AWS

From Network Security Wiki
(Redirected from Cloud)
Jump to navigation Jump to search


Basics

Benefits:

No need to buy Server
Scalability
No need to manage

Compute Services:

EC2 = Virtual OS
Lambda = Background task
Elastic Beanstalk = Application environment (JAR,PHP,Python,etc)
Elastic LB = Distribute Load
Autoscaling = Scale up or down automatically

Storage Services:

S3 = Object Oriented File System
Cloudfront = Content Delivery
Elastic Block Storage = EBS is block level storage provides high IOPS
Glacier = Data Archiving services, low cost storage
Snowball = Physical transfer of Data to AWS
Storage Gateway = integration between premises servers & AWS

Database Services:

RDS = Relational DB Mgmt Services
Aurora = Amazon developed DB high performance
DynamoDB = Non Relational DB Mgmt Services
Elasticache = caches query results
RedShift = Data warehouse service

Networking Services:

VPC = Virtual Network where we can launch AWS resources
Direct Connect = Leased Line to AWS DC
Route 53 = DNS services, can register Domain name here

Management Services:

CloudWatch = Cloud Monitoring Tool
CloudFormation = Create Templated of AWS Infrastructure
CloudTrail = Logging Service
CLI
OpsWorks = Config Management Tool
Trusted Advisor = Personal Assistant

Security Services:

IAM = Identity and Access Management  which users can create, delete Instances
KMS

Application Services:

SES = EMail
SQS = Queuing service
SNS = Notification Service


Hosting a Website

Logical Topology:

User -> Address -> Website -> File Server + Database

AWS Topology:

[Route 53]
    ||
[Autoscaling Group and Elastic Load Balancer]
    ||
[EC2]---[EC2]---[EC2]
    ||
   [IAM]
    ||
[RDS]----[S3]


Elastic IP

An Elastic IP address is a static IPv4 address designed for dynamic cloud computing. 
An Elastic IP address is associated with your AWS account. 
With an Elastic IP address, you can mask the failure of an instance or software by rapidly remapping the address to another instance in your account.


IAM Role

Similar to a user
It is an AWS identity with permission policies that determine what the identity can and cannot do in AWS.
However, instead of being uniquely associated with one person, a role is intended to be assumable by anyone who needs it.

Route53

   Paste.png     This section is under construction.



References





blog comments powered by Disqus