Introduction to AWS

Dr. Noman Islam

 Introduction
• AWS provides on-demand delivery of IT resources
via the Internet on a secure cloud services platform,
offering compute power, storage, databases,
content delivery, and other functionality to help
businesses scale and grow
 Why AWS?
• Using AWS resources instead of your own is like
purchasing electricity from a power company
instead of running your own generator, and it
provides the key advantages of cloud computing:
– Capacity exactly matches your need, you pay only for
what you use, economies of scale result in lower costs,
– and the service is provided by a vendor experienced in
running large-scale networks.
 Global Infrastructure
• AWS serves over one million active customers in
more than 190 countries
• AWS provides a highly available technology
infrastructure platform with multiple locations
worldwide
• These locations are composed of regions and
Availability Zones
 Regions and Zones
• Each region is a separate geographic area. Each
region has multiple, isolated locations known as
Availability Zones.
• AWS enables the placement of resources and data in
multiple locations. Resources aren’t replicated across
regions unless organizations choose to do so.
• Each region is completely independent and is designed
to be completely isolated from the other regions
• Availability Zones in a region are connected through
low-latency links
 Accessing the platform
• To access AWS Cloud services, you can use the
AWS Management Console, the AWS Command
Line Interface (CLI), or the AWS Software
Development Kits (SDKs).
 AWS Management Console
• The AWS Management Console is a web
application for managing AWS Cloud services.
• The console provides an intuitive user interface for
performing many tasks. Each service has its own
console, which can be accessed from the AWS
Management Console.
• The console also provides information about the
account and billing.
 Command line interface
• The AWS Command Line Interface (CLI) is a unified
tool used to manage AWS Cloud services. With just
one tool to download and configure, you can control
multiple services from the command line and
automate them through scripts.
 Software Development Kits
• The AWS Software Development Kits (SDKs) provide
an application programming interface (API) that
interacts with the web services that fundamentally
make up the AWS platform.
• The SDKs provide support for many different
programming languages and platforms to allow you to
work with your preferred language.
• While you can certainly make HTTP calls directly to the
web service endpoints, using the SDKs can take the
complexity out of coding by providing programmatic
access for many of the services.
 Compute and Networking Services
• AWS provides a variety of compute and networking
services to deliver core functionality for businesses to
develop and run their workloads.
• These compute and networking services can be
leveraged with the storage, database, and application
services to provide a complete solution for computing,
query processing, and storage across a wide range of
applications.
• This section offers a high-level description of the core
computing and networking services.
 Amazon EC3
• Amazon Elastic Compute Cloud (Amazon EC2) is a
web service that provides resizable compute capacity in
the cloud.
• It allows organizations to obtain and configure virtual
servers in Amazon’s data centers and to harness those
resources to build and host software systems.
• Organizations can select from a variety of operating
systems and resource configurations (memory, CPU,
storage, and so on) that are optimal for the application
profile of each workload.
 AWS Lambda
• AWS Lambda is a zero-administration compute
platform for back-end web developers that runs
your code for you on the AWS Cloud and provides
you with a fine-grained pricing structure.
• AWS Lambda runs your back-end code on its own
AWS compute fleet of Amazon EC2 instances
across multiple Availability Zones in a region, which
provides the high availability, security, performance,
and scalability of the AWS infrastructure.
 Auto Scaling
• Auto Scaling allows organizations to scale Amazon
EC2 capacity up or down automatically according to
conditions defined for the particular workload
 Elastic Load Balancing
• Elastic Load Balancing automatically distributes
incoming application traffic across multiple Amazon
EC2 instances in the cloud.
• It enables organizations to achieve greater levels of
fault tolerance in their applications, seamlessly
providing the required amount of load balancing
capacity needed to distribute application traffic.
 AWS Elastic Beanstalk
• AWS Elastic Beanstalk is the fastest and simplest way
to get a web application up and running on AWS.
• Developers can simply upload their application code,
and the service automatically handles all the details,
such as resource provisioning, load balancing, Auto
Scaling, and monitoring.
• It provides support for a variety of platforms, including
PHP, Java, Python, Ruby, Node.js, .NET, and Go
 Amazon Virtual Private Cloud (Amazon
VPC)
• Amazon Virtual Private Cloud (Amazon VPC) lets
organizations provision a logically isolated section
of the AWS Cloud where they can launch AWS
resources in a virtual network that they define.
