Weitere ähnliche Inhalte Ähnlich wie Virtual AWSome Day October 2018 - Amazon Web Services (20) Mehr von Amazon Web Services (20) Virtual AWSome Day October 2018 - Amazon Web Services2. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Introduction to the AWS Cloud
Cloud Computing
On-demand delivery of IT resources and applications via the Internet
with pay-as-you-go pricing
3. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Before AWS
Guessing theoretical maximum peaks?
Is there enough resource capacity?
Is this sufficient storage?
4. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
With AWS
With AWS:
Servers
Databases
Storage
Higher-level applications
5. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
With AWS
Resources can be:
Initiated within seconds
Treated as “temporary and disposable”
Free from inflexibility and constraints
6. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Agility
3 factors:
Speed
Experimentation
Culture of innovation
7. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Agility: Increase Speed and Global Reach
Instant global reach
Rapid availability of new resources
8. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Agility: Increase Experimentation
AWS enables
Operations as code
Safe experimentation
Comparative testing
9. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Agility: Increase Innovation
Quick experimentation with low cost/risk
More experimentation and more often
10. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Agility: The AWS Infrastructure
Instant elasticity
Scalability
Flexible
Reliability
Secure
11. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
AWS Global Infrastructure
3
2
3
3 3
3
3
2
4
2
2
3
3
3
3
6
3 2
1
12. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Regions and Availability Zones
3
2
3
3 3
3
3
2
4
2
2
3
3
3
3
6
Region & Number of AZs
3 2
1
13. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
AWS Region Table
14. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Availability Zones
Physically
distinct
Own
uninterruptible
power supply
Backup generators
Cooling
equipment
Networking
connectivity
Region
15. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Availability Zones
Isolating Availability Zones
Protects zones from failure
Designed for high availability
Handles requests through other zones
Best practice: Implement multiple availability zones
16. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
High Availability
High availability:
Functional and accessible systems
Minimized downtime
No human intervention
17. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Fault Tolerance
Fault Tolerance:
Operational applications during component failure
Built-in redundancy of components
18. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Edge Locations
Edge Locations
Multiple Edge Locations
Regional Edge Caches
19. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Edge Locations
Amazon CloudFront
Amazon Route 53
AWS Shield
AWS Web Application Firewall
Lambda@Edge Computing
20. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Reliability
High-performing and reliable solutions
Achieve greater flexibility/capacity
Reliability:
Recover from failures
Resources that demand and mitigate disruptions
Must have well-planned foundation
Reduce uncertainty of forecasting
Detect failure and automatically heal itself
Unmatched by on-premise solutions
21. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Elasticity, Scalability, and High Performance
AWS
Elastic infrastructure
Innovative new services/products
Deployment in multiple regions
Lower latency
Better customer experience
22. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Elasticity, Scalability, and High Performance
Customer
Use services at your own pace
Use tools to meet your needs
Adapt your consumption
Scale up as workload grows
Shut down unneeded resources
Use Auto Scaling
23. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Knowledge Check
Which of the following are advantages of AWS cloud security?
(Choose 2)
AWS retains complete control and ownership of your data region
AWS uses single-factor access control systems
You retain complete control and ownership of your data region
AWS uses multi-factor access control systems
AWS infrastructure security auditing is periodic and manual
24. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Knowledge Check
Which of the following AWS tools help your application scale up
or down based on demand? (Choose 2)
Auto Availability Zones
Auto Scaling
AWS CloudFormation
Elastic Load Balancing
Agile Load Balancing
25. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Knowledge Check
What is the number one reason customers are switching to
cloud computing to help them increase global reach,
experimentation, and innovation?
Instant configuration
Finite infrastructure
Agility
Automation
Overprovisioning
26. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Knowledge Check
Which of the following are NOT benefits of AWS cloud
computing? (Choose 2)
Multiple procurement cycles
High availability
High latency
Temporary and disposable resources
Fault tolerant databases
27. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Knowledge Check
What is the pricing model that allows AWS customers to pay for
resources on an as-needed basis?
Pay-as-you-use
Pay-as-you-go
Pay-as-you-buy
Pay-as-you-reserve
Pay-as-you-own
28. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Knowledge Check
What is true about Regions? (Choose 2)
Each region is located in a separate geographic area
All regions are located in one specific geographic area
Physical location with multiple Availability Zones
Physical location of your customers
Resources are replicated across all regions by default
29. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Knowledge Check
Which of the following is NOT an advantage of cloud computing
over on-premises computing?
