AWS a-b-c's

AWS A-B-C’s

Page Disclaimer: not actually in alphabetical order / Copyright ©2014
by Readify Pty Ltd 2

Page A is for IAM › Identity and Access Management.
› Allows you to define credentials with restricted capabilities that you can then use when working with the .net SDK / Powershell API. › Users are provisioned with a key pair that serves as your keys to your kingdom – you can only retrieve them once, so store in a safe place! / Copyright ©2014 by Readify Pty Ltd 3

Page Regions and Availability Zones › AWS resources can be
deployed into Regions, which are hosted in geographically separate locations – for example us-west-2 is in Oregon, whereas ap-southeast- 2 is in Sydney. › Each region has at least two Availability Zones, which are hosted in separate data-centres within the region, ensuring that we can provision our resources in a highly available fashion. / Copyright ©2014 by Readify Pty Ltd 4

Page VPC › Virtual Private Cloud. › Is defined for
a single region. › Defines a set of available IP addresses, subnets and routes. › They are used to isolate our EC2 instances (and other bits and bobs) from the rest of our AWS infrastructure, and control access to the internet. / Copyright ©2014 by Readify Pty Ltd 5

Page VPC - Subnet › Defines a range of IP
addresses that can be assigned to services. › Is defined for an availability zone within a region. › Instances a launched ‘into’ the subnet. › These IP addresses may be public or private, depending on the subnets preferences. › Subnets can talk to other subnets via Routing. › This controls ‘Who can I talk to?’ / Copyright ©2014 by Readify Pty Ltd 6

Page VPC - Routing › Route tables are used to
restrict or enable traffic to travel between subnets. › They also control access to the internet by allowing a subnet to be connected to an internet gateway or NAT box. › Instances in AWS are *not* connected to the internet by default – you need to ensure you have appropriate routing in place. / Copyright ©2014 by Readify Pty Ltd 7

Page EC2 › Elastic Compute is virtual machines – IaaS.
› EC2 instances are provisioned within a Subnet in a given VPC. › A range of ‘images’ are available that provide various Windows and Linux configurations out of the box. › EC2 instances are also associated with Security Groups that define what inbound and outbound connections are allowed. / Copyright ©2014 by Readify Pty Ltd 8

Page EC2 - Security Groups › Security Groups define a
group-level firewall to protect instances within the group. › ‘What language can I talk?’. › For example, you may want to allow inbound TCP over 3389 for remote desktop connectivity. › Don’t forget about your instance’s windows firewall though! / Copyright ©2014 by Readify Pty Ltd 9

Page EC2 – Load Balancers › Load balancers provide an
auto-scaling public entry point to our EC2 instance. › They can redirect traffic from given ports, terminate SSL, and check the health of instances that are enrolled in them. / Copyright ©2014 by Readify Pty Ltd 10

Page EC2 – Auto scaling › Auto Scaling Groups allow
us to automatically provision more instances on demand to meet load demand. › Instances are provisioned from a Launch Configuration which defines the ‘shape’ of the EC2 instance to launch into the ASG. / Copyright ©2014 by Readify Pty Ltd 11

Page S3 › Simple Storage Solution. › Allows us to
store files up in the clouds! › Files are stored in ‘buckets’, which is how S3 partitions content. › Can be used to host static websites. / Copyright ©2014 by Readify Pty Ltd 12

Page CloudFormation › Actually has a name that almost makes
sense! › Orchestrates the creation of AWS resources for us. › Takes the pain of ‘resiliently’ standing up / tearing down this stuff out of the process. › Processes ‘templates’ defined in JSON. / Copyright ©2014 by Readify Pty Ltd 13

Page Honourable Mentions › RDS – Relational Database Service, Amazon’s
PaaS SQL offering. › Route 53 – DNS services within AWS. › Elastic Beanstalk – PaaS compute, can be used to host IIS websites. › CloudWatch – monitoring service for your AWS resources. / Copyright ©2014 by Readify Pty Ltd 14

AWS a-b-c's

AWS a-b-c's

Andrew Best

More Decks by Andrew Best

Other Decks in Technology

Featured

Transcript

AWS A-B-C’s

Page Disclaimer: not actually in alphabetical order / Copyright ©2014

Page A is for IAM › Identity and Access Management.

Page Regions and Availability Zones › AWS resources can be

Page VPC › Virtual Private Cloud. › Is defined for

Page VPC - Subnet › Defines a range of IP

Page VPC - Routing › Route tables are used to

Page EC2 › Elastic Compute is virtual machines – IaaS.

Page EC2 - Security Groups › Security Groups define a

Page EC2 – Load Balancers › Load balancers provide an

Page EC2 – Auto scaling › Auto Scaling Groups allow

Page S3 › Simple Storage Solution. › Allows us to

Page CloudFormation › Actually has a name that almost makes

Page Honourable Mentions › RDS – Relational Database Service, Amazon’s

Page / Copyright ©2014 by Readify Pty Ltd 15