AWS info

Virtual Servers

● EC2- the classic, the original. Virtual servers on shared

hardware similar to VMWare. General purpose computing.

● Associated services: Auto Scaling Groups, Elastic Load Balancers

● Container services:○ECS - Elastic Container Service

● EKS - Elastic Kubernetes Service

● Fargate - Serverless Containers

● Lightsail - actually EC2's but simple as heck

Code As A Service

● Lambda - executes individual functions (in a variety of

programming languages) on an ad-hoc on-demand basis and

you pay by the millisecond of elapsed compute time○Go, Rust, Java, .NET,

Python, Node, Ruby, or custom runtimes

● The glue that holds AWS together○Dozens of other services have “hooks”

such that “when XYZ event occurs, run this Lambda”

● Little code snippets can augment your S3 buckets, Cognito user pools,

SQS queues, and so many more

Bundling Services That Deploy Applications

With Compute Under The Hood

● Elastic Beanstalk - upload application packages and it

provisions Elastic Load Balanced, Auto Scaled EC2 groups to

serve them

● App Runner - similar to Elastic Beanstalk, but simpler

● OpsWorks - a puppet/chef approach

● Some CodeStar templates

Developer Tools

● Cloud9 - A web-based IDE similar to Visual Studio Code, hosted on EC2s

● CodeCommit - Distributed source version control, analogous to

Github/Bitbucket

● CodeBuild - Automated builds when commits arrive in CodeCommit

● CodeArtifact - Saved generated assets when Codebuilds complete

● CodeDeploy - Automated deploys when CodeArtifacts are available

● CodePipeline - Marries a CodeCommit, CodeBuild, CodeArtifact, and

CodeDeploy together into one seamless pipeline that creates an entire

CI/CD system analogous to Circle, Travis, Jenkins

● CodeStar - Marries all six of the above into an all-in-one factory where

you edit the source code in the browser in Cloud9 and it deploys as you

go Inter-Service Messaging

●SNS - push-style notifications that connect any number of Message Producers

into a Topic that are pushed to Subscribers

● SQS - pull-style notifications that connect any number of

Message Producers into a Queue that is then polled by

consuming processes for the front N items○Includes Visibility Timeout

and Long Polling

● SES - transactional email service

Identity Management

● IAM - Identities internal to your AWS account○Users

● Groups

● Roles (both machines and people)

● Policies

● Deny-first except in case of role assumption, use principle of least

privilege

● Cognito○Identity management for Applications, providing secure username

and password management,

single-sign-on, social sign-ons. Analogous to Auth0 or Okta

Networking

● VPC - a Virtual Private Cloud. A private CIDR (IP address range)

(e.g. 10.10.*.*) that you set aside for your devices to span, within

which network traffic belongs to you.

● Every account has a VPC by default, even if you don’t remember

configuring one!

● Subnets - specific subsets of VPCs that live inside a single availability

zone

● Network ACLs - Access Control Lists for the traffic inside VPCs

● Route Tables - Directs traffic to specified IP ranges to specific network

hardware such as Internet Gateways and NAT Gateways

● Internet Gateway - Enables two-way traffic in and out of a VPC with public

IPs

● NAT Gateway - Enables one-way traffic out of a VPC without exposing the

devices whose traffic is being routed through it

Networking, Continued

● Cloudfront - Global CDN similar to Cloudflare. Provides

“edge locations” in most major metro areas where content is

cached to be closer to client requests. Can do lots of cool

things with Lambdas.

● Route 53 - DNS service. Can register and buy domains as well

as administer their nameserving. Similar to GoDaddy.

Storage

● S3 - Simple Storage Service. Technically a key/value store, but

where the values are typically files (can be any data). Puts

“objects” in “buckets”. Can be connected to Lambdas to do

cool things. Several storage tiers available.○Standard, Infrequent Access,

Glacier, Intelligent Tiering...

● Snowball - hardware for transferring up to 80 TB of data in

one chunk from your location to an S3 bucket, through

physical drives

● Snowmobile - armored truck of snowballs for moving

petabytes of data to the cloud