Pay for racking, stacking, and powering servers
Increase speed and agility
Benefit from massive economies of scale
Eliminate guessing on your infrastructure capacity needs
Trade capital expense for variable expense
31. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Amazon Virtual Private Cloud
(VPC)
32. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Introduction
Private, virtual network in the AWS Cloud
Similar constructs as on-premises network
Customizable network configurations to meet your needs
33. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Features
Characteristics
Allows you to provision virtual networks
Logically isolated
Configurable key features
IP ranges
Routing
Network gateways
Security settings
Route Tables
Control traffic going out of the subnets
34. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Example
us-west-2 (Oregon)
Test- VPC 10.0.0.0/16
Subnet A1
10.0.0.0/24
Availability Zone A
Subnet B1
10.0.2.0/23
35. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Example
us-west-2 (Oregon)
Test- VPC 10.0.0.0/16
Public Subnet A1
10.0.0.0/24
Availability Zone A
Private Subnet B1
10.0.1.0/24
Test- IGW
36. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Summary
You created:
VPC in the Oregon region
An internet gateway
One public subnet
One private subnet
Learn More
Route tables and isolation methods
Other Amazon VPC features (e.g., VPC endpoints and peering connections)
Security groups
Amazon Elastic Cloud Compute (EC2)
Amazon Relational Database Service (RDS)
37. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
AWS Security Groups
38. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
AWS Security
Web Tier
security group
Application Tier
security group
Database Tier
security group
internet
Corporate
Admin Network
app serverwww server
api
ssh/rdp
db server
api
www server
www server app server
app server
db server
db server
(all other ports are blocked)
39. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Compute Services
40. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Compute Services
AWS
Flexible
Cost-effective
Amazon EC2
Flexible configuration and control
AWS Lambda
Pay only for what you use
No administration
41. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Compute Services
Amazon Lightsail
Launch virtual private server
Manage simple web and application servers
Amazon ECS
Managed containers
Highly scalable, high performance
AWS Fargate
Amazon EKS
42. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Amazon Elastic Compute Cloud
(EC2)
43. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
What is Amazon EC2?
Elastic Compute Cloud
Application Server
Web Server
Database Server
Game Server
Mail Server
Media Server
Catalog Server
File Server
Computing Server
Proxy Server
44. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
What is Amazon EC2?
Pay-as-you-go
Broad selection of HW/SW
Global hosting
Much more (aws.amazon.com/ec2)
Amazon EC2 Instances
45. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Instance Types
Families Description Example Use Cases
t2, m4, m3
General Purpose
Balanced Performance
Websites, web applications, Dev, code repos, micro
services, business apps
c3, c4, cc2
Compute Optimized
High CPU
Performance
Front-end fleets, web-servers, batch processing,
distributed analytics, science and engineering apps, ad
serving, MMO gaming, video-encoding
g2, p2
GPU Optimized
High-end GPU
Amazon AppStream 2.0, video encoding, machine
learning, high perf databases, science
r3, r4, x1, cr1
Memory Optimized
Large RAM footprint
In-memory databases, data mining
d2, i2, i3, hi1, hs1
Storage Optimized
High I/O, High density
NAS, data warehousing, NoSQL
46. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Choosing the Right Amazon EC2 Instances
EC2 Instance types are optimized for different use cases,
workloads, and come in multiple sizes. This allows you to
optimally scale resources to your workload requirements.
AWS utilizes Intel® Xeon® processors for EC2 Instances providing
customers with high performance and value.
Consider the following when choosing your instances: core
count, memory size, storage size & type, network performance,
I/O requirements, and CPU technologies.
Hurry Up & Go Idle - A larger compute instance can save you
time and money, therefore paying more per hour for a shorter
amount of time can be less expensive.
47. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
EC2 Instances Powered by Intel Technologies
EC2 Instance
Type
Compute Optimized General Purpose Memory Optimized Storage Optimized
C5 C4 M5 M4 T2 X1 X1e R4 H1 I3 D2
Intel Processor
Xeon
Platinum
8175M
Xeon E5
2666 v3
Xeon
Platinum
8175M
Xeon E5
2686 v4
2676 v3
Xeon
Family
Xeon E7
8880 v3
Xeon E7
8880 v3
Xeon E5
2686 v4
Xeon E5
2686 v4
Xeon E5
2686 v4
Xeon E5
2676 v3
Intel Processor
Technology
Skylake Haswell Skylake
Broadwell
Haswell
Yes Haswell Haswell Broadwell Broadwell Broadwell Haswell
Intel AVX Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes
Intel AVX2 Yes Yes Yes Yes - Yes Yes Yes Yes Yes Yes
Intel AVX-512 Yes - Yes - - - - - - - -
Intel Turbo
Boost
Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes
Storage EBS-only EBS-only EBS-only EBS-only EBS-only
SSD
EBS-Opt
SSD
EBS-Opt
- HDD SSD HDD
48. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
C5: Compute Optimized Instances
Based on 3.0 GHz Intel Xeon Scalable
Processors (Skylake)
Up to 72 vCPUs and 144 GiB of memory
(2:1 Memory:vCPU ratio)
25 Gbps NW bandwidth
Support for Intel AVX-512
25% price/performance
improvement over C4
C4 C5
“We saw significant performance improvement on
Amazon EC2 C5, with up to a 140% performance
improvement in industry standard CPU benchmarks
over C4.”
“We are eager to migrate onto the AVX-512 enabled
c5.18xlarge instance size… . We expect to decrease the
processing time of some of our key workloads by more
than 30%.”
49. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
M5: Next-Gen General Purpose instance
Powered by 2.5 GHz Intel Xeon
Scalable Processors (Skylake)
New larger instance size—m5.24xlarge
with
96 vCPUs and 384 GiB of memory
(4:1 Memory:vCPU ratio)
Improved network and EBS
performance on smaller instance sizes
Support for Intel AVX-512 offering up
to twice the performance for vector
and floating point workloads
14% price/performance
improvement With M5
M4 M5
50. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Elastic Load Balancing (ELB)
51. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Introduction to Elastic Load Balancing
Managed load balancing service
Distributes loads between instances
52. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Elastic Load Balancing Products
Application Load Balancer (ALB) Network Load Balancer (NLB) Classic Load Balancer (CLB)
PREVIOUS GENERATION
for HTTP, HTTPS, and TCP
• Flexible application management
• Advanced load balancing of
HTTP and HTTPS traffic
• Operates at the request level
(Layer 7)
• Extreme performance and static
IP for your application
• Load balancing of TCP traffic
• Operates at the connection level
(Layer 4)
• Existing application that was built
within the EC2-Classic network
• Operates at both the request
level and connection level
HTTP
HTTPS
TCPT
53. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Application Load Balancer Use Cases
Application
Load Balancer
Application 1
Application 2
Application 3
54. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Application Load Balancer Use Cases
Target Target Target Target Target Target Target
Target Group Target Group Target GroupHealth
Check
Health
Check
Health
Check
Listener ListenerRule Rule Rule
Application
Load Balancer
55. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Classic Load Balancer Use Cases
Access servers through single point
Decouple the application environment
Provide high availability and fault tolerance
Increase elasticity and scalability
56. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Network Load Balancer Use Cases
Sudden and volatile traffic patterns
Single static IP address per Availability Zone
Ideal for applications that require extreme performance
57. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Auto Scaling
58. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
What Is Auto Scaling?
Helps you verify that you have the desired number of Amazon
EC2 instances available to handle the load for your application
59. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Monitoring Resource Performance
Amazon CloudWatch to monitor performance
Auto Scaling to add or remove EC2 instances
60. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Capacity Management
Capacity
Day of the Week
Su M T W Th F Sa
}Unused
Capacity
Available Capacity
Capacity
Su M T W Th F Sa
Day of the Week
Available Capacity
Auto Scaling adjusting
← capacity as needed
61. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Critical Questions
How can I make sure that my workload has enough EC2
resources to meet fluctuating performance requirements?
How can EC2 resource provisioning occur on-demand?
Scalability
Automation
62. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Scaling Out and Scaling In
Elastic Load
Balancing
Auto Scaling group Auto Scaling groupAuto Scaling group
Base Configuration Scaling Out Scaling In
Launch Instances Terminate Instances
63. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Auto Scaling Components
Launch Configuration
Auto Scaling groups
Auto Scaling Policy
64. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Auto Scaling Components
Launch Configuration: What will be scaled?
Launch settings
AMI
Instance type
Security groups
Roles
65. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Auto Scaling Components
Auto Scaling Group: Where will it take place?
Deployment settings
VPC and subnets
Load balancer
Minimum instances
Maximum instances
Desired capacity
66. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Auto Scaling Components
Auto Scaling Policy: When will it take place?
Policy settings
Scheduled
On-demand
Scale-out policy
Scale-in policy
67. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Dynamic Auto Scaling
v
Elastic Load
Balancing
Auto Scaling CloudWatch
Auto Scaling group
68. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
CloudWatch Alarm for Auto Scaling
Whenever: CPUUtilization
is: >= 80
for: 1 consecutive period(s)
to
AutoScaling Action Delete
Whenever this alarm: State is ALARM
From resource type: AutoScaling
From the: IREASG
Take this action: Increase Group Size – Add 2 instances
69. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Summary
Created
A launch configuration
Auto Scaling group
Auto Scaling policy
Triggered Auto Scaling
70. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Amazon Elastic Block Store
(EBS)
71. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
EBS Volumes
Characteristics
Persistent and customizable block storage for EC2 instances
HDD and SSD types
Use Snapshots for backups
Easy and transparent encryption
Elastic
72. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
EBS Volumes
Availability
Durable and automatically replicated
Drive Types
Storage that best fits your needs
Magnetic or SSD
Performance and price requirements
73. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Amazon EBS
Snapshots
Point-in-time snapshots
Recreate a new volume at any time
Encryption
Encrypted EBS volumes
No additional cost
Elasticity
Increase capacity
Change to different types
74. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Summary
Features
Persistent and customizable block storage for EC2 instances
HDD and SSD types
Replicated in the same Availability Zones
Easy and transparent encryption
Elastic volumes
Back up using snapshots
75. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Amazon Simple Storage Service
(S3)
76. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Amazon S3
Features
Fully managed cloud storage service
Rich security controls
Functionality
Store virtually unlimited number of objects
Access any time, from anywhere
77. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Getting Started with S3
media/welcome.mp4 my-bucket-name
media/welcome.mp4
Key Object my-bucket-name
78. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Access the Data Anywhere
AWS Management Console
AWS command line interface
AWS software development kits
79. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Common Use Cases
Storing application assets
Static web hosting
Backup and disaster recovery (DR)
Staging area for big data
80. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Summary
Fully managed cloud storage service
Store virtually unlimited number of objects
Access any time, from anywhere
Rich security controls
Common use cases
81. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Amazon Relational Database
Service (RDS)
82. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Challenges of Relational Databases
Server maintenance and energy footprint
Software installation and patches
Database backups and high availability
Limits on scalability
Data security
OS install and patches
83. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Amazon RDS
Managed service that sets up and operates a relational database
in the Cloud
Users Application
servers Amazon RDS
AWS Cloud
84. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Amazon RDS
Customer manages:
Application Optimization
Database schema
Data
AWS manages:
OS installation and patches
Database software installation and patches
Database backups
High availability
Scaling
Power, rack, and stack
Server maintenance
85. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Amazon RDS DB Instances
DB Instance Class
• CPU
• Memory
• Network Performance
DB Instance Storage
• Magnetic
• General Purpose (SSD)
• Provisioned IOPS
Amazon
RDS
RDS DB
master
instance
DB Engines
M
Amazon
RDS
RDS DB
master
instance
DB Engines
86. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Amazon RDS In a Virtual Private Cloud
VPC
M
App
Public subnet
Private subnet
internet
gateway
Amazon
EC2
instance
RDS
DB
instance
Availability Zone 1
Users
87. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
High Availability with Multi-AZ
SYNCHRONOUS
Public subnet
Amazon
EC2
instance
RDS DB
instance
App
RDS DB
standby
instance
Private subnet Private subnet
M S
Availability Zone 1 Availability Zone 2
VPC
88. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
High Availability with Multi-AZ
Public subnet
Amazon
EC2
instance
RDS DB
instance
VPC
App
RDS DB
standby
instance
Private subnet Private subnet
M S
Availability Zone 1 Availability Zone 2
FAILOVER
89. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Amazon RDS Read Replicas
Features
Asynchronous replication
Promote to master if necessary
Functionality
Read-heavy database workloads
Offload read queries
Public subnet
Amazon
EC2
instance
RDS DB
instance
VPC
App
Private subnet
M
Availability Zone 1
RDS DB
read
replica
instanceR
90. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Summary
Highly scalable
High performance
Easy to administer
Available and durable
Secure and compliant
91. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Amazon DynamoDB
92. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
What Is Amazon DynamoDB?
