Introduction to Cloud Computing AWS.pdf
Document Details
Full Transcript
Introduction to Cloud Computing & AWS 20th April, 2020 Jinu John Email: [email protected] 1 Objectives Introduction to Cloud Computing Characteristics of Cloud Environments Payment Models in Cloud Cloud Delivery Models Cloud Depl...
Introduction to Cloud Computing & AWS 20th April, 2020 Jinu John Email: [email protected] 1 Objectives Introduction to Cloud Computing Characteristics of Cloud Environments Payment Models in Cloud Cloud Delivery Models Cloud Deployment Models Cloud Platforms Introduction to Amazon Web Services 2 Cloud & Cloud Computing Cloud computing includes manipulating, configuring and accessing of applications over the internet. it offers online data storage, infrastructure and application. It is a combination of both hardware and software delivering a service to the users. Users can provision and release resources on-demand. Resources can be scaled up or down automatically, depending on the load. Resources are accessible over a network with proper security. Customers are charged based on the type of resources and per usage. Popular Platforms : AWS, Azure, Google Cloud 3 Traditional vs Cloud Computing Concept Traditional Computing Cloud Computing Software Installed on computer Delivered via services over the web Access Through the computer Through the internet Upgrades Manual and complex Automatic and easy Single code with no infrastructure Versions Multiple versions to maintain maintenance Hardware Purchase, maintain and manage Pay for what you need Teams can collaborate from Collaboration Less widespread locations 4 Characteristics of Cloud Computing On demand self services / Flexibility: If you are on a business that is growing by the day and has fluctuating bandwidth demands, cloud computing is the ideal solution. Computer services such as email, applications, network or server service can be provided without requiring human interaction Disaster recovery: Cloud-based backup and recovery solutions save time, avoid large up-front investment and roll up third-party expertise as part of the deal. Automatic software updates: Once you have paid your suppliers, they take care of everything for you, from software updates to security updates. Measured service /Capital-expenditure Free: Cloud computing is not heavy on your pocket unlike other hardware. They have a hassle-free pay-as-you-go solution. You get what you pay for. 5 Characteristics of Cloud Computing Broad network access / Increased collaboration: When you and your colleagues can access, edit and share information/crucial documents at any time of the day from anywhere, doing more and working better becomes easier. Resource pooling / Document control: So, no more sharing and sending emails back and forth with updates and approvals! On cloud, all your files are stored at a central location where everyone who has access to the file sees the updates and the truth in real time. Security: Because all your data is stored on the cloud, it’s in safe hands. No matter what happens to your system, your data is secure. Environmentally friendly: When you use only the amount of energy you consume, you don’t leave behind a massive carbon footprint. Scalable & Rapid elasticity : Organizations can quickly add and subtract resources to their applications in order to meet customer demand and manage costs. 6 Security in the Cloud Data Breaches When a cloud service is breached, cyber criminals can gain access to this sensitive data. There is a risk if the service provider claim ownership of the data uploaded to them in the terms and conditions. Hijacking of Accounts Attackers steal credentials over the internet and through other means. One of the newest threat is “Man In Cloud Attack” where theft of user tokens happens which cloud platforms use to verify individual devices without requiring logins during each update and sync Insider Threat Employees can use their authorized access to an organization’s cloud-based services to misuse or access information such as customer accounts, financial forms, and other sensitive information. 7 Security in the Cloud Malware Injection Malicious code can be injected into cloud services and viewed as part of the software or service that is running within the cloud servers themselves. Abuse of Cloud Services Cloud’s unprecedented storage capacity has also allowed both hackers and authorized users to easily host and spread malware, illegal software, and other digital properties. Shared Vulnerabilities Cloud security is a shared responsibility between the provider and the client. This partnership between client and provider requires the client to take preventative actions to protect their data. 8 Security in the Cloud Data Loss Data on cloud services can be lost through a malicious attack, natural disaster, or a data wipe by the service provider. Amazon is an example of an organization that suffered data loss by permanently destroying many of its own customers’ data in 2011. Google was another organization that lost data when its power grid was struck