Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Your First Hour on AWS

Rohini Gaonkar
August 03, 2020
Technology
0
220

Your First Hour on AWS

Getting started with AWS can appear to be challenging, but it doesn’t need to be. Attend this session to learn the basics to get started with AWS. After a brief overview, this session will dive into important how-tos with best practices you must ensure since your first hour on AWS. Building an architecturally sound foundation is a common theme in every AWS success story. The repeatable delivery of applications and services depends on standardising your infrastructure design patterns. To arm you with best practices from day one, this session presents field-tested and reusable designs that'll set you up for long-term success in the AWS cloud. From account creation and access configuration, through security considerations and VPC design, we'll walk you through the common infrastructure elements and recommended design patterns that lead to AWS cloud adoption success.

Rohini Gaonkar

August 03, 2020
Tweet

More Decks by Rohini Gaonkar

See All by Rohini Gaonkar
Fraud & Anomaly Detection on AWS
rohinigaonkar
0
110
Getting Started with Serverless Architectures
rohinigaonkar
0
100

Other Decks in Technology

See All in Technology
Microsoft Cloudで 開発ライフサイクルを保護する
kkamegawa
0
140
SREとその組織類型
tatsuo48
8
1.5k
なぜ NOT A HOTEL が Web3 に取り組むのか - NOT A HOTEL TECH TALK
ynunokawa
0
160
HEXA OSINT CTF V3 作戦会議
meow_noisy
0
110
最近たまに見かけるTiDBってなんだ? - Findy
pingcap0315
2
580
コンテナセキュリティの基本と脅威への対策
kyohmizu
3
690
Hands-on / Kaname Frusawa / Cloud Compare Users Meetup 2024 at University of Tokyo on April 17
paraworld
2
470
〜小さく始めて大きく育てる〜データ分析基盤の開発から活用まで
kniino
0
2k
LLM とプロンプトエンジニアリング/チューターをビルドする / LLM and Prompt Engineering and Building Tutors
ks91
PRO
0
220
DevOpsDays History and my DevOps story
kawaguti
PRO
8
1.6k
Terraformあれやこれ/terraform-this-and-that
emiki
4
390
NgRx Signal Store
rainerhahnekamp
0
110

Featured

See All Featured
Product Roadmaps are Hard
iamctodd
43
9.7k
Mobile First: as difficult as doing things right
swwweet
216
8.6k
Unsuck your backbone
ammeep
662
57k
Testing 201, or: Great Expectations
jmmastey
27
6.3k
Designing Experiences People Love
moore
136
23k
CSS Pre-Processors: Stylus, Less & Sass
bermonpainter
352
28k
Navigating Team Friction
lara
177
13k
The Success of Rails: Ensuring Growth for the Next 100 Years
eileencodes
29
6k
実際に使うSQLの書き方 徹底解説 / pgcon21j-tutorial
soudai
119
38k
Code Review Best Practice
trishagee
54
15k
Design by the Numbers
sachag
274
18k
JavaScript: Past, Present, and Future - NDC Porto 2020
reverentgeek
39
4.4k

Transcript

  1. © 2020, Amazon Web Services, Inc. or its Affiliates. 4th

    August 2020 Your First Hour on AWS Rohini Gaonkar Sr. Developer Advocate, AWS @rohini_gaonkar @rohinigaonkar

  2. © 2020, Amazon Web Services, Inc. or its Affiliates. Hello

    World..! q Born in Cloud! q With AWS for 6+ years q Started as a Cloud Support Engineer in CapeTown q Worked as AWS Solutions Architect in Singapore and India q Now a Developer Advocate, India. @rohini_gaonkar @rohinigaonkar

  3. © 2020, Amazon Web Services, Inc. or its Affiliates. Agenda

    • Why AWS? • Cloud Adoption journey of Customers • AWS Global Infrastructure • Products & Services – high level • Your First Hour on AWS • Learn – Training & Certifications, What next? important

  4. © 2020, Amazon Web Services, Inc. or its Affiliates. Introduction

    to AWS Cloud

  5. © 2020, Amazon Web Services, Inc. or its Affiliates. "Cloud

    Computing", by definition, refers to the on-demand delivery of IT resources and applications via the Internet with pay-as-you-go pricing. What is Cloud Computing?

