# AWS Cheat sheet
> A tutorial of AWS basics

- toc: false 
- badges: false
- comments: true
- categories: [AWS]

In [None]:
![](ghtop_images/header2.png)

<h1 id='contents'> Contents </h1>

1. <a href="#intro">Introduction to AWS</a>

<h1 id='intro'> 1. Introduction to AWS</h1>


## What is the Cloud? 

In the past, companies and organizations hosted and maintained hardware such as 
Cloud computing is the on-demand delivery of IT resources over the internet with pay-as-you-go pricing. You no longer have to manage and maintain your own hardware in your own data centers. Companies like AWS own and maintain these data centers and provide virtualized data center technologies and services to users over the internet.


## The Six Benefits of Cloud Computing

1. Pay as you go. Instead of investing in data centers and hardware before you know how you are going to use them, you pay only when you use computing resources, and pay only for how much you use.

2. Benefit from massive economies of scale. By using cloud computing, you can achieve a lower cost than you can get on your own. Because usage from hundreds of thousands of customers is aggregated in the cloud, AWS can achieve higher economies of scale, which translates into lower pay as-you-go prices.
 
3. Stop guessing capacity. Eliminate guessing on your infrastructure capacity needs. When you make a capacity decision prior to deploying an application, you often end up either sitting on expensive idle resources or dealing with limited capacity. With cloud computing, these problems go away. You can access as much or as little capacity as you need, and scale up and down as required with only a few minutes notice.
 
4. Increase speed and agility. IT resources are only a click away, which means that you reduce the time to make those resources available to your developers from weeks to just minutes. This results in a dramatic increase in agility for the organization since the cost and time it takes to experiment and develop is significantly lower.
 
5. Stop spending money running and maintaining data centers. Focus on projects that differentiate your business, not the infrastructure. Cloud computing lets you focus on your customers, rather than on the heavy lifting of racking, stacking, and powering physical infrastructure. This is often referred to as undifferentiated heavy lifting.

6. Go global in minutes. Easily deploy your application in multiple Regions around the world with just a few clicks. This means you can provide lower latency and a better experience for your customers at a minimal cost.

 
- https://aws.amazon.com/what-is-cloud-computing/
- https://aws.amazon.com/what-is-aws/

### Cloud Deployment Models

- **all-in cloud-based** application is fully deployed in the cloud
- **hybrid deployment** using cloud based resources and existing resources such as a data center
  
  
## AWS Global Infrastructure

AWS serves over 1 million customers in over 190 countries.

Infrastructure, like data centers and networking connectivity, still exists as the foundation of every cloud application. In AWS, this physical infrastructure makes up the AWS Global Infrastructure, in the form of Availability Zones and Regions.

**Regions** 
- geographic locations worldwide where AWS hosts its data centers
- named after the location where they reside. For example, in the United States, there is a Region in Northern Virginia called the Northern Virginia Region
- Each AWS Region is associated with a geographical name and a Region code. 
- Each region is completely independent and isolated from other regions


Inside every Region is a cluster of **Availability Zones (AZ)**. 
- An AZ consists of one or more data centers with redundant power, networking, and connectivity. 
- These data centers operate in discrete facilities with undisclosed locations. - They are connected using redundant high-speed and low-latency links.
- i.e. geographically isolated but connected by low-latency (quick) links
- placing application in multiple AZs helps prevent service disruption **higher availability** (different utility, power supply, location etc)
- us-east-1a: an AZ in us-east-1 (Northern Virginia Region)
- At a minimum, you should use two AZs. If one entire AZ fails, your application will have infrastructure up and running in at least a second AZ to take over the traffic

### Choose the Right AWS Region

Consider four main aspects when deciding which AWS Region to host your applications and workloads: latency, price, service availability, and compliance.
 
1. **Latency**. If your application is sensitive to latency, choose a Region that is close to your user base. This helps prevent long wait times for your customers. Synchronous applications such as gaming, telephony, WebSockets, and IoT are significantly affected by higher latency, but even asynchronous workloads, such as ecommerce applications, can suffer from an impact on user connectivity.
 
