An overview into the vast opportunities of utilizing Amazon Web Services. The next generation of cloud. Ready to learn more? https://eagledream.com/cloud/
Decarbonising Buildings: Making a net-zero built environment a reality
Amazon Web Services Architecture - An Overview
1. Amazon Web Services – An Overview
Scott Weber – Vice President, Cloud Solutions at EagleDream Technologies
2. Customer Driven. Customer Focused.
We Are Cutting-Edge
We’re first to leverage new systems,
software, and ideas to provide smart
solutions that fit your needs.
We Value People
We offer many services, but we
serve people first, and through that
we produce quality work.
We Focus on Process
From start to finish, our processes
will guide your project to a
successful completion.
2Confidential | eagledream.com
Our Mission
Security Web DesignCloud Development Compliance Communications
3. 3Confidential | eagledream.com
Cloud Provider Architectures Compared
AWS Region
Availability
Zone 1
Availability
Zone 2
Availability
Zone 3
The Other Guys
Single Data Center In a Region
8. 8
Virtual Private Cloud Concepts
Confidential | eagledream.com
Internet
gateway
Endpoints
VPN
gateway
VPN
Connection
AWS
Direct
Connect
VPC NAT
Gateway
Private Public
Route 53
Hosted
Zone
Route
Table
Route
Table
Server 1
Security Group 1
Subnet 1
Server 2
Security Group 2
Subnet 2
NACL
Virtual Private Cloud Concepts
9. 9
Security Groups
• Software defined firewalls
• Implicit Deny All
• Explicitly define access rules
• TCP
• UDP
• ICMP
• Inbound
• Protocol
• Port
• Source
Confidential | eagledream.com
Network Access Control Lists
• Layer 3 control
• IP or subnet to subnet control
• Must define in and out
• Network segmentation control
• Example use case – Separate Production and
Test environment traffic within a VPC
• Outbound
• Protocol
• Port
• Destination
• Source/Destination can be:
• Single IP Address
• IP Address Block
• Another Security Group
• The same Security Group itself
Security Groups and NACLs
11. 11
Log files are the key
• There is no Span port in the Cloud for a
Next Gen Firewall
• Rely instead on log files
• VPC Flow logs
• ELB logs
• CloudFront logs
• Application logs
• CloudTrail logs
• Need tooling to mine and compare to
known threats
• Sumo Logic
• Combine your on-premises logs as
well into a single pane of glass
Confidential | eagledream.com
Services from AWS
• CloudTrail
• Log EVERY API call
• Config and Config Rules
• State history of objects
• Enforce object configuration
• Identity and Access Management
• Server Roles
• Shield and Shield Advanced
• Inspector
Securing the Cloud
14. 14
IaaS, the beginning of the Cloud
• Compute
• T2 – Web servers, small
Databases
• M4 – General purpose
• C4 – Compute optimized
• X1 – SAP HANA workloads
• R4 – Memory optimized
• P2 – General purpose GPU
• G2 – Graphic intensive GPU
• F1 – Field Programmable Gate
Arrays
• I3 – Storage Optimized
• D3 – Dense storage
• From 1 vCPU and 0.5 GB of RAM to
128 vCPU and 2 TB of RAM
Confidential | eagledream.com
• Disk
• 1 GB to 16 TB – no RAID
necessary
• SSD storage for $0.10/GB/month
• Block level backups
• Purchase Provisioned IOPS
• File storage
• $0.004 - $0.023/GB/month
• Licensing
• All OS licensing is included in
pricing
• Dedicated servers for HIPAA
workloads
Infrastructure as a Service
15. 15
DBaaS
• Let someone else do the “unmitigated
heavy lifting”
• Engines that are supported
• MariaDB
• MySQL
• Postgresql
• MS SQL
• Oracle
• Aurora – 5x the performance of
MySQL
• High availability with AWS managed
Master/Slave
Confidential | eagledream.com
DWaaS (Data Warehouse as a Service)
• As low as $0.25/hr to get started
• Scale to 5 PB on disk, and hundreds of
vCPUs
• Scale to Exabytes with new features
• Postgres-like interface
• Invoke Python functions from SQL
• Managed service with backup and high
availability
Platform as a Service
16. 16
FaaS (Lambda)
• No more servers!
• Upload code and AWS handles the rest
• Java
• C#
• NodeJS
• Python
• Will automatically scale as wide as
needed
• Costs based on requests and memory
footprint and duration of execution time
• $0.20/million/month requests
• $0.00001667/GB-second/month
Confidential | eagledream.com
CCaaS (Amazon Connect)
• Call Center as a Service
• No monthly recurring charges – pay for
what you use
• Inbound and outbound rates
• Toll-free support
• Port in numbers
• Soft phone only
• Build integrations to CRM and other
APIs
Platform as a Service
17. 17
Scalability
• Vertical or horizontal scaling –
horizontal is better
• Horizontal scaling via automation
• Spin up or down
• Customized triggers
• Customizable flows
• Windows or Linux
Confidential | eagledream.com
High Availability
• Multiple Availability Zone deployments
for IaaS and DBaaS
• Synchronous database replication
within the Region
• Stream files to other Regions
• Cross Region read replicas of
databases
• Cross Region backup distribution
Durability
• 11 9’s of durability for data stored in S3
• 5 9’s for data on Block storage - RAID is
not needed or recommended
• 99.95% SLA at the Availability Zone
level
<X>-abilities
18. 18Confidential | eagledream.com
Contact Us
1.888.4EAGLEDREAM
info@eagledream.com
Headquarters | Rochester, NY
300 Trolley Blvd
Rochester, NY 14606
New England | Boston, MA
300 Baker Avenue, Suite 300
Concord, MA 01742
Primary Contact(s):
Scott Weber
Vice President, Cloud Solutions
Email: Scott.Weber@eagledream.com
We look forward to working with you. EagleDream.com