  6. © 2020, Amazon Web Services, Inc. or its Affiliates. Migrating

    to the cloud can reduce costs and drive business benefits Lower the time spent on infrastructure management Dedicate more resources to innovation Concentrate on new business initiatives Move from risk- laden up-front expense to flexible variable expense Go global in minutes

  7. © 2020, Amazon Web Services, Inc. or its Affiliates. A

    broad and deep platform that helps customers build sophisticated, scalable, secure applications What is Amazon Web Services (AWS)?

  8. © 2020, Amazon Web Services, Inc. or its Affiliates. Allows

    teams to experiment and innovate quickly and frequently Agility Only pay for what you use, lower upfront expenses Cost Savings Most extensive, reliable, and secure global cloud infrastructure Go Global in Minutes Elasticity Stop guessing capacity, scale up and down with demand Why do customers choose AWS? Ability to focus on business differentiators, not infrastructure Innovate Faster 175+ fully featured services to support any cloud workload Service Breadth & Depth

  9. © 2020, Amazon Web Services, Inc. or its Affiliates. AWS

    & Customers

  10. © 2020, Amazon Web Services, Inc. or its Affiliates. Getting

    started in your cloud journey Project Value Time Continuous Reinvention Foundation Migration Cloud native Legacy applications and data Modernization

  11. © 2020, Amazon Web Services, Inc. or its Affiliates. Broadest

    customer base S T A R T U P E N T E R P R I S E P U B L I C S E C T O R S I & I S V

  12. © 2020, Amazon Web Services, Inc. or its Affiliates. An

    Expansive Ecosystem Thousands of the world’s largest technology and consulting companies 48+ Global Premier Consulting partners 12+ Enterprise-focused competencies 2,200+ products available for 1-click deployment across 35 distinct product categories Customers run over 143M hours of software per month

  13. © 2020, Amazon Web Services, Inc. or its Affiliates. AWS

    Global Infrastructure

  14. © 2020, Amazon Web Services, Inc. or its Affiliates. N.

    Virginia N. California Ireland First 5 years: 4 regions Regional expansion Singapore Launched in 2006

  15. © 2020, Amazon Web Services, Inc. or its Affiliates. N.

    Virginia N. California Ireland AWS GovCloud West Oregon São Paulo Sydney Next 5 years: 7 regions First 5 years: 4 regions Regional expansion Frankfurt Singapore Beijing Launched in 2006

  16. © 2020, Amazon Web Services, Inc. or its Affiliates. N.

    Virginia N. California Ireland AWS GovCloud West Oregon São Paulo Montreal Ohio London Mumbai Seoul Ningxia Cape Town Hong Kong Sweden AWS GovCloud East Osaka Milan Bahrain Jakarta 2016–2020: 13 regions and 1 local region Coming soon: 3 regions Next 5 years: 7 regions First 5 years: 4 regions Regional expansion Frankfurt Singapore Beijing Spain Paris Sydney Launched in 2006

  17. © 2020, Amazon Web Services, Inc. or its Affiliates. AWS

    Global Infrastructure 24 geographical regions, 1 local region, 76 availability zones, 200+ POPs Region & Number of Availability Zones (AZs) GovCloud (US) Europe US-East (3), US-West (3) Frankfurt (3), Paris (3), Ireland (3), Stockholm (3), US West London (3), Milan (3) Oregon (4) Northern California (3) US East N. Virginia (6), Ohio (3) Middle East Bahrain (3) Canada Asia Pacific Central (3) Singapore (3), Sydney (3), Tokyo (4), Osaka-Local (1)* South America São Paulo (3) Seoul (3), Mumbai (3), Hong Kong (3) Africa China Cape Town (3) Beijing (2), Ningxia (3) Announced Regions Three Regions and 9 AZs in Indonesia, Japan, and Spain * Available to select AWS customers who request access. Customers wishing to use the Asia Pacific (Osaka) Local Region should speak with their sales representative.