2. **Price**. Due to the local economy and the physical nature of operating data centers, prices may vary from one Region to another. The pricing in a Region can be impacted by internet connectivity, prices of imported pieces of equipment, customs, real estate, and more. Instead of charging a flat rate worldwide, AWS charges based on the financial factors specific to the location.  
3. **Service availability**. Some services may not be available in some Regions. The AWS documentation provides a table containing the Regions and the available services within each one.
 
4. **Data compliance**. Enterprise companies often need to comply with regulations that require customer data to be stored in a specific geographic territory. If applicable, you should choose a Region that meets your compliance requirements.

## Accessing AWS

- AWS Management console. Web-based application
- AWS Command Line Interface (CLI). A tool control services with command line interface and scripts
- AWS Software Development Kits (SDKs). Programming interface to interact with AWS. e.g. Python

## Summary of Services

### 1. Compute & Network

- Amazon Elastic Cloud Compute (EC2)
    - a web service that provides resizable compute capacity in the cloud
    - different OS and confiurations
    - provides virtual computing environment
- AWS Lambda
    - zero-admin (severless) compute platform. 
    - runs your code for you on Ec2 instances
- Auto Scaling
    - allows organizations to scale Amazon EC2 capacity up or down automatically according to conditions defined for the particular workload
    - optimize costs and use only the capacity that is actually needed (not for peak use)
- Elastic Load Balancing
    - automatically distribute incoming application traffic across multiple Amazon EC2 instances in the cloud.
    - fault tolerance
- AWS Elastic Beanstalk
    - the fastest and simplest way to get a web application up and running on AWS. 
    - developers can simply upload their application code, and the service automatically handles all the details, such as resource provisioning, load balancing, Auto Scaling, and monitoring. 
    - Supported by many platforms, including PHP, Java and Python, 
    - organizations retain full control over the AWS resources powering the application and can access the underlying resources at any time
    - Lambda is simpler and less expensive, while Elastic Beanstalk lets you run full applications and gives you control over their environment.
- Virtual Private Coud (Amazon VPC)
    - lets organizations provision a logically isolated section of the AWS Cloud where they can launch AWS resources in a virtual network that they define.
- AWS Direct Connect
    - allows organizations to establish a dedicated network connection from their data center to AWS.
- Amazon Route 53
    -  a highly available and scalable Domain Name System (DNS) web service
    - i.e. converting human readable names like www.website.com to 192.0.2.1
    - can also be used to purchase domains

### 2. Storage and Content Delivery

- Amazon Simple Storage Service (S3)
    - highly durable and scalable object storage that handles virtually unlimited amounts of data and large numbers of concurrent users
    - stored as objects
    - including backup and recovery, nearline archive, big data analytics, disaster recovery, cloud applications, and content distribution.
- Amazon Glacier
    -  is a secure, durable, and extremely low-cost storage service for data archiving and long-term backup
    - several hours to access data
- Amazon Elastic Block Storage (EBS)
    - persistent block-level storage volumes for use with Amazon EC2 instances. 
    - Each Amazon EBS volume is automatically replicated within its Availability Zone to protect organizations from component failure
- AWS Storage Gateway
    -  a service connecting an on-premises software appliance with cloudbased storage 
- Amazon CloudFront
    - a content delivery web service. 
    - integrates with other AWS Cloud services 
    - an easy way to distribute content to users across the world with low latency, high data transfer speeds, and no minimum usage commitments
    
### 3. Database Services

- Amazon Relational Database Service (Amazon RDS)
    - a fully managed relational database with support for many database engines
    - manages administration tasks, including backups, software patching, monitoring, scaling, and replication
- Amazon DynamoDB
    - a fast and flexible NoSQL database service 
    - consistent, single-digit millisecond latency at any scale
    - great fit for mobile, web, gaming, ad-tech, Internet of Things
- Amazon Redshift
    - a fast, fully managed, petabyte-scale data warehouse service that makes it simple and cost effective to analyze structured data.
    - standard SQL interface
    - allows organizations to automate most of the common administrative tasks associated with provisioning, configuring, and monitoring a cloud data warehouse.
- Amazon ElastiCache
    - a web service that simplifies deployment, operation, and scaling of an in-memory cache in the cloud
    - improves the performance of web applications by allowing organizations to retrieve information from fast, managed, in-memory caches

