AWS provides a vast array of cloud services for various use cases. These services provide computing power, storage, databases, networking, analytics, and many more. Let's consider the requirements of a small development team working on a web application. Using this scenario, we'll see how AWS would cater to their needs with various cloud services.
Compute services
The team requires servers to run their web application. For this, AWS provides Amazon EC2 instances. Instances are virtual computers that are used to run operating systems such as Windows, Linux, and macOS. They offer various combinations of CPU, memory, storage, and networking capacity to meet any application needs. The team can create and remove instances easily and use them to run web servers such as Nginx or Apache to serve their application. This eliminates the need to purchase and manage hardware, making their work much easier and efficient.
Certain workloads don't require servers to be active constantly. Tasks like event-driven processes are typically short-lived and stateless. For such workloads, AWS offers serverless services such as AWS Lambda. Serverless computing eliminates the need for server provisioning and management. This is well-suited for scenarios where the team wants to maximize their focus on coding and minimize server management. It also allows the team to decouple their system into modules that each perform a specific task.
What if the team would like to run their application using container technologies? AWS provides Amazon ECS (Elastic Container Service) and Amazon EKS (Elastic Kubernetes Service) for this purpose. These services are used to run workloads that use container technologies such as Docker and Kubernetes. The team can even use serverless container management technology provided by AWS Fargate, to further simplify the management of these containers.
Database and storage
Next, the team needs to manage their databases and storage systems. Maintenance, patching, and performing regular backups is of utmost importance. Any loss of customer data could have severe consequences. The team would like their databases and storage systems to be highly available, resilient to failure, and scale easily to meet an increase in demand.
AWS caters to this need with managed database and storage technologies. This means that AWS takes care of tasks like replication, scaling, patching, performance optimization, and backups on behalf of the user. This relieves developers from the intricacies of database and storage management so that they can dedicate more time to developing applications and enhancing their overall product or service.
AWS provides managed database services such as Amazon RDS for database needs. This is a fully managed relational database service used to run relational database engines such as MySQL, PostgreSQL, SQL Server, and MariaDB. The team can also use Amazon Aurora which is a relational database from AWS compatible with MySQL and PostgreSQL. This service also provides serverless technologies for easier management and greater cost savings.
What if the team does not need a relational database? AWS also provides support for non-relational database technologies. These provide greater performance capabilities over relational databases. The team can use Amazon DynamoDB, a fully managed, serverless, wide-column, NoSQL database. This database provides greater performance and scalability for the team's application. Alternatively, they can use Amazon DocumentDB which is a fully managed document database compatible with MongoDB.
Finally, to meet storage needs for videos, images, documents, and backups, AWS provides Amazon S3 (Simple Storage Service). This is a scalable and secure object storage service that the team can use for storing static web assets and backups. AWS also offers Amazon EBS (Elastic Block Store), which is attached to EC2 instances for persistent storage. For file shares, they can use Amazon EFS (Elastic File System). For long-term data storage, the team can use Amazon S3 Glacier, which is a cheaper alternative for archives.
Networking
A virtual network in the cloud is needed in which services are launched. For this, AWS provides Amazon VPC (Virtual Private Cloud). This is a private, isolated section of the AWS cloud for setting up resources. The team can create a VPC network to host their application servers, databases, and other resources. This allows their resources to easily share data. Additionally, the team can set up security rules for how resources communicate in the VPC. For instance, they can allow web servers to connect to their database but block access from the public internet. This ensures that their data is well secured.
A key benefit that the team obtains by running their application in the cloud is a global footprint. However, now that their site running all over the world, how can they increase the delivery speed of their web content? The team would need to use a Content Delivery Network (CDN) to speed up the delivery of web content. Such a network creates a copy of static elements like images and videos on servers positioned closer to users' geographical locations. AWS caters to this through Amazon CloudFront, a CDN service. This reduces latency for an improved user experience.