• Organizations have complete control over the virtual
environment, including selection of the IP address
range, creation of subnets, and configuration of
route tables and network gateways.
 AWS Direct Connect
• AWS Direct Connect allows organizations to establish a
dedicated network connection from their data center to
AWS.
• Using AWS Direct Connect, organizations can establish
private connectivity between AWS and their data
center, office, or colocation environment, which in many
cases can reduce network costs, increase bandwidth
throughput, and provide a more consistent network
experience than Internetbased VPN connections.
 Amazon Route 53
• Amazon Route 53 is a highly available and scalable
Domain Name System (DNS) web service.
• It is designed to give developers and businesses an
extremely reliable and cost-effective way to route
end users to Internet applications by translating
human readable names, such as
www.example.com, into the numeric IP addresses,
such as 192.0.2.1, that computers use to connect to
each other.
• Amazon Route 53 also serves as domain registrar,
allowing you to purchase and manage domains
directly from AWS.
 Storage and Networking Service
• AWS provides a variety of services to meet your
storage needs, such as Amazon Simple Storage
Service, Amazon CloudFront, and Amazon Elastic
Block Store.
• This section provides an overview of the storage
and content delivery services.
Amazon Simple Storage Service (Amazon
S3)
• Amazon Simple Storage Service (Amazon S3)
provides developers and IT teams with highly
durable and scalable object storage that handles
virtually unlimited amounts of data and large
numbers of concurrent users.
• Organizations can store any number of objects of
any type, such as HTMLpages, source code files,
image files, and encrypted data, and access them
using HTTP-based protocols.
 Amazon Glacier
• Amazon Glacier is a secure, durable, and extremely
low-cost storage service for data archiving and
longterm backup.
• Organizations can reliably store large or small
amounts of data for a very low cost per gigabyte per
month.
• To keep costs low for customers, Amazon Glacier is
optimized for infrequently accessed data where a
retrieval time of several hours is suitable
Amazon Elastic Block Store (Amazon EBS)
• Amazon Elastic Block Store (Amazon EBS)
provides persistent block-level storage volumes for
use with Amazon EC2 instances.
• Each Amazon EBS volume is automatically
replicated within its Availability Zone to protect
organizations from component failure, offering high
availability and durability
 AWS Storage Gateway
• AWS Storage Gateway is a service connecting an
on-premises software appliance with cloud-based
storage to provide seamless and secure integration
between an organization’s on-premises IT
environment and the AWS storage infrastructure
 Amazon CloudFront
• Amazon CloudFront is a content delivery web service. It
integrates with other AWS Cloud services to give
developers and businesses an easy way to distribute
content to users across the world with low latency, high
data transfer speeds, and no minimum usage
commitments.
• Amazon CloudFront can be used to deliver your entire
website, including dynamic, static, streaming, and
interactive content, using a global network of edge
locations.
• Requests for content are automatically routed to the
nearest edge location, so content is delivered with
the best possible performance to end users around
the globe.
 Database Services
• AWS provides fully managed relational and
NoSQLdatabase services, and in-memory caching
as a service and a petabyte-scale data warehouse
solution.
• This section provides an overview of the products
that the database services comprise.
 Amazon Relational Database Service
(Amazon RDS)
• Amazon Relational Database Service (Amazon
RDS) provides a fully managed relational database
with support for many popular open source and
commercial database engines.
• It’s a cost-efficient service that allows organizations
to launch secure, highly available, fault-tolerant,
production-ready databases in minutes
 Amazon DynamoDB
• Amazon DynamoDB is a fast and flexible
NoSQLdatabase service for all applications that
need consistent, single-digit millisecond latency at
any scale.
• It is a fully managed database and supports both
document and key/value data models.
• Its flexible data model and reliable performance
make it a great fit for mobile, web, gaming, ad-tech,
Internet of Things, and many other applications.
 Amazon Redshift
• Amazon Redshift is a fast, fully managed, petabyte-
scale data warehouse service that makes it simple
and cost effective to analyze structured data.
• Amazon Redshift provides a standard SQLinterface
that lets organizations use existing business
intelligence tools.