### 4. Management tools

- Amazon CloudWatch 
    - a monitoring service for AWS Cloud resources and the applications running on AWS
- AWS CloudFormation 
    - gives developers and systems administrators an effective way to create and manage a collection of related AWS resources, provisioning and updating them in an orderly and predictable fashion.
- AWS CloudTrail 
    - a web service that records AWS API calls for an account and delivers log files for audit and review. 
    - Includes the identity of the API caller, the time of the API call, the source IP address of the API caller, the request parameters, and the response elements returned by the service.
- AWS config
    - discover existing AWS resources 
    - determine how a resource was configured at any point in time. 
    - enables compliance auditing, security analysis, resource change tracking, and troubleshooting.
    
### 5. Security and Identity

- AWS Identity and Access Management (IAM) 
    - enables organizations to securely control access to AWS Cloud services and resources for their users
- AWS Key Management Service (KMS) 
    - a managed service that makes it easy for organizations to create and control the encryption keys used to encrypt their data
- AWS Directory Service 
    - allows organizations to set up and run Microsoft Active Directory on the AWS Cloud or connect their AWS resources with an existing on-premises Microsoft Active Directory.
- AWS Certificate Manager 
    - a service that lets organizations easily provision, manage, and deploy Secure Sockets Layer/Transport Layer Security (SSL/TLS) certificates for use with AWS Cloud services
- AWS Web Application Firewall (WAF)
    - helps protect web applications from common attacks and exploits that could affect application availability, compromise security, or consume excessive resources.

### 6. Application Service

- Amazon API Gateway 
    - a fully managed service for developers to create, publish, maintain, monitor, and secure APIs at any scale. 
    - Amazon API Gateway handles all the tasks involved in accepting and processing concurrent API calls, 
- Amazon Elastic Transcoder
    - media transcoding in the cloud, to convert (or transcode) media files from their source formats into versions that will play back on devices like smartphones,tablets, and PCs.
- Amazon Simple Notification Service (Amazon SNS)
    - a web service that coordinates and manages the delivery or sending of messages to recipients. 
    - there are two types of clients, publishers and subscribers (or producers/consumers)
- Amazon Simple Email Service (Amazon SES)
    - a cost-effective email service to send transactional email, 
    - For marketing messages, customer contact, receive messages, deliver them to an Amazon S3 bucket, call custom code via an AWS Lambda function, or publish notifications to Amazon SNS.
- Amazon Simple Workflow Service (Amazon SWF)
    - helps developers build, run, and scale background jobs that have parallel or sequential steps. 
    - commonly, if your application’s steps take more than 500 milliseconds to complete, it is vitally important to track the state of processing and to provide the ability to recover or retry if a task fails. Amazon SWF helps organizations achieve this reliability.
- Amazon Simple Queue Service (Amazon SQS)
    - a fast, reliable, scalable, fully managed message queuing service
    - allowing transmission of any volume of data, at any level of throughput, without losing messages or requiring other services to be always available





In [None]:
### Maintain Resiliency

> What is resiliency? The capability to recover when stressed by load (more requests for service), attacks (either accidental through a bug, or deliberate through intention), and failure of any component in the workload's components.

To keep your application available, you need to maintain high availability and resiliency. A well-known best practice for cloud architecture is to use **Region-scoped, managed services**. These services come with availability and resiliency built in.

When that is not possible, make sure the workload is replicated across multiple AZs. At a minimum, you should use two AZs. If one entire AZ fails, your application will have infrastructure up and running in at least a second AZ to take over the traffic.

Cloud computing virtualization (virtualized environment) is used to replace physical files, servers, etc with computer generated versions

- uses a hypervisor that allows a single computer to host many virtual machines
- VMs are software cotainers that run their own OS and act like standalone computers

Characteristics of virtualization
- Resource Sharing
    - Build many computing from a single host/connected servers
- Isolation
- Availability
- Aggregation
    - combine many resources
- Reliability
    - load balancing which runs redundant servers on different host machines to prevent disruptions and ensure continual uptime
    




