Dig into AWS Essentials - Part 2

Table of contents

Networking and Content Delivery in AWS

• Amazon Web Services (AWS) provides a comprehensive set of networking and content delivery services that enable organizations to build and manage highly available, scalable, and secure infrastructure for their applications and websites.
• Global Content Delivery Network (CDN) service that speeds up delivery of video content, APIs, websites, or other web assets.
• These services encompass various aspects of networking, including connectivity, content delivery, security, and monitoring.
• Offer more safe and economical way to route end users to web applications by translating names into IP address.
• Set up a dedicated network connection from a location to AWS.

Services offered -

• Elastic Load Balancing: High Scale Load Balancing

  • Application Load Balancer: Route traffic based on application-level content (HTTP/HTTPS).
  • Network Load Balancer: Handle high-throughput, low-latency traffic.
  • Classic Load Balancer: Provide basic load balancing for EC2 instances.
  • Health Checks: Automatically route traffic to healthy instances.

• Amazon Route 53: Scalable Domain Name System

  • DNS Management: Register and manage domain names.
  • Scalable DNS Routing: Distribute incoming traffic across AWS resources globally.
  • Health Checks: Monitor the health of resources and perform automated failovers.

• Amazon Cloud Front: Global Content Delivery Network

  • Content Delivery Network: Accelerate content delivery with a global network of edge locations.
  • Dynamic and Static Content: Cache and deliver dynamic and static content efficiently.
  • Origin Shield: Improve cache hit ratios and reduce load on origin servers.
  • Real-Time Metrics: Monitor cache performance and viewer behavior.

• AWS Direct Connect: Dedicated Network Connection to AWS

  • Dedicated Network Connection: Establish dedicated, low-latency connections to AWS.
  • Private and Public VIFs: Connect to VPCs, public AWS services, or both.
  • Direct Connect Gateway: Simplify connectivity to multiple VPCs in different regions.

• Amazon VPC: Isolated Cloud Resources

  • Customizable Networking: Create isolated network environments with custom IP address ranges, subnets, and routing tables.
  • Security: Control network access using security groups and Network Access Control Lists (NACLs).
  • VPN and Direct Connect Integration: Establish secure connections to on-premises data centers.
  • PrivateLink: Access AWS services privately, without using the public internet.

Security, Identity and Compliance in AWS

• Amazon Web Services (AWS) provides a robust set of tools and services for managing security, identity, and compliance within the AWS cloud environment.
• These services enable organizations to secure their resources, control access, and maintain compliance with various industry standards and regulations.
• Pay only for the services been used.

Security, Identity, and Compliance Products

• Amazon Inspector ~

  • It is an automated security assessment service provided by Amazon Web Services (AWS).
  • It helps to identify security vulnerabilities and compliance issues within your AWS resources and applications.
  • Amazon Inspector simplifies the process of assessing and improving the security and compliance of the workloads by automating security assessments and providing detailed findings and recommendations.

• Amazon GuardDuty ~

  • Amazon GuardDuty is a managed threat detection service provided by Amazon Web Services (AWS) that continuously monitors and analyzes AWS account activity, network traffic, and AWS resource configurations for security threats and vulnerabilities.
  • It helps organizations protect their AWS environments from various types of threats, including malicious activity, unauthorized access, and misconfigurations.

• Amazon Macie ~

  • Amazon Macie is a fully managed data security and privacy service offered by Amazon Web Services (AWS).
  • Macie uses machine learning and artificial intelligence (AI) to automatically discover, classify, and protect sensitive data in AWS.
  • It helps organizations maintain the security and compliance of their data by identifying and monitoring access to sensitive information.

• AWS Identity and Access Management (IAM) ~

  • User Management: Create and manage AWS users, groups, and roles.
  • Fine-Grained Access Control: Assign permissions to resources using policies and permissions boundaries.
  • Multi-Factor Authentication (MFA): Enhance account security with MFA for IAM users.

• AWS Artifact ~

  • Access compliance documentation, reports, and agreements to support audit and compliance needs.

• AWS Artifact ~

  • Access compliance documentation, reports, and agreements to support audit and compliance needs.

