Introduction to Amazon Web services
AWS is Amazon Web Service cloud platform which provides cloud based solution to all company to shift their IT infrastructure from physical premises to cloud and it may be private or public cloud. AWS is an example of Public cloud. This Section enables you to all about most of the AWS services which it provides through its Service catalog.
This course also helps you to prepare the AWS solution Architect Exam not only from theory point of view but also practical point of view. This Course will teach you step by step configuration method to configure all services provided by AWS which are useful to qualify the AWS Solution Architect EXAM.
The Course Pedagogy will help you to learn the following concepts on AWS Section
- Learn Amazon S3 basic Feature and its usage.
- Learn Amazon S3 Advance feature and its usage
- Learn about Amazon Glacier
- Configure Amazon simple storage service
- Learn how to set up a simple website on AWS
- Learn how to enable versioning on objects
- Learn what is life cycle policy for S3 bucket
- What is AWS Elastic Compute Cloud
- Basic of AWS Elastic Block Store ( EBS)
- How to configure Amazon EC2 Linux Instance
- Configuring Amazon Windows instance
- How to create EBS volume and attach it to an instance
- How Volume should be made available to EC2 Windows Instance
- What is Amazon Virtual private cloud and how to configure it
- Basic of Elastic Load balancing and auto scaling and how to configure it
- AWS identity and access management
- AWS dynamo DB and Redshift database
- How to configure webserver with RDS database
- What is AWS SQS and SNS and how to configure it
- How DNS system works in Amazon AWS
- What is AWS Elastic Cache
- How to configure VPC and its components
- How to configure VPN and Tunneling for VPC
- How to create template for Cloud Formation
- Basic of AWS Security and its related configuration
Amazon Web services started providing IT infrastructure services to business in form of Web services in 2006.
AWS is a best example of cloud computing which is on-demand delivery of IT resources and application via internet and whatever you do you have to pay for it.
In simple way to understand, with the help of cloud computing, you can access servers, storage, databases and large number of application services over internet.
Cloud computing Advantage:
There are following advantages of cloud computing:
- Instead of investing heavily on Data Center and infrastructure before knowing what you exactly need, it’s worthy to use cloud computing feature to use IT infrastructure.
- With cloud computing, you have to pay only for what you use, not having large numbers of servers deployed and using some of them.
- Scaling of IT infrastructure can done in minutes from small size to large or from large size to small.
- Application deployments are done in minutes along with servers, network, security provisioning.
- Cloud computing provides increase in speed and agile in nature.
Deployment models of Cloud Computing:
There are two deployment models of Cloud computing:
- All in cloud based deployment
- Hybrid deployment
All-in-cloud-based deployment: In this Applications is deployed fully in cloud and its component also runs in cloud.
Hybrid deployment: In this approach, many enterprises connects infrastructure and application between clouds based resources and existing resources in customer premises.
In AWS, global infrastructure, Security and Compliance play major role. Here we will discuss both AWS global infrastructure, Security and compliance one by one.
AWS provides a high available technology platform infrastructure that scales across multiple location worldwide. These location are divided in to regions and Availability zones.
A region is a separate geographical area and each region has multiple, isolated location called as Availability zones. Each region are completely independent and isolated from other regions and each availability zones are also isolated but the availability zone sin a region are connected to each other via low latency link. Each availability zones are powered by independent power grid to have power redundancy. Each Availability Zones are connected via redundant multiple tier-1 service providers.
By placing resources in separate availability zones customer can easily protect website or application from service disruption.
Security and Compliance:
AWS and its partners offer variety of tools and feature to help customer meet their security objectives. AWS helps in sharing security responsibilities with organization. There are some list described below which AWS complies.
- Service Organization Controls (SOC) 1/International Standard on Assurance Engagements (ISAE) 3402, SOC 2, and SOC 3
- Federal Information Security Management Act (FISMA), Department of Defense Information Assurance Certification and Accreditation Process (DIACAP), and Federal Risk and Authorization Management Program (Fed RAMP)
- Payment Card Industry Data Security Standard (PCI DSS) Level 1
- International Organization for Standardization (ISO) 9001, ISO 27001, and ISO 27018
AWS Cloud Computing Platform:
There are some major AWS cloud services which are described per category. Before that we will discuss how to access the AWS platform. There are three methods by which you can access the Platform.
- AWS management Console: It is Web application to manage AWS cloud services. Each services has its own console which can be accessed from AWS management console.
- AWS CLI: It is the unified tools used to manage AWS cloud services, with this we can control multiple services and even automate them through scripts.
- AWS Software development Kids (SDKs): It provide an application programming interface API that interacts with web services that make up AWS platform.
Cloud and Networking Services:
There are various Compute and networking services which helps in delivery of core cloud functionality for business to develop and run the workloads.