  18. © 2020, Amazon Web Services, Inc. or its Affiliates. AWS

    Region design AWS Regions are comprised of multiple AZs for high availability, high scalability, and high fault tolerance. Applications and data are replicated in real time and consistent in the different AZs. AWS Availability Zone (AZ) A Region is a physical location in the world where we have multiple Availability Zones. Availability Zones consist of one or more discrete data centers, each with redundant power, networking, and connectivity, housed in separate facilities. AZ AZ AZ AZ Transit Transit Datacenter Datacenter Datacenter AWS Region

  19. © 2020, Amazon Web Services, Inc. or its Affiliates. Amazon

    CloudFront uses a global network of 216 points of presence (205 Edge locations and 11 Regional Edge caches) in 77 cities across 37 countries

  20. © 2020, Amazon Web Services, Inc. or its Affiliates. Global

    network: Redundant 100GbE network and private capacity between all regions except China Direct Connect: 80+ locations; customers can reach every AWS Region from their local Direct Connect PoP

  21. © 2020, Amazon Web Services, Inc. or its Affiliates. AWS

    Products & Services

  22. © 2020, Amazon Web Services, Inc. or its Affiliates. Broad

    and Deep Functionality CORE SERVICES Integrated Networking Rules Engine Device Shadows Device SDKs Device Gateway Registry Local Compute Custom Model Training & Hosting Conversational Chatbots Virtual Desktops App Streaming Schema Conversion Image & Scene Recognition Sharing & Collaboration Exabyte-Scale Data Migration Text to Speech Corporate Email Application Migration Database Migration Regions Availability Zones Points of Presence Data Warehousing Business Intelligence Elasticsearch Hadoop/Spark Data Pipelines Streaming Data Collection ETL Streaming Data Analysis Interactive SQL Queries Queuing & Notifications Workflow Email Transcoding Deep Learning (Apache MXNet, TensorFlow, & others) Server Migration Communications MARKETPLACE Business Apps Business Intelligence DevOps Tools Security Networking Storage Databases API Gateway Single Integrated Console Identity Sync Mobile Analytics Mobile App Testing Targeted Push Notifications One-click App Deployment DevOps Resource Management Application Lifecycle Management Containers Triggers Resource Templates Build & Test Analyze & Debug Identity Management Key Management & Storage Monitoring & Logs Configuration Compliance Web Application Firewall Assessment & Reporting Resource & Usage Auditing Access Control Account Grouping DDOS Protection TECHNICAL & BUSINESS SUPPORT Support Professional Services Optimization Guidance Partner Ecosystem Training & Certification Solutions Management Account Management Security & Billing Reports Personalized Dashboard Monitoring Manage Resources Data Integration Integrated Identity & Access Integrated Resource & Deployment Management Integrated Devices & Edge Systems Resource Templates Configuration Tracking Server Management Service Catalogue Search MIGRATION HYBRID ARCHITECTURE ENTERPRISE APPS MACHINE LEARNING IoT MOBILE SERVICES DEV OPS ANALYTICS APP SERVICES INFRASTRUCTURE SECURITY & COMPLIANCE MANAGEMENT TOOLS Compute VMs, Auto-scaling, Load Balancing, Containers, Virtual Private Servers, Batch Computing, Cloud Functions, Elastic GPUs, Edge Computing Storage Object, Blocks, File, Archivals, Import/Export, Exabyte-scale data transfer CDN Databases Relational, NoSQL, Caching, Migration, PostgreSQL compatible Networking VPC, DX, DNS Facial Recognition & Analysis Facial Search Patching Contact Center

