Kickstart Your AWS Adventure: Essentials You Need to Know

According to NIST (National Institute of Standards and Technology), cloud computing is “A model for enabling ubiquitous, convenient,on-demand network access to a shared pool of configurable computing resources like networks, servers, storage, applications, and services. These can be rapidly provisioned and released with minimal management effort or service provider interaction”.

Quite a difficult definition, right? So, What is Cloud Computing?

Simplification of Cloud Computing:

Kickstart Of AWS Journey

It can be dissected into three major compartments these are essential characteristics, service models, and deployment models. There are five essential characteristics, three service models, and four deployment models in cloud computing.

Essential characteristics:

On-Demand: We can provide resources and services instantly. We don’t have to wait for weeks or hours to get any server or other resources. This characteristic inspires us to innovate and try new things, we can terminate the resource immediately after the job was done.

Global-network access: We can access the cloud from anywhere. Internet, LAN, WAN, etc.

Pooling Resources: We have multiple servers in numbers of tens and thousands and can harness CPU, memory power from these servers. The pool of resources which can be used to solve scalable problems.

Elasticity: Rapidly scale up and scale down as per the demand within no time is an important essential characteristic. Now we don’t have to wait for server provisioning, based on the workload these can be increased and decreased.

Measured and Monitored Services: Ability to measure and monitor services deployed or provisioned in the cloud. Auditing and compliance can be handled by these measurements.

Service Models:

Three major classifications of service models in cloud computing, these are;IaaS (Infrastructure as a service), PaaS (Platform As a Service), and SaaS (Software As a Service).

IaaS: Infrastructure As A Service is an abstraction layer of datacentre or hardware infrastructure. In this service model, we provide all the hardware resources as virtual components and one of the main highlights is these are disposable resources. These provisioning can be automated by scripting. Within minutes we can set up whole virtual datacentre requirements by executing scripts in popular languages like PowerShell, CloudFormation, etc.

PaaS: Platform As A Service is an abstraction layer where developers can develop applications against managed platforms. One of the simple examples will be provisioning a SQL Server instance on the cloud and develop an application using that SQL Server. These platforms are fully managed by vendors.

SaaS: Software As A Service are those platforms which we consume as software like Salesforce, Office365, etc. Here we actually consume the software platform which is fully managed. Developers can use APIs provided by these SaaS to enhance existing services or develop a new service.

There is a fourth service model emerging very fast called FaaS (Function As A Service). FaaS is also called serverless backend service allowing organizations to write and deploy modular pieces of code that can be executed in response to events. Popular examples are Azure Functions and AWS Lambda.

Deployment Models:

Four major classifications of deployment models in cloud computing, these are;

Private, Hybrid, Community, and Public

Private Cloud: These are usually datacenters own by various organizations, managing all the required hardware by themselves. The cost of infrastructure management is too high.

Hybrid Cloud: Here organizations' infrastructure setup spans from its private on-premise setup and public shared cloud both. Critical systems and databases are maintained with private datacenters and shared workloads are deployed on any public cloud.

Community Cloud: These are vertical infrastructure deployed for specific groups or communities. Examples are Gov Cloud or Health Cloud. Strict compliant requirements are taken care of within this type of setup.

Public Cloud: The most popular deployment model, where all the workloads are deployed on shared resources. These are a multi-tenant arrangement where various organizations actually use resources from the shared pool. Examples are AWS (Amazon Web Service), Azure(Microsoft Cloud Service), and GCP Google Cloud Platform).

What is AWS?

Definition from AWS web site;

"Amazon Web Services (AWS) is the world’s most comprehensive and broadly adopted cloud platform, offering over 175 fully-featured services from data centers globally. Millions of customers—including the fastest-growing start-ups, largest enterprises, and leading government agencies—are using AWS to lower costs, become more agile, and innovate faster."

In two words it simply means scale and reliability!

It is a secure cloud services platform, offering comprehensive power for computing, database storage, content delivery, and other various functionality to help organizations to scale and grow.

