Contenu connexe Similaire à AWSome Day - Madrid, July 23rd 2014 (20) Plus de Amazon Web Services (20) AWSome Day - Madrid, July 23rd 20141. ©
2013,
2014
Amazon
Web
Services,
Inc.
and
its
affiliates.
All
rights
reserved.
AWSome Days Training and
Certification
Training and
Certification
Copyright
©
2013,
2014
Amazon
Web
Services,
Inc.
and
its
affiliates.
All
rights
reserved.
This
work
may
not
be
reproduced
or
redistributed,
in
whole
or
in
part,
without
prior
wriGen
permission
from
Amazon
Web
Services,
Inc.
Commercial
copying,
lending,
or
selling
is
prohibited.
QuesJons?
Email
us
at
aws-‐training-‐info@amazon.com.
AWSome Days
Madrid, July 2014
Victor Pareja
parejav@amazon.lu
2. ©
2013,
2014
Amazon
Web
Services,
Inc.
and
its
affiliates.
All
rights
reserved.
AWSome Days Training and
Certification
2
We
value
your
feedback
!
#aws
#awsomedays
3. ©
2013,
2014
Amazon
Web
Services,
Inc.
and
its
affiliates.
All
rights
reserved.
AWSome Days Training and
Certification
Course Overview | Training Agenda
AWS
Introduction
1
AWS Storage
2
AWS Compute
& Networking
3
Deployment &
Management
5
Managed
Services &
Database
4
4. ©
2013,
2014
Amazon
Web
Services,
Inc.
and
its
affiliates.
All
rights
reserved.
AWSome Days Training and
Certification
1
This module describes the history and fundamental elements of Amazon Web
Services (AWS), as well as how to navigate the AWS Management Console. It
discusses the AWS Global Infrastructure, security measures provided by AWS and
basic principles of deploying on AWS.
2 3 54
Introduction
to AWS
AWS Storage Managed
Services &
Database
Deployment &
Management
AWS Compute
& Networking
Course Overview | Training Agenda Module 1
5. ©
2013,
2014
Amazon
Web
Services,
Inc.
and
its
affiliates.
All
rights
reserved.
AWSome Days Training and
Certification
1 2 3 54
This module describes the fundamental elements of AWS Storage with a focus on
Amazon Simple Storage Service (S3) and Amazon Elastic Block Store (EBS).
AWS Storage Managed
Services &
Database
Deployment &
Management
AWS Compute
& Networking
Course Overview | Training Agenda Module 2
Introduction
to AWS
6. ©
2013,
2014
Amazon
Web
Services,
Inc.
and
its
affiliates.
All
rights
reserved.
AWSome Days Training and
Certification
1 2 3 54
This module describes the fundamental elements of AWS Compute and Networking,
with a focus on Amazon Elastic Compute Cloud (EC2). This module will build off
what you learned in Module 2 by verifying how to use Amazon Elastic Block Storage.
AWS Compute
& Networking
AWS Storage Managed
Services &
Database
Deployment &
Management
Course Overview | Training Agenda Module 3
Introduction
to AWS
7. ©
2013,
2014
Amazon
Web
Services,
Inc.
and
its
affiliates.
All
rights
reserved.
AWSome Days Training and
Certification
1 2 3 54
This module describes the fundamental elements of AWS Managed Services and
Databases. This module will focus on key aspects of Amazon Relational Database
Service (RDS) and how to execute Amazon RDS.
Managed
Services &
Database
AWS Storage AWS Compute
& Networking
Deployment &
Management
Course Overview | Training Agenda Module 4
Introduction
to AWS
8. ©
2013,
2014
Amazon
Web
Services,
Inc.
and
its
affiliates.
All
rights
reserved.
AWSome Days Training and
Certification
1 2 3 54
This module describes the fundamental elements of AWS Deployment and
Management products and services.
Deployment &
Management
Introduction
to AWS
AWS Storage Managed
Services &
Database
AWS Compute
& Networking
Course Overview | Training Agenda Module 5
9. ©
2013,
2014
Amazon
Web
Services,
Inc.
and
its
affiliates.
All
rights
reserved.
AWSome Days Training and
Certification
Training and
Certification
Introduction to AWS
Module 1
Copyright
©
2013,
2014
Amazon
Web
Services,
Inc.
and
its
affiliates.
All
rights
reserved.
This
work
may
not
be
reproduced
or
redistributed,
in
whole
or
in
part,
without
prior
wriGen
permission
from
Amazon
Web
Services,
Inc.