• AWS Certificate Manager (ACM) ~

  • SSL/TLS Certificates: Provision, manage, and deploy SSL/TLS certificates for your applications and websites.

• AWS CloudHSM ~

  • Hardware Security Module (HSM): Securely generate, store, and manage cryptographic keys.

• AWS WAF ~

  • Web application firewall that aids in protecting web applications from web threats that could eat up excessive resources, or compromise security, hinder application availability.

AWS in IoT

• AWS IoT (Internet of Things) is a suite of services provided by Amazon Web Services (AWS) designed to help organizations connect, manage, and secure IoT devices and data.
• It enables customers to build and scale IoT applications, collect and analyze data from IoT devices, and implement security measures to protect their IoT ecosystem.

key components and aspects of AWS IoT

• AWS IoT Greengrass:

  • Edge Computing: Greengrass extends AWS services to edge devices, enabling local data processing and reducing latency.
  • Offline Operation: Devices can operate offline and sync data with AWS when connectivity is restored.
  • Lambda Functions: Run AWS Lambda functions locally on IoT devices.

• AWS IoT Core:

  • Device Connectivity: AWS IoT Core allows IoT devices to securely connect to the cloud, providing bidirectional communication.
  • Message Broker: It supports publish-subscribe and request-response messaging patterns for real-time communication.
  • Device Shadows: Device Shadows enable virtual representations of physical devices, helping maintain device state even when devices are offline.
  • Security: IoT Core provides authentication and authorization mechanisms to ensure secure device communication.
  • Integration: It integrates with other AWS services for data processing, storage, and analytics

• AWS IoT Device Management:

  • Device Registry: Maintain a registry of your IoT devices, tracking metadata and configuration information.
  • Fleet Provisioning: Simplify device onboarding and provisioning at scale.
  • OTA (Over-the-Air) Updates: Manage and deploy firmware updates to IoT devices securely.

• AWS IoT Analytics:

  • Data Processing: IoT Analytics provides tools to clean, process, and enrich IoT data.
  • Integration with IoT Core: Ingest data from IoT Core for analysis.
  • Data Storage: Store processed data in AWS data lakes or data warehouses.

• AWS IoT 1-Click:

  • Simplified Device Setup: Enable one-click provisioning of IoT devices and trigger predefined actions.

• AWS IoT Secure Tunneling:

  • Device Connectivity: Securely connect to and manage remote devices and troubleshoot connectivity issues.

• AWS IoT FleetWise:

  • Fleet Management: Manage and optimize vehicle fleets, enabling tracking, monitoring, and maintenance.

Messaging in AWS

• Messaging in Amazon Web Services (AWS) refers to the use of various messaging services and tools to enable communication and data exchange between different components of distributed applications or systems.
• Quick, flexible, fully managed push notification service to transmit specific messages or to fan-out messages to numerous recipients
• Run targeted campaigns to create user engagement in mobile applications
• AWS offers several services for messaging and queuing that help facilitate asynchronous communication, decouple components, and improve the scalability and reliability of applications.
• Cost-effective email service created on the scalable and reliable infrastructure

Key offerings - these below messaging services cater to various usecases where these services enable developers to build scalable, reliable and decoupled applications that can respond to events, handle high-throughput messaging, and ensure fault tolerance and scalability in distributed systems.

• Simple Email Service (SES) - Email Sending and Receiving
• Pinpoint - Push Notifications for Mobile Applications
• Simple Notification Service (SNS) - Pub or Sub, Mobile Push and SMS
• Simple Queue Service (SQS) - Managed Message Queues

Application Services in AWS

• Application Services in Amazon Web Services (AWS) refer to a set of managed services designed to simplify and accelerate the development, deployment, and management of various types of applications.
• These services offer specific functionalities or features that can be integrated into the applications, reducing the need for the developer to manage infrastructure and enabling to focus on building and delivering the application’s core functionality.
• Depending on the developer’s specific use case and application requirements, one can leverage these services to offload infrastructure management and focus on delivering value to the users.