NoSQL database tables
Virtually unlimited storage
Items may have differing attributes
Low-latency queries
Scalable read/write throughput
93. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Common Use Cases
Web
Mobile apps
Internet of Things
Ad tech
Gaming
94. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Partitioning
95. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Items in a Table Must Have a Key
96. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Summary
Managed NoSQL database service
Data store for applications
Store large amounts of data
Support high request volume
Require low-latency query performance
97. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Knowledge Check
Which of the following is true about security groups? (Choose 2)
Acts as a virtual firewall to control outbound traffic only
Acts as a virtual firewall to control inbound and outbound traffic
Acts as a virtual firewall to control inbound traffic only
All inbound traffic is denied and outbound traffic is allowed by default
All inbound traffic is allowed and outbound traffic is denied by default
98. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Knowledge Check
How does an edge location help end users?
Reduces power consumption
Increases storage
Reduces scaling
Increases latency
Reduces latency
99. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Knowledge Check
What AWS tool uses edge locations to cache content and reduce
latency?
EBS storage
EC2 instances
RDS
Amazon CloudFront
VPCs
100. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Knowledge Check
Which of the following statements are true about Availability
Zones? (Choose 2)
Multiple zones are physically connected on the same grid
Multiple zones will fail if one zone fails
A single zone can span multiple data centers
A single zone equals a single data center
Multiple zones are connected by low latency network links
102. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Topics
Introduction to AWS Security
The AWS Shared Responsibility Model
AWS Access Control and Management
AWS Security Resources
103. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Introduction to AWS Security
104. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Introduction to AWS Security
Security is of the utmost importance to AWS.
Approach to security
AWS environment controls
AWS offerings and features
105. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Keep Your Data Safe
Resilient infrastructure
High security
Strong safeguards
106. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Continual Improvement
Rapid innovation
Constantly evolving security services
107. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Pay For What You Need
Advanced security services
Address real-time emerging risks
Meeting needs at a lower operational cost
108. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Meet Compliance Requirements
Governance-enabled features
Additional oversight
Security control
Central automation
109. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Security Products and Features
Tools
Access from AWS and partners
Use for monitoring and logging
110. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Network Security
Built-in firewalls
Encryption in transit
Private/dedicated connections
Distributed denial of service (DDoS) mitigation
111. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Inventory and Configuration Management
Deployment tools
Inventory and configuration tools
Template definition and management tools
112. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Data Encryption
Encryption capabilities
Key management options
AWS Key Management Service
Hardware-based cryptographic key storage options
AWS CloudHSM
113. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Access Control and Management
Identity and Access Management (IAM)
Multi-factor authentication (MFA)
Integration and federation with corporate directories
Amazon Cognito
AWS Single Sign-On
114. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Monitoring and Logging
Tools and features to reduce your risk profile:
Deep visibility into API calls
Log aggregation and options
Alert notifications
115. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
AWS Marketplace
Qualified partners to market/sell software to AWS
customers
Online software store that can run on AWS
116. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
The AWS Shared Responsibility
Model
117. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Shared Responsibility Model
118. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Security of the Cloud
Protection of the AWS global infrastructure is top priority
Availability of third-party reports
119. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Security of the Cloud
Amazon EC2
Amazon EBS
AWS Foundation Services
Unmanaged services Managed Services
Amazon DynamoDB
Amazon RDS
Amazon Redshift
Amazon EMR
Amazon WorkSpaces
120. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Security of the Cloud
Inherited Controls
Physical
Environmental
Shared Controls
Patch Management
Configuration Management
Awareness and Training
AWS Foundation Services
Unmanaged services
(such as EC2, EBS)
Managed Services
Customer Specific
Service/Communication
Protection
Zone Security
121. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Security in the Cloud
What to store
Which AWS services
In what location
In what content format and
structure
Who has access
122. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Security in the Cloud
Customers retain control
Changes to model depend on services
123. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Security in the Cloud
AWS Service Catalog
Virtual Machine Images
Servers
Software
Databases
124. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Security in the Cloud
Benefits
Centrally manage common IT services
Achieve consistent governance
Meet compliance requirements
Quickly deploy approved IT services
125. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Example
Customer Responsibility:
Guest OS
Application
Security group
Amazon
S3
Amazon
EC2 Amazon
Workspaces
126. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Summary
AWS and the customer share security responsibilities
AWS: Security of the cloud
Customer: Security in the cloud
Customer has full control over security measures
Customer can use AWS Service Catalog
“Infrastructure” Service
127. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
AWS Access Control and
Management
128. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
AWS IAM
Control access to AWS resources
Authentication
Authorization
Controls access to services such as:
Compute
Storage
Database
Application services
129. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
AWS IAM
Create users and groups
Grant permissions
User Group Permissions Role
130. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
AWS IAM
Functionality
Manage
Users and their access
Roles and their permissions
Federate users and their permissions
IAM Corp
131. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
AWS Account Root User
Account root user has complete access to
all AWS Services.
132. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
AWS Account Root User
Recommendations
1. Delete root user access keys.
2. Create an IAM user.
3. Grant administrator access.
4. Use IAM credentials to
interact with AWS.
IAM
133. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
AWS IAM: Authentication
Programmatic access
Enables access key ID and secret access key
Management console access
Uses AWS account name and password
MFA prompts for code
134. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
AWS IAM: Authorization
Access AWS services
Grant authorization
Assign permissions
Create an AWS IAM policy
135. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
AWS IAM: Policy Assignment
IAM Policy
IAM User IAM Group IAM Roles
136. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
IAM Best Practices
Delete AWS root account access keys
Activate multi-factor authentication (MFA)
Give IAM users only the permissions they must have
Use IAM groups
Apply an IAM password policy
137. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
AWS Security Resources
138. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
AWS Security Resources
AWS communicates security and control environment
Certifications and attestations
Whitepapers and web content
Compliance reports provided under NDA
139. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
AWS Trusted Advisor
Is a “customized cloud expert”
Helps you follow best practices
Inspects your AWS environment
Helps close security gaps
Finds opportunities and best practices in:
Cost optimization
Performance
Security
Fault Tolerance
Service Limits
140. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
AWS Account Teams
Are first point of contact
Guide deployment
Point toward the right resources to resolve security issues
141. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
AWS Enterprise Support*
15-minute response time
24/7, by phone, chat, or email
Dedicated Technical Account Manager
*for details, see:
https://aws.amazon.com/premiumsupport/enterprise-support/
142. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
AWS Professional Services and
AWS Partner Network
APN has hundreds of certified AWS Consulting Partners
worldwide
Help develop security policies
Help meet compliance requirements
143. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
AWS Advisories and Bulletins
Advisories/bulletins provided on current vulnerabilities and
threats
Customers work with experts to address:
Reporting abuse
Vulnerabilities
Penetration testing
144. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
AWS Auditor Learning Path
Understand how internal operations gain
compliance on AWS
Visit the compliance website:
Recommended training
Self-paced labs
Auditing resources
145. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
AWS Compliance Solutions Guide
Understand the Shared Responsibility Model
Request a compliance report
Complete a security questionnaire
Services in Scope
AWS Security Blog
Case Studies
FAQs
*for details, see:
https://aws.amazon.com/compliance/resources/
147. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Introduction to the Well-
Architected Framework
148. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Introduction
Assess and improve architectures
Understand how design decisions impact business
Learn the five pillars and design principles
149. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
5 Pillars
Security
Reliability
Performance efficiency
Cost optimization
Operational excellence
150. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Security Pillar
Identity and access management (IAM)
Detective controls
Infrastructure protection
Data protection
Incident response
151. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Security Pillar: Design Principles
Implement security at all layers
Enable traceability
Apply principle of least privilege
Focus on securing your system
Automate
152. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Reliability Pillar
Recover from issues/failures
Apply best practices in:
Foundations
Change management
Failure management
Anticipate, respond, and prevent failures
153. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Reliability Pillar: Design Principles
Test recovery procedures
Automatically recover
Scale horizontally
Stop guessing capacity
Manage change in automation
154. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Performance Efficiency Pillar
Select customizable solutions
Review to continually innovate
Monitor AWS services
Consider the trade-offs
155. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Performance Efficiency Pillar: Design Principles
Democratize advanced technologies
Go global in minutes
Use a serverless architectures
Experiment more often
Have mechanical sympathy
156. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Cost Optimization Pillar
Use cost-effective resources
Matching supply with demand
Increase expenditure awareness
Optimize over time
157. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Cost Optimization Pillar: Design Principles
Adopt a consumption model
Measure overall efficiency
Reduce spending on data center operations
Analyze and attribute expenditure
Use managed services
158. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Operational Excellence Pillar
Manage and automate changes
Respond to events
Define the standards
159. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Summary
Five pillars and their associated design principles
Security
Reliability
Performance Efficiency
Cost Optimization
Operational Excellence
160. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Reference Architecture –
Fault Tolerance and High Availability
161. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Fault Tolerance
Ability of a system to remain operational
Built-in redundancy of an application’s components
162. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
High Availability
High availability is designed to keep
Systems generally functioning and accessible
Downtime minimized
Minimal human intervention required
Minimal up-front financial investment
163. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
High Availability: On Premises vs AWS
Traditional (on premises)
Expensive
Only mission-critical
applications
AWS
Multiple servers
Availability zones
Regions
Fault-tolerant services
164. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
High Availability: AWS Services
AWS Services and High Availability
Amazon S3 and Amazon
Glacier
DynamoDB
Amazon CloudFront
Amazon SWF
Amazon SQS
Amazon SNS
Amazon SES
Amazon Route53
Elastic Load Balancing
IAM
Amazon CloudWatch
Amazon CloudSearch
AWS Data Pipeline
Amazon Kinesis
Auto Scaling
Amazon Elastic File System
AWS CloudFormation
Amazon WorkMail
AWS Directory Service
AWS Lambda
Amazon EBS
Amazon RDS
Amazon EC2
Amazon VPC
Amazon Redshift
Amazon ElastiCache
AWS Direct Connect
*Not all services are listed here.
