Amazon Web Service

Architect

Ashish Sharma
 What is Cloud?
 Cloud computing is the on-demand delivery of compute power,
database storage, applications, and other IT resources through a
cloud services platform via the internet with pay-as-you-go
pricing.

Ashish Sharma
 Application
Email System Mgmt.
Development
CRM Networking
Decision Support
Collaborative Storage
Web
ERP Streaming Technical Security

Rent the
Rent the
Rent the Software programming
Infrastructure
tool
Ashish Sharma
 What is AWS ?
 Amazon Web Services (AWS) is a secure cloud services platform,
offering compute power, database storage, content delivery and
other functionality to help businesses scale and grow. Explore
how millions of customers are currently leveraging AWS
cloud products and solutions to build sophisticated applications
with increased flexibility, scalability and reliability.

Ashish Sharma
Ashish Sharma
 EC2 and Lambda (Computing)
 IAM
 Amazon Database
 S3, EFS, Glacier (Storage)
 Amazon Automation
 Networking
 Security

Ashish Sharma
 Region – Geographical area that contain multiple data centers in
availability zones.

 Availability Zone – One or more separate physical data centers within

region with a separate electrical grids, flood plains etc.

 Note – Each region has at least two availability zones.

Ashish Sharma
O EC2 called Instance
O Provides you with complete control of your
computing resources
O Reduces the time required to obtain and boot
new server instances, allowing you to quickly
scale up and down, in and out in response to
demand.
O Pay for the capacity that you use.

Ashish Sharma
 Reserved Instances
 On-Demand
 Spot Instances

Ashish Sharma
 With Lambda, you can run code for virtually
any type of application or backend service -
all with zero administration. Just upload your
code and Lambda takes care of everything
required to run and scale your code with high
availability.
 AWS Lambda lets you run code without
provisioning or managing servers. You pay
only for the compute time you consume -
there is no charge when your code is not
running.
 IAM
Identity and Access
Management
IAM – Identity and Access Management
Users - An IAM User is an entity that you create in AWS to represent the person or
service that uses it to interact with AWS. A user in AWS consists of a name and
credentials.

Groups - An IAM Group is a collection of IAM users. Groups let you specify
permissions for multiple users, which can make it easier to manage the permissions
for those users.

Roles - You can use roles to delegate access to users, applications, or services that
don't normally have access to your AWS resources.

Polices - A policy is an entity in AWS that, when attached to an identity or resource,

defines their permissions. AWS evaluates these policies when a principal, such as a
user, makes a request. Permissions in the policies determine whether the request is
allowed or denied.

Policies are stored in AWS as JSON documents attached to principals as identity-

based policies, or to resources as resource-based policies.

1:- AWS managed policies 2:- Customer managed policies

Policy Generator - The AWS Policy Generator is a tool that enables you
to create policies that control access to AWS products and resources.
 RDS - Amazon Relational Database Service (Amazon RDS) makes it easy
to set up, operate, and scale relational databases in the cloud. It
provides cost-efficient and resizable capacity while managing time-
consuming database administration tasks, freeing you up to focus on
your applications and business.
 DynamoDB -Amazon DynamoDB is a fast and flexible NoSQL database
service for all applications that need consistent, single-digit millisecond
latency at any scale. Its flexible data model and reliable performance
make it a great fit for mobile, web, gaming, ad-tech, IoT, and many
other applications.
 ElastiCache - ElastiCache is a web service that makes it easier to launch,
manage, and scale a distributed in-memory cache in the cloud.