by lightning four times. Insecure APIs Denial of Service Attacks 9 Risks and Challenges Increased Security Vulnerabilities: The moving of business data to the cloud means that the responsibility over data security becomes shared with the cloud provider. Reduced Operational Governance Control: Cloud consumers are usually allotted a level of governance control that is lower than that over on-premise IT resources. This reduced level of governance control can introduce risks associated with how the cloud provider operates its cloud. Limited Portability Between Cloud Providers: Due to a lack of established industry standards within the cloud computing industry, public clouds are commonly proprietary to various extents. Multi-Regional Regulatory and Legal Issues: Third-party cloud providers will frequently establish data centers in affordable or convenient geographical locations. Cloud consumers will often not be aware of the physical location of their IT resources and data when hosted by public clouds. It is subject to law of that region 10 Pros & Cons of Cloud Computing Pros Cons Lower upfront costs and reduced Higher ongoing operating costs. infrastructure costs. Greater dependency on service providers. Easy to grow your applications. Can the problems be resolved quickly. Scale up or down at short notice. Vendor lock-in Only pay for what you use. Vendor dependency on services support. Data backup and recovery Potential privacy and security risks Everything managed under SLAs. Dependency on a reliable Internet Overall environmental benefit connection. 11 Cloud Future Everything as a Service Serverless Computing Hybrid Cloud Increased Storage The Evolving Internet of Things (IoT) The containerization AI Security Will Still Be An Issue 12 Cloud Delivery/Service Models Infrastructure as a Service (IaaS) IaaS means you're buying access to raw computing hardware over the Net, such as servers or storage. Since you buy what you need and pay-as-you-go, this is often referred to as utility computing. Ordinary web hosting is a simple example of IaaS The supplier is responsible for the network elements, transit, and virtual servers. The consumer, however, is responsible for the installation and operation of its operating system and its applications. Examples: AWS, Azure, Rackspace, Digitalocean Benefits: Scalability, No investment in hardware, Pay per Costing, Location independence, Physical security of Data Centers 13 Cloud Delivery/Service Models Software as a Service (SaaS) SaaS means you use a complete application running on someone else's system. Provides a complete platform, including operating systems, software and specific applications. A software distribution model in which applications are hosted by a service provider and made available to client over a network. Web-based email and Google Documents are perhaps the best-known examples. Zoho is another well-known SaaS provider offering a variety of office applications online Benefits: Easier administration, Automatic updates and patch management, Compatibility, Easier collaboration 14 Cloud Delivery/Service Models Platform as a Service (PaaS) PaaS means you develop applications using Web-based tools so they run on systems software and hardware provided by another company. The service provider will install and configure servers, operating systems, databases and required licenses. The consumer will still be responsible for setting its applications and operations. As an example, you might develop your own e commerce website but have the whole thing, including the shopping cart, checkout, and payment mechanism running on a merchant's server. App Cloud (from salesforce.com) and the Google App Engine are examples of PaaS. Benefits: Server-side scripting environment, Database management, Server Software, Storage, Network access, Support 15 Cloud Delivery/Service Models 16 Cloud Delivery/Service Models 17 Cloud Deployment Models Public clouds are provided by people such as Amazon, Google, and IBM: in theory, all users share space and time on the same cloud and access it the same way. Private clouds work technically the same way but service a single company and are either managed exclusively by that company or by one of the big cloud providers on their behalf. Community Cloud is a type of cloud computing in which the setup of the cloud is shared manually among different organizations that belong to the same community or area. eg:Google Apps for Government, Microsoft Government Community Cloud Hybrid cloud is a cloud computing environment that uses a mix of on-premises, private cloud and third-party, public cloud services with orchestration between the two platforms. By allowing workloads to move between private, community and public clouds as computing needs and costs change, hybrid cloud gives businesses greater flexibility and more data deployment options. 