In this post we have compiled all the general understandings and definitions of AWS components which we hear in our day to day tech conversations. These definitions are really helpful in cracking the AWS certifications.
While covering the overview of amazon web services, we will start with AWS Global Infrastructure.
AWS Global Infrastructure
Regions: A region is a geographical area which is comprise of more than two availability zones. For simple understanding we can say that AZ is a data-center.
E.g. Regions (South America, Singapore)
Edge Locations: are CDN (content delivery network) end points for cloud front which are use for cache the media files or bigger files. Edge locations are more than regions.
Route 53: is Amazon’s DNS service used for registering domain. Here 53 is basically DNS port hence it is named as Route 53.
Networking & Content delivery
Cloud Front: is basically a web service that fastens the delivery of our static and dynamic web content, such as .html, .css, .js, and image files, to end users. CloudFronts uses edge locations to deliver the data.
Direct Connect: facilitates users in establishing a dedicated network connection from user’s premises to AWS. With the help of Direct Connect, we can establish private connectivity between AWS and your datacenter, office, or colocation environment, which in many cases can reduce our network costs, increase bandwidth throughput, and provide a more consistent network experience than Internet-based connections.
EC2: basically stands for Elastic Compute Cloud. EC2 offers scalable computing ability in AWS cloud. We can use EC2 to launch as many or as few virtual servers as we need, configure security and networking, and manage storage.
ECS: stands for elastic container service. ECS is basically a container management service which supports docker containers on cluster.
Elastic Beanstalk: is a service used for deploying code in AWS. This can be used for deployment of the codes.
LAMBDA: is a compute service that lets our run code without provisioning or managing servers. AWS Lambda executes our code only when needed and scales automatically, from a few requests per day to thousands per second.
S3: stands for simple storage service. Basically S3 is a virtual disc on cloud where we can store objects (like docs, movies, pictures). For better understanding we can say that it’s a drop-box with metadata enabled. Few key things related to S3 are given below.
- Files can be stored from 0 bytes to 5TB.
- Files are stored in a bucket (kind of folders).
- S3 is a universal namespace, i.e. name must be unique globally.
EFS: stands for Elastic File Service. EFS is a file based storage which can be shared with multiple VMCs.
Glacier: is basically used for data archival. It’s low cost storage for archive.
Storage Gateway: is a way to connect on premise data with S3.
Identity Access Management
IAM allows us to manage users and their level of access to the AWS console. Below are the key points regarding IAM.
- IAM consist s of users, groups ( A way to group users and apply policies to them collectively), Roles and policy documents
- IAM is universal and does not apply to the region.
- Root users/account users are basically account created first and have complete admin access.
- For more security always create/set MFA on root account.
- Password rotation policy can be customised as per requirement.
Below are the few management tools used in AWS.
Cloud watch: basically monitors performance for AWS environment.
Cloud Formation: this can be used to convert our infra into a set of codes. Basically used for creating templates.
Cloud Trail: This tool is used for auditing AWS resources and environments.
OpsWorks: is a configuration management service that provides managed instances of Chef and Puppet. Chef and Puppet are automation platforms that allow us to use code to automate the configurations of your servers.
Config Manager: is a service that enables you to assess, audit, and evaluate the configurations of our AWS resources. Config continuously monitors and records our AWS resource configurations and allows us to automate the evaluation of recorded configurations against desired configurations.
Above mentioned all the points can be found in detail from below links.
In this above documents I have mentioned all the important components of AWS which are used in day to day activities and also few of the certifications.