 Amazon ElastiCache
• Amazon ElastiCache is a web service that simplifies
deployment, operation, and scaling of an in-memory
cache in the cloud.
• The service improves the performance of web
applications by allowing organizations to retrieve
information from fast, managed, in-memory caches,
instead of relying entirely on slower, diskbased
databases.
• Amazon ElastiCache supports Memcached and Redis
cache engines.
 Management Tools
• AWS provides a variety of tools that help
organizations manage your AWS resources.
• This section provides an overview of the
management tools that AWS provides to
organizations.
 Amazon CloudWatch
• Amazon CloudWatch is a monitoring service for
AWS Cloud resources and the applications running
on AWS.
• It allows organizations to collect and track metrics,
collect and monitor log files, and set alarms.
• By leveraging Amazon CloudWatch, organizations
can gain system-wide visibility into resource
utilization, application performance, and operational
health.
• By using these insights, organizations can react, as
necessary, to keep applications running smoothly.
 AWS CloudFormation
• AWS CloudFormation gives developers and
systems administrators an effective way to create
and manage a collection of related AWS resources,
provisioning and updating them in an orderly and
predictable fashion.
• AWS CloudFormation defines a JSON-based
templating language that can be used to describe
all the AWS resources that are necessary for a
workload.
• Templates can be submitted to AWS
CloudFormation and the service will take care of
provisioning and configuring those resources in
appropriate order
 AWS CloudTrail
• AWS CloudTrail is a web service that records AWS
API calls for an account and delivers log files for
audit and review.
• The recorded information includes the identity of the
API caller, the time of the API call, the source IP
address of the API caller, the request parameters,
and the response elements returned by the service.
 AWS Config
• AWS Config is a fully managed service that provides
organizations with an AWS resource inventory,
configuration history, and configuration change
notifications to enable security and governance.
• With AWS Config, organizations can discover existing
AWS resources, export an inventory of their AWS
resources with all configuration details, and determine
how a resource was configured at any point in time.
• These capabilities enable compliance auditing,
security analysis, resource change tracking, and
troubleshooting
 Security and Identity
• AWS provides security and identity services that
help organizations secure their data and systems
on the cloud.
• The following section explores these services at a
high level.
 AWS Identity and Access Management
(IAM)
• AWS Identity and Access Management (IAM)
enables organizations to securely control access to
AWS Cloud services and resources for their users.
• Using IAM, organizations can create and manage
AWS users and groups and use permissions to
allow and deny their access to AWS resources.
AWS Key Management Service (KMS)
• AWS Key Management Service (KMS) is a
managed service that makes it easy for
organizations to create and control the encryption
keys used to encrypt their data and uses Hardware
Security Modules (HSMs) to protect the security of
your keys.
• AWS KMS is integrated with several other AWS
Cloud services to help protect data stored with
these services.
 AWS Directory Service
• AWS Directory Service allows organizations to set up
and run Microsoft Active Directory on the AWS Cloud or
connect their AWS resources with an existing on-
premises Microsoft Active Directory.
• Organizations can use it to manage users and groups,
provide single sign-on to applications and services,
create and apply Group Policies, domain join Amazon
EC2 instances, and simplify the deployment and
management of cloud-based Linux and Microsoft
Windows workloads.
 AWS Certificate Manager
• AWS Certificate Manager is a service that lets
organizations easily provision, manage, and deploy
Secure Sockets Layer/Transport Layer Security
(SSL/TLS) certificates for use with AWS Cloud
services.
• It removes the time-consuming manual process of
purchasing, uploading, and renewing SSL/TLS
certificates.
 AWS Web Application Firewall (WAF)
• AWS Web Application Firewall (WAF) helps protect
web applications from common attacks and exploits
that could affect application availability, compromise
security, or consume excessive resources.
• AWS WAF gives organizations control over which
traffic to allow or block to their web applications by
defining customizable web security rules.
 Application Services
• AWS provides a variety of managed services to use
with applications.
– Amazon API Gateway
– Amazon Elastic Transcoder
– Amazon Simple Email Service (Amazon SES)
– Amazon Simple Workflow Service (Amazon SWF)
– Amazon Simple Queue Service (Amazon SQS)