18 Cloud Deployment Models Hybrid cloud: Mixed usage of public, private and sometimes community cloud Information moving between systems may be hacked Reasonable price IT can control on-premise storage components Public cloud is Private cloud is Community cloud connected via the connected via company meets shared concern Internet Intranet Hard to prevent loss Easy to safeguard data or sharing of Total Control information High initial investment Requires little High security: Business support storing highly sensitive User-Friendly data should use this to Inexpensive minimize hacks Ideal for smaller companies 19 Payment Models in Cloud Static or fixed pricing model In this model, price charging cannot change for the long term. The prices of a variety of resources are determined by the cloud provider in prior. Long time, Static Simple profit estimation Pay per use, subscription, Hybrid, Pay for resources Dynamic pricing model In this pricing strategy, prices are changing dynamically with respect to market condition or status Not widely implemented by cloud services Real time, flexible 20 Cloud Components Cloud Clients Clients is all about interfaces, applications and network those allow accessibility for a cloud system. Machines in the cloud Many cloud providers allow you to create a Virtual Machine (VM) and deploy it in the cloud Storage in the cloud Cloud storage typically refers to a hosted object storage service and block storage. Databases in the cloud The provider maintains the physical infrastructure and database, leaving the customer to manage the database contents and operation. Applications in the cloud The applications of cloud computing are practically limitless. With the right middleware, a cloud computing system could execute all the programs a normal computer could run. In addition to these four basics, cloud providers offer other services such as message queues and data mining 21 Machines in the cloud (VM) Many cloud providers allow you to create a Virtual Machine (VM) and deploy it in the cloud Your VM images are stored in cloud storage You can create as many images as you need You can automatically start and stop running instances of those images as needed VM technology allows multiple virtual machines to run on a single physical machine. 22 Storage in the cloud Most cloud storage systems are designed as distributed, redundant systems. “There should never be a single point of failure” is a stated design goal. Cloud storage typically refers to a hosted object storage servic and block storage. Highly fault tolerant through redundancy and distribution of data Highly durable through the creation of versioned copies 23 Databases in the cloud The provider maintains the physical infrastructure and database, leaving the customer to manage the database's contents and operation. Elimination of physical infrastructure.In this , the service provider is responsible for maintaining and operating the database software, leaving the DBaaS users responsible only for their own data. Cloud databases, like their traditional ancestors, can be divided into two broad categories: relational and nonrelational. 24 Applications in the cloud The applications of cloud computing are practically limitless. With the right middleware, a cloud computing system could execute all the programs a normal computer could run. Clients would be able to access their applications and data from anywhere at any time through internet. Using cloud, you can easily create scalable cross-platform experiences for your users. These platforms include many pre-coded tools and libraries — like directory services, search and security. These application services can speed up and simplify the development process. 25 Cloud Terms /Glossary Big Data: A broad term used to describe unconventional data sets which are either too large or too complex to be dealt with using traditional data-processing techniques. Cloud Marketplace: A cloud marketplace is an online marketplace, operated by a cloud service provider, where customers can browse and subscribe to software applications. Cloud Sourcing: Cloudsourcing is the act of replacing traditional on-premise IT operations with low-cost cloud-based services. Content Delivery Network (CDN): A content delivery network (CDN) is a network of distributed services that deliver content to a user based on the user’s geographic proximity to servers. 26 Cloud Terms /Glossary DevOps: DevOps is the combination of tasks performed by an organization’s applications development and systems operations teams. Elasticity: Elasticity is a term used to reference the ability of a system to adapt to changing workload demand by provisioning and deprovisioning pooled resources Hypervisor: A hypervisor or virtual machine monitor (VMM) is a piece of software that allows physical devices to share their resources among virtual machines (VMs) running on top of that physical hardware. The hypervisor creates, runs and manages VMs. Load Balancing : The process of distributing computing workloads across multiple resources, such as servers. 