AWS 101 - Beginner’s Guide to AWS
Everything about AWS that you were curious about, explained in one place
AWS provides on-demand delivery of technology services through the Internet with pay-as-you-go pricing. This is known as cloud computing.
The AWS Cloud encompasses a broad set of global cloud-based products that includes compute, storage, databases, analytics, networking, mobile, developer tools, management tools, IoT, security, and enterprise applications: on-demand, available in seconds, with pay-as-you-go pricing. With over 200 fully featured services available from data centers globally, the AWS Cloud has what you need to develop, deploy, and operate your applications, all while lowering costs, becoming more agile, and innovating faster.
For example, with the AWS Cloud, you can spin up a virtual machine, specifying the number of vCPU cores, memory, storage, and other characteristics in seconds, and pay for the infrastructure in per-second increments only while it is running. One benefit of the AWS global infrastructure network is that you can provision resources in the Region or Regions that best serve your specific use case. When you are done with the resources, you can simply delete them. With this built-in flexibility and scalability, you can build an application to serve your first customer, and then scale to serve your next 100 million.
AWS Management Console
The AWS Management Console is the first thing you’ll notice after you sign up for an AWS account. Your gateway to the plethora of AWS services at your command, the AWS Management Console provides a web-based interface containing a list of all AWS services available for your account.
Apart from the list of all and recently used services, the management console also provides simple wizards and automated workflows to help you build a pre-canned solution on the cloud. It also contains videos, tutorials, and labs with step-by-step guides to introduce you to the world of cloud computing via predefined learning paths.
Identity and Access Management (IAM)
Before running your services in AWS, you need to ensure that access to your account and the services you are using is secure.
AWS Identity and Access Management (IAM) is a web service that helps you securely control access to AWS resources. You can use IAM to control who is authenticated (signed in) and authorized (has permissions) to use resources.
Using IAM, you can create and manage:
Userswho will have access to the AWS account, for e.g. John Doe
Groupsto combine and identify a set of users, e.g DevOps, Managers, etc.
Rolesfor a set of users and groups, for e.g. sysadmin, reporting
Policiesto allow or deny access to various AWS resources, for e.g AWSFullAccess, DynamoDBReadOnlyAccess
Running your Code
Once you have signed up for an account and configured the users and permissions, it now time to get your service deployed in the cloud. AWS provides a variety of options to package and run your code, and you can choose one of them based on your use case and budget.
Elastic Compute Cloud (EC2)
If you have a service that needs to be continuously deployed and running, you have to deploy it on a server. With AWS, these servers are available in the form of EC2 instances.
Amazon Elastic Compute Cloud (Amazon EC2) is a web service that provides resizable computing capacity, literally, servers in Amazon’s data centers, that you can use to build and host your software systems.
With Amazon EC2, you can:
- Choose one of the many server types based on your need and budget
- Manage the software bundles installed on your server
- Automatically add/remove servers as your scale changes
You may not always need a continuously running server to run your code. For e.g. you might have a batch job that runs only for a few minutes or hours in a day. In such situations, EC2 can turn out to be expensive since you end up paying for the entire time the server is running.
AWS Lambda allows you to run code without provisioning or managing servers. You pay only for the compute time that you consume, there’s no charge when your code isn’t running. Since there are no servers, you no longer have to take care of managing and configuring them. Just upload your code and Lambda takes care of everything required to run and scale your code with high availability.
Now that your code is deployed on the cloud, it's time to connect it to the internet (or other services within AWS). Let’s take a look at how these connections are managed in AWS.
Virtual Private Cloud (VPC)
Amazon Virtual Private Cloud (Amazon VPC) enables you to launch Amazon Web Services (AWS) resources into a virtual network that you’ve defined. This virtual network closely resembles a traditional network that you’d operate in your own data center, with the benefits of using the scalable infrastructure of AWS.
You have complete control over your virtual networking environment, including the selection of your own IP address range, creation of subnets, and configuration of route tables and network gateways. You can use both IPv4 and IPv6 in your VPC for secure and easy access to resources and applications.
APIs act as the “front door” for applications to access data, business logic, or functionality from your backend services. Think of it as the interface between your microservices and the rest of the world.
Using API Gateway, you can create RESTful APIs and WebSocket APIs that enable real-time two-way communication applications. API Gateway supports containerized and serverless workloads, as well as web applications.
It enables you to create and deploy your own REST and WebSocket APIs at any scale. You can create robust, secure, and scalable APIs that access AWS or other web services, as well as data that’s stored in the AWS Cloud. You can create APIs to use in your own client applications, or you can make your APIs available to third-party app developers.
Any web application has a bunch of static resources that need to be delivered when the application is rendered. Amazon CloudFront speeds up the distribution of these static and dynamic web content, such as .html, .css, .php, image, and media files.
When users request your content, CloudFront delivers it through a worldwide network of edge locations that provide low latency and high performance. CloudFront acts as a sort of distributed cache for your files, and helps in accelerated delivery of those files over the internet, while also reducing the load on your own infrastructure as a result.
Simple Storage Service (S3)
Many times you might have a requirement to store files for your application. These files can be transactional (uploaded by users) or static (pdf files for download) and could be used by your application for processing or presenting data.
Amazon Simple Storage Service (Amazon S3) provides this storage for the cloud. You can use Amazon S3 to store and retrieve any amount of data at any time, from anywhere on the web.