Commercial
copying,
lending,
or
selling
is
prohibited.
QuesJons?
Email
us
at
aws-‐training-‐info@amazon.com.
10. ©
2013,
2014
Amazon
Web
Services,
Inc.
and
its
affiliates.
All
rights
reserved.
AWSome Days Training and
Certification
Introduction to AWS | Overview
Module Overview
This module describes the history and fundamental elements of Amazon
Web Services (AWS), as well as how to navigate the AWS Management
Console. It discusses the AWS Global Infrastructure, security measures
provided by AWS and basic principles of deploying on AWS.
11. ©
2013,
2014
Amazon
Web
Services,
Inc.
and
its
affiliates.
All
rights
reserved.
AWSome Days Training and
Certification
Introduction to AWS | Learning Objectives
1 Navigate the AWS Management Console.
2 Recognize AWS Global Infrastructure.
Describe the security measures AWS provides.
3
By the end of this module you will be able to:
12. ©
2013,
2014
Amazon
Web
Services,
Inc.
and
its
affiliates.
All
rights
reserved.
AWSome Days Training and
Certification
Introduction to AWS | Cloud Computing
Compute
Storage
Security
Scaling
Database
Networking
Monitoring
Messaging
Workflow
DNS
Load Balancing
BackupCDN
13. ©
2013,
2014
Amazon
Web
Services,
Inc.
and
its
affiliates.
All
rights
reserved.
AWSome Days Training and
Certification
Training and
Certification
AWS History
14. ©
2013,
2014
Amazon
Web
Services,
Inc.
and
its
affiliates.
All
rights
reserved.
AWSome Days Training and
Certification
Introduction to AWS | Amazon History
1995
2006
2012
Amazon.com
Launched
Online
Bookstore
Amazon
Publishing
Kindle
Launched
Amazon
Games
Jeff
Bezos
Incorporated
the
Company
2007
2005
1994
2013
Amazon
Web
Services
Launched
Amazon
Art
15. ©
2013,
2014
Amazon
Web
Services,
Inc.
and
its
affiliates.
All
rights
reserved.
AWSome Days Training and
Certification
Introduction to AWS | History of Amazon Web Services
16. ©
2013,
2014
Amazon
Web
Services,
Inc.
and
its
affiliates.
All
rights
reserved.
AWSome Days Training and
Certification
Introduction to AWS | AWS Cloud Computing
On Demand
}
Uniform
Pay As You Go
Available
Compute
Storage
Security
Scaling
Database
Networking
Monitoring
Messaging
Workflow
DNS
Load Balancing
BackupCDN
17. ©
2013,
2014
Amazon
Web
Services,
Inc.
and
its
affiliates.
All
rights
reserved.
AWSome Days Training and
Certification
Introduction to AWS | AWS Core Infrastructure and Services
Traditional Infrastructure Amazon Web Services
Security
Network
Servers
Storage
&
Database
RDBMSDAS
SAN
NAS
Security
Network
Servers
Storage
&
Database
Security Groups NACLs Access Mgmt
EBS S3
VPC
VPC
EC2 “Classic”
“Public
”
Amazon
EC2
RDSEphemeral
ELB
Expand
On-Demand
Provision
AMI Instances
18. ©
2013,
2014
Amazon
Web
Services,
Inc.
and
its
affiliates.
All
rights
reserved.
AWSome Days Training and
Certification
Introduction to AWS | Amazon Web Services
Your Applications
Deployment & Management
AWS Management
Console
Web Interface
Application Services & Networking
Compute, Storage & Database
CloudWatch
Monitoring
IAM
Identity & Access
Content Delivery
CloudFront
Distributed Computing
Amazon EMR Auto Scaling
Compute
Amazon EC2
Storage
Amazon S3 Amazon
Glacier
Amazon EBS
Database
Amazon Redshift DynamoDB Amazon RDS ElastiCache
Elastic Load
BalancingRoute 53Amazon VPC
Networking
AWS Direct Connect
AWS
CloudFormation Elastic Beanstalk
Deployment & Automation
OpsWorks
19. ©
2013,
2014
Amazon
Web
Services,
Inc.
and
its
affiliates.
All
rights
reserved.
AWSome Days Training and
Certification
Introduction to AWS | Amazon Web Services
AWS Management Console
Demonstration
20. ©
2013,
2014
Amazon
Web
Services,
Inc.
and
its
affiliates.
All
rights
reserved.
AWSome Days Training and
Certification
Training and
Certification
Global Infrastructure
21. ©
2013,
2014
Amazon
Web
Services,
Inc.
and
its
affiliates.
