The Overwhelmed Person’s Guide To AWS
Introduction to the cloud and the AWS services
Introduction
Before we start talking about AWS, Let’s talk about what is the cloud and what are the different cloud types
The world before the cloud
So, imagine you are working in Stark Industries and you want to have a website where clients from all over the world can buy your advanced tech. What would you do?
The world before the cloud (On-prem Datacenters)
Before the cloud, you would have bought
- A place
- Servers (Server Racks, Hard Drives, CPU, GPU, RAM, etc …)
- CCTV Cameras
- Cooling Fans
- Fire Suppression System
and you would employ security guards and someone to maintain the servers.
The problem with this approach is that it's so hard to scale and maintain also it has high upfront capital expenditure, so let's imagine if the Stark Industries website can maintain 1000 simultaneous users what would happen if suddenly you got 10000 simultaneous users, your website would be down and you would lose a lot of clients
Also, where are you going to have your servers? is it in USA? What about your clients in Europe the website will probably be slow for them, also what would you do if something happened to your servers?
How long will your website be down? And how much money would you lose because of that?!
That's where AWS comes in
The world after AWS
Now imagine if you wake up one day and you want to have a website that can handle millions or even billions of concurrent users with low latency in all continents that can handle disasters without affecting your users at all with few clicks, without you needing to worry about physical security, buying servers, fire suppression system nor cooling
Sounds magical right?
It's not magic it's AWS
AWS consists of servers that are accessed over the Internet and the software and databases that run on those servers.
You might think that there is one better than the other, and that's not true each has pros and cons
On-Prem vs AWS
On Premise:
- High Upfront Costs
You will need to pay a lot of money at the beginning to buy the servers - High Maintenance Cost
To maintain the servers you would need money for electricity, and the employees who will install and upgrade and fix the servers also its time consuming - Limited Scalability
Its scalable but it takes time, and you will be stuck with it (it will be hard to scale down) - Security Risk
It is less secure since someone can break in and steal the servers and hard drives or do other kinds of hardware attacks
AWS (The Cloud):
- Pay As You Go
You only pay for what you use - Low Maintenance Costs
AWS takes care of everything - Scalability on Demand
With few clicks you can scale up or down - Enhanced Security
AWS is responsible for the physical security of the servers
Cloud Types
There are three main cloud types which are
- Public Cloud
They are servers that are not owned by you, they are owned by cloud providers like AWS - Private Cloud
It is like public cloud but the servers are dedicated to you only - Hybrid Cloud
It is when you decide to use both public and private clouds, so you have access to both environments
Example:
Lets imagine that in Stark Industries they have and R&D Centre for Advanced Technologies which Cloud Type would you recommend that they use?
Public or Private or Hybrid and Why?
I think they would use Hybrid Cloud, Public Cloud will be for most of the stuff like simulations and to train ai models, etc …
But the Private Cloud will be used for the sensitive prototypes and designs
now lets take a look at the different service types
Cloud Service Types
There are three types of cloud service types which are Infrastructure as a Service (IaaS), Platform as a Service (PaaS) and Software as a Service (SaaS), its all about what do you manage and what does AWS manage
- Infrastructure as a Service (IaaS)
You are responsible for deploying, maintaining and supporting your application while AWS is responsible for managing the infrastructure - Platform as a Service (PaaS)
It abstracts data integration, it lets non technical users integrate data from the cloud without needing any middleware or coding - Software as a Service (SaaS)
You probably interact with SaaS everyday without noticing, because it basically delivering applications to users through an internet browser
Can you think for an example for each?
- IaaS: AWS
- PaaS: Mongo DB
- SaaS: Gmail
Now that we explained the cloud service types, do you know what does managed services mean?
They are fully managed where AWS takes care of infrastructure, maintenance and scalability so you worry about what matters while AWS takes care of everything else.
AWS
AWS Availability
AWS is available in 34 Regions, 108 Availability Zones, 600 Edge Locations, and 245 countries and territories but what does that mean?
Regions:
Geographical areas that contain one or more availability zones.
Availability Zones (AZs):
Isolated locations within regions where AWS services are hosted, providing redundancy and high availability.
Edge Locations:
Points of presence (PoPs) are located in various cities for low-latency delivery, typically used for content delivery and networking services.
