0% found this document useful (0 votes)

72 views72 pages

Aws Basics

The document provides an introduction to cloud computing, explaining its pay-as-you-use model and the infrastructure behind it, including data centers and AWS services. It details the organization of AWS accounts, user permissions, and the various AWS products available for businesses. Additionally, it outlines the architecture of a social media application, discussing components like web servers, application servers, databases, and load balancers, along with their management and scaling considerations.

Uploaded by

Karthik K

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as PDF, TXT or read online on Scribd

0% found this document useful (0 votes)

72 views72 pages

Aws Basics

Uploaded by

Karthik K

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as PDF, TXT or read online on Scribd

You are on page 1/ 72

INTRODUCTION TO

Cloud Computing
Cloud computing originates from the idea of letting businesses use your
resources and infrastructure for which you paid the whole price for, but you
eventually profit by renting it out to them for a fraction of the price using Now if you are able to connect
the internet. your datacentre to the internet
This model allows businesses to adopt a pay as you use model without so that you can let others use
having to invest in any resources or having to manage them. these servers
remotely/virtually via an IP
address then you have
succeeded in building a cloud
Imagine owing a Mac Book Pro infrastructure.
that costs around 2499$.

If we were to strip the display,

speakers, mousepad, keyboard
, all the unwanted programs
and software from within it and Now lets say:
finally its brand value, then we BUISNESS A wants to use a
are left with what is called a cluster of these servers just to
commodity hardware or in store some data like how you
simpler terms a single plain would use your laptop to store
server or CPU would cost just your personal pictures, videos
about a fraction. or files.
BUISNESS B wants to use a Now try to make this infrastructure more intelligent and smart by
group of these servers to writing some code behind the scenes which based on the
perform data analytics similar requirements/inputs of the Businesses will provision your servers to
Accumulate a bunch of these to how you would use your fulfil that task. This is the basic principle of cloud computing.
servers and interconnect them laptop to make a spreadsheet
so that they can communicate to analyse your monthly Extrapolate the complexities involved in developing a similar
with each other and with an expenditure. infrastructure by a 1000 times and you will have AWS aka Amazon
external peripheral device you Web Services which is a Cloud Solution used by thousands of
have got yourself a datacentre. companies.
AWS Datacentres

➢ 36 Regions
➢ 114 Availability Zones
➢ 700+ Edge Locations Regions
Upcoming Regions
AWS Data distribution
AVAILABILITY ZONE EDGE LOCATION

An Availability Zone (AZ) is a

group of AWS datacentres.

An AWS Region consists of a group of

Availability Zones in which the AZs are
separated by at least 10 – 20 miles.
This is done with the intention that when we Consider you are a business user who stays at the red dot marked area on the
use certain AWS services we want to replicate map of US as shown above and that you have chosen to avail certain AWS
and store the data in multiple AZs within a services offered by the Ohio Region and its AZs. Now as you can infer from the
region so that in case a natural calamity or map, the Ohio region is considerably far away from the red dot and it could
some unforeseen incidents happen because of cause some latency in content being delivered from the region. Hence we
which a particular AZ goes down then we would have Edge locations spread across all the major cities around the world that
still have a backup of the data that we can later bridges this gap in order to reduce the delay. For example if the business user
restore. These AZs are connect to each other requested for a picture from the AWS storage service in Ohio then it would be
via high speed low latency fibres in order to placed in the Edge location and then be sent to the end user and the next
increase replication speed. time he makes the same request instead of having to fetch it again from the
Its just like have an external hard disk backup Ohio data centre it would rather be fetched more quickly from the edge
all your data in case your laptop gets corrupted. location.
AWS Account
Just like how you would need to create a Facebook account to use the services that Facebook provides, every businesses should create an AWS account in order to use the AWS services.
You do this by first creating a Root user that has all privileges to do anything and everything on AWS. And then post that using the root user you create other user accounts containing users or
groups that have supervised access to only the services they need.
For example if you were the Technical Head of your company and the owner of the AWS root user account and you had 3 teams, namely the Developer team, the Data analytics team and the
Cyber security team, then you would go ahead and create a user account [because in general you must not use the root account as it has all the privileges which could be misused] with 3 User
Groups and give access to individual users to access certain services based on whether they are into development, analytics or security.
This way the users who belong to the development user group will have access to use the AWS services that are only related to developmental activities and wont be given access to the AWS
security services which would rather be managed by the team that has access to the Security user group. This way things are more organised and under control at an organisation level.
Its very similar to you buying a laptop for yourself and then when someone else wants to use it, rather than giving them access to your account which is the root user, you create a guest profile
that has limited functionality and when they use it, they wont be able to see your files nor can they delete them by accident. You can also choose to share certain folders or files from the root
account to the guest account profile.

