AWS Fundamentals

--- title: AWS Cloud Computing Fundamentals --- AWS Cloud Computing === :::warning [toc] ::: --- ### Introduction and General AWS Concepts --- #### [What is cloud computing?](https://aws.amazon.com/what-is-cloud-computing/) :::info Cloud computing is the on-demand delivery of IT resources over the Internet with pay-as-you-go pricing. Instead of buying, owning, and maintaining physical data centers and servers, you can access technology services, such as computing power, storage, and databases, on an as-needed basis from a cloud provider like Amazon Web Services (AWS). ::: #### Benefits of Cloud computing :::info - Cost - Pay as you go - Elasticity - Faster and easier Scability - Agility - Reduced Liability and support - Reliability - High Availability - Automation - Better and easier Compliance [PCI-DSS/SOC/FISMA/HIPAA] ::: #### Cloud Deployment Models: :::success - Public cloud - AWS, Azure, GCP etc. - Private cloud - Self service cloud within an organisation - Hybrid cloud - combination of On-prem and public cloud - multi cloud - AWS + Azure, AWS + OCI, AWS + GCP + OCI ::: #### Cloud Service / Delivery Models: :::info - IaaS - Infrastructure as a Service | EC2, EBS - PaaS - Platform as a Service | Elastic Beanstalk, EKS - SaaS - Software as a Service | S3, SQS, SNS, - XaaS - FaaS, CaaS, DBaaS etc. ::: #### AWS can be accessed through multiple interfaces depending on your use case: :::success - AWS Management Console – Graphical user interface (GUI) - AWS CLI – Command-line access - AWS SDKs (e.g., boto3) – Programmatic access ::: #### AWS Services can be: :::info - Managed Services: AWS takes care of infrastructure, patching, scaling, and availability so you can focus on your application and data. **Examples**: S3 and RDS - Unmanaged Services: You are responsible for installing, configuring, patching, scaling, and maintaining everything on the infrastructure. **Examples**: EC2, EBS ::: #### AWS Service scope can be: :::success - Global - IAM, Route53 - Regional - S3, DynamoDB - AZ-Sepcific - EC2, EBS ::: #### [AWS Global Infrastructure](https://aws.amazon.com/about-aws/global-infrastructure/) ![aws_global-infrastructure-map_2022](https://hackmd.io/_uploads/rJQQyjVXbg.jpg) :::info - Regions - Availability Zones - Edge Locations | CDN | CloudFront - AWS Backbone Network | High speed, low latency fibre-optic cables - AWS Outposts | Latency, Data regulation ::: ##### Considerations while choosing a region :::success - Compliance Data Regulations - Latency - Service availability - Cost ::: #### Hands-on Activity: Enable AWS Free Tier Usage Alerts :::info ##### Objective Enable AWS Free Tier usage alerts to receive notifications when your account approaches or exceeds Free Tier limits. ##### Instructions 1. Sign in to the AWS Management Console 2. Open **Billing and Cost Management** from the top-right menu 3. Select **Billing Preferences** from the left navigation pane 4. Scroll to **Alert Preferences** 5. Enable **AWS Free Tier usage alerts** 6. Ensure your email address is selected for notifications 7. Save your changes ##### Expected Outcome AWS Free Tier usage alerts are enabled and email notifications will be sent when usage nears Free Tier limits. ::: --- ### [Access management on AWS](https://aws.amazon.com/iam/) --- :::success - IAM (Identity and Access Management) - Users - Groups - Policies - Roles - Temporary elevated privileges ::: --- ### [Compute on AWS](https://aws.amazon.com/products/compute/) --- #### Compute options on AWS :::info - Virtual Machines - EC2 - Containers - ECS - EKS - Serverless - Lambda - Fargate ::: #### EC2 Introduction --- ***Amazon EC2 (Elastic Compute Cloud) is an AWS service that provides resizable virtual servers in the cloud, allowing you to run applications with full control over compute resources on a pay-as-you-go basis.*** --- #### [EC2 Features and components](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EC2_GetStarted.html) :::success - Image / Amazon Machine Images (AMIs) - Instance type - A key pair - Security group(s) - Amazon EBS volume(s) ::: ![Screenshot 2025-12-20 at 12.48.53](https://hackmd.io/_uploads/HkaIjGEm-e.png) #### EC2 Nomenclature :::info **m5.xlarge** m --> Instance family 5 --> Generation xlarge --> Size (vCPU / Memory / network bandwidth) ::: ![instance-types-naming-convention](https://hackmd.io/_uploads/ryQHJsN7bg.png) --- #### Hands-on Activities - EC2 --- :bulb: *Please switch to the **us-east-1** region before performing the activities below.