27 Cloud Terms /Glossary Microservices: A way of designing applications in which complex applications are built out of a suite of small, independently deployable services. These ‘microservices’ run their own processes and communicate with one another using lightweight mechanisms and APIs. Middleware: Middleware is software that connects software components or enterprise applications. Open Stack: OpenStack is a free, open-source cloud platform that is primarily deployed as an infrastructure as a service offering. Scalability : Scalability is the ability of a process, system, or framework to handle a growing workload. 28 Cloud Terms /Glossary Service Level Agreement (SLA): A contractual agreement between a customer and a cloud service provider (CSP) which defines the level of service, availability and performance guaranteed by the CSP. Vendor Lock-in: Vendor lock-in is when a customer finds themselves “locked-in” or stuck with a certain cloud service provider (CSP). Availability Zones: Are data center locations isolated from each other as a safeguard against unexpected outages leading to downtime. Regions : Geographic locations. 29 Cloud Terms /Glossary Cloud Bridge: Refers to a secure IPSEC VPN tunnel that connects two or more cloud environments to facilitate communication between them. Cloudburst: A quality of service metric used to gauge the scalability and performance of cloud applications within hosted cloud platforms. A positive cloudburst indicates that the cloud-based application is efficient and capable of managing application scalability. A negative cloudburst indicates an inability to handle a spike in demand. Cloud bursting: An application deployment model in which applications running on a private cloud ‘bursts’ into a public cloud when there is a spike in computing demand. 30 Cloud Terms /Glossary Cloudstorming: is the act of connecting multiple cloud computing environments. Fault tolerance: Refers to the ability of a computer system or component to continue working without loss of service in the event of an unexpected error or problem. Internet of Things / IoT/ Internet of Everything: An ever-growing network of physical objects provided with unique identifiers (IP address) and the ability to transfer data over a network without any human interference. 31 Cloud Terms /Glossary Virtual Private Cloud (VPC): A cloud model where the service provider isolates various public cloud components to form individual private cloud environments. Subnet: A subnet is a logical partition of an IP network into multiple, smaller network segments. It is typically used to subdivide large networks into smaller, more efficient subnetworks. Auto-scaling: Refers to the ability of a computer system or component to continue working without loss of service in the event of an unexpected error or problem. 32 Cloud Terms /Glossary Total Cost of Ownership (TCO) : A financial estimate intended to help buyers and owners determine the direct and indirect costs of a product or system. Return on Investment (ROI): A performance measure, used to evaluate the efficiency of an investment or compare the efficiency of a number of different investments. 33 Cloud Platforms Cloud-based is a term that refers to applications, services or resources made available to users on demand via the Internet from a cloud computing provider's servers. The biggest cloud computing services — Amazon, Microsoft and Google — all offer excellent products at affordable prices with strong backup, security and service options. So if you’re asking yourself how you pick the best one for your needs, first understand what differentiates them from each other. 34 Cloud Platform Trends Source: Google Trends 35 Cloud Platform Trends Source: Stack Overflow Trends 36 Microsoft Azure Azure is used by about mostly Fortune 500 companies Azure offers both Linux and Windows and has all the basic heterogeneous computing environments that most large businesses now require. Azure has no setup costs, very minimum fees, and there are very few instances where a termination fee will be charged. If you’re heavily invested in Microsoft infrastructure already, Azure makes it simple to migrate your existing data, applications, etc. into their cloud. 37 Microsoft Azure Azure has more global regions than any other cloud provider—offering the scale needed to bring applications closer to users around the world, preserving data residency and offering comprehensive compliance and resiliency options for customers. 58 Regions over 140 countries 38 Microsoft Azure Compute Has less variety in VM families compared to AWS, but on the other hand, much more flexibility with regards to machine size. Its families include general-purpose, optimized machines (better CPU, more RAM and more SSD storage), performance-optimized (even more than “optimized”) and network-optimized (32Gbps Infiniband networking). 