Developer analytics group

Also note that a

user can be part
Developer user group of multiple user
IAM groups, therefore
if a developer
Creates needs to access
certain AWS
services exclusive
Analytics user group to the Analytics
Root account User account
team, He/she can
be added to both
user groups.

Security user group

IAM Policy Sample

{
ROLE "Version": "2012-10-17",
"Statement": [

GROUPS
{

USERS
"Sid": "ReadOnlyAccessToS3",
"Effect": "Allow", Allow
"Principal": {
POLICY "AWS": "arn:aws:iam::123456789012:user/ExampleUser" ExampleUser
},
"Action": [ to
"s3:GetObject",
"s3:ListBucket" Get and List Objects
],
"Resource": [ from
"arn:aws:s3:::example-bucket",
"arn:aws:s3:::example-bucket/*" this s3 bucket
],
"Condition": { under
"StringEquals": {
"s3:prefix": "logs/" this s3 bucket subpath
}
}
}
]
}
Top AWS Cloud Products

• Amazon Cognito
• Amazon Augmented • Amazon Detective
• Amazon Athena
AI • Amazon GuardDuty
• Amazon Aurora • Amazon CloudSearch
• Amazon CodeGuru • Amazon Inspector
• Amazon DynamoDB • Amazon EMR
• Amazon • Amazon Macie
• Amazon EC2 • Amazon ElastiCache • Amazon FinSpace
Comprehend • AWS Artifact
• Amazon EC2 Auto • Amazon Elastic Block • Amazon Keyspaces • Amazon Kinesis
• Amazon API Gateway • Amazon DevOps • AWS Audit Manager
Scaling Store (for Apache • Amazon Kinesis Data
• Amazon CloudFront Guru • AWS Certificate
• Amazon EC2 Image • Amazon Elastic File Cassandra) Firehose
• Amazon Route 53 • Amazon Forecast Manager
Builder System • Amazon MemoryDB • Amazon Kinesis Data
• Amazon VPC • Amazon Fraud • AWS CloudHSM
• Amazon Lightsail • Amazon FSx for for Redis Analytics
• AWS App Mesh Detector • AWS Directory
• AWS App Runner Lustre • Amazon Neptune • Amazon Kinesis Data
• AWS Cloud Map • Amazon HealthLake Service
• AWS Batch • Amazon FSx for • Amazon Relational Streams
• AWS Direct Connect • Amazon • AWS Firewall
• AWS Elastic OpenZFS Database Service • Amazon Kinesis
• AWS Global Comprehend Manager
Beanstalk • Amazon FSx for • Amazon RDS on Video Streams
Accelerator Medical • AWS Identity and
• AWS Fargate NetApp ONTAP VMware • Amazon OpenSearch
• AWS PrivateLink • Amazon Kendra Access Management
• AWS Lambda • Amazon FSx for • Amazon Quantum Service
• AWS Private 5G • Amazon Lex • AWS Key
• AWS Serverless Windows File Server Ledger Database • Amazon Redshift
• AWS Transit • Amazon Personalize Management Service
Application • Amazon Simple (Amazon QLDB) • Amazon QuickSight
Gateway • Amazon Polly • AWS Network
Repository Storage Service • Amazon Timestream • AWS Data Exchange
• AWS VPN • Amazon Rekognition Firewall
• AWS Outposts • AWS Backup • Amazon • AWS Data Pipeline
• Elastic Load • Amazon SageMaker • AWS Resource
• AWS Wavelength • AWS Storage DocumentDB (with • AWS Glue
Balancing • Amazon Textract Access Manager
• VMware Cloud on Gateway MongoDB • AWS Lake Formation
• Amazon Transcribe • AWS Secrets
AWS compatibility) • Amazon Managed
• Amazon Translate Manager
• Amazon Lightsail Streaming for
• AWS DeepComposer • AWS Shield
managed databases Apache Kafka
• AWS DeepLens • AWS IAM Identity
(Amazon MSK)
• AWS DeepRacer Center
• AWS WAF
AWS Hierarchy

Certain AWS services run at an account level such as

AWS Billing, IAM etc. because AWS bills you at an
AWS Account account level and you create users, permissions and
roles using IAM from an account level.

Some AWS services run at a Region level such as S3,

Region 1 Region 2 Region 3 Dynamo DB etc.

