Amazon decided to market infrastructure and provide it as a service for whoever pays. They started out with SQS in 2004. And then relaunched with SQS, EC2 and S3 in 2006 in the USA. They expanded to Europe in 2007.
The pricing is primarily of three types depending on what our usage is about. We pay for either of the three depending on what AWS service we are using -
Picking an AWS region is not as simple as picking the closest region. Some factors to consider are -
Each region has what are called AZs (availability zones). Each region will atleast have a minimum of 3 and a maximum of 6 AZs. The AZs are isolated and are connected together through very fast networks. They are used for redundancy.
Totally there are over 400 points of presence in 40+ countries.
Identity Access Management(IAM) is a global service that allows the creation of groups and users, much like Linux. And just like Linux, a user can be part of no or many groups.
Users and groups can be assigned JSON documents called policies that describe the permissions they are given.
Roles are much like policies that can be given to specific entities. AWS Services are one of these entities, which can be given roles, so that they can perform elevated actions on our behalf.
IAM Credentials Report generates a report of all our users and the status of their credentials.
IAM Access Advisor, shows details on a per user level on what kind of permissions they were granted, and when services were last accessed.
Elastic Block Store(EBS) volume is a network drive that can be attached to other instances. They can only be mounted to one instance (as far as CCP is concerned). They are also bound to a specific AZ.
Elastic File System (EFS) is a network file system that can be mounted on 100s of EC2 instances. It works across AZs. It is basically EBS without the limitations.
Infrequent Access is optimized for files that are not accessed everyday. It only moves files that were last accessed into IA storage. Can reduce costs upto 92%. Not really any downsides, is preferred.
A snapshot of an EBS volume is like a backup. The snapshot can be transferred across zones, just like it is a file. And ofcourse, a snapshot can be used to restore an EBS.
Snapshots can be archived into a seperate storage with an archive tier. But they may take 1-3 days to restore.
FSx allows for use of any 3rd party filesystem.
A Windows native shared fs built on Windows File Server. Supports SMB and is NTFS.
It is a high performance scalable fs for HPC. It is derived from "Linux" and "cluster". Can have upto 100s of GB/s I/O speeds.
EC2 is elastic compute cloud it offers infrastructure as a service. With EC2 you can rent virtual machines you can store data on virtual drives you can distribute the load or you can scale your services.
We are allowed to configure the following options -
Related: https://ec2instances.info
The naming convention is -
m5.2xlarge, t2.microThe names are pretty self explanatory, the paranthese tell the starting letter of the instance name (up to date for now)
This is a bootstrap script that is run only on first boot. It can be used to download software, update software or download required files.
An Amazon Machine Image(AMI) is a customized EC2 instance. EC2 instances can be launched from a public AMI, our own AMI, or one from the AWS Marketplace.
EBS volumes are good but have poor performance. Instance store gives use better I/O perfs, but the storage is temporary. It is lost on stopping (not terminating even, on stopping). It is good for buffers, caches, temp.
This service is used to automate the creation of VMs, EC2 AMIs. It can also perform tests on AMIs, and can be scheduled to run.
Elastic Load Balancing(ELB) is a load balancer. AWS guarantess its working and takes care of its upgrades, maintenance. The 4 kinds of load balancers offered by AWS are -
The load balancer routes the traffic to downstream EC2 instances.
Auto Scaling Group(ASG) adds (scale out) and removes (scale in) EC2 instances depending on the load. We can set a minimum and maximum number of instances, and it works hand in hand with a load balancer. It also automatically replaces unhealthy instances.
Update the size manually
It is advertised as infinitely scaling storage. S3 allows storage of objects (files) in buckets (directories). Buckets are defined at a region level. S3 doesn't actually have directories, but a file might contain '/' in it, and the UI will treat it as a directory (even though it really is not).
Bucket names are unique over all regions, for everyone. Meaning buckets have to have names that aren't taken.
The most common way to manage security for an S3 bucket is using bucket policies.
Buckets can be replicated cross region (CRR) or same region (SRR).
The responsibilites are shared among the user and the cloud. The cloud is responsible for the security of the infrastructure and compliance validation, while the user is responsible for the security in the cloud like policies, passwords and MFA.
Vertical scalability is increasing the size of our instance.
Horizontal scalability is increasing the number of instances. Web apps are commonly designed with horizontal scalability in mind. This is also called elasticity.