Inherently HA services HA with the right architecture
165. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
High Availability Service Tools
Elastic load balancers
Elastic IP addresses
Amazon Route 53
Auto Scaling
Amazon CloudWatch
166. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Elastic Load Balancers
Distributes incoming traffic (loads)
Sends metrics to Amazon CloudWatch
Triggers and notifies
High latency
Over used
167. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Elastic Load Balancers
168. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Elastic IP Addresses
Are static IP addresses
Mask failures (if they were to occur)
Continues to access applications if an instance fails
169. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Amazon Route 53
Authoritative DNS service
Translates domain names to IP addresses
Supports:
Simple routing
Latency-based routing
Health checks
DNS failovers
Geo-location routing
170. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Auto Scaling
Terminates and launches instances
Assists with adjusting or modifying capacity
Creates new resources on demand
171. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Amazon CloudWatch
Alarm examples:
If CPU utilization is >60% for 5 minutes…
If number of simultaneous connections is >10 for one
minute…
If number of healthy hosts is <5 for 10 minutes…
172. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Fault Tolerant Tools
Amazon Simple Queue Service
Amazon Simple Storage Service
Amazon SimpleDB
Amazon Relational Database Service
173. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Summary
Fault Tolerant and highly available architectures
Services to assist architectures
174. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Reference Architecture:
Web Hosting
175. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Web Hosting
Web hosting on AWS:
Fast
Straightforward
Low cost
Common web applications:
Company website
Content management system
Social media application development
Internal SharePoint site
176. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Cost Effective Alternative
Leverage on-demand provisioning
Eliminate wasted capacity
Continuously adjust to actual traffic patterns
177. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Scalable
Handle unexpected traffic peaks or unexpected loads
Launch new hosts in minutes
Scale hosts up or down
178. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
On-Demand Solution for Various Environments
Provision testing fleets
Develop staging in minutes
Simulate use traffic
179. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Migrating to AWS: Web Hosting Services
Products to assist transition:
Amazon Virtual Private Cloud
Amazon Route 53
Amazon CloudFront
Elastic load balancing
Firewalls/AWS Shield
Auto Scaling
App servers/EC2 instances
Amazon ElastiCache
Amazon RDS/Amazon DynamoDB
180. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Key Architectural Considerations
Replace physical network appliances with software solutions
Deploy firewalls everywhere
Make available multiple data centers
Build an ephemeral and dynamic architecture
181. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Summary
AWS and web hosting
AWS web hosted services
Key considerations for web hosted architectures
182. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Knowledge Check
Which of the following is NOT one of the four areas of the
performance efficiency pillar?
Tradeoffs
Selection
Monitoring
Traceability
183. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Knowledge Check
What tool helps avoid limitations of being able to create new
resources on-demand or scheduled?
Route 53
Elastic Load Balancer
Auto Scaling
CloudWatch
184. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Knowledge Check
In a physical data center, security is typically considered in what
area?
Only in the perimeter
In an edge location
In the closest region
In the closest availability zones
185. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Knowledge Check
What is defined as the ability for a system to remain operational
even if some of the components of that system fail?
DNS failovers
High durability
High availability
Fault tolerance
186. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Knowledge Check
Which of the following are high availability characteristics of
Amazon Route 53? (Choose 2)
Latency-based routing
Geo-location routing
Collect and track high latency metrics
Mask failure of an instance/software
Terminate instances based on specified conditions
187. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Knowledge Check
What design principles are recommended when considering
performance efficiency? (Choose 2)
Enabling traceability
Democratize advanced technologies
Expenditure awareness
Matching supply and demand
Serverless architecture
188. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Knowledge Check
Which of the following cloud security controls are designed for
only allowing authorized and authenticated users can access
your resources?
Detective controls
Identity and Access Management
Infrastructure protection
Incident response
189. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Knowledge Check
When considering cost optimization, what model allows you to
pay only for what computing resources you actually use?
Consumption model
Economies of scope model
Economies of scale model
Expenditure model
190. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Knowledge Check
Which of the following describes Elastic Load Balancers (ELB)?
Launches or terminates instances based on specified conditions
Creates new resources on-demand
Distributes incoming traffic amongst your instances
Translates domain names into IP addresses
191. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Knowledge Check
Which of the following is NOT considered a fault tolerant tool?