Amazon S3 provides easy-to-use management features so you can organize your data and configure finely-tuned access controls to meet your specific business, organizational, and compliance requirements. Amazon S3 is designed for 99.999999999% (11 9’s) of durability, and stores data for millions of applications for companies all around the world.
When dealing with a document or key-value data, Amazon DynamoDB provides consistent single-digit millisecond latency at any scale. You can use Amazon DynamoDB to create a database table that can store and retrieve any amount of data, and serve any level of request traffic. Amazon DynamoDB automatically spreads the data and traffic for the table over a sufficient number of servers to handle the request capacity specified by the customer and the amount of data stored, while maintaining consistent and fast performance.
It is a fully managed NoSQL database service that provides fast and predictable performance with seamless scalability, and is a multi-region, multi-master, durable database with built-in security, backup and restore, and in-memory caching for internet-scale applications.
If you have a need of storing relational data, you can use Amazon Aurora. It is a MySQL and PostgreSQL-compatible relational database built for the cloud, that combines the performance and availability of traditional enterprise databases with the simplicity and cost-effectiveness of open source databases.
It features a distributed, fault-tolerant, self-healing storage system that auto-scales up to 64 TB per database instance. It delivers high performance and availability with up to 15 low-latency read replicas, point-in-time recovery, continuous backup to Amazon S3, and replication across three Availability Zones (AZs).
Simple Queue Service (SQS)
Amazon Simple Queue Service (Amazon SQS) is a fully managed message queuing service that makes it easy to decouple and scale microservices, distributed systems, and serverless applications. It is a distributed queue system that enables distributed application components to quickly and reliably queue messages that one component in the application generates to be consumed by another component where a queue is a temporary repository for messages that are awaiting processing.
Using SQS, you can send, store, and receive messages between software components at any volume, without losing messages or requiring other services to be available. SQS eliminates the complexity and overhead associated with managing and operating message-oriented middleware and empowers developers to focus on differentiating work.
SQS offers two types of message queues. Standard queues offer maximum throughput, best-effort ordering, and at-least-once delivery. SQS FIFO queues are designed to guarantee that messages are processed exactly once, in the exact order that they are sent.
Simple Notification Service (SNS)
Amazon Simple Notification Service (Amazon SNS) is a web service that enables applications, end-users, and devices to instantly send and receive notifications from the cloud.
It is a highly available, durable, secure, fully managed pub/sub messaging service that enables you to decouple microservices, distributed systems, and serverless applications. Amazon SNS provides topics for high-throughput, push-based, many-to-many messaging. Using Amazon SNS topics, your publisher systems can fan-out messages to numerous subscriber endpoints for parallel processing, including Amazon SQS queues, AWS Lambda functions, and HTTP/S webhooks. Additionally, SNS can be used to fan out notifications to end users using mobile push, SMS, and email.
Logging & Monitoring
Amazon CloudWatch provides a reliable, scalable, and flexible monitoring solution that you can start using within minutes. You no longer need to set up, manage, and scale your own monitoring systems and infrastructure.
CloudWatch provides you with data and actionable insights to monitor your applications, respond to system-wide performance changes, optimize resource utilization, and get a unified view of operational health. CloudWatch collects monitoring and operational data in the form of logs, metrics, and events, providing you with a unified view of AWS resources, applications, and services that run on AWS and on-premises servers.
You can use CloudWatch to detect anomalous behavior in your environments, set alarms, visualize logs and metrics side by side, take automated actions, troubleshoot issues, and discover insights to keep your applications running smoothly.
With AWS CloudTrail, you can monitor your AWS deployments in the cloud by getting a history of AWS API calls for your account, including API calls made via the AWS Management Console, the AWS SDKs, the command line tools, and higher-level AWS services. You can also identify which users and accounts called AWS APIs for services that support CloudTrail, the source IP address the calls were made from, and when the calls occurred.
You can integrate CloudTrail into applications using the API, automate trail creation for your organization, check the status of your trails, and control how administrators turn CloudTrail logging on and off.
In addition, you can use CloudTrail to detect unusual activity in your AWS accounts. These capabilities help simplify operational analysis and troubleshooting.
AWS CloudFormation enables you to create and provision AWS infrastructure deployments predictably and repeatedly. It helps you leverage AWS products such as Amazon EC2, Amazon Elastic Block Store, Amazon SNS, Elastic Load Balancing, and Auto Scaling to build highly reliable, highly scalable, cost-effective applications in the cloud without worrying about creating and configuring the underlying AWS infrastructure. AWS CloudFormation enables you to use a template file to create and delete a collection of resources together as a single unit (a stack).
AWS CloudFormation allows you to use programming languages or a simple text file to model and provision, in an automated and secure manner, all the resources needed for your applications across all regions and accounts. This gives you a single source of truth for your AWS and third-party resources.
In this article, we covered some of the most common AWS services that are used by companies and individuals building their applications on the cloud.
As of 2020, AWS comprises more than 175 products and services including computing, storage, networking, database, analytics, application services, deployment, management, mobile, developer tools, and tools for the Internet of Things. And the list keeps growing every year as AWS launches new services during their annual re:Invent conference.
Thank you for staying with me so far. Hope you liked the article. You can connect with me on LinkedIn where I regularly discuss technology and life. Also take a look at some of my other articles and my YouTube channel. Happy reading. 🙂