Recently I am attending a training on AWS Cloud and following is the first part of my notes taken during the sessions. Hope you find this to be useful.
Amazon started the IT Infrastructure service in 2006. The Data Centre locations of AWS are spread across US, UK, Brazil, Singapore, China, Japan and Australia. Some of the advantages of using AWS are:
Region is to be selected by customer when provisioning the AWS environment. Region determines where the infrastructure would be located and what services would be available.
Security:
Security on AWS works on Shares Responsibility Model. There are two components of this model: Security of the Cloud and Security In the Cloud
Security of the Cloud is a responsibility of AWS and comprises of physical security, hardware and software security and network security.
Security in the Cloud is a responsibility of the customer and depends upon the level of encryption security which the customer chooses for the application hosted on AWS. There are a number of tools and services (SSL Endpoints, Security Groups, Identity and Access Management, Virtual Private Cloud etc.) which are available within AWS and users have to choose judiciously to make sure that the application hosted gets maximum protection.
Details can be found @ aws.amazon.com/compliance
Amazon Audit Trail:
This monitors all the API calls made to the services hosted on AWS and helps to understand how the services are getting used.
Amazon Simple Storage Service or Amazon S3:
Internet accessible scalable, fast and inexpensive storage which is widely used. AWS S3 stores data as objects within buckets. The object is a file which needs to be stores and can also be associated with a metadata storing information regarding the file.
There could be upto 100 buckets in each AWS account. And an unlimited number of objects could be stored in each bucket. The maximum size of each object could be 5 TB. There is no limit on the bucket size.
Buckets share a global namespace and thus bucket names need to be unique.
S3 ensure 99.99% availability per year and 99.999999999% durability. S3 is accessible over internet and HTTP/HTTPS endpoints can be used to store and retrieve any amount of data anytime from anywhere in the world.
Amazon Glacier:
This is a low cost storage option from AWS to be used for storing archived data. This is extremely low cost; data can be stored here for as low as 1 cent per GB per month. This is a secure and durable storage service with unlimited storage capacity.
This is mostly suited for Cold Data which would not be accessed frequently. This storage is not fast and data retrieval could take several hours to be completed. Not suited for data which is to be accessed frequently.
Amazon Elastic Block Storage:
This is a network storage which can be attached or detached as required from an AWS EC2 instance.
This similar to an external hard drive which can be plugged in as a volume into the computer or removed as required. Snapshots of the data in EBS can be periodically taken and stored in Amazon S3; in case of a failure of EBS the data can be restored to the point of the latest snapshot taken.
Typical lifecycle for an EBS is something like this:
Create a Volume (1Gb to 16 TB) -> Attach (Call AttachVolume to affiliate with one Amazon EC2 instance) -> Attached and InUse (Format from Amazon EC2 instance OS mount formatted drive) -> Create Snapshot (Snapshot to Amazon S3)->Detach (Call DetachVolume)-> Delete (Call DeleteVolume)
There are 3 types of EBS volumes which can be provisioned: General Purpose (SSD), Provisioned IOPS (SSD) and Magnetic. EBS ensures 99.999% data availability and can also be used to create RAID configuration.
EBS decouples the lifecycle of data persistence from the AWS EC2 lifecycle. For EBS it is Pay for what you Provision model (not Pay As You Go) and the Pricing differs with Region. EBS instances are located in a single Availability Zone and hence snapshots in S3 would help enhance the durability of data. Durability of the data depends on the amount of data stored and how frequently the same is accessed.
EBS is not internet accessible.
AWS Storage Gateway:
This is a VM to connect on premise data centre to Cloud. And help support a hybrid architecture. This helps to image on-premise data into AWS and help leverage the unlimited scalable storage capacity of AWS in scenarios of disaster recovery or during peak periods when additional storage capacities are needed.
AWS Import Export:
This can be used to upload data from on-premise storage devices into Amazon S3, Glacier or EBS. It can also be used download data from Amazon S3.