S3
WAF
SQS
RDS
193. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Topics
Fundamentals of Pricing
Pricing Details
Overview of the Total Cost of Ownership Calculator
Overview of AWS Support Plans
194. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Fundamentals of Pricing
195. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
AWS Pricing Model
Pay-as-you-go
Pay less when you reserve
Pay even less per unit by using more
Pay even less as AWS grows
196. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Pay-As-You-Go
Pay only for the services you consume, with no large
upfront expenses.
Lower variable costs
Pay only as long as you need the service
Adapt to changing business needs
Redirect focus on innovation and invention
197. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Pay Less When You Reserve
Invest in reserved instances
Save up to 75%
Options
All Upfront
Partial Upfront
No Upfront payments
198. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Pay Less By Using More
Realize volume-based discounts
Savings as usage increases
Tiered pricing for services (for example, Amazon S3,
Amazon EC2)
No charge for inbound data transfer
Storage services options
199. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Pay Even Less as AWS Grows
As AWS grows
Focuses on lowering cost of doing business
Passes savings from economies of scale down to you
200. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Custom Pricing
Meet varying needs through custom pricing
Available for high-volume projects with unique
requirements
201. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
AWS Free Tier
AWS Free Tier helps customer get started in the cloud
Limitations:
Up to one year
Certain services and options
For more details, see: https://www.aws.amazon.com/free
202. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
No Extra Charge
AWS services for no additional charge:
Amazon VPC
AWS Elastic Beanstalk
AWS CloudFormation
AWS IAM
Auto Scaling
203. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Summary
Pay only for what you use
Start and stop anytime
No long-term contracts required
204. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Pricing Details
205. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
AWS Fundamentals
Pay for AWS fundamentals:
Compute
Storage
Outbound data transfer
No charge:
Inbound data transfer
Charge for aggregated outbound
206. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Service Pricing for AWS Offerings
Amazon EC2
Amazon S3
Amazon EBS
Amazon RDS
Amazon CloudFront
207. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Amazon EC2
Provide resizable compute capacity in the cloud
Allows the configuration of capacity with minimal friction
Provides complete control
Charges only for capacity used
208. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Amazon EC2: Billing and Instance Configuration
Clock-Second/Hourly Billing
Resources incur charges only when running
Instance Configuration
Physical capacity of the instance
Pricing varies with:
AWS region
OS
Instance Type
Instance Size
209. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Amazon EC2: Purchase Types
Ways to pay for Amazon EC2 instances
On-demand instances
Compute capacity by the hour and second
Minimum of 60 seconds
Reserved Instances
Low or no up-front payment instances reserved
Discount on hourly charge for that instance
Spot Instances
Bid for unused Amazon EC2 capacity
210. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Amazon EC2: Number of Instances and Load
Balancing
Number of Instances
Provision multiple instances to handle peak loads
Load Balancing
Uses Elastic Load Balancing to distribute traffic
Calculates monthly cost based on
Hours load balancer runs
Data load balancer processes
211. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Amazon EC2: Monitoring
Use Amazon CloudWatch to monitor instances.
Basic monitoring (default)
Detailed monitoring
Fixed monthly rate
Prorated partial months
212. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Amazon EC2
Auto Scaling
Automatically adjusts number of instances
Incurs no additional charge
Elastic IP Addresses
No charge for one Elastic IP address associated with a running
instance.
213. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Amazon EC2: OS and Software
Pricing for operating systems and software packages:
Includes OS prices in instance prices
Partners with other vendors for certain software
Requires licenses from vendors for other software
Brings existing license through specific vendor programs
214. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Amazon S3: Storage Classes
Types of storage classes
Standard Storage
99.999999999% durability
99.99% availability
Standard-Infrequent Access (S-IA)
99.999999999% durability
99.9% availability
215. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Amazon S3: Storage
Considerations for estimating storage cost
The number and size of objects
Type of storage
216. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Amazon S3
Requests:
Pricing based on
Number of requests
Type of requests
Different rates for GET requests
Data Transfer
Pricing based on the amount of data transferred out of the
Amazon S3 region
217. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Amazon EBS
Block-level storage for instances
EBS volumes persist independently from the instance
Analogous to virtual disks in the cloud
Three volume types:
General Purpose (SSD)
Provisioned IOPS (SSD)
Magnetic
218. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Amazon EBS: Volumes and IOPS
Volumes
All volume types are charged by the amount provisioned per month
IOPS
General Purpose (SSD)
Included in price
Magnetic
Charged by the number of requests
Provisioned IOPS (SSD)
Charged by the amount you provision in IOPS
219. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Amazon EBS: Snapshots and Data Transfer
Snapshots
Added cost of EBS snapshots to Amazon S3 is per GB-month of
data stored
Data Transfer
Inbound data transfer has no charge
Outbound data transfer charges are tiered
220. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Amazon RDS
Relational database in the cloud
Cost-efficient and resizable capacity
Management of time-consuming administrative tasks
221. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Amazon RDS: Clock-Hour Billing and Database
Characteristics
Clock-Hour Billing
Resources incur charges when running
Database Characteristics
Physical capacity of database:
Engine
Instance Type
Instance Size
222. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Amazon RDS: DB Purchase Type and Multiple
DB Instances
DB Purchase Type
On-demand database instances
By the hour
Reserved database instances
Up-front payment for database instances reserved
Multiple DB Instances
Provision multiple DB instances to handle peak loads
223. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Amazon RDS: Storage
Provisioned Storage
No charge
