AWS Cert: Cloud Computing, EC2, Support, and IAM

AWS Cert: Cloud Computing, EC2, Support, and IAM

These are my simplified study notes of key topics on AWS Cloud Computing, EC2, Support, and IAM

Lets backtrack a little, what even is cloud computing? 🤔

Cloud computing is the concept of renting someone else's infrastructure to run your applications.

Why would I do this?

Cloud computing offers some advantages against assembling your own server:

  • Less upfront cost since you don't need to buy any hardware
  • Global reach since your application will be hosted in the internet and most providers offer caching near your clients
  • It offers better performance, better scalability, and easier provision

There are some types for cloud computing. It can be classified into:

  • SAAS - software as a service where you get the ready to go application with minimal config
  • PAAS - platform as a service where you get an almost ready place to deploy you application
  • IAAS - infrastructure as a service were they offer you the server ans its up to you to configure It
  • Public cloud - means every person can go there and host their things in servers with shared resources. Eg.: AWS, GCP
  • Private cloud - you rent the server so the resource is fully dedicated to you
  • Hybrid cloud - you mix your local deploy with some stuff hosted in other types

Support

When you need and AWS specialist, you will have to pay. There are 4 tiers and the difference between each of them lay in the access to an specialist (and the price). With the most basic tier you get a business hours support which means you're mostly on your own, but when you move to the next level you start getting a 24/7 line to help you. After that each tier comes with more goodies like faster response times and even, o the most expensive tier, consulting with senior aws professionals.

IAM

This is were naming get confusing, there are two IAMs.

IAM (Identity and access management)

This is where you will manage permissions for users, roles, and services. It uses programmatic access with keys for a single account.

IAM ID center

This is where you configure SSO for centralize access, and configure organizations to separate costs, budgets, and policies.

I still don't understand it!!

Well basically, you will want to use IAM (Identity and access management) when you need programmatic access like scripts and automation. And IAM ID center to manage human users with temporary credentials and SSO.

ECS

The Elastic Container Service basically means you're renting virtual servers. You can host stuff like DBMS, websites, ML training, and tests. ECS can grow with demand, what means it is elastic. And its scalable both vertically by beefing up the instance or horizontally by deploying more clones.

There are several instance types, one for each need:

  • General purpose - not optimized for anything
  • Compute - optimized for applications that benefit from faster CPUs
  • Memory - for RAM hungry applications and caches
  • Accelerated computing - Video cards for the AI/ML flows
  • Storage - For storage intensive applications
  • HPC - High performance computing units with speedy hardware and lots of bandwidth on their ethernet cards

The pricing for ECS has 3 tiers. The on demand which has the standard price. The Savings plane were you pay off some years of usage ahead of time at a discounted time. And spot instances with up to 90% discount but not meant to run application that can't be deprovisioned without warning (if they need the resource, they will take your application down)

Now when deploying your ECS you can configure templates (if you don't want to set the same configuration every time you will setup), you choose and image (paid images available), you create a key to access SSH, and you configure SSH and disk.

Reminder: You do pay for standby storage when deprovisioning.

Finally, ECS comes with a stateless firewall, with means that it allows answers automatically.