Security
Now that the team has a fully set-up cloud environment, ensuring the security of both applications and infrastructure is very crucial. AWS takes security seriously and provides many services that are specifically dedicated to this. Let's list some of them:
AWS IAM (Identity and Access Management) — manages user access and permissions to AWS services;
Amazon GuardDuty — offers threat detection by continuously monitoring for malicious or unauthorized behavior;
AWS WAF (Web Application Firewall) — helps protect web applications from common web exploits and bots;
AWS Shield — protects against Distributed Denial of Service (DDoS) attacks;
AWS KMS (Key Management Service ) — makes it easy to create and control encryption keys used to encrypt data;
AWS Security Hub — gives a comprehensive view of high-priority security alerts and compliance status;
Amazon Macie — uses machine learning to automatically discover, classify, and protect sensitive data in AWS;
AWS Secrets Manager — used to encrypt and store secrets, such as database credentials and API keys;
AWS IAM Identity Center — makes it easy to centrally manage access to multiple AWS accounts and business applications;
These security services are designed to meet a specific security need. This ensures that the team's cloud environment is well protected against malicious attacks.
Application integration services
The team could achieve greater flexibility if they split their application into modules each performing a specific task. For this, they need to ensure that the components of their application can communicate with one another. For instance, in serverless or container applications, the various components would need to exchange data. AWS provides Amazon SQS (Simple Queue Service) to enable asynchronous communication among software components through message exchange. SQS ensures independent and reliable execution of tasks, even during periods of high traffic.
Additionally, the team needs a notification system to notify users via email or SMS about important events. For this, they can use Amazon SNS (Simple Notification Service), which is a fully managed pub/sub (publish/subscribe) messaging service. It allows the team to send messages or notifications to a large number of subscribers (endpoints) through various protocols such as email, SMS, HTTP, or even to other AWS services.
Cost management
The services that the team uses cost money. Thus, the team will need to know how much they are spending on cloud services. They will need a service to estimate and analyze costs as well as create budgets. AWS provides the Pricing Calculator to help the team estimate how much cloud services will cost them before migrating to the cloud.
The team can also use AWS Cost Explorer to view and analyze their costs after they migrate to the cloud. This way, they can understand their usage and create budgets using AWS Budgets. As a plus, AWS Budgets can also send them alerts when their cloud usage exceeds a specified threshold.
Monitoring
Finally, they need to monitor their applications to ensure that it is working as expected, and gain insight into resource usage. This involves watching how the app works, how fast it responds, and if it's available for users. By keeping an eye on different parts of the app's setup like servers, databases, and other services it uses, the team can catch problems early and fix them before they become big issues that upset users or affect their business.
The team can use Amazon CloudWatch, to gather real-time logs, metrics, and event data. This can be viewed on dashboards to identify gain valuable insights into this data. The team can know how their EC2 instances, databases, containers, and other services are performing thus streamlining both their cloud infrastructure and applications.
Other monitoring tools that the team is likely to use include:
AWS CloudTrail — to keep a record of actions performed in their account for governance, compliance, operational, and risk auditing;
AWS Config — to track resource configurations and changes to aid in compliance auditing and security analysis;
Conclusion
Phew!, that was a lot of services. However, we did not even scratch the surface of what AWS has to offer. AWS provides over 200 cloud services designed to meet specific needs. We've reviewed some commonly used ones that a startup company might need for their application. Here's a recap of the services we discussed:
Compute services such as virtual servers, containers, and serverless options that eliminate the need to buy and manage expensive hardware;
Database services for both relational and non-relational database engines;
Storage services tailored to different use cases such as storing and retrieving files, data archiving, and others;
Security services designed to safeguard both data and applications;
Integration services to allow various components of applications to communicate with one another and send notifications;
Cost management services to estimate, analyze, and predict cloud spend; as well as create budgets;
Monitoring services to gather logs, metrics, and event data for troubleshooting errors and compliance analysis;
Great job on learning about these core AWS services! For now, you do not need to understand how these services work in detail. Later, we will take a closer look at these services and practice working with them in greater detail. This will provide you with a solid foundation for working with many other cloud services that AWS and other cloud providers have to offer.