Scalability
Before we take a look at the AWS services there is a really important concept we need to talk about which is scalability, There is two types of scalability which are:
- Vertical Scalability (Scaling Up and Down)
In Vertical Scaling we upgrade our servers by adding more RAM, and more Cores and Storage, etc … - Horizontal Scalability (Scaling In and Out)
In Horizontal Scaling we add more servers
AWS Services
AWS has +200 services and they are divided into 26 main categories
- Compute
- Storage
- Databases
- Networking & Content Delivery
- Developer Tools
- Management & Governance
- Security, Identity, & Compliance
- Analytics
- Machine Learning
- Artificial Intelligence (AI)
- Migration & Transfer
- Media Services
- Cost Management
- Blockchain
- Internet of Things (IoT)
- Game Tech
- Business Applications
- Customer Engagement
- End User Computing
- Quantum Technologies
- Robotics
- Satellite
- Containers
- Application Integration
- AR/VR (Augmented Reality and Virtual Reality)
- Mobile Services
Overwhelming I know, but don't worry, we will take a look at the most
- VPC:
It stands for Virtual Private Network, it lets you launch your resources in a logically isolated environment - EC2:
It stands for Elastic Compute Cloud which is a virtual server and it is scalable - ECS:
It stands for Elastic Container Service it is a managed service for container orchestration.
If you don't know what are containers I recommend watching this video - EKS:
It stands for Elastic Kubernetes Service it is a managed service that helps you run Kubernetes in AWS
If you don't know what is Kubernetes I recommend watching this video - Lambda:
It is a serverless compute service that automatically runs your code in response to events. - S3:
Amazon S3 is a highly durable, scalable, and secure object storage service for any type of data, it is usually used for back up, static website, archiving - Elastic Beanstalk:
It is a platform-as-a-service (PaaS) that automates application deployment and scaling, so you give it the code and it takes care of everything else.
It supports php, go, docker, .Net, python, ruby and Node js - Cloud Watch:
It is a monitoring and observability service for AWS resources and applications. it collects and visualizes logs and it lets you to add alerts for different metrics - Load Balancer:
It distributes incoming traffic across multiple instances or containers, so your infrastructure has high availability and scalability - Autoscaling groups:
It automatically increase the number of instances based on the demand, this is important for availability and scalibility and it lets you help you save money
Security at AWS
Before we start talking about the AWS Security, we need to learn about the AWS Shared Responsibility Model
AWS Shared Responsibility Model:
Security in the cloud is a shared responsibility between AWS and the customer where both AWS and the customer are responsible for securing workloads in the cloud
AWS is responsible for securing:
- The physical security of the data centers where AWS services are hosted.
- The underlying infrastructure that supports AWS services, such as the operating system, hypervisor, and networking.
- The availability of AWS services.
- The security of the AWS Cloud Platform, such as the prevention of unauthorized access to AWS infrastructure and data.
Customers are responsible for:
- The security of their data, applications, and workloads that are hosted on AWS.
- The configuration of AWS services, such as the creation of security groups and the use of encryption.
- The monitoring of their AWS environment for security threats.
- The compliance of their workloads with applicable regulations.
AWS Security Services Categories
AWS divides its security services into five categories: identity and access management, detection, network and application protection, data protection, and compliance. These categories contain over 30 services in total.
That's a lot I know, but don't worry, I am writing another blog about all the aws security services follow me on LinkedIn so you don't miss it
Right now the most important service that you should know about is AWS Identity andAccess Management or IAM
- AWS IAM:
IAM stands for Identity and access management it helps you decide who (users, groups, roles) can access what (services) and which permissions (privileges) do they have?
But what are user, groups and roles?
- Users:
They represent entities
Example: Tony stark from IT department - Groups:
Group of users with the same permissions - Roles:
Temporary permissions for AWS services or external entities
A service can assume a role to access another service
Billing at AWS
Its a pay as you go model which means you only pay for what you use, like hours of computing time, storage, and data transfer
There is ways to pay less like saving plans, reserved instances and spot instances
- Saving plans:
You get discounts when you commit to a usage for one to three years - Reserved instances:
Pre paying for a certain instance type for one to three years and you get a high discount up to 75% - Spot Instance:
Use spare AWS capacity at reduced prices and get up to 90% discount
You can see everything related to your billing in the AWS Billing Console, you can also use the AWS Pricing Calculator to estimate the cost for your architecture
TL;DR
This TL;DR was generated by Chat GPT
Before the cloud, companies had to invest heavily in on-premises infrastructure, which was costly, hard to maintain, and lacked scalability. AWS revolutionized this with a pay-as-you-go model, offering global scalability, low maintenance, and enhanced security through its cloud services.
AWS provides IaaS, PaaS, and SaaS, along with managed and serverless services like Lambda, S3, and Elastic Beanstalk. It ensures high availability with a global infrastructure of Regions, AZs, and Edge Locations.
Key AWS services include:
- Compute (EC2, Lambda)
- Storage (S3)
- Monitoring (CloudWatch)
- Scalability (Auto Scaling Groups, Load Balancers)
Security follows a Shared Responsibility Model, where AWS secures the infrastructure, and customers secure their data and configurations. Billing is flexible, with options like saving plans and spot instances for cost optimization.