All
rights
reserved.
AWSome Days Training and
Certification
Introduction to AWS | Regions and Edge Locations
10 AWS Regions
51 AWS Edge Locations
22. ©
2013,
2014
Amazon
Web
Services,
Inc.
and
its
affiliates.
All
rights
reserved.
AWSome Days Training and
Certification
US Regions Global Regions
AZ - A AZ - B
AZ - C
EU (Ireland)
AZ - A AZ - B
South America
(Sao Paulo)
AZ - A AZ - B
Asia Pacific (Sydney)
AZ - A AZ - B
GovCloud (US)
AZ - A AZ - B
AZ - C AZ - D
US East (VA)
AZ - A AZ - B
US West (CA)
AZ - A AZ - B
Asia Pacific (Singapore)
AZ - A AZ - B
AZ - C
Asia Pacific (Tokyo)
AZ - A AZ - B
AZ - C
US West (OR)
Customer Decides Where Applications and Data Reside
Note: Conceptual drawing only. The number of Availability Zones (AZ) may vary.
Introduction to AWS | AWS Regions and Availability Zones (AZ)
23. ©
2013,
2014
Amazon
Web
Services,
Inc.
and
its
affiliates.
All
rights
reserved.
AWSome Days Training and
Certification
Introduction to AWS | Achieving High Availability using Multi-AZ
Region
Availability
Zone - A
Availability
Zone - B
Availability
Zone - C
24. ©
2013,
2014
Amazon
Web
Services,
Inc.
and
its
affiliates.
All
rights
reserved.
AWSome Days Training and
Certification
Training and
Certification
Security
25. ©
2013,
2014
Amazon
Web
Services,
Inc.
and
its
affiliates.
All
rights
reserved.
AWSome Days Training and
Certification
Introduction to AWS | Shared Responsibility
Foundation Services
Compute Storage Database Network
AWS Global
Infrastructure
Regions
Availability Zones
Edge
Locations
Client-side Data Encryption &
Data Integrity Authentication
Server-side Encryption
(File System and/or Data)
Network Traffic Protection
(Encryption/Integrity/Identity)
Platform, Applications, Identity & Access Management
Operating System, Network & Firewall Configuration
Customer Data
AWSCustomer
26. ©
2013,
2014
Amazon
Web
Services,
Inc.
and
its
affiliates.
All
rights
reserved.
AWSome Days Training and
Certification
Introduction to AWS | Physical Security
! 24x7 trained security guards
! Locations in nondescript, undisclosed facilities
! Two-factor authentication for ingress
! Authorization for data center access
27. ©
2013,
2014
Amazon
Web
Services,
Inc.
and
its
affiliates.
All
rights
reserved.
AWSome Days Training and
Certification
Introduction to AWS | Hardware, Software and Network
! Automated change control process
! Bastion servers that record all
access attempts
! Firewall and other boundary devices
! AWS monitoring tools
28. ©
2013,
2014
Amazon
Web
Services,
Inc.
and
its
affiliates.
All
rights
reserved.
AWSome Days Training and
Certification
IMPLEMENTATION
DATADAILY SOFTWARE
SYSTEM
COPY
RECOVERY
LOCATION
VALIDATION
COMPRESSION
STORAGE
MEDIA
WEEKLY
DEVICE INCREMENTAL REMOTE REPORTING
POLICY LOCAL
LOG SERVER
DEFFERENTIAL
PROTECTION
FULL SCHEDULING ONLINE
MONTHLY MONITORING
MANAGING
CATALOG DATABASE
SECURITY
BACKUP
OFF-LINE PROCESS
RESTORE
INDEX PROCEDURE
Introduction to AWS | Security and Compliance Resources
! Secure API access points for
encrypted transmission over HTTPS
using SSL
! Cryptographic keys and certificates
are required for any user or software
program to access an AWS API
! Security Groups to let you control
external access to your instances
29. ©
2013,
2014
Amazon
Web
Services,
Inc.
and
its
affiliates.
All
rights
reserved.
AWSome Days Training and
Certification
User Accounts
Create individual
AWS Identity and
Access Management
(IAM) user accounts
so that each user
managing AWS has
their own security
credentials
IAM
Introduction to AWS | SSL Endpoints
Subnet Control
In your Virtual
Private Cloud, create
low level networking
constraints for
resource access,
such as public and
private subnets,
internet gateways,
and NATs
VPC
Secure
Transmission
Establish secure
communication
sessions (HTTPS)
using SSL
SSL Endpoints
Instance Firewalls
Configure firewall
rule for instances
and load balancers
using Security
Groups
Security Groups
30. ©
2013,
2014
Amazon
Web
Services,
Inc.
and
its
affiliates.
