You can use AWS to design, build, or run almost any application that you would in a traditional data centre. But just treating AWS as a traditional data centre would be a mistake. AWS allows you to implement a given scenario in a variety of ways, and each way comes …
AWS provides many different ways to automate tasks. The specific services and approaches used are architectural decisions that should be understood. Fundamentally, automation entails defining a task as code that a system carries out. This code can be written as imperative commands that specify the exact steps to perform the …
Virtual Private Cloud (VPC) provides the virtual network infrastructure for many AWS resources, most notably EC2. VPCs can connect to other networks, including the following:
The internet via an internet gateway
External, private networks via Direct Connect or a virtual private network (VPC)
In many case, the decision about whether to use a relational or non-relational database has already been made . If migrating a database-backed application to AWS, most applications already use an SQL database. In which case migration options are to either use RDS or build and maintain your own SQL server …
S3 is the primary storage service in AWS. Although S3 integrates with all other AWS services, it enjoys an especially close relationship with S3 Glacier, and the AWS compute services EC2 and Lambda.
For durable, highly available cloud storage, use S3. You can use bucket policies to make your files …
Configuring EC2 instances is designed to mirror the process of provisioning and launching on-premise servers. Instances are defined by your choice of AMIs, instance type, storage volumes and pricing model.
AMIs are organized init four categories: Quick Start, custom, AWS Marketplace, and Community. You can create your own AMI from …
Starting out, you'll spend most of your time interacting with AWS using the AWS Management Console. It's always changing, but even when it does, AWS takes great care to let you know what changed. Sometimes AWS will also let you preview new console features before they go live, giving you …
You should enforce the use of strong passwords by your users by creating a password policy in IAM. Ideally, you should also require multi-factor authentication (MFA).
Programmatic and command-line access to resources is authenticated using security credentials consisting of an access key ID and a secret access key. SSH access …
An AWS region connects at least two Availability Zones located within a single geographic area in a low-latency network. Because of the default isolation of their underlying hardware, building secure, access-controlled regional environments is eminently possible.
An Availability Zone is a group of one or more independent data centres located …