As I posted last week, I have started studying some items related to AWS with the goal of attaining the associate level solutions architect certification. In an effort to do that, I’m blogging about some (not all) of what I have learned. This week I’m going to try and do a high level fly by of the services that AWS offers.
Just looking in the AWS console you can see that there are a TON of things that you can select from with services. I could probably spend a year writing about all of the services that were available and then I would be out of date because Amazon would add some new services to the list. If you’re studying for this exam, then you should probably give the blueprint for the test a read through. You can find that here. For this post, I’m just going to cover a couple of the items that were on the blueprint and then maybe come back with another post in the future to address more items. For today, I’m just going to tackle three main sections from this list: Compute, Storage, and Security, Identity & Compliance. I think that will kill all the time I have!
Compute is exactly what you would think it is. Those resources that you can use to run your applications in the cloud. I’m just going to jump right in and talk briefly about each of the services that are included in the compute umbrella.
EC2 – Probably the easiest way to sum up Elastic Cloud Compute would be to say that it’s a virtual machine running on Amazon’s hardware. Just like a virtual machine running in your VMware or Hyper-V deployment, you will still need other resources like storage, which we will talk about later. When you deploy an EC2 instance, you have the option to select the size, operating system, and storage that it will use. The choices that you make here will determine the cost to run that EC2 instance.
EC2 Container Service (ECS) – If you’re already using Docker in your environment to run containerized applications, then ECS is for you. ECS is a scalable, high performance container management service that supports Docker containers.
Lightsail – Lightsail was just introduced at the end of November, so it probably won’t be on the test, but since we are talking compute in general, I’ll still write a little bit about it here. According to Amazon’s announcement, Lightsail is “designed to be the easiest way to launch and manage a virtual private server with AWS”. From what I have found you are basically able to select pre-packaged servers with all of the things that you might need to select separately (virtual machine, storage, data transfer, DNS management, IP) and have it all bundled together for one price. We’ll call this cloud in a box.
Elastic Beanstalk (EBS) – If you have a web application or service that was developed in Java, .NET, PHP, Node.js, Python, Ruby, Go, or Docker, then EBS will allow you to upload that code and the service will automatically provision the appropriate resources to run that application. So if you’re a developer this takes a lot of the guesswork or required knowledge out of deploying your service to the cloud.
Lambda – This is a serverless way to run your code. A lot of IoT uses for this services and in fact if you have an Amazon Echo, Lambda is integrated with the Alexa Skills kit to speed up the time it takes for you to develop voice-driven skills.
Batch – I really don’t know a whole lot about Batch, but according to the AWS web site, it’s geared towards scientists and engineers that want to run hundreds of thousands of batch computing jobs on AWS.
We’ve made it through the first section of this post, so let’s keep powering on through storage! Here’s the sections that we have under storage.
S3 – At a high level, Simple Storage Service (S3) is object based storage, so it’s great for bulk repositories, storing analytic data, backups, etc. You can access your S3 buckets either via the web console or through REST APIs. Additionally, there is no maximum size for an S3 bucket. I’ll probably be writing up a fairly in depth post about S3 in a few weeks, so I will leave this at that for now.
EFS – Elastic File System (EFS) is a scalable file (not object) storage system. If you are launching EC2 instances, then you will typically have EFS attached to your EC2 instance to load your operating system to. You can also use this for file storage and you can share an EFS volume between multiple EC2 instances so that they can work from the same data.
Glacier – If you need inexpensive, infrequently accessed, and long term storage for backups then Glacier is the way to go. Generally speaking, if you want to get the lowest cost (as low as $0.004/GB/month) then your retrieval times are going to take several hours, so this is really intended for those backups where you can wait a little while to retrieve them. Think of this service like a tape backup in the cloud.
Security, Identity & Compliance
I’m probably going to spend the least amount of time on this section because I hope to be writing on some of the components in the next week or so. At any rate, here is what’s included in this section:
IAM – Identity and Access Management (IAM) allows administrators to manage users and their level of access on a global scale. Permissions can be assigned directly to users or via groups.
Inspector – kind of like a watchdog for your AWS environment, AWS inspector allows administrators to analyze the behavior of their AWS resources so that they can identify where there might be a security issue.
Certificate Manager – Just like it sounds, a way to manage your certificates via the AWS console
Directory Service – allows you to leverage Microsoft AD for your AWS environment
WAF & Shield – Web Application Firewall is, again, just what it sounds like. If you have web applications, it can protect them from common exploits that could take down the service or cause issues with security.
Well now, I’m glad that I didn’t decide to do more than those three sections in this post or my fingers might have decided to fall off! As I said before, the next couple of posts will start going into details on some of these topics and once I’ve wrapped those up, I will create another post similar to this that runs through a couple of other sections. Until next time, have fun clouding it up!