39 Microsoft Azure Storage Azure Blobs: A massively scalable object store for text and binary data. Also includes support for big data analytics through Data Lake Storage Gen2. Azure Files: Managed file shares for cloud or on-premises deployments. Azure Queues: A messaging store for reliable messaging between application components. Azure Tables: A NoSQL store for schemaless storage of structured data. Azure Disks: Block-level storage volumes for Azure VMs. 40 Microsoft Azure Billing and Pricing In contrast to Amazon, has one main pricing model: on demand, charged by the minute (compared to by the hour with AWS). Discounts are only offered for bulk monetary commitments, either through pre-paid subscriptions, which offer 5% discount on the bill 41 Google Cloud Platform (GCP) Google differentiates itself by the sheer volume of options and products available. With Google you have some of the most dedicated and advanced engineers and data center infrastructure in the world. Offers services in all major spheres including compute, networking, storage, machine learning (ML) and the internet of things (IoT) Likely to soon match Amazon and Microsoft in its caliber of cloud offerings. 42 Google Cloud Platform (GCP) GCP has 22 regions, 67 zones, over 140 edge locations and available in 200+ countries and territories Has well-provisioned global network with 100,000s of miles of fiber optic cable. 43 Google Cloud Platform (GCP) Compute Google’s offering seems to have the least amount of VM families under its Google Compute Engine (GCE). The three families are general purpose, CPU-optimized and RAM-optimized, with 5-6 sizes within each family. However, with their “custom machines” offering, they can be viewed as having the largest variety of VM families. 44 Google Cloud Platform (GCP) Storage Cloud Storage: Reliable object storage with global edge-caching and instant data access. Persistent disk: High-performance block storage for virtual machines and containers. Local SSD: Ephemeral locally-attached block storage for virtual machines and containers. Cloud Storage: Ultra low-cost archival storage with online access speeds. Cloud Filestore: Fully managed, scalable file storage with predictable performance. 45 Google Cloud Platform (GCP) Billing and Pricing Offers on-demand pricing, charged by the minute, and is the only provider of the three who doesn’t require upfront commitment for receiving discounts. Sustained use discount is a pricing model, which retroactively discounts services, which were extensively used over the period of the billing month. It does complicate the task of forecasting a project's cost, as it is unclear until the end of the month. 46 Amazon Web Services 2002- AWS services launched Amazon’s cloud offering is called Amazon Web Services (AWS) and it was the first of the major players to offer cloud services to the public in 2006. Amazon Web Services (AWS) is the world’s most comprehensive and broadly adopted cloud platform, offering over 175 fully featured services from data centers globally. Some of the largest companies like Reddit, Netflix, NASA, and Expedia run their applications on AWS. Many others had shut down their data centers and moved to AWS. 47 Amazon Web Services Gartner Research positions AWS in the Leaders Quadrant of the new Magic Quadrant for Cloud Infrastructure as a Service (IaaS), Worldwide. AWS has 69 Availability Zones within 22 geographic regions around the world, and has announced plans for 16 more Availability Zones and five more AWS Regions in Indonesia, Italy, Japan, South Africa, and Spain. Visit https://www.infrastructure.aws/ for an interactive tour of AWS Magic Quadrant for Cloud Infrastructure as a Service, Worldwide infrastructure Source: Gartner 48 Region,Availability Zone & Local Zone Region: Geographic Locations. Each Region is completely independent. When you view your resources, you see only the resources that are tied to the Region. We can transfer data from one region to another. Note that there is a charge for data transfer between Regions. Consists of at least two Availability Zones (Azs) eg: us-east-1, us-west-1, us-east-2 49 Region,Availability Zone & Local Zone Availability Zone: Cluster of data centers isolated from failures in other Availability Zones. Availability Zones in a Region are connected through low-latency links. An Availability Zone is represented by a Region code followed by a letter identifier. eg: us-east-1a, us-east-1b, us-west-1a are account specific 50 Region,Availability Zone & Local Zone Local Zone: Local Zones are a new type of AWS infrastructure deployment that places AWS compute, storage, database, and other select services closer to large population, industry, and IT centers where no AWS Region exists today. A Local Zone is an extension of a Region that is in a different location from your Region. Local Zones are at current not available in every Region. A Local Zone is represented by a Region code followed by an identifier that indicates the location, for example, us-west-2-lax-1a. Use AWS Local Zones to deploy workloads closer to your end-users for low-latency requirements. 