Beyond EC2 and S3How the AWS Ecosystem can work for you

Agenda• Introduction• Amazon Web Services• AWS Products and Services• Use Cases / Practical Applications

Lorenzo Aiello• “Big Data Geek”• Five Talent• AWS/IT Engineer

• Working with AWS Ecosystem since 2012• Manage large AWS deployments• $200,000 / year

• Multiple AWS Certifications

Amazon Web Services• Large Companies had Scaling Problems• Google, Amazon and Microsoft developed their own Clouds• Launched in JAN 2006• Google Cloud launched in APR 2008• Microsoft Azure launched in OCT 2008

AWS Perceptions and MisconceptionsLess Reliable 99.999999999% Guarantee

Automated Failure Recovery11 Geographic Regions3-5 Accessible Availability Zones per Region

More Expensive Pay as you goMultiple ways to lower costs from “retail”Overcapacity discountsAutoScale capacity as-needed

Less Secure Client Owned DataEncryption Options AvailableClient Chosen LocationData Versioning and Automated BackupsManaged FirewallsDedicated Hardware

AWS Assurance Programs

Big-Name AWS Clients

Virtual Private Cloud (VPC)

Internet Gateway

security group security group

Elastic Computer Cloud (EC2)

ENI• Network Interface• Re-Assignable• Handles NATing

Instance• Actual Server• Multiple Distributions• Custom Operating System

AMI• Amazon Machine Image• Complete Snapshot• Type Independent

Elastic Computer Cloud (EC2)

EIP• Elastic IP• Static IP• rDNS/PTR Available• Re-Assignable within Acct

ELB• Load Balancer• Infinite Scaling• Multiple Protocols• SSL Termination• Dual Stack Networking

Auto Scaling• Handles Instance Scaling• Auto-Join to ELB• Flexible Triggers/Rules

Route 53

Hosted Zones• DNS Server• Globally Distributed

Amazon S3

Bucket• Available over SSL• Signed URLs (Expires)• No Size/File/Folder Limits• Can Server Static Files

Object• 5TB File Limit• Custom MetaData• Managed Encryption• Self-Encrypted

Glacier• Cold Storage• 1/3 the Cost• Designed for Archives• 3-4 Hour Recovery Time

Elastic Block Storage

Volume• Hard Drive for EC2 Instances• Magnetic / SSD available• Guaranteed Performance• 16 TB Max / Volume• Encryption Available

Snapshot• “AMI” for Volumes• Point-in-Time Snapshot• Stored in S3• Regional Transfers

Content Delivery

Distribution• Content Delivery Network (CDN)• Download and Streaming (RTMP) Options• Geographic Restrictions Available• Custom Domains (APEX Support)• User-Defined Caching Behavior• Cookie/Header Forwarding Available• Device Detection

Edge Locations• Cache Location• 50+ Locations Worldwide

Databases

RDS• Relational Databases• Failover• Automated Snapshots• Read-Replicas (Cross Region)• Software

• MySQL• Oracle• PostgreSQL• MSSQL

DynamoDB• NoSQL Database• Guaranteed Performance

ElastiCache• In-Memory Caching• Clustering Available• Software

• Memcached• Redis

CloudWatch

Alarms• Health Monitoring• Usable Across Most Services• 1-Minute Metrics• Custom Metrics / Intervals• User-Defined Actions / Behaviors on Trigger

Application Services

SES• Email Service• Authenticated SMTP Relay

SQS• Queueing Service• Adding JSON Tasks• Long-Polling

SNS• Notification Service• Push Notifications• Protocols

• HTTP• Email• Mobile• Cell Networks

Identity and Access Management

Users / Groups• Custom Policies• Completely Granular• Managed Policies

Roles• Server Roles• Rotating Credentials• SDK Auto-Queries Meta

MFA• Multi-Factor Authentication• Ability to Force / Require

Who should and shouldn’t use AWS

Who Should• Looking for Low Cost, High

Availability• Highly fluctuating workloads

Who Shouldn’t• Extra-ordinary requirements• Need for Bulk Bandwidth• Requirement for physical access

Best Practices and Quick Tips• Protect the Master Account• Enable Multi-Factor Authentication• Use IAM Accounts

• Never store Access Keys in Source Code• Use Local Profiles• Use Server Roles

• Never store data on EC2 Instances• Use RDS Databases• Use S3 for Files / Objects

• Use auto-scaling of one instead of none