5. Cloud computing is on-demand delivery of IT
resources and applications via the Internet with
pay-as-you-go pricing.
What is Cloud Computing?
6. SaaS
PaaS
IaaS
Cloud Computing Model
SaaS: Software as a Service
Provides applications to the end user.
Applications
Ex: gmail, google docs, MS Office 365, Slack, Dropbox
PaaS: Platform as a Service
Provides developers with resources that enable them to create applications.
Ex: AWS Elastic Beasnstalk, Amazon RDS, Amazon Aurora
IaaS: Infrastructure as a Service
The cloud is replacing the user’s need for some physical resource.
Ex: AWS EC2, Google Compute Engine
Servers Storage
Database
Servers
Operating
Systems
Web
Servers
Framework &
Runtimes
7. A hybrid deployment is a
way to connect
infrastructure and
applications between
cloud-based resources
and existing resources
that are not located in
the cloud.
Cloud Deployment Models
Private
Cloud
Hybrid
Cloud
Public
Cloud
10. FoundingprincipleofAWS
-empowermentthrough
self-service
In 2003, Amazon.com’s monolithic e-commerce app reached critical mass.
To gain agility, a significant investment in Service Oriented Architecture (SOA)
refactoring was clearly needed. DevOps culture needed too. Amazon
reorganized, and retooled …
Amazon network engineers Benjamin Black and Chris Pinkham (and others)
wrote an internal proposal (a “narrative”) describing the foundational IaaS
services
Jeff Bezos supported the narrative and envisioned anyone, such as college kids
in a dorm room, could use such a platform to start a new company!
AWS launched in 2006. Key decision:Treat Amazon.com like any other customer.
How AWS began
11. Advantages and Benefits of AWS Cloud Computing
Trade capital expense
for variable expense.
Benefit from massive
economies of scale.
Stop guessing
capacity.
Go global in minutes.
Increase speed and
agility.
Stop spending money on
running and maintaining
data centers.
12. Global AWS Infrastructure
The AWS Cloud spans 81 Availability Zones within 25 geographic regions around the world,
with announced plans for 24 more Availability Zones and 8 more AWS Regions in Australia,
India, Indonesia, Israel, New Zealand, Spain, Switzerland, and United Arab Emirates (UAE).
*as on Oct 2021
13. AWSRegion >
AvailabilityZones >
Datacenters
Regional Resiliency in AWS
AWS and its customers achieve high resiliency by placing redundant
infrastructure in at least 3 Availability Zones
“Multi-AZ” services in AWS have multi-datacenter diversity,
redundancy, and automatic failover across datacenters.
Availability Zone - A Availability Zone - B
Availability Zone - C
Region
15. Advantages and Benefits of AWS Cloud Computing
Security
Network
Security
Network
Security
Groups
NACL
s
Access
Mgmt
VPC
VP
C
EC2
“Classic”
“Publi
c”
EL
B
On-
Demand
Provisio
n
Traditional Infrastructure Amazon Web
Services
Servers
AMI Amazon EC2
On-Premises Servers
Security
Security Groups Network
ACLs
AWS IAM
Firewalls ACLs Administrators
Storage and
Database
RDBMS
DAS SAN NAS Amazon
EBS
Amazon
EFS
Amazon
S3
Amazon
RDS
Networking
VPC
ELB
Router Network Pipeline Switch
17. EC2 VPC S3
IAM
RDS
AWS Core Services – EC2
Ø Virtual Servers in AWS
Ø Scale / in minutes
Ø Instances vs AMIs
Ø EBS vs Instance store
Ø ServerTypes
Ø InstanceTypes
Ø Choice of OS
Amazon
EC2
18. EC2 VPC S3
IAM
RDS
AWS Core Services -VPC
Ø Virtual Network
Ø Private & Public
Subnet
Ø HVPN / AWS Direct
ó VPC
Ø Multiple layers of
Security Amazon
VPC
19. EC2 VPC S3
IAM
RDS
AWS Core Services – S3
Ø Simple Storage Service
Ø Storage for internet
Ø Scalable
Ø Object Size: 1 byte-5 TB
Ø Single Upload <= 5GB
Ø S3 Storage Class
Ø Glacier
- Archive Storage
- Retrieval time 3-5 hrs
Amazon
S3
20. EC2 VPC S3
IAM
RDS
AWS Core Services - RDS
Ø To setup, operate and scale
RDBMs in cloud
Ø Supports MySQL, Oracle,
SQL Server, PostGRE,
MariaDB, AWS Aurora
Ø Use your own on-premise
license
Ø Administrative tasks
handled by RDS
Amazon
RDS
21. EC2 VPC S3
IAM
RDS
AWS Core Services - IAM
Ø “Who can do what?”
Ø Shared access to AWS
Account
Ø Users, Groups, Roles &
Permissions
IAM
22. EC2 VPC S3
IAM
RDS
AWS Core Services - IAM
Ø “Who can do what?”
Ø Shared access to AWS
Account
Ø Users, Groups, Roles &
Permissions
IAM Best Practices
• Users – Create Individual Users
• Permissions – Grant least privilege
• Groups – Manage permissions with groups
• Conditions – Restrict privileged access further
• Auditing – Enable AWS CloudTrail to get log of API calls.
• Password – Configure a strong password policy
• MFA – Enable MFA for privileged users
• Sharing – Use IAM roles to share access
• Roles – Use IAM roles for Amazon EC2 instances
• Root – Reduce or remove use of root.
IAM
23. EC2 VPC S3
IAM
RDS
AWS Core Services - IAM
IAM Best Practices
• Users – Create Individual Users
• Permissions – Grant least privilege
• Groups – Manage permissions with groups
• Conditions – Restrict privileged access further
• Auditing – Enable AWS CloudTrail to get log of API
calls.
• Password – Configure a strong password policy
• MFA – Enable MFA for privileged users
• Sharing – Use IAM roles to share access
• Roles – Use IAM roles for Amazon EC2 instances
• Root – Reduce or remove use of root.
24. WEB
CONSOLE
COMMAND
LINE TOOLS
SDK
Web Console:
§ WebApp for
managing AWS
Services
§ Each Service has a
console
§ Available for Tablets
& Mobiles too
Software Development
Kits:
§ APIs for many AWS
Services
§ Android, iOS
§ Java, .Net, php,
python, Ruby, Go
Command Line Tools:
§ Manage AWS
Services from
command line
§ Install Python 3.6+ &
AWS CLI v2
WEB
CONSOLE
COMMAND
LINE TOOLS
SDK
AWSTooling