Backup storage of up to 100% of database storage
Charge (GB/month)
Backup storage for terminated DB instances
Additional Storage
Charge (GB/month)
Backup storage in addition to provisioned storage
224. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Amazon RDS: Deployment Type and Data
Transfer
Storage and I/O charges vary depending on deployment type
Single Availability Zones
Multiple Availability Zones
Data Transfer
No charge for Inbound data transfer
Tiered charges for outbound data transfer
225. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Amazon CloudFront
Web service for content delivery
Integration with other AWS services
Low latency
High data transfer speeds
No minimum commitments
226. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Amazon CloudFront: Traffic Distribution
Pricing
Vary across geographic regions
227. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Amazon CloudFront: Requests and Data
Transfer Out
Requests
Pricing based on
Number/type of requests
Geographic region
Data Transfer Out
Pricing is based on the amount of data transferred out of
Amazon CloudFront edge locations
228. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Summary
Fundamental characteristics of product
Estimate usage
Map usage to prices
229. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Overview of the Total Cost of
Ownership Calculator
230. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
AWS TCO Calculator
Use the TCO calculator to
Estimate cost savings
Use detailed reports
Modify assumptions
Accessing the TCO Calculator:
https://awstcocalculator.com
231. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Summary
Estimate cost savings
Use detailed set of reports
Modify assumptions for business needs
232. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Overview of AWS Support Plans
233. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
AWS Support
Provide unique combination of tools/expertise
AWS Support
AWS Support Plans
234. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
AWS Support
Support is provided for
Experimenting with AWS
Production use of AWS
Business critical use of AWS
235. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
AWS Support
Proactive guidance
Technical Account Manager (TAM)
Best practices
Trusted Advisor
Account assistance
AWS Support Concierge
236. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Support Plans
AWS Support offers four support plans:
Basic Support
Developer Support
Business Support
Enterprise Support
237. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Summary
AWS Support
AWS Support Plans
Basic Support plan
Developer Support plan
Business Support plan
Enterprise Support plan
238. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Knowledge Check
When calculating the cost of Amazon EC2, what factors will
impact pricing? (Choose 2)
Number of items in your inbound data transfer
Number and size of objects stored in your Amazon S3 buckets
Number of instances
Number of seconds and hours Elastic Load Balancer runs
239. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Knowledge Check
What charges apply to data transfer across AWS? (Choose 2)
No charge for inbound data transfer across all Amazon Web Services in
all regions
No charge for outbound data transfer across all Amazon Web Services
in all regions
No charge for inbound data transfer for EC2 instances
No charge for outbound data transfer between Amazon Web Services
within the same region
No charge for inbound data transfer between Amazon Web Services
within the same region
240. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Knowledge Check
As AWS grows, the general cost of doing business is reduced and
savings are passed back to the customer in the form of lower
pricing. What is this cost optimization called?
Economies of scope
Economies of labor
Economies of scale
Economies of cost
Economies of optimization
241. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Knowledge Check
What type of applications are recommended for Amazon EC2
reserved instances?
Applications that are only feasible at lower compute prices
Applications that have flexible start and end times
Applications with steady state or predictable usage
Applications being developed or tested for the first time
242. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Knowledge Check
What are the characteristics of the Developer Support Plan?
(Choose 2)
One primary contact may open a case
Unlimited contacts may open a case
Business hours access to cloud support associates via email
24/7 access to cloud support engineers via email, chat, and phone
Assigned to a Technical Account Manager
243. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Knowledge Check
What is NOT a consideration when estimating the cost of
Amazon S3?
Number and size of objects
Storage class
Requests
Input Output Operations per Second (IOPS)
Data transfer
244. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Knowledge Check
With the “pay-as-you-go” pricing model, how often do you pay
for compute resources from the time you launch a resource until
you terminate it?
Quarterly
Yearly
Monthly
Daily
Secondly and hourly
245. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Knowledge Check
What AWS tool compares the cost of running your application in
an on-premise data center to AWS?
Total Cost of Operation (TCO) Calculator
Total Cost of Application (TCA) Calculator
Total Cost of Services (TCS) Calculator
Total Cost of Products (TCP) Calculator
Total Cost of Ownership (TCO) Calculator
246. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
With deep expertise on AWS, APN Partners can help your
organization at any stage of your Cloud Adoption Journey.
AWS Managed Service Providers
APN Consulting Partners who are skilled at cloud
infrastructure and application migration, and offer
proactive management of their customer’s environment.
AWS Competency Partners
APN Partners who have demonstrated technical
proficiency and proven customer success in specialized
solution areas.
AWS Service Delivery Partners
APN Partners with a track record of delivering specific
AWS services to customers.
Ready to get started with an APN Partner?
Find a partner: https://aws.amazon.com/partners/find/
AWS Marketplace
A digital catalog with thousands of software listings from
independent software vendors that make it easy to find,
test, buy, and deploy software that runs on AWS.
247. Thank you for participating!
© 2018 Amazon Web Services, Inc. or its affiliates. All rights reserved. This work may not be reproduced or redistributed, in whole or
in part, without prior written permission from Amazon Web Services, Inc. Commercial copying, lending, or selling is prohibited.
Corrections or feedback on the course, please email us at: aws-course-feedback@amazon.com. For all other questions, contact us at:
https://aws.amazon.com/contact-us/aws-training/. All trademarks are the property of their owners.