 Amazon Redshift - Amazon Redshift is a fully managed petabyte-

scale data warehouse service. Redshift is designed for analytic
workloads and connects to standard SQL-based clients and business
intelligence tools.
There are 3 type storage service available in
AWS cloud
 S3 – Simple Storage service
 EFS – Elastic File System
 Glacier
 S3 (Simple Storage Service) –Amazon S3 has a simple web services
interface that you can use to store and retrieve any amount of data,
at any time, from anywhere on the web. It gives any developer access
to the same highly scalable, reliable, fast, inexpensive data storage
infrastructure that Amazon uses to run its own global network of
web sites
EFS (Elastic File System) –Amazon Elastic File System (Amazon EFS) provides
simple, scalable file storage for use with Amazon EC2. With Amazon EFS, storage
capacity is elastic, growing and shrinking automatically as you add and remove files, so
your applications have the storage they need, when they need it.
Glacier - Amazon Glacier is a secure, durable, and extremely low-cost cloud storage
service for data archiving and long-term backup.
Autoscaling - Auto Scaling helps you maintain
application availability and allows you to dynamically
scale your Amazon EC2 capacity up or down
automatically according to conditions you define.
 AMI - AMAZON MACHINE IMAGE
 Amazon Machine Image – AMI provides the information required to launch an
instance, which is a virtual server in the cloud. You specify an AMI when you
launch an instance, and you can launch as many instances from the AMI as you
need.

 AMI formally known as template.

 VPC (Virtual Private Cloud)
 Subnet
 Direct Connect
 Elastic IPs
 Route Tables
 DHCP Option Set
 Route53
 VPC - Amazon Virtual Private Cloud (Amazon VPC) lets you
provision a logically isolated section of the AWS Cloud
where you can launch AWS resources in a virtual network
that you define. You have complete control over your
virtual networking environment, including selection of
your own IP address range, creation of subnets, and
configuration of route tables and network gateways. You
can use both IPv4 and IPv6 in your VPC for secure and
easy access to resources and applications.
 Subnet – Subnets are logically separation of VPC. Also
Called VLANs.
 Direct Connect - AWS Direct Connect makes it easy to
establish a dedicated network connection from your
premises to AWS. Using AWS Direct Connect, you can
establish private connectivity between AWS and your
datacenter, office, or colocation environment.
 DHCP Option Set - DHCP options sets are associated
with your AWS account so that you can use them
across all of your virtual private clouds (VPC).
 Route53 – Route53 is DNS service for AWS.
 Elastic IP - An Elastic IP address is a static IPv4
address designed for dynamic cloud computing. An
Elastic IP address is associated with your AWS
account. With an Elastic IP address, you can mask the
failure of an instance or software by rapidly
remapping the address to another instance in your
account
 Network ACLs - A network access control list (ACL) is an optional
layer of security for your VPC that acts as a firewall for
controlling traffic in and out of one or more subnets. You might
set up network ACLs with rules similar to your security groups in
order to add an additional layer of security to your VPC.
 Security Groups - A security group acts as a virtual firewall for
your instance to control inbound and outbound traffic. When you
launch an instance in a VPC, you can assign up to five security
groups to the instance. Security groups act at the instance level,
not the subnet level.
 Key Pairs - Amazon EC2 uses public–key cryptography to encrypt
and decrypt login information. Public–key cryptography uses a
public key to encrypt a piece of data, such as a password, then
the recipient uses the private key to decrypt the data. The public
and private keys are known as a key pair.
 To log in to your instance, you must create a key pair, specify the
name of the key pair when you launch the instance, and provide
the private key when you connect to the instance.
What is Amazon SNS?
Amazon SNS (Simple Network Service) :-
Amazon Simple Notification Service (SNS) is a
fast, flexible, fully managed push messaging
service.

SNS consists of message senders (Publishers)

and message receivers called subscribers. A
message sender can be a person, application or
even a system alert

Ashish Sharma
 Topics :- An end point to which you can
publish message.
 Subscriptions :- recipients of messages
published to given a topic.
 You must subscribe to a TOPIC before you
receive messages published to that topic.
 Messages :- Messages are published to a
topic and then broadcast to all subscribers to
that topic

Ashish Sharma
Thank You
https://aws.amazon.com/whitepapers/
https://github.com/stewchicken/aws-essential