51 Creating an AWS Account Open the Create an AWS Account form at https://aws.amazon.com/ Enter your account information, and then choose Continue. Ensure that you give your correct details including email. Email verification is a must to open AWS account Choose what type of account it is- i.e, Personal or Professional. This is just a selection, the functions and features remain same in both. Based on your choice enter your company or personal information. Accept the AWS Customer Agreement and continue Look out for the email received. Click on the link from email and login using the password you provided during registration. Still you won't be able to use your account as Payment details are not verified. On the Payment Information page, enter the information about your payment method, and then choose Secure Submit. Verify your phone number using SMS/call and then Submit. Choose your support plan On activation of your account, you will get a confirmation mail. 52 AWS Support Plans Basic Support is included for all AWS customers and includes, Customer Service & Communities - 24x7 access to customer service, documentation, whitepapers, and support forums. AWS Trusted Advisor - Access to the 7 core Trusted Advisor checks and guidance to provision your resources following best practices to increase performance and improve security. AWS Personal Health Dashboard - A personalized view of the health of AWS services, and alerts when your resources are impacted. Based on subscription there are 3 models, Developer: Recommended if you are experimenting or testing in AWS. Business: Recommended if you have production workloads in AWS. Enterprise: Recommended if you have business and/or mission critical workloads in AWS. Details of this can be found from the below link, https://aws.amazon.com/premiumsupport/plans/ 53 AWS Free Tier The AWS Free Tier is automatically activated on each new AWS account. The AWS Free Tier lasts for one year. While the AWS Free Tier is active, you can try many AWS services for free. Not all AWS services are free, you must monitor your usage to make sure that you are not exceeding the limitations covered under the Free Tier. There are no programmatic tools to limit usage to what's covered by the AWS Free Tier. This means that you are responsible for the services that you launch. Visit the below link to find out what services and to what extend they are provided as free under a Free Tier account, https://aws.amazon.com/free 54 Amazon EC2 Provides secure, resizable compute capacity in the cloud. Reduces the time required to obtain and boot new server instances to minutes. We can commission one, hundreds, or even thousands of server instances simultaneously. Allows us to quickly scale both up and down, as our computing requirements change We have root access to each one, and can interact with them. We can stop our Amazon EC2 instance while retaining the data on your boot partition, and then subsequently restart the same instance using web service APIs. Pay only for capacity that we actually use. Can choose among multiple instance types, operating systems, and software packages. Amazon EC2 allows us to select the memory configuration, CPU, instance storage, and boot partition size that are optimal for your choice of operating system and application 55 Amazon EC2 Provides developers and system administrators the tools to build failure resilient applications and isolate themselves from common failure scenarios The service runs within Amazon’s proven network infrastructure and data centers. The Amazon EC2 Service Level Agreement (SLA) commitment is 99.95% availability for each Region. Located in a VPC with an IP address range that we specify. We decide which instances are exposed to the Internet and which remain private. Security groups and network access control lists (ACLs) allow us to control inbound and outbound network access to and from our instances 56 AWS EC2 Instance Categories Amazon EC2 provides a wide selection of instance types optimized to fit different use cases. Instance types comprise varying combinations of CPU, memory, storage, and networking capacity. General-Purpose Ideal for business critical applications, small and mid-sized databases, web tier applications, and more. Compute Optimized Ideal for high performance computing, batch processing, video encoding, and more. 57 AWS EC2 Instance Categories Memory Optimized Ideal for high performance databases, distributed web scale in-memory caches, real time big data analytics, and more. Accelerated Computing Ideal for machine learning, graphic intensive applications, gaming, and more. Storage Optimized Ideal for NoSQL databases, data warehousing, distributed file systems, and more. Link: https://aws.amazon.com/ec2/instance-types/ 58 Amazon Machine Images (AMI) An Amazon Machine Image (AMI) provides the information required to launch an instance. You can launch multiple instances from a single AMI when you need multiple instances with the similar configuration. An AMI includes one or more EBS snapshots, or, for instance-store-backed AMIs, a template for the root volume of the instance (for example, an operating system, an application server, and applications). It also includes a block device mapping that specifies the volumes to attach to the instance when it's launched. After you create and register an AMI, you can use it to launch new instances. You can copy an AMI within the same region or to different regions. When you no longer require an AMI, you can deregister it. 59 Amazon Elastic IP Elastic IP is an address for EC2 instance that will persist even if instance is stopped and restarted. Public IP addresses are dynamic - i.e. if you stop/start your instance you get reassigned a new public IP. A reserved public IP address that you can assign to any EC2 instance in a particular region, until you choose to release it. To associate an Elastic IP address with an instance using the console 1. Open the Amazon EC2 console at https://console.aws.amazon.com/ec2/. 