Performance efficiency in the cloud
Advantages of Amazon Web Services
Disadvantages of Amazon Web Services
AWS Global Infrastructure
functionality of aws
QUESTIONS
How aws provides flexibility when you go pricing model
Advantage of aws write down points
How aws provides multiple data centers(how-aws-has-multiple-data-center)
what are the advantage of having multiple data centers in aws
Meaning of pay-as-you-go pricing model
Each region is divided into how many availibility zone
Difference between EC2 and EC2 instance
How EC2 are launched
what do you mean by load balancing and how to manage it in aws by which aws resources and services
Look at aws cli command to create EC2 Instances,S3 Bucket Operations,IAM Users and Roles,VPC Creation,RDS Database Instances,Lambda Functions,API Gateway,CloudFormation Templates,
SNS Topics and Subscriptions,Elastic Beanstalk,ECS,ELB,KMS,AWS CLI,CloudTrail Logging
Look at aws cli command for S3 Bucket Operations
Which IAM identity indicates to grant a specifc permission
Which IAM identity indicates set of permissions for making AWS service requests
Which IAM identity indicates task of creating Developer
EC2 Instance with IAM Role for S3 Access is an example of which IAM identity
EC2-S3-Access is an example of which IAM identity
Who is responsible for launching Amazon Web Services (AWS) resources in a logically isolated virtual network
Amazon Web Services (AWS), a subsidiary of Amazon.com, has invested billions of dollars in IT resources distributed across the globe. These resources are shared among all the AWS account holders across the globe. These account themselves are entirely isolated from each other. AWS provides on-demand IT resources to its account holders on a pay-as-you-go pricing model with no upfront cost. Amazon Web services offers flexibility because you can only pay for services you use or you need. Enterprises use AWS to reduce capital expenditure of building their own private IT infrastructure (which can be expensive depending upon the enterprise’s size and nature). AWS has its own Physical fiber network that connects with Availability zones, regions and Edge locations. All the maintenance cost is also bared by the AWS that saves a fortune for the enterprises.
Security of cloud is the responsibility of AWS but Security in the cloud is Customer’s Responsibility. The Performance efficiency in the cloud has four main areas:-
- Selection
- Review
- Monitoring
Tradeoff
Advantages of Amazon Web ServicesAWS allows you to easily scale your resources up or down as your needs change, helping you to save money and ensure that your application always has the resources it needs.
AWS provides a highly reliable and secure infrastructure, with multiple data centers and a commitment to 99.99% availability for many of its services.
AWS offers a wide range of services and tools that can be easily combined to build and deploy a variety of applications, making it highly flexible.
AWS offers a pay-as-you-go pricing model, allowing you to only pay for the resources you actually use and avoid upfront costs and long-term commitments
.
Disadvantages of Amazon Web ServicesAWS can be complex, with a wide range of services and features that may be difficult to understand and use, especially for new users.
AWS can be expensive, especially if you have a high-traffic application or need to run multiple services. Additionally, the cost of services can increase over time, so you need to regularly monitor your spending.
While AWS provides many security features and tools, securing your resources on AWS can still be challenging, and you may need to implement additional security measures to meet your specific requirements.
AWS manages many aspects of the infrastructure, which can limit your control over certain parts of your application and environment
.
AWS Global Infrastructure
The AWS global infrastructure is massive and is divided into geographical regions. The geographical regions are then divided into separate availability zones. While selecting the geographical regions for AWS, three factors come into playOptimizing Latency
Reducing cost
Government regulations (Some services are not available for some regions)
Each region is divided into at least two availability zones that are physically isolated from each other, which provides business continuity for the infrastructure as in a distributed system. If one zone fails to function, the infrastructure in other availability zones remains operational. The largest region North Virginia (US-East), has six availability zones. These availability zones are connected by high-speed fiber-optic networking.
