Module 3- AWS Global Infrastructure Overview
AWS Global Infrastructure: Features
1) elastic and stable- resources can dynamically adjust to increases or decreases in capacity requirements 2) fault-tolerant- built-in component redundancy so it can continue operations despite a failed component 3) high availability- minimal downtime and basically no human intervention
AWS Foundational Services
AWS global infrastructure broken down into 3 elements: Regions, Availability Zones, Points of Presence -global infrastructure provides platform for broad set of services delivered as an on-demand utility available in seconds with pay-as-you-go pricing -services include networking, storage, compute services, databases, etc.
Management and Governance Service Category: AWS CLI
Command Line Interface -provides a unified tool to manage AWS services
Storage Service Category: EBS
Elastic Block Store -high-performance block storage designed to use with Amazon EC2 for throughput and intensive workloads -workloads include relational & non-relational databases, enterprise apps, containerized apps, big data analytics engines, file systems, media workflows
Compute Service Category: EC2
Elastic Compute Cloud -provides resizable compute capacity as VMs in the cloud
Compute Service Category: ECR
Elastic Container Registry -fully-managed Docker container registry that makes it easy for developers to store, manage, deploy Docker container images
Compute Service Category: ECS
Elastic Container Service -highly scalable, high-performance container orchestration service that supports Docker containers
Storage Service Category: EFS
Elastic File System -scalable, fully managed elastic NFS (Network File System) for use with AWS Cloud services and on-premises resources -reduces need to provision and manage capacity to accommodate growth by scaling on demand
Compute Service Category: EKS
Elastic Kubernetes Service -makes it easy to deploy, manage, scale containerized apps that use Kubernetes on AWS
Security, identity, and Compliance Service Category: IAM
Identity and Access Management -enables you to manage access to AWS services and resources securely -can create and manage users and groups for allow and deny access
Networking and Content Delivery Service Category: AWS KMS
Key Management Service -enables you to create and manage keys -control the use of encryption across a wide range of AWS services and in your apps
Database Service Category: Amazon Aurora
MySQL and PostgreSQL- compatible relational database that is up to 5x faster than standard MySQL DB and 3x standard PostgreSQL DB
Database Service Category: RDS
Relational Database Service -makes easy to set up, operate, and scale a relational database in the cloud -resizable capacity while automating time-consuming administration tasks
Storage Service Category: S3
Simple Storage Service -an object storage service that offers scalability, data availability, security, and performance -storage for data for website, mobile apps, backup and restore, archive, enterprise apps, IoT devices, big data analytics
Amazon CloudFront
a content delivery network (CDN) used to distribute content to end users to reduce latency
AWS Region
a physical geographical location with one or more availability zones -22 worldwide -isolated from one another- when store data in one region not replicated outside that region -data replication controlled by customer- if need to replicate data across regions have to do it -each region provides full redundancy and connectivity to the network
Networking and Content Delivery Service Category: AWS Shield
managed DDoS protection service that safeguards apps running on AWS
Compute Service Category: AWS Elastic Beanstalk
service for deploying and scaling web apps and services on familiar servers like Apache and IIS
AWS Categories of Services
-23 different product or service category with 1 or more services each -Categories discussed (most widely used & best intro to cloud): compute; cost management; database; management & governance; networking & content delivery; security, identity, and compliance, storage
Selecting a Region
-consider data governance and legal requirements -run applications and store data in region that is as close as possible to user and systems that will access them to reduce latency -costs of running services vary by region
Points of Presence
-deliver a better near real-time user experience by measuring internet connectivity -global network of 187 points of presence locations w/ 176 edge locations and 11 regional edge caches in major cities across the world -used with Amazon CloudFront
Storage Service Category: Simple Storage Service Glacier
-secure, durable, extremely low-cost S3 cloud storage class for data archiving and long-term backup -11 9s of durability
Networking and Content Delivery Service Category: VPC
Virtual Private Cloud -enables you to provision logically isolated sections of the AWS cloud
Management and Governance Service Category: Amazon CloudWatch
allows you to monitor resources and apps