2. In the navigation pane, choose Elastic IPs. 3. Select an Elastic IP address and choose Actions, Associate address. 4. Select the instance from Instance and then choose Associate. On similar steps Disassociate address can be used to release an elastic IP from instance. If you no longer need an Elastic IP address, choose Actions, and then select Release addresses. 60 AWS Storage Portfolio 61 Amazon Simple Storage Service (Amazon S3) Object storage with a simple web service interface to store and retrieve any amount of data from anywhere on the web Designed to deliver 99.999999999% durability, and stores data for millions of applications used by market leaders in every industry Data is redundantly stored across multiple facilities and multiple devices in each facility. Amazon S3 supports data transfer over SSL and automatic encryption of your data once it is uploaded. Can also configure bucket policies to manage object permissions and control access to your data using IAM. Amazon S3 allows you to store large amounts of data at a very low cost. Using lifecycle policies, you can set policies to automatically migrate your data to Standard - Infrequent Access and Amazon Glacier as it ages to further reduce costs Amazon S3 provides options to host static websites User can choose to keep data private or make it publicly accessible Buckets are used to store objects, which consist of data and metadata that describes the data. Can be used for backup and recovery services. 62 Amazon Elastic Block Store (Amazon EBS) Persistent block storage volumes for use with Amazon EC2 instances in the AWS Cloud Each Amazon EBS volume is automatically replicated within its Availability Zone to protect you from component failure, offering high availability and durability. Can scale your usage up or down with in minutes Amazon’s flexible access control policies allow you to specify who can access which EBS volumes ensuring secure access to your data. Snapshots: Protect your data by creating point-in-time snapshots of EBS volumes, which are backed up to Amazon S3 for long-term durability. 63 Amazon Elastic File System (Amazon EFS) Provides simple, scalable, elastic file storage for use with AWS Cloud services and on-premises resources. Amazon EFS is built to elastically scale on demand without disrupting applications Growing and shrinking automatically as you add and remove files, so your applications have the storage they need 64 Amazon S3 vs EFS vs EBS Comparison 65 Amazon Glacier Secure, durable, and extremely low-cost storage service for data archiving and long-term backup. Customers can store data for as little as $0.004 per gigabyte per month Designed to deliver 99.999999999% durability Amazon Glacier is the only cloud archive storage service that allows you to query data in place and retrieve only the subset of data you need from within an archive. 66 Amazon RDS Managed service that sets up and operates a relational database in the Cloud Makes it easy to set up, operate, and scale a relational database in the cloud. Six familiar database engines to choose from, including Amazon Aurora, PostgreSQL, MySQL, MariaDB, Oracle, and Microsoft SQL Server. Customer manages: Application Optimization, Database schema, Data AWS manages: OS installation and patches, Database software installation and patches, Database backups, High availability, Scaling, Power, Server maintenance 67 Amazon Aurora Is a MySQL and PostgreSQL compatible relational database built for the cloud Combines the performance and availability of high-end commercial databases with the simplicity and cost-effectiveness of open source databases. Amazon Aurora provides 5 times the throughput of standard MySQL or twice the throughput of standard PostgreSQL running on the same hardware The code, applications, drivers, and tools you already use with your MySQL databases can be used with Amazon Aurora with little or no change. 