Functionality of aws
checklist of AWS functionalities with brief explanations and examples:
1. EC2 Instances:
Example: Launch EC2 Instance
how-to-launch-ec2-instance
aws ec2 run-instances --image-id ami-xxxxxxxx --instance-type t2.micro --key-name MyKeyPair
2. S3 Bucket Operations:
Example: Create S3 Bucket
aws s3api create-bucket --bucket my-bucket-name --region us-east-1
3. IAM Users and Roles:
Example: Create IAM User
aws iam create-user --user-name my-user
4. VPC Creation:
Example: Create VPC
aws ec2 create-vpc --cidr-block 10.0.0.0/16
5. RDS Database Instances:
Example: Launch RDS Instance
aws rds create-db-instance --db-instance-identifier mydbinstance --engine MySQL --db-instance-class db.t2.micro --master-username mymasteruser --master-user-password mymasterpassword
6. Lambda Functions:
Example: Create Lambda Function
aws lambda create-function --function-name my-function --runtime python3.8 --handler index.handler --role arn:aws:iam::123456789012:role/service-role/MyRole --zip-file fileb://deployment-package.zip
7. API Gateway:
Example: Create API Gateway REST API
aws apigateway create-rest-api --name MyAPI
8. CloudFormation Templates:
Example: Deploy CloudFormation Stack
aws cloudformation create-stack --stack-name mystack --template-body file://template.json
9. SNS Topics and Subscriptions:
Example: Create SNS Topic
aws sns create-topic --name MyTopic
10. SQS Queues:
Example: Create SQS Queue
aws sqs create-queue --queue-name MyQueue
11. DynamoDB Tables:
Example: Create DynamoDB Table
aws dynamodb create-table --table-name MyTable --attribute-definitions AttributeName=ID,AttributeType=N --key-schema AttributeName=ID,KeyType=HASH --provisioned-throughput ReadCapacityUnits=5,WriteCapacityUnits=5
12. Elastic Beanstalk:
Example: Create Elastic Beanstalk Environment
aws elasticbeanstalk create-environment --application-name MyApplication --environment-name MyEnvironment --solution-stack-name "64bit Amazon Linux 2 v5.2.1 running Python 3.8"
13. Route 53 DNS Management:
Example: Create Route 53 Hosted Zone
aws route53 create-hosted-zone --name example.com --caller-reference 1
14. CloudWatch Metrics and Alarms:
Example: Create CloudWatch Alarm
aws cloudwatch put-metric-alarm --alarm-name MyAlarm --metric-name CPUUtilization --namespace AWS/EC2 --statistic Average --period 300 --threshold 90 --comparison-operator GreaterThanThreshold --dimensions Name=InstanceId,Value=i-0123456789abcdef0 --evaluation-periods 2 --alarm-actions arn:aws:sns:us-east-1:123456789012:MyTopic
15. Kinesis Data Streams:
Example: Create Kinesis Data Stream
aws kinesis create-stream --stream-name MyStream --shard-count 1
16. ECS (Elastic Container Service):
Example: Create ECS Cluster
aws ecs create-cluster --cluster-name MyCluster
17. Elastic Load Balancer (ELB):
Example: Create ELB
aws elbv2 create-load-balancer --name MyLoadBalancer --subnets subnet-0123456789abcdef0 subnet-0123456789abcdef1 --security-groups sg-0123456789abcdef0
18. KMS (Key Management Service):
Example: Create KMS Key
aws kms create-key --description "MyKey"
19. AWS CLI Profiles:
Example: Configure CLI Profile
aws configure --profile myprofile
20. CloudTrail Logging:
Example: Enable CloudTrail
aws cloudtrail create-trail --name MyTrail --s3-bucket-name my-cloudtrail-bucket
These examples cover a variety of AWS services and functionalities. Adjust the commands and parameters based on your specific requirements and use cases.
EC2 Instances
Amazon Elastic Compute Cloud (EC2) instances are virtual servers in the cloud that provide scalable compute capacity. They are a fundamental component of Amazon Web Services (AWS) and offer a wide range of use cases. Here are some key aspects and use cases of EC2 instances in AWS:
1. Compute Capacity:
Use Case: EC2 instances provide resizable compute capacity in the cloud. Users can launch instances with different instance types based on their specific needs (e.g., CPU, memory, storage, etc.).
2. Virtual Servers:
Use Case: EC2 instances act as virtual servers, allowing users to run applications and services on these virtual machines.
3. On-Demand Scalability:
Use Case: Users can easily scale the number of EC2 instances up or down based on demand. This on-demand scalability ensures that applications have the necessary resources during peak times and can scale down during periods of lower demand.
4. Diverse Workloads:
Use Case: EC2 instances support a wide range of workloads, from web applications and databases to big data processing and machine learning.
5. Flexible Pricing Models:
Use Case: AWS offers various pricing models for EC2 instances, including On-Demand Instances, Reserved Instances, and Spot Instances. This flexibility allows users to choose the most cost-effective option for their specific use case.
6. Customizable Instances:
Use Case: Users can choose from a variety of instance types optimized for different use cases, such as compute-optimized, memory-optimized, storage-optimized, and GPU instances. This customization ensures that the right resources are available for specific workloads.
7. AMI (Amazon Machine Image) Support:
Use Case: EC2 instances are launched based on AMIs, which are pre-configured templates containing the necessary information to launch an instance. Users can create their custom AMIs or use publicly available AMIs.
