Step 4 − Next, is identity verification. Amazon does a call back to verify the provided contact number.

Step 5 − Choose a support plan. Subscribe to one of the plans like Basic, Developer, Business, or Enterprise. The basic plan costs nothing and has limited resources, which is good to get familiar with AWS.

Step 6 − The final step is confirmation. Click the login link again and it redirects to the AWS management console.

Now the account is created and can be used to avail AWS services.

AWS Account Identifiers

AWS assigns two unique IDs to each AWS account.

1. An AWS account ID
2. A conical user ID

AWS Account ID

It is a 12-digit number like 123456789000 and is used to construct Amazon Resource Names (ARN). This ID helps to distinguish our resources from resources in other AWS accounts.

To know the AWS account number, click Support on the upper right side of the navigation bar in the AWS management console as shown in the following screenshot.

Conical String User ID

It is a long string of alphanumeric characters like 1234abcdef1234. This ID is used in the Amazon S3 bucket policy for cross-account access, i.e. to access resources in another AWS account.

Account Alias

Account alias is the URL for your sign-in page and contains the account ID by default. We can customize this URL with the company name and even overwrite the previous one.

How to Create/Delete Your Own AWS Account Alias?

Step 1 − Sign in to the AWS management console and open the IAM console using the following link https://console.aws.amazon.com/iam/

Step 2 − Select the customize link and create an alias of choice.

Step 3 − To delete the alias, click the customize link, then click the Yes, Delete button. This deletes the alias and it reverts to the Account ID.

Multi-Factor Authentication

Multi-Factor Authentication (MFA) provides additional security by authenticating the users to enter a unique authentication code from an approved authentication device or SMS text message when they access AWS websites or services. If the MFA code is correct, then only the user can access AWS services or else not.

Requirements

To use MFA services, the user has to assign a device (hardware or virtual) to an IAM user or AWS root account. Each MFA device assigned to the user must be unique, i.e. the user cannot enter a code from another user's device to authenticate.

How to Enable MFA Device?

Step 1 − Open the following link, HTTPS:// console.aws.amazon.com/iam/

Step 2 − On the web page, choose users from the navigation pane on the right side to view the list of the user name.

Step 3 − Scroll down to security credentials and choose MFA. Click activate MFA.

Step 4 − Follow the instructions and the MFA device will get activated with the account.

There are 3 ways to enable an MFA device −

SMS MFA Device

In this method, MFA requires us to configure the IAM user with the phone number of the user's SMS-compatible mobile device. When the user signs in, AWS sends a six-digit code by SMS text message to the user's mobile device. The user is required to enter the same code on a second web page during sign-in to authenticate the right user. This SMS-based MFA cannot be used with the AWS root account.

Hardware MFA Device

In this method, MFA requires us to assign an MFA device (hardware) to the IAM user or the AWS root account. The device generates a six-digit numeric code based upon a time-synchronized one-time password algorithm. The user has to enter the same code from the device on a second web page during sign-in to authenticate the right user.

Virtual MFA Device

In this method, MFA requires us to assign an MFA device (virtual) to the IAM user or the AWS root account. A virtual device is a software application (mobile app) running on a mobile device that emulates a physical device. The device generates a six-digit numeric code based upon a time-synchronized one-time password algorithm. The user has to enter the same code from the device on a second web page during sign-in to authenticate the right user.

AWS Identity & Access Management (IAM)

IAM is a user entity that we create in AWS to represent a person that uses it with limited access to resources. Hence, we do not have to use the root account in our day-to-day activities as the root account has unrestricted access to our AWS resources.

How to Create Users in IAM?

Step 1 − Open the link https://console.aws.amazon.com/iam/ to sign in to the AWS Management console.

Step 2 − Select the Users option on the left navigation pane to open the list of all users.

Step 3 − We can also create New Users using the Create New Users option, a new window will open. Enter the user name which we want to create. Select the create option and a new user will be created.

Step 4 − We can also see Access Key IDs and secret keys by selecting the Show Users Security Credentials link. We can also save these details on the computer using the Download Credentials option.

Step 5 − We can manage the user’s own security credentials like creating a password, managing MFA devices, managing security certificates, creating/deleting access keys, adding the user to groups, etc.

There are many more features that are optional and are available on the web page.