In this post, we have compiled all the general understandings and definitions of AWS components. We hear in our day-to-day tech conversations. These definitions are really helpful in cracking the AWS certifications. Basically an overview of amazon web services.
AWS Global Infrastructure
While covering the overview of amazon web services, we will start with AWS Global Infrastructure.
Regions: is a geographical area that is made up of more than two availability zones. For simple understanding, we can say that AZ is a data-center.
E.g. Regions (South America, Singapore)
Edge Locations are CDN (content delivery network) endpoints for the cloud front. Used for caching the media files or bigger files. Edge locations are more than regions.
Route 53: is Amazon’s DNS service used for registering a domain. Here 53 is basically a DNS port hence it is named Route 53.
Networking & Content delivery
Cloud Front: is basically a web service that fastens the delivery of our static and dynamic web content, such as .html, .css, .js, and image files, to end-users. CloudFront uses edge locations to deliver the data.
Direct Connect: facilitates users in establishing a dedicated network connection from the user’s premises to AWS. With the help of Direct Connect, we can establish private connectivity between AWS and your datacenter, office, or colocation environment, which in many cases can reduce our network costs, increase bandwidth throughput, and provide a more consistent network experience than Internet-based connections.
EC2: basically stands for Elastic Compute Cloud. EC2 offers scalable computing ability in the AWS cloud. We can use EC2 to launch as many or as few virtual servers as we need, configure security and networking, and manage storage.
ECS stands for elastic container service. ECS is basically a container management service that supports Docker containers on the cluster.
Elastic Beanstalk: is a service used for deploying code in AWS. This can be used for the deployment of the codes.
LAMBDA: is a compute service that lets our run code without provisioning or managing servers. AWS Lambda executes our code only when needed and scales automatically, from a few requests per day to thousands per second.
S3 stands for simple storage service. Basically, S3 is a virtual disc on the cloud where we can store objects (like docs, movies, pictures). For better understanding, we can say that it’s a drop-box with metadata enabled. Few key things related to S3 are given below.
- Files can be stored from 0 bytes to 5TB.
- Files are stored in a bucket (kind of folders).
- S3 is a universal namespace, i.e. name must be unique globally.
EFS stands for Elastic File Service. EFS is file-based storage which can be shared with multiple VMCs.
Glacier: is basically used for data archival. It’s low-cost storage for archives.
Storage Gateway: is a way to connect on-premise data with S3.
Identity Access Management
IAM allows us to manage users and their level of access to the AWS console. Below are the key points regarding IAM.
- IAM consist s of users, groups ( A way to group users and apply policies to them collectively), Roles, and policy documents
- IAM is universal and does not apply to the region.
- Root users/account users are basically accounts created first and have complete admin access.
- For more security always create/set MFA on the root account.
- The password rotation policy can be customized as per requirement.
Below are the few management tools used in AWS.
Cloud watch: basically monitors the performance for the AWS environment.
Cloud Formation: this can be used to convert our infra into a set of codes. Basically used for creating templates.
Cloud Trail: This tool is used for auditing AWS resources and environments.
OpsWorks: is a configuration management service that provides managed instances of Chef and Puppet. Chef and Puppet are automation platforms that allow us to use code to automate the configurations of your servers.
Config Manager: is a service that enables you to assess, audit, and evaluate the configurations of our AWS resources. Config continuously monitors and records our AWS resource configurations and allows us to automate the evaluation of recorded configurations against desired configurations.
Above mentioned all the points can be found in detail from the below links.
Rakesh is a Solution Architect having 11 years experience in banking domain designing enterprise level applications on Microsoft technologies. He has strong experience working on Azure, SharePoint, PowerApps & Flow.
Apart from technology, I like to play badminton.