AZ AZ AZ AZ AZ AZ And last but not the least we also have certain services
that needs to be configured within a particular AZ such
1 2 3 1 1 2 as AWS EC2, EBS etc.
LETS BUILD A SOCIAL MEDIA APPLICATION
facegram Users

Lets start by assuming a few users are interested

to start using our Social media platform called
Facegram
facegram Private Network

In a social media application, a private network is

essential to ensure secure communication
between your application’s backend components,
Private such as databases, servers, and internal services.
By isolating these resources from the public
network
internet, you reduce the risk of unauthorized
access, data breaches, and malicious attacks. A
private network acts as a secure "highway" where
sensitive data, like user information and posts,
can travel safely between services without
exposure to external threats.

Non-AWS Alternatives:
Examples include Google Private Cloud and Azure
Virtual Network.
facegram Web Server

IP In a traditional social media application, a virtual

machine (VM) web server is used to host the
application’s frontend and backend logic. It
Private handles user requests, serves web pages, and
processes interactions like posting content, liking,
network
or commenting. A VM provides a flexible and
isolated environment to run your application, but
it requires manual management of resources,
scaling, and maintenance, which can become
Web Server complex as your user base grows.

Non-AWS Alternatives:
VM Examples include Google Compute Engine and
disk Microsoft Azure Virtual Machines.
facegram Application server

IP In a traditional social media application, a virtual

machine (VM) app server is responsible for
running the application’s business logic, such as
Private handling user authentication, processing posts,
managing notifications, and interacting with the
network
database. It acts as the backbone of your
application, ensuring that all user interactions are
processed efficiently. However, managing VMs
can be time-consuming, as it involves patching,
Web Server scaling, and maintaining the underlying
infrastructure.

VM Non-AWS Alternatives:
disk Examples include Google Compute Engine and
Microsoft Azure Virtual Machines.
App Server

VM
disk
facegram Relational Database

IP In a social media application, a relational

database is used to store structured data such as
user profiles, posts, comments, and relationships
Private (e.g., friends or followers). Relational databases
are ideal for handling complex queries and
network
maintaining data integrity through features like
ACID (Atomicity, Consistency, Isolation,
Durability) compliance. However, managing a
relational database requires expertise in scaling,
Web Server backups, and performance optimization,
especially as the application grows.

VM Non-AWS Alternatives:
disk Examples include MySQL, PostgreSQL, and
Microsoft SQL Server.
App Server

VM
disk

Relational DB

DB
facegram Scaling

IP In a social media application, horizontal scaling is

the process of adding more virtual machines
(VMs) to your infrastructure to handle increased
Private traffic or workload. This approach ensures that
your application remains responsive and
network
available, even during peak usage times like viral
posts or events. Horizontal scaling distributes the
load across multiple servers, improving
performance and fault tolerance. However, it
Web Server requires careful management of load balancing,
session management, and synchronization
between instances.
VM VM
disk disk Non-AWS Alternatives:
Examples include Google Compute Engine with
App Server Managed Instance Groups and Microsoft Azure
Virtual Machine Scale Sets.
VM VM
disk disk

Relational DB

DB
facegram Load Balancer

IP In a social media application, a load balancer is a

critical component that distributes incoming user
traffic across multiple servers or virtual machines.
Private This ensures that no single server becomes
overwhelmed, improving the application’s
network
responsiveness, availability, and fault tolerance.
Load balancers also help handle traffic spikes,
Load balancer such as when a post goes viral, by evenly
distributing the load and providing seamless
Web Server failover in case of server failures.

Non-AWS Alternatives:
VM VM Examples include NGINX, HAProxy, and Google
disk disk Cloud Load Balancing.
App Server

VM VM
disk disk

Relational DB

DB
facegram Domain Naming System

Facegram.com
In a social media application, DNS is the system
DNS that translates human-readable domain names
(like www.example.com) into IP addresses,
Private allowing users to access your application over the
internet. DNS acts as the "phonebook" of the
network
internet, directing users to the correct servers
where your application is hosted. A reliable DNS
Load balancer service ensures low latency, high availability, and
seamless failover, which are critical for delivering
Web Server a smooth user experience.

Non-AWS Alternatives:
VM VM Examples include Google Cloud DNS, Cloudflare
disk disk DNS, and Microsoft Azure DNS.
App Server

VM VM
disk disk

Relational DB

DB
facegram NoSQL Database

Facegram.com
In a social media application, a NoSQL database is
DNS used to store and manage unstructured or semi-
structured data, such as user-generated content,
Private comments, activity logs, and real-time
notifications. NoSQL databases are highly scalable
network
and flexible, making them ideal for handling large
volumes of rapidly changing data. They also
Load balancer provide low-latency access, which is crucial for
delivering a fast and responsive user experience.
Web Server
Non-AWS Alternatives:
Examples include MongoDB, Cassandra, and
VM VM Google Cloud Firestore.
disk disk
App Server