- Amazon Elastic Compute Cloud (Amazon EC2): Amazon Elastic Compute Cloud (Amazon EC2)is a web service that provides compute capacity in the cloud. It helps to obtain and configure virtual servers in Amazon’s data centers with a variety of operating systems and resource configurations (memory, CPU, storage, and so on) that are optimal for the application profile of each workload.
- AWS Lambda: AWS Lambda helps in running back-end code on its own AWS compute EC2 instances across multiple Availability Zones in a region, which provides the high availability, security, performance, and scalability of the AWS infrastructure.
- Auto Scaling: As you define the condition for particular workloads It allows organizations to scale Amazon EC2 capacity up or down automatically.
- Elastic Load Balancing: Elastic Load Balancing automatically distributes incoming application traffic across multiple Amazon EC2 instances in the cloud.
- Amazon Virtual Private Cloud (Amazon VPC): Organizations have complete control over selection of the IP address range, creation of subnets, and configuration of route tables and network gateways. Organizations can extend their corporate data center networks to AWS by virtual private network (VPN) connections or dedicated circuits by using AWS Direct Connect.
- AWS Direct Connect: AWS Direct Connect helps organizations to establish private connectivity between AWS and their data center, office, so that they can easily access the resources.
- Amazon Route 53: Amazon Route 53 is a Domain Name System (DNS) web service also helps in domain registrar, allowing you to purchase and manage domains directly from AWS.
Storage and Content Delivery:
This section provides an overview of the storage and content delivery services.
- Amazon Simple Storage Service (Amazon S3): Amazon S3 provides object storage for backup and recovery, near line archive, big data analytics, disaster recovery, cloud applications, and content distribution.
- Amazon Glacier: Amazon Glacier is a secure and extremely low-cost storage service for data archiving and long-term backup.
- Amazon Elastic Block Store (Amazon EBS): For Amazon EC2 instances Amazon Elastic Block Store (Amazon EBS) provides persistent block-level storage. Each Amazon EBS volume is automatically replicated within its Availability Zone to protect organizations from component failure.
- AWS Storage Gateway: It provides secure integration between an organization’s on-premises IT environment and the AWS storage infrastructure.
This section provides an overview of the products that the database services comprise.
- Amazon Relational Database Service (Amazon RDS): It is a relational database that allows customers to launch secure, highly available, fault-tolerant, production-ready databases in minutes.
- Amazon Dynamo DB: Amazon Dynamo DB is a NoSQL database service for all applications that need consistent, single-digit millisecond latency for mobile, web, gaming, ad-tech, Internet of Things, and many other applications.
This section provides an overview of the management tools that AWS provides to organizations.
- Amazon Cloud Watch: it is a monitoring service for AWS Cloud resources and the applications running on AWS. It allows organizations to collect and track metrics, collect and monitor log files, and set alarms.
- AWS Cloud Formation: AWS Cloud Formation defines a JSON-based templating language that can be used to describe all the AWS resources that are necessary for a workload. Templates can be submitted to AWS Cloud Formation and the service will take care of provisioning and configuring those resources in appropriate order.
- AWS CloudTrail: AWS CloudTrail is a web service that records AWS API calls for an account and delivers log files for audit and review.
Security and Identity:
This section provides an overview of the security and identity policy and tools that AWS provides to organizations.
- AWS Identity and Access Management (IAM): It securely control access to AWS Cloud services and resources for their users.
- AWS Key Management Service (KMS): it helps organizations to create and control the encryption keys used to encrypt their data and uses Hardware Security Modules (HSMs) to protect the security of your keys.
- AWS Certificate Manager: With AWS Certificate Manager, organizations can quickly request a certificate, deploy it on AWS resources such as Elastic Load Balancing or Amazon Cloud Front distributions, it also helps in certificate renewals.
AWS provides a variety of managed services to use with applications. The following section explores the overview of application services.
- Amazon API Gateway: Organizations can create an API that acts as a “front door” for applications to access data, business logic, or functionality from back-end services, such as workloads running on Amazon EC2, code running on AWS Lambda, or any web application.
- Amazon Simple Notification Service (Amazon SNS): it is a web service that coordinates and manages the delivery or sending of messages to recipients. There are two types of clients—publishers and subscribers. Publishers communicate asynchronously with subscribers by producing and sending a message to a topic, which is a logical access point and communication channel. Subscribers consume or receive the message or notification over one of the supported protocols when they are subscribed to the topic.
- Amazon Simple Email Service (Amazon SES): it is an email service that organizations can use to send transnational email, marketing messages, or any other type of content to their customers.
- Amazon Simple Workflow Service (Amazon SWF): It helps developers build, run, and scale background jobs that have parallel or sequential steps.