A brief history of AWS journey:

What is Elastic Computing?

Fundamental building block behind AWS and cloud computing in general.

The above figure explains how overtime in a traditional data center of an organization, server requirement grows. Usually, organizations provisioned the best guess servers fleet or compute power. As the business grows there are incidents of computing spikes were already provisioned server capacity is not enough to handle these compute spikes, it affects the quality of products and services of the organization.

The organization then goes for purchasing more servers hence it results again best guess and over-provisioning of computing. This is a vicious cycle where it actually increases the cost for infrastructure and manpower apart from other operational costs to maintain these types of data centers. The Violet region in the above figure shows the loss in terms of the over-provisioning of computing.

However, public cloud-like AWS solves this problem by autoscaling of computing power compute spike happens and in-scale as soon as demands drop. The green region in the above figure shows the elastic behavior of cloud computing.

I would recommend having a look at the success stories of various organizations from moving towards the AWS public cloud. It’s quite amazing that some of the big names are successfully established, cloud consumers 😊

http://aws.amazon.com/solutions/case-studies

AWS Global Infrastructure Overview:

AWS Regions: Regions are geographic locations. There are 16 regions in the AWS global landscape

AWS AZs: Availability Zones are data centers within an AWS region. There are two or more AZs in one region. Currently, 42 AZs are there worldwide.

AWS Edge Locations:

AWS edge locations are located in most of the major cities around the world and are specifically used by CloudFront (CDN) to distribute content to end-users to reduce latency.

For more details please follow the below link;

https://aws.amazon.com/about-aws/global-infrastructure/

Knowing AWS Security Measures:

Physical Access:

• Secret Locations

• Controlled physical access

• Best in class datacentre security

• Video Surveillance

Servers and Network:

• Hardware refresh cycle to avoid component failure

• Properly decommissioned storage

• Always on the monitoring system

Certifications and Compliance:

For more details follow the link below;

http://aws.amazon.com/compliance

Shared Security Responsibility:

Trust between customer and AWS. Both must do their part 😊

AWS Responsibility includes secured virtual host, storage security, secured network, data center security, and database security.

Customer responsibility comprises AWS account security using MFA, API, operating-system updates, database updates, application security and updates, data encryption with the right technology, authentication implemented, and network integrity using the latest technologies.

Security methods and Connectivity:

Security Groups: Used to secure instances, set rules to allow and deny traffic.

VPC: Controlled private infrastructure network with all required resources, can be used to secure resources at the subnet level. As per best practice, customers should always deploy resources in VPC.

Direct Connect: Used for connecting corporate on-premise resources to AWS cloud with high-speed bandwidth.

Import/Export: Secured services from AWS to import and export data from on-premise to AWS cloud. We can transfer petabyte-scale data.

VPM Access: One of the most secured tunnel access to AWS resources from the on-premise corporate network. We can stretch subnets via the VPN connection.

Dedicated Server: It helps in deploying regulated software and systems for compliance to license policy.

Starting Up and AWS Free Tier:

So now, It’s cool stuff! Anyone can start the cloud journey by signing the AWS free tier account. Some of the highlights of free tier account;

• We only need credit/debit card, email, and phone number to signup

• It is easy and fast sign up

• Free tier account is awesome for training or making hands dirty on concepts

• It allows limited use of workloads and resources

• There are basic support and access to resources

• It is a monthly recurring program (e.g; 750 hrs for EC2 instances per month)

• Some services are only allowed for 12 months as free (S3, EC2, ELB, EBS)

• Free tier dollar value will be discounted from bill continuously

• Charges over the free tier will be charged on credit card

To know more please visit the below link;

http://aws.amazon.com/free

How to Sign Up AWS Free Tier:

Please follow the steps mentioned in the below link;

https://aws.amazon.com/premiumsupport/knowledge-center/create-and-activate-aws-account/

References and Credits:

A great way of learning Amazon cloud is learning material and resources from AWS