  23. © 2020, Amazon Web Services, Inc. or its Affiliates. Containers

    Lambda Instances Instances, containers, and Lambda Compute Options

  24. © 2020, Amazon Web Services, Inc. or its Affiliates. C

    A P A B I L I T I E S Instances C A T E GOR I E S OP T I ONS 275+ instance types for virtually every workload and business need Broadest and deepest choice of instances Virtual Servers in Cloud

  25. © 2020, Amazon Web Services, Inc. or its Affiliates. Amazon

    Elastic Container Service Amazon Elastic Container Service for Kubernetes Amazon EC2 AWS Fargate Amazon Elastic Container Registry Deployment, scheduling, scaling, and management of containerized applications ORCHESTRATION Where the containers run COMPUTE ENGINE Container image repository IMAGE REGISTRY AWS container services landscape https://eksworkshop.com/ https://ecsworkshop.com/

  26. © 2020, Amazon Web Services, Inc. or its Affiliates. AWS

    LAMBDA AWS FARGATE AMAZON AURORA SERVERLESS AMAZON S3 AMAZON DYNAMODB AMAZON API GATEWAY AMAZON SNS AMAZON SQS AWS STEP FUNCTIONS AWS APPSYNC

  27. © 2020, Amazon Web Services, Inc. or its Affiliates. AWS

    CodeBuild + Third Party AWS CodeCommit AWS CodeBuild AWS CodeDeploy AWS X-Ray AWS CodePipeline MONITOR DEPLOY TEST BUILD SOURCE AUTHOR AWS Developer Tools for modern software delivery AWS Cloud 9 IDE Toolkits Amazon CloudWatch AWS CloudFormation AWS SAM MODEL

  28. © 2020, Amazon Web Services, Inc. or its Affiliates. Author

    and debug AWS applications with IDEs AWS Cloud9 Python, Node.JS AWS Toolkit for PyCharm Python AWS Toolkit for IntelliJ Java, Python AWS Toolkit for Visual Studio Code .NET, Node.JS, Python

  29. © 2020, Amazon Web Services, Inc. or its Affiliates. P

    U R P O S E - B U I L T Key value: Amazon DynamoDB Document: Amazon DocumentDB In-memory: Amazon ElastiCache Graph: Amazon Neptune Time-series: Amazon Timestream Ledger: Amazon QLDB M I G R A T I O N S E R V I C E S AWS Migration Hub AWS Database Migration Service RELATIONAL Amazon Aurora MySQL Amazon RDS for MySQL Amazon Aurora PostgreSQL Amazon RDS for PostgreSQL Amazon RDS for Oracle Amazon RDS for MariaDB Amazon RDS for SQL Server Databases

  30. © 2020, Amazon Web Services, Inc. or its Affiliates. A

    I S e r v i c e s R E K O G N I T I O N I M A G E R E K O G N I T I O N V I D E O T E X T R A C T V ISION P O L L Y T R A N S C R I B E SP E E C H T R A N S L A T E C O M P R E H E N D LA NGU A GE L E X C HA T BOT S F O R E C A S T F OR E C A ST ING P E R S O N A L I Z E R E C OMME NDA T IONS M L S e r v i c e s A m a z o n S a g e M a k e r Ground Truth Notebooks Algorithms + Marketplace Reinforcement Learning Training Optimization Deployment Hosting M L F r a m e w o r k s + I n f r a s t r u c t u r e EC2 P3 & P3dn EC2 C5 FPGAs Greengrass Elastic inference F R A ME W OR KS INT E R F A C E S I N F R A S T R U C T U R E Inferentia EC2 G4

  31. © 2020, Amazon Web Services, Inc. or its Affiliates. Security

  32. © 2020, Amazon Web Services, Inc. or its Affiliates. Customer

    AWS AWS is responsible for security of the cloud Customer is responsible for security in the cloud Customer data Platform, applications, identity, & access management Operating system, network, & firewall configuration Client-side data encryption & data integrity authentication Server-side encryption (file system &/or data) Network traffic protection (encryption/integrity/identity) Compute Storage Database Networking Edge locations Regions Availability Zones AWS Global Infrastructure Share your security responsibility with AWS