8. Load Balancing:
Use Case: EC2 instances can be used in conjunction with Elastic Load Balancers (ELB) to distribute incoming traffic across multiple instances. This enhances the a*vailability and fault tolerance of applications.
**9. Auto Scaling:
Use Case: Auto Scaling allows users to automatically **adjust the number of running EC2 instances based on predefined policies. This ensures that the **application can handle varying levels of traffic.
**10. Development and Testing*:
Use Case: EC2 instances are commonly used for development and testing environments. Users can quickly provision instances, test applications, and then terminate the instances when they are no longer needed.
11. High-Performance Computing (HPC):Use Case: EC2 instances can be used for high-performance computing workloads, such as simulations, scientific research, and financial modeling, by leveraging GPU instances and high-performance networking options.
12. Data Storage Integration:Use Case: EC2 instances can be attached to various types of storage, including Amazon Elastic Block Store (EBS) volumes and instance store volumes, providing flexibility in terms of data storage.
13. Security and Compliance:Use Case: EC2 instances can be launched within Virtual Private Clouds (VPCs), allowing users to define network security and access control policies. Additionally, users can integrate EC2 instances with AWS Identity and Access Management (IAM) for fine-grained access control.
EC2 instances are a foundational building block in AWS, providing the flexibility and scalability needed to run a diverse range of applications and workloads in the cloud. Users can choose from a variety of instance types and customize configurations to meet their specific requirements.
S3 Bucket Operations
Amazon Simple Storage Service (S3) is a highly durable and scalable object storage service provided by AWS. S3 bucket operations refer to the actions you can perform on S3 buckets, such as creating, deleting, uploading, and downloading objects. Let's go through some common S3 bucket operations with real-time examples:
1. Creating an S3 Bucket:
Use Case: Create a new S3 bucket to store and organize objects.
Example Command (AWS CLI):
aws s3api create-bucket --bucket my-unique-bucket-name --region us-east-1
This command creates an S3 bucket named my-unique-bucket-name in the US East (N. Virginia) region.
2. Uploading an Object to S3:
Use Case: Upload a file or object to an S3 bucket.
Example Command (AWS CLI):
aws s3 cp local-file.txt s3://my-unique-bucket-name/
This command copies a local file named local-file.txt to the root of the S3 bucket.
3. Downloading an Object from S3:
Use Case: Download an object from an S3 bucket to your local machine.
Example Command (AWS CLI):
aws s3 cp s3://my-unique-bucket-name/remote-file.txt local-file.txt
This command downloads an object named remote-file.txt from the S3 bucket to a local file named local-file.txt.
4. Listing Objects in an S3 Bucket:
Use Case: List all objects within an S3 bucket.
Example Command (AWS CLI):
aws s3 ls s3://my-unique-bucket-name/
This command lists all objects in the root of the S3 bucket.
5. Deleting an Object from S3:
Use Case: Delete a specific object from an S3 bucket.
Example Command (AWS CLI):
aws s3 rm s3://my-unique-bucket-name/remote-file.txt
This command deletes the object named remote-file.txt from the S3 bucket.
6. Deleting an S3 Bucket:
Use Case: Delete an entire S3 bucket.
Example Command (AWS CLI):
aws s3api delete-bucket --bucket my-unique-bucket-name
This command deletes the S3 bucket named my-unique-bucket-name.
7. Setting Bucket Policy for Public Access:
Use Case: Define a bucket policy to allow public read access to objects.
Example Bucket Policy (AWS CLI):
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Principal": "*",
"Action": "s3:GetObject",
"Resource": "arn:aws:s3:::my-unique-bucket-name/*"
}
]
}
This policy allows anyone (public) to read objects in the specified S3 bucket.
8. Enabling Versioning:
Use Case: Enable versioning for an S3 bucket to keep multiple versions of an object.
Example Command (AWS CLI):
aws s3api put-bucket-versioning --bucket my-unique-bucket-name --versioning-configuration Status=Enabled
This command enables versioning for the S3 bucket.
9. Serving a Static Website from S3:
Use Case: Configure an S3 bucket to serve static website content.
Example Command (AWS CLI):
aws s3 website s3://my-unique-bucket-name/ --index-document index.html --error-document error.html
This command configures the S3 bucket to serve index.html as the index document and error.html for error responses.
These examples demonstrate some of the fundamental S3 bucket operations. Keep in mind that S3 provides many features, including versioning, bucket policies, access control, and event notifications, making it a versatile storage solution for various use cases.
IAM Users and Roles
Amazon Web Services (AWS) Identity and Access Management (IAM) is a service that enables you to securely control access to AWS resources. IAM allows you to manage users, groups, and roles to control who can access your AWS resources and what actions they can perform. Let's explore the use of IAM Users and Roles with a real-time example:
IAM Users:
IAM users represent individual entities within your organization that need access to AWS resources. Each IAM user has its own set of security credentials.