All
rights
reserved.
AWSome Days Training and
Certification
Introduction to AWS | Security Groups
Secure
Transmission
Establish secure
communication
sessions (HTTPS)
using SSL
SSL Endpoints
Instance Firewalls
Configure firewall
rule for instances
and load balancers
using Security
Groups
Security Groups
User Accounts
Create individual
AWS Identity and
Access Management
(IAM) user accounts
so that each user
managing AWS has
their own security
credentials
IAM
Subnet Control
In your Virtual
Private Cloud, create
low level networking
constraints for
resource access,
such as public and
private subnets,
internet gateways,
and NATs
VPC
31. ©
2013,
2014
Amazon
Web
Services,
Inc.
and
its
affiliates.
All
rights
reserved.
AWSome Days Training and
Certification
Introduction to AWS | AWS Multi-tier Security Groups
HTTP
SSH
DB-sync
Ports 80 and 443 only
open to the internet
Engineering staff have
SSH / RDP access to
Bastion host
DB-sync can be
established with a
database server
running on-premise
All other internet ports
blocked by default
EC2
EC2
EBS
Web Tier
EC2
32. ©
2013,
2014
Amazon
Web
Services,
Inc.
and
its
affiliates.
All
rights
reserved.
AWSome Days Training and
Certification
Introduction to AWS | Identity and Access Management (IAM)
Secure
Transmission
Establish secure
communication
sessions (HTTPS)
using SSL
SSL Endpoints
Instance Firewalls
Configure firewall
rule for instances
and load balancers
using Security
Groups
Security Groups IAM
User Accounts
Create individual
AWS Identity and
Access Management
(IAM) user accounts
so that each user
managing AWS has
their own security
credentials
Subnet Control
In your Virtual
Private Cloud, create
low level networking
constraints for
resource access,
such as public and
private subnets,
internet gateways,
and NATs
VPC
33. ©
2013,
2014
Amazon
Web
Services,
Inc.
and
its
affiliates.
All
rights
reserved.
AWSome Days Training and
Certification
Introduction to AWS | Account Control
AWS Identify and Access Management (IAM)
AWS Identity and Access Management (IAM) enables you to securely control
access to AWS services and resources for your users. Using IAM, you can
create and manage AWS users and groups and use permissions to allow and
deny their permissions to AWS resources. If you are new to IAM, read the
IAM Top 10 Best Practices.
Note: Master IAM accounts should not be used for production systems!!!
34. ©
2013,
2014
Amazon
Web
Services,
Inc.
and
its
affiliates.
All
rights
reserved.
AWSome Days Training and
Certification
Introduction to AWS | Virtual Private Cloud (VPC)
VPC
Secure
transmission
Establish secure
communication
sessions (HTTPS)
using SSL
SSL Endpoints
Instance firewalls
Configure firewall
rule for instances
and load balancers
using Security
Groups
Security Groups
User Accounts
Create individual
AWS Identity and
Access Management
(IAM) user accounts
so that each user
managing AWS has
their own security
credentials
IAM
Subnet Control
In your Virtual
Private Cloud, create
low level networking
constraints for
resource access,
such as public and
private subnets,
internet gateways,
and NATs
35. ©
2013,
2014
Amazon
Web
Services,
Inc.
and
its
affiliates.
All
rights
reserved.
AWSome Days Training and
Certification
Introduction to AWS | Certifications and Accreditations
! AWS publishes SOC 1 Type II, SOC 2 Type II and SOC 3 reports
! AWS is PCI DSS Level 1 compliant and ISO 27001 certified
! AWS has achieved FedRAMP compliance, received authorization from
the U.S. Government
! FISMA Moderate level
! Authorities to Operate (ATOs) under the Defense Information
Assurance Certification and Accreditation Program (DIACAP)
36. ©
2013,
2014
Amazon
Web
Services,
Inc.
and
its
affiliates.
All
rights
reserved.
AWSome Days Training and
Certification
Additional Resources
Introduction to AWS | Additional Resources
Here are some additional resources:
! More details and up to date information on Global Infrastructure can be found
online: http://aws.amazon.com/about-aws/globalinfrastructure/
! AWS Management Console: https://console.aws.amazon.com/console/home.
! AWS Security Assurance and Compliance Programs:
https://aws.amazon.com/compliance/
! Security Center