  33. © 2020, Amazon Web Services, Inc. or its Affiliates. Certifications

    / Attestations Laws / Regulations / Privacy Alignments / Frameworks C5 ! Agentina Data Privacy CIS (Center for Internet Security) " Cyber Essentials Plus # CISPE $ CJIS (US FBI) % DoD SRG % EU Model Clauses $ CSA (Cloud Security Alliance) " FedRAMP % FERPA % ENS High & FIPS % GDPR $ EU-US Privacy Shield $ HITRUST % GLBA % FFIEC % IRAP ' HIPAA % FISC ( ISO 9001 " HITECH " FISMA % ISO 27001 " IRS 1075 % G-Cloud # ISO 27017 " ITAR % GxP (US FDA CFR 21 Part 11) % ISO 27018 " My Number Act ( ICREA " K-ISMS ) UK DPA - 1988 # IT Grundschutz ! MTCS * VPAT/Section 508 % MITA 3.0 (US Medicaid) % PCI DSS Level 1 " Data Protection Directive $ MPAA % SEC Rule 17-a-4(f) % Privacy Act [Australia] ' NIST % SOC 1, SOC 2, SOC 3 " Privacy Act [New Zealand] + PHR % PDPA—2010 [Malaysia] , Uptime Institute Tiers " PDPA—2012 [Singapore] * Cloud Security Principles # PIPEDA [Canada] - " = industry or global standard Spanish DPA Authorization & Spanish DPA Authorization & Inherit global security and compliance controls India Cloud Security and Compliance - https://aws.amazon.com/compliance/india-data-protection/

  34. © 2020, Amazon Web Services, Inc. or its Affiliates. Your

    First Hour on AWS

  35. © 2020, Amazon Web Services, Inc. or its Affiliates. AWS

    Account Step 1 is to have an AWS Account..! If you are creating Account for a company, always use a group email alias with your AWS account Account Strategies : • Create new VPCs, avoid Default VPC for Production • One Account – Prod vs Non-Prod VPCs • Separate Production and Non-production accounts • Using AWS Organizations & Consolidated Billing • Centrally established, company-wide policies across accounts using AWS Control Tower or AWS Landing Zone

  36. © 2020, Amazon Web Services, Inc. or its Affiliates. Accessing

    AWS APIs Developer Tool Description Web Console Simple web interface for Amazon Web Services Command Line Tool Control your AWS services from the command line and automate service management with scripts Integrated Development Environment (IDE) Write, run, debug, and deploy applications on AWS using familiar Integrated Development Environments (IDE) Software Development Kit (SDK) Simplify coding with language-specific abstracted APIs for AWS services Infrastructure as Code Define cloud infrastructure using familiar programming languages

  37. © 2020, Amazon Web Services, Inc. or its Affiliates. How

    to select the right region? Region selection depends on following : • Application Latency • Compliance and Data Privacy laws • AWS Services availability (check Region Table) • AWS Services pricing Don’t forget to Enable and/or disable regions AWS Region table - https://aws.amazon.com/about-aws/global-infrastructure/regional-product-services/

  38. © 2020, Amazon Web Services, Inc. or its Affiliates. Security

    101 • Protect your Root Account o Delete your account’s access keys • Set up AWS IAM users, groups, and roles for daily account access • For Root Account & IAM Users o Enforce MFA o Create a strong password o Rotate Credentials Regularly • Grant least privileges o IAM policies, Security Groups,…everywhere!!! • Enable CloudTrail in all AWS regions

  39. © 2020, Amazon Web Services, Inc. or its Affiliates. Purchasing

    options On-demand: pay per unit of capacity as used • Examples: Amazon EC2, Amazon S3 Provisioned: pay per unit of capacity as provisioned • Examples: Amazon DynamoDB, Amazon Kinesis Data Streams Reserved: discounted pricing in return for a fixed-term commitment • Examples: Amazon EC2, Amazon Elasticsearch Service Many services support multiple billing options