Networking and Content Delivery Service Category: AWS Organizations
allows you to restrict what services and actions are allowed in your accounts
Networking and Content Delivery Service Category: Elastic Load Balancing
automatically distributes incoming app traffic across multiple targets, such as EC2 instances, containers, IP addresses, and Lambda functions
Compute Service Category: AWS Fargate
compute engine for ECS that allows you to run containers without having to manage servers or clusters
AWS Global Infrastructure
designed and built to deliver a flexible, reliable, scalable, and secure cloud computing environment with high-quality global network performance
Amazon Route 53
domain name system service (DNS) -requests going here will be routed to nearest edge location to lower latency like CloudFront
Availability Zones
each region has multiple availability zones -69 availability zones worldwide -each availability zone has multiple data centers (3 mostly) and can include hundreds of thousands of servers -fully isolated partitions -makes more highly available, fault-tolerant, scalable applications and databases -all interconnected with high-bandwidth, low-latency networking -customer responsible for choose availability zones where systems will be- can span multiple
AWS Cost Management Service Category: AWS Cost Explorer
easy-to-use interface for visualizing, understanding, managing AWS costs and usage over time
Compute Service Category: EC2 Auto Scaling
enables you to automatically add or remove EC2 instances according to conditions that you define
Database Service Category: Amazon Redshift
enables you to run analytic queries against petabytes of data that is stored locally in Amazon Redshift and directly against exabytes of data that are stored in Amazon S3
Compute Service Category: AWS Lambda
enables you to run code without provisioning or managing servers- only pay for compute time you consume
AWS Cost Management Service Category: AWS Budgets
enables you to set custom budgets that alert you when your costs or usage exceed your budgeted amount
Networking and Content Delivery Service Category: Amazon CloudFront
fast CDN service that securely delivers data, videos, applications, and APIs to customers globally with low latency and high transfer speeds
AWS Data Centers
foundation for AWS infrastructure -customers do not specify (Availability zone is farthest level of granularity) -location where actual data resides -each data center has redundant power, networking, and connectivity, and housed in a separate facility -AWS uses custom network equipment sourced from multiple ODMs (original device manufacturers)
Management and Governance Service Category: AWS Trusted Advisor
helps you optimize performance and security
Database Service Category: Amazon Dynamo DB
key-value and document database that delivers single-digit millisecond performance at any scale, with built-in security, backup and restore, and in-memory caching
Networking and Content Delivery Service Category: Amazon Cognito
lets you add user sign-up, sign-in, and access control to your web and mobile apps
Networking and Content Delivery Service Category: AWS VPN
provides a secure private tunnel from your network or device to AWS global network
Management and Governance Service Category: AWS Config
provides a service that helps you track resource inventory and changes
Networking and Content Delivery Service Category: AWS Direct Connect
provides a way to establish a dedicated private network connection from your data center or office to AWS to reduce network costs and increase bandwidth throughput
Management and Governance Service Category: AWS Management Console
provides a web-based user interface for accessing AWS account
Management and Governance Service Category: AWS Auto Scaling
provides features that allow you to scale multiple resources to meet demand
Management and Governance Service Category: AWS Well-Architected Tool
provides help in reviewing and improving your workloads
Networking and Content Delivery Service Category: AWS Artifact
provides on-demand access to AWS security and compliance reports and select online agreements
Networking and Content Delivery Service Category: Amazon Route 53
scalable cloud DNS web service designed to give you a reliable way to route end users to internet apps -translates names like www._.com into numeric IP addresses
Networking and Content Delivery Service Category: AWS Transit Gateway
service that enables customers to connect their VPCs and on-premises networks to a single gateway
AWS Cost Management Service Category: AWS Cost and Usage Report
the most comprehensive set of cost and usage data available- metadata about AWS services, pricing, reservations
Management and Governance Service Category: AWS CloudTrail
tracks user activity and API usage
Regional Edge Caches
used when have content that is not accessed frequently enough to remain at an edge location -provide alternative to that content having to be fetched from original server -used by default with Amazon Cloudfront