Amazon Elastic File System:
This is the file storage system for AWS EC2
Amazon started the IT Infrastructure service in 2006. The Data Centre locations of AWS are spread across US, UK, Brazil, Singapore, China, Japan and Australia. Some of the advantages of using AWS are:
- Lower variable cost
- Pay as you go model of payment
- Scale up and down with ease
- AWS is OS and Language agnostic
Region is to be selected by customer when provisioning the AWS environment. Region determines where the infrastructure would be located and what services would be available.
Security:
Security on AWS works on Shares Responsibility Model. There are two components of this model: Security of the Cloud and Security In the Cloud
Security of the Cloud is a responsibility of AWS and comprises of physical security, hardware and software security and network security.
Security in the Cloud is a responsibility of the customer and depends upon the level of encryption security which the customer chooses for the application hosted on AWS. There are a number of tools and services (SSL Endpoints, Security Groups, Identity and Access Management, Virtual Private Cloud etc.) which are available within AWS and users have to choose judiciously to make sure that the application hosted gets maximum protection.
Details can be found @ aws.amazon.com/compliance
Amazon Audit Trail:
This monitors all the API calls made to the services hosted on AWS and helps to understand how the services are getting used.
Amazon Simple Storage Service or Amazon S3:
Internet accessible scalable, fast and inexpensive storage which is widely used. AWS S3 stores data as objects within buckets. The object is a file which needs to be stores and can also be associated with a metadata storing information regarding the file.
There could be upto 100 buckets in each AWS account. And an unlimited number of objects could be stored in each bucket. The maximum size of each object could be 5 TB. There is no limit on the bucket size.
Buckets share a global namespace and thus bucket names need to be unique.
S3 ensure 99.99% availability per year and 99.999999999% durability. S3 is accessible over internet and HTTP/HTTPS endpoints can be used to store and retrieve any amount of data anytime from anywhere in the world.
Amazon Glacier:
This is a low cost storage option from AWS to be used for storing archived data. This is extremely low cost; data can be stored here for as low as 1 cent per GB per month. This is a secure and durable storage service with unlimited storage capacity.
This is mostly suited for Cold Data which would not be accessed frequently. This storage is not fast and data retrieval could take several hours to be completed. Not suited for data which is to be accessed frequently.
Amazon Elastic Block Storage:
This is a network storage which can be attached or detached as required from an AWS EC2 instance.
This similar to an external hard drive which can be plugged in as a volume into the computer or removed as required. Snapshots of the data in EBS can be periodically taken and stored in Amazon S3; in case of a failure of EBS the data can be restored to the point of the latest snapshot taken.
Typical lifecycle for an EBS is something like this:
Create a Volume (1Gb to 16 TB) -> Attach (Call AttachVolume to affiliate with one Amazon EC2 instance) -> Attached and InUse (Format from Amazon EC2 instance OS mount formatted drive) -> Create Snapshot (Snapshot to Amazon S3)->Detach (Call DetachVolume)-> Delete (Call DeleteVolume)
There are 3 types of EBS volumes which can be provisioned: General Purpose (SSD), Provisioned IOPS (SSD) and Magnetic. EBS ensures 99.999% data availability and can also be used to create RAID configuration.
EBS decouples the lifecycle of data persistence from the AWS EC2 lifecycle. For EBS it is Pay for what you Provision model (not Pay As You Go) and the Pricing differs with Region. EBS instances are located in a single Availability Zone and hence snapshots in S3 would help enhance the durability of data. Durability of the data depends on the amount of data stored and how frequently the same is accessed.
EBS is not internet accessible.
AWS Storage Gateway:
This is a VM to connect on premise data centre to Cloud. And help support a hybrid architecture. This helps to image on-premise data into AWS and help leverage the unlimited scalable storage capacity of AWS in scenarios of disaster recovery or during peak periods when additional storage capacities are needed.
AWS Import Export:
This can be used to upload data from on-premise storage devices into Amazon S3, Glacier or EBS. It can also be used download data from Amazon S3.
Amazon Elastic File System:
This is the file storage system for AWS EC2