68 Amazon DynamoDB Fast and flexible NoSQL database service for all applications that need consistent, single-digit millisecond latency at any scale. Virtually unlimited storage Scalable read/write throughput Fully managed cloud database and supports both document and key-value store models. Event-Driven Programming: Can be integrated with AWS Lambda to provide Triggers that enable you to architect applications that automatically react to data changes. QUERY by key to find items efficiently. SCAN to find items by attributes 69 Amazon ElastiCache Makes it easy to deploy, operate, and scale an in memory cache in the cloud. Improves the performance of web applications by allowing you to retrieve information from fast, managed, in-memory caches, instead of relying entirely on slower disk-based databases. ElastiCache supports two open-source in-memory caching engines: Redis & Memcached 70 Amazon Virtual Private Cloud (Amazon VPC) Provision a logically isolated section of the AWS Cloud where you can launch AWS resources in a virtual network that you define. Complete control over your virtual networking environment, including selection of your own IP address range, creation of subnets, and configuration of route tables and network gateways. We can create a public-facing subnet for your web servers that has access to the Internet, and place your backend systems, such as databases or application servers, in a private-facing subnet with no Internet access. 71 Amazon Virtual Private Cloud (Amazon VPC) Examples, 72 Amazon Virtual Private Cloud (Amazon VPC) Security is the highest priorities Security groups Act as built-in firewalls Control accessibility to resources 73 Amazon CloudFront Content delivery network (CDN) service that accelerates delivery of your websites, APIs, video content, or other web assets. Delivery content using a global network of edge locations. Requests for your content are automatically routed to the nearest edge location 74 Amazon Route 53 Highly available and scalable cloud Domain Name System (DNS) web service. Route requests to different end points Amazon Route 53 also offers Domain Name Registration—you can purchase and manage domain names such as example.com 75 Elastic Load Balancing Application Load Balancer (ALB) HTTP,HTTPS Flexible application management Advanced load balancing of HTTP and HTTPS traffic Operates at the request level (Layer 7) Use Cases example, 76 Elastic Load Balancing Network Load Balancer (NLB) TCP Extreme performance and static IP for your application Load balancing of TCP traffic Operates at the connection level(Layer 4) Use cases, Sudden and volatile traffic patterns Single static IP address per Availability Zone Ideal for applications that require extreme performance Classic Load Balancer (CLB) Previous generation for HTTP, HTTPS, and TCP Existing application that was built within the EC2-Classic network Operates at both the request level and connection level 77 Amazon CloudWatch Monitoring service for AWS Cloud resources and the applications you run on AWS. Collect and track metrics Collect and monitor log files Set alarms, and automatically react to changes in your AWS resources View Graphs and Statistics of the collected data 78 AWS Auto Scaling Helps you verify that you have the correct number of Amazon EC2 instances available to handle the load for your application Monitors your applications and automatically adjusts capacity to maintain steady, predictable performance at the lowest possible cost. With AWS Auto Scaling, your applications always have the right resources at the right time. Monitoring Resource Performance: Amazon CloudWatch to monitor performance AWS Auto Scaling to add or remove Amazon EC2 instances 79 AWS Auto Scaling Scaling out: adding more components in parallel to spread out a load. Scaling up: making a component bigger or faster so that it can handle more load. Scaling Out and Scaling In 80 AWS Identity and Access Management (IAM) Securely manage access to AWS services and resources Using IAM, you can create and manage AWS users and groups, and use permissions to allow and deny their access to AWS resources. As a best practice, do not use your root user credentials for your daily work. Instead, createIAM entities (users and roles). 81 How Do I Interact with AWS? AWS provides several tools that help you create and manage resources, AWS Management Console: A graphical user interface you access online at https://console.aws.amazon.com AWS Command Line Interface (CLI): A text-based tool you install on your computer. It connects over the Internet to manage your AWS resources. Software Development Kits (SDKs): Class libraries and tools you add to your application so it can manage AWS resources. AWS offers SDKs in a variety of programming and scripting languages, as well as mobile SDKs for iOS and Android apps. Query APIs: Low-level APIs that are exposed online through service- and region-specific endpoints (e.g., https://dynamodb.us-west-2.amazonaws.com).You call API actions by using HTTP requests.The APIs reflect the latest functionality of each service. If your application uses the API instead of an SDK, however, you must implement the functionality to generate the proper signatures to authenticate your requests. 82 References Getting Started with AWS : https://aws.amazon.com/getting-started/ AWS Knowledge Center(FAQ) : https://aws.amazon.com/premiumsupport/knowledge-center/ AWS CLI Reference :https://docs.aws.amazon.com/cli/latest/reference/ AWS CLI Users Guid : https://docs.aws.amazon.com/cli/latest/userguide/aws-cli.pdf AWS CLI - Unified command line interface to Amazon Web Services : https://github.com/aws/aws-cli 83 Thankyou 84