  40. © 2020, Amazon Web Services, Inc. or its Affiliates. the

    second Amazon EC2 purchase options savings of up to 90% a significant discount more flexibility

  41. © 2020, Amazon Web Services, Inc. or its Affiliates. Free

    tier Always free These free tier offers do not expire and are available to all AWS customers 12 months free Enjoy these offers for 12-months following your initial sign-up date to AWS Trials Short-term free trial offers start from the date you activate a particular service https://aws.amazon.com/free/ e.g. 750 hours per month of Linux, RHEL, SLES, Windows t2.micro or t3.micro instance dependent on region e.g. AWS Lambda1 Million free requests per month, Up to 3.2 million seconds of compute time per month e.g. 750 DC2.Large node hours per month for 2 months

  42. © 2020, Amazon Web Services, Inc. or its Affiliates. Tutorial

    : LAMP Stack on AWS with EC2 and RDS You will learn how to create following AWS resources : • VPC, subnets, and security groups • EC2, Linux, PHP Web server • RDS, MySQL server https://tinyurl.com/y3krhm6a

  43. © 2020, Amazon Web Services, Inc. or its Affiliates. Availability

    Zone B Availability Zone A instance standby (Multi-AZ) Public subnet EC2 instances security group Web Server With Multi-AZ Autoscaling Public subnet DB instance Private subnet Private subnet Synchronous replication EC2 instances Elastic Load Balancing Auto Scaling Region P

  44. © 2020, Amazon Web Services, Inc. or its Affiliates. Region

    DEV STAGING PRODUCTION

  45. © 2020, Amazon Web Services, Inc. or its Affiliates. Learn

  46. © 2020, Amazon Web Services, Inc. or its Affiliates. Learning

    Paths Role-Based Paths • Cloud Practitioner • Architect • Developer • Operations • DevOps Engineer Solutions Paths • Machine Learning • AWS Media Services • Storage • Alexa Skill Builder • Data Analytics • Security Specialty Paths • Big Data • Advanced Networking • Security https://aws.amazon.com/training/learning-paths/

  47. © 2020, Amazon Web Services, Inc. or its Affiliates. Developer

    Center and Workshops AWS Samples and Workshops on GitHub https://github.com/aws-samples https://awsworkshop.io/ Curated workshops and training Modules created by the teams at AWS and AWS Partners AWS Developer Center https://aws.amazon.com/developer/

  48. © 2020, Amazon Web Services, Inc. or its Affiliates. Start

    building on AWS https://aws.amazon.com/getting-started/tutorials/ Lots of FREE content, Step-by-step guides to help you build https://aws.amazon.com/getting-started/projects/ https://aws.amazon.com/getting-started/hands-on/ Projects on Use-cases: • Big Data & Analytics • Databases • DevOps • Websites & Apps • Storage • Enterprise Applications 10-Minute Tutorials, Hands-on Tutorials,

  49. © 2020, Amazon Web Services, Inc. or its Affiliates. Free

    digital training © 2020, Amazon Web Services, Inc. or its Affiliates. Free digital training https://www.aws.training/LearningLibrary

  50. © 2020, Amazon Web Services, Inc. or its Affiliates. How

    to Become AWS Certified https://aws.amazon.com/certification/

  51. © 2020, Amazon Web Services, Inc. or its Affiliates. Expands

    upon training used with Amazon’s own developers Learning paths for developers, data scientists, business decision makers, and data platform engineers AWS Certified Machine Learning – Specialty certification now available Goto aws.training/machinelearning

  52. © 2020, Amazon Web Services, Inc. or its Affiliates. AWS

    Events https://aws.amazon.com/events/

  53. © 2020, Amazon Web Services, Inc. or its Affiliates. Go

    Build..! Rohini Gaonkar Sr. Developer Advocate, AWS @rohini_gaonkar @rohinigaonkar