Use Case: Creating an IAM User for a Developer
Create an IAM User:
In the IAM console, create a new IAM user named "Developer."
Assign the user a set of security credentials (access key ID and secret access key).
Attach Policies to the User:
Attach policies to the "Developer" IAM user to grant specific permissions. For example, you can attach the "AmazonS3FullAccess" policy to allow full access to Amazon S3.
Use Security Credentials:
Provide the access key ID and secret access key to the developer.
The developer can use these credentials to interact with AWS services programmatically, such as u*ploading files to an S3 bucket.
**IAM Roles:
IAM roles are entities that define a **set of permissions for making AWS service requests*. Roles are not associated with a specific user or group but can be assumed by IAM users, AWS services, or AWS resources.
Use Case: EC2 Instance with IAM Role for S3 Access
Create an IAM Role:
In the IAM console, create a new IAM role named "EC2-S3-Access."
Define a trust policy that allows EC2 instances to assume the role.
Attach Policies to the Role:
Attach policies to the "EC2-S3-Access" IAM role to grant specific permissions. For example, you can attach the "AmazonS3ReadOnlyAccess" policy to allow read-only access to Amazon S3.
Launch EC2 Instance with IAM Role:
When launching an EC2 instance, specify the "EC2-S3-Access" IAM role.
The EC2 instance can now make S3 requests without needing explicit credentials.
Access AWS Services from EC2:
The EC2 instance can interact with AWS services like S3 using temporary credentials automatically provided by the IAM role.
Real-Time Example:
Imagine you have a web application running on an EC2 instance that needs to read and write data to an S3 bucket.
IAM Role for EC2 Instance:
Create an IAM role named "WebApp-EC2-Role" with the necessary permissions to access the S3 bucket.
Launch EC2 Instance with IAM Role:
Launch an EC2 instance and specify the "WebApp-EC2-Role" IAM role during the instance creation.
Application Code:
In your web application code, use AWS SDK (e.g., AWS SDK for Python - Boto3) to interact with the S3 bucket.
No Hardcoded Credentials:
You don't need to embed access keys or secret keys in your code. The EC2 instance automatically assumes the role and gets temporary credentials.
This real-time example demonstrates how IAM users and roles enable secure and fine-grained access control to AWS resources, promoting the principle of least privilege. Roles are especially useful in scenarios where you want to grant permissions to AWS services or resources without exposing long-term security credentials.
VPC Creation:
Amazon Virtual Private Cloud (VPC) is a service that enables you to launch Amazon Web Services (AWS) resources in a logically isolated virtual network. It allows you to define your own virtual network topology, i*ncluding IP address ranges, subnets, and configuration of route tables and network gateway*s. Let's explore the use of VPC creation with a real-time example:
Lambda Functions:
Lambda Function Code:
Write code for the Lambda function. For example, let's say you want to resize images when they are uploaded to the S3 bucket.
Example Node.js code:
const AWS = require('aws-sdk');
const sharp = require('sharp');
exports.handler = async (event) => {
const s3 = new AWS.S3();
const BUCKET = event.Records[0].s3.bucket.name;
const KEY = event.Records[0].s3.object.key;
try {
const data = await s3.getObject({ Bucket: BUCKET, Key: KEY }).promise();
const resizedImage = await sharp(data.Body)
.resize(300, 200)
.toBuffer();
await s3.putObject({
Bucket: BUCKET,
Key: `resized/${KEY}`,
Body: resizedImage,
}).promise();
return {
statusCode: 200,
body: JSON.stringify('Image resized successfully'),
};
} catch (err) {
console.error(err);
return {
statusCode: 500,
body: JSON.stringify('Error processing the image'),
};
}
};
Lambda Function Configuration:
Set the Lambda function trigger to the S3 bucket.
Specify the event type (e.g., "ObjectCreated") that will trigger the Lambda function.
Step 3: Upload Images to S3
Upload Images to S3:
Upload images to the S3 bucket, e.g., "my-image-bucket."
The Lambda function will be triggered whenever a new image is uploaded.
Result:
Whenever a new image is uploaded to the S3 bucket, the Lambda function (ImageProcessingFunction) is triggered automatically. The function reads the image, resizes it using the Sharp library, and stores the resized image back to the S3 bucket under the "resized" folder.
This example demonstrates how AWS Lambda can be used to process and transform data in real-time in response to events. In this case, the Lambda function is triggered by S3 events, but Lambda can also respond to events from other AWS services, API Gateway, custom applications, and more. This serverless architecture allows you to focus on your application logic without managing the underlying infrastructure.
Top comments (0)