Clever Geek Handbook

AWS Cloud Core Concepts

Foreword



AWS is the largest cloud service provider. Common cloud services include storage, computing power, databases, analytics, security, monitoring, developer tools, networks.



Cloud is where you store your data / applications / processes and access them anytime via the Internet.





The five pillar





image



AWS engineers have written the basic practices documentation for proper and painless hosting in the cloud, you can find it here . These practices include:



  • Operational Excellence
  • Security
  • Reliability
  • Performance Efficiency
  • Cost optimization


Let's analyze these practices and the Shared responsibility model in this tackle.





Operation excellence



Human error is a major cause of malfunctions and operational incidents. The more operations you can automate, the less chance of human error.



This practice is aimed at automating processes in order to reduce the factor of human error.



Two concepts:



  • Infrastructure as a Code (ex. CloudFormation. CDK)
  • Observability (Analytics, Metrics, Actions)


Infrastructure as a Code allows you to write code to deploy AWS services via yaml / json (CloudFormation) files or in your favorite language (Cloud Development Kit). You write once - you use it many times, isn't it a DevOps heaven?



Observability , - , AWS .



: . , , , cloud engineer 100 , - (, - AWS). . ?



operation excellence: cloud engineer, , AWS. , c. , . You lose!



operation excellence: 100, - – AWS . You win!





Security



, . , :



  • Identity and Access Management (IAM)
  • Network Security
  • Data Encryption


IAM is a key AWS service that allows you to create users, roles, groups, policies.





image



Network security - you can configure which traffic can travel across your network in the cloud and which cannot. All possible types of filtering: from checking headers in https requests to ports for tcp connections.





Reliability



Focuses on how you can build fault-tolerant services. The cloud gives you the means to build fault-tolerant services that can withstand disruption so you design your services for reliability.





Two concepts for building resilient systems:



  • Fault Isolation (Resource, Availability Zone, Region)
  • Limits (soft and hard)


Fault Isolation , – , .

? (high availability) AWS, .





image



– . DDoS-, , 150% , “” .





Performance Efficiency



Focuses on how you can run services in the cloud efficiently and in a scalable manner. While the cloud gives you the ability to handle any amount of traffic, it requires you to choose and configure your services to scale.





Two main concepts:



  • Selection
  • Scaling


The first concept is the choice of services for your needs. Choose those services that are suitable for your specific task. If it is batch processing of big data - there is AWS EMR, if it is streaming - Kinesis, if data migration to the cloud - AWS DataSync. All of them are optimized for their specific task.



Scaling allows you to increase the performance of your application by increasing the capacity of an instance (vertical scaling) or increasing their number (horizontal scaling).





image



Cost optimization



- . Pay-as-you-go :



  • Pay For Use
  • Cost Optimization Lifecycle


image



Shared responsibility model



AWS.



AWS: “AWS AWS, . , , AWS.



AWS. , . , Amazon EC2, ( ), , , ( ), AWS, . , Amazon S3 Amazon DynamoDB, AWS , , . ( ), IAM .”



? AWS – . / . – .







«AWS Cloud Core Concepts». :



  • AWS
  • ,
  • Shared responsibility model





aws.amazon.com/ru/getting-started/fundamentals-core-concepts

aws.amazon.com/ru/compliance/shared-responsibility-model


More articles:


All Articles