VM VM
disk disk

Relational DB
NoSQL
DB DB
facegram Database Cache

Facegram.com
In a social media application, a database cache is
DNS used to temporarily store frequently accessed
data, such as user profiles, posts, or comments, in
Private memory. This reduces the load on the primary
network database and speeds up response times for read-
heavy operations. By serving data directly from
the cache, your application can handle more
Load balancer users and deliver a faster, smoother experience,
especially during high-traffic events.
Web Server
Non-AWS Alternatives:
Examples include Redis and Memcached.
VM VM
disk disk
App Server

VM VM
disk disk

DB Cache

Relational DB
NoSQL
DB DB
facegram File Storage

Facegram.com
In a social media application, a file storage service
DNS is used to store and manage user-generated
content such as images, videos, and documents.
Private This service ensures that files are securely stored,
network easily accessible, and scalable to handle growing
amounts of data. A robust file storage solution is
essential for delivering media-rich experiences,
Load balancer like photo sharing or video streaming, to your
users.
Web Server
Non-AWS Alternatives:
Media External Examples include Google Cloud Storage,
VM VM Files Storage
Microsoft Azure Blob Storage, and Dropbox.
disk disk
App Server

VM VM
disk disk

DB Cache

Relational DB
NoSQL
DB DB
facegram Content Filter

Facegram.com
In a social media application, a content filter is
DNS used to automatically detect and moderate
inappropriate or harmful content, such as explicit
Private images, videos, or text. This ensures a safe and
positive user experience by preventing the spread
network
of offensive or illegal material. Content filtering is
especially critical for platforms with user-
Load balancer generated content, as manual moderation alone
cannot scale to handle the volume of uploads.
Web Server
Non-AWS Alternatives:
Media External Examples include Google Cloud Vision API,
VM VM Files Storage Microsoft Azure Content Moderator, and OpenAI
disk disk Moderation API.
App Server

Content filter
VM VM
disk disk

DB Cache

Relational DB
NoSQL
DB DB
facegram Click Stream Analysis

Facegram.com
In a social media application, clickstream analysis
DNS involves tracking and analyzing user interactions,
such as clicks, page views, and navigation paths,
Private to gain insights into user behavior. This data helps
network improve the user experience, optimize content
placement, and drive engagement by
understanding how users interact with the
Load balancer platform. Clickstream analysis is essential for
making data-driven decisions, such as refining the
Web Server user interface or personalizing content
recommendations.
Media External
VM VM Files Storage Non-AWS Alternatives:
disk disk Examples include Google Analytics, Adobe
Analytics, and Mixpanel.
App Server

Content filter
VM VM
disk disk

Click Stream
Analysis

DB Cache

Relational DB
NoSQL
DB DB
facegram
Facegram.com
DNS
Private
network

Load balancer
Web Server

Media External
VM VM Files Storage
disk disk
App Server

Content filter
VM VM
disk disk

Click Stream External

Storage
Analysis

DB Cache

Relational DB
NoSQL
DB DB
facegram Large data processing

Facegram.com
In a social media application, Apache Spark and
DNS Apache Hadoop are used for large-scale data
processing and analytics. Hadoop provides a
Private distributed file system (HDFS) and a framework
for processing large datasets across clusters, while
network
Spark offers fast, in-memory data processing for
tasks like real-time analytics, machine learning,
Load balancer and ETL (Extract, Transform, Load). Together, they
enable you to analyze massive amounts of user
Web Server data, such as engagement metrics, clickstream
data, and content trends, to improve decision-
Media External making and personalize user experiences.
VM VM Files Storage
disk disk Non-AWS Alternatives:
Examples include Google Dataproc (managed
App Server Spark and Hadoop), Cloudera, and Microsoft
Azure HDInsight.
Content filter
VM VM
disk disk

Click Stream External Spark/

Storage
Analysis Hadoop
DB Cache

Relational DB
NoSQL
DB DB
facegram Data Warehouse

Facegram.com
In a social media application, a data warehouse is
DNS used to store and analyze large volumes of
structured data from various sources, such as
Private user interactions, clickstream data, and
network transactional records. It enables complex queries
and analytics, helping you uncover insights like
user engagement trends, content performance,
Load balancer and ad campaign effectiveness. A data warehouse
is essential for consolidating data from multiple
Web Server systems and providing a unified view for reporting
and decision-making.
Media External
VM VM Files Storage Non-AWS Alternatives:
disk disk Examples include Google BigQuery, Snowflake,
App Server and Microsoft Azure Synapse Analytics.

Content filter
VM VM
disk disk