* :::danger 1. Complete both the **Linux** and **Windows EC2** modules in the following workshop: - Compute – Amazon EC2 https://catalog.workshops.aws/general-immersionday/en-US/basic-modules/10-ec2 2. Complete the **Getting Started with Amazon EC2** activity from the AWS documentation: - https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EC2_GetStarted.html ::: --- ### [Storage on AWS](https://aws.amazon.com/storage/) --- :::success - Object Storage - S3 | internet accessible unlimited object storage - Bucket policies - Versioning - S3 Storage Classes - Lifecycle policies - Replication - SRR - CRR - Block Storage - EBS | SAN - SSD Based - Provisioned IOPS - General Purpose - HDD Based - Throughput Optimized - Cold HDD - Instance Store | DAS - File / Network Storage | NAS - EFS | Linux workloads | NFS 4.0 and 4.1 - FSx | Windows workloads | SMB, CIFS, NTFS ::: --- #### [What is S3?](https://aws.amazon.com/s3/) --- ***A highly durable, scalable object storage service used to store and retrieve any amount of data from anywhere.*** --- ![Screenshot 2025-12-20 at 13.56.41](https://hackmd.io/_uploads/rJN2omVQZx.png) --- #### [S3 Storage Classes](https://aws.amazon.com/s3/storage-classes-infographic/) --- ***Different cost and access tiers in Amazon S3 designed to optimize storage costs based on how frequently data is accessed and how quickly it must be retrieved.*** --- ![Screenshot 2025-12-20 at 13.57.18](https://hackmd.io/_uploads/B1ZRomNQWe.png) --- #### [Amazon EBS Volumes](https://docs.aws.amazon.com/ebs/latest/userguide/ebs-volume-types.html) --- ***A block storage service that provides persistent storage volumes for use with Amazon EC2 instances.*** --- ![EBS-SSD](https://hackmd.io/_uploads/H11e_74Q-e.png) ![EBS-HDD](https://hackmd.io/_uploads/SyOMd7NXZx.png) --- #### Hands-on Activities - Amazon S3 and Amazon EBS :::danger 1. Complete the **Getting Started with Amazon S3** activity from the AWS documentation: - https://docs.aws.amazon.com/AmazonS3/latest/userguide/GetStartedWithS3.html 2. Complete the **Getting Started with Amazon EBS** activity from the AWS documentation: - https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-getting-started.html ::: --- ### [Databases on AWS](https://aws.amazon.com/products/databases/) --- #### Relational [SQL] :::info - RDS - RDS Engines - MySQL - PostgreSQL - Oracle - MariaDB - SQL Server - Amazon Aurora - IBM Db2 - RDS Features - Multi-AZ Deployement - Read Replicas - Backups - manual - Automated ::: **RDS Supported Engines** ![rds-engines](https://hackmd.io/_uploads/Sk7nbi4mWl.png) **RDS Multi-AZ Deployments** ![rds-multi-AZ](https://hackmd.io/_uploads/r1woWi4m-x.png) #### Hands-on activities - Amazon RDS and Amazon DynamoDB :::danger 1. **Amazon RDS – Getting Started** - https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_GettingStarted.CreatingConnecting.MySQL.html 2. **Amazon DynamoDB – Getting Started** - https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/GettingStarted.html ::: --- ### AWS Networking Fundamentals --- #### **VPC (Virtual Private Cloud)**: *A logically isolated virtual network in AWS where you launch and manage your cloud resources.* **VPC Components** - **Subnet**: *A subdivision of a VPC that defines a range of IP addresses for resources in a specific Availability Zone.* ![vpc-with-subnets-simple](https://hackmd.io/_uploads/H1yfT4HmZg.png) - **Route Table**: *A set of rules that determines how network traffic is directed within a VPC and to external networks.* - **Internet Gateway (IGW)**: *A gateway that allows resources in a VPC to communicate with the internet.* ![vpc-with-internet-gateway](https://hackmd.io/_uploads/rJPVTESXWg.png) - **NAT Gateway**: *A managed service that enables resources in a private subnet to access the internet without being directly reachable from it.* ![vpc-with-public-nat-gateway](https://hackmd.io/_uploads/ByQHaVBXZx.png) **A full VPC with Subnets, IGW, NAT Gateway and Route tables** ![vpc-with-subnets-basic](https://hackmd.io/_uploads/ry_IaNSmZe.png) :::danger - Complete the following **Networking section** in the AWS Workshop: - https://catalog.workshops.aws/general-immersionday/en-US/basic-modules/20-vpc ::: ### References and Links :::warning - https://www.simplilearn.com/free-kali-linux-course-skillup - https://www.simplilearn.com/learn-python-basics-free-course-skillup - https://termius.com/ - https://aws.amazon.com/about-aws/global-infrastructure/ - https://aws.amazon.com/compliance/programs/ - https://aws.amazon.com/ec2/nitro/ - https://docs.aws.amazon.com/IAM/latest/UserGuide/getting-started-account-iam.html?icmpid=docs_iam_console#tutorial-billing-step1 - https://www.submarinecablemap.com/ - https://docs.aws.amazon.com/pdfs/whitepapers/latest/tagging-best-practices/tagging-best-practices.pdf - https://catalog.workshops.aws/general-immersionday/en-US/basic-modules/10-ec2 ::: ### Books and reading recommendations :::warning - https://devtodevops.com/blog/best-devops-books/ - https://sre.google/books/ - https://microservices.io/ - https://martinfowler.com/ - https://workshops.aws/ - https://docs.aws.amazon.com/prescriptive-guidance/latest/patterns/devops-pattern-list.html ::: ### Assignments and Additional exercises :::warning :::