Different Application Services are :

AWS Step Functions ~

• AWS Step Functions is a fully managed serverless orchestration service provided by Amazon Web Services (AWS), easy to create and run multistep applications.
• It enables to coordinate and visualize workflows as state machines, making it easier to build and run applications with distributed and asynchronous components.
• Create applications from single components that each perform a discrete function to change and scale applications quickly.
• Triggers and tracks each step automatically, and retries when errors are noticed,
• AWS Step Functions simplifies the development of complex, multi-step applications by managing the execution of each step, handling retries, and providing detailed visibility into workflow execution.

Amazon API Gateway ~

• Amazon API Gateway is a fully managed service provided by Amazon Web Services (AWS) that enables to create, publish, and manage APIs (Application Programming Interfaces) for the applications.
• It serves as a gateway for connecting applications to backend services, including AWS services and on-premises resources, and allows to expose these resources to external clients such as web and mobile applications.
• Pay only for the API calls received and the data transferred.

API Gateway Benefits ~

• Low-Cost and Efficient Performance at Any Scale Easily Monitor API Activity Streamline API Development Secure and Flexible Flexible Security Controls Create RESTful Endpoints Run Your APIs Without Servers

Elastic Transcoder ~

• Amazon Elastic Transcoder is a fully managed media transcoding service provided by Amazon Web Services (AWS).
• It enables to convert multimedia files from one format to another, making them suitable for playback on various devices and platforms.
• Elastic Transcoder is often used to prepare video and audio content for streaming, distribution, and playback in web and mobile applications.
• Businesses and developers could transcode or convert media files from their source format into versions that will playback on devices such as PCs, tablets and smartphones.
• It is designed to be user-friendly, economical, and highly scalable.

Mobile Services in AWS

• Amazon Web Services (AWS) offers a comprehensive set of mobile services that help developers build, deploy, and scale mobile applications quickly and efficiently.
• These services provide tools and resources for developing mobile apps, managing user identity and authentication, storing and synchronizing data, and enabling real-time communication.

AWS offers the environment for this ->

• Stream Real-Time Data – Gather real-time clickstream logs and react quickly.
• Store Shared Data – Store and query NoSQL data to users and devices.
• Authorize Access – Securely access cloud resources.
• Send Push Notifications – Keep users active by transmitting messages reliably.
• Deliver Media – Detect mobile devices automatically and render content quickly on a global basis.
• Analyze User Behavior – Track engagement and active users.
• Synchronize Data – Sync user preferences across devices.
• Manage Media – Store and share user-generated photos and other media items.
• Authenticate Users – Manage identity providers and users.

AWS Offerings in Mobile Services -

• AWS Mobile Hub - Build, Test, and Monitor Apps
• Amazon Cognito - User Identity and App Data Synchronization
• AWS Mobile SDK - Mobile Software Development Kit
• Amazon API Gateway - Build, Deploy, and Manage APIs
• Amazon Pinpoint - Push Notifications for Mobile Apps
• AWS Device Farm - Test Android, FireOS, and iOS Apps on Real Devices in the Cloud

Mobile Hub ~

• AWS Mobile Hub was a service provided by Amazon Web Services (AWS) that aimed to simplify the development of mobile applications.
• By providing a centralized console for managing and configuring the backend resources and services needed for mobile app development.
• However, AWS Mobile Hub has been integrated into AWS Amplify.
• AWS Amplify is a comprehensive development framework and set of tools for building scalable and secure web and mobile applications.
• It includes features for authentication, APIs, GraphQL, storage, analytics, and more.
• Amplify streamlines the process of creating cloud-powered applications and simplifies the integration of AWS services into the app.

Cognito ~

• Amazon Cognito is a fully managed identity and access management service provided by Amazon Web Services (AWS).
• It is designed to simplify and secure the authentication, authorization, and user management processes for web and mobile applications.
• Amazon Cognito offers a set of features and capabilities that allow developers to add user sign-up and sign-in functionality to their applications, manage user identities, and control access to resources.
• This functions both offline or online, and enables to save user-specific data securely such as game state and application preferences.

Summary

Amazon Web Services (AWS) is a comprehensive and widely-used cloud computing platform provided by Amazon.com. It offers a wide range of cloud services, including computing power, storage, databases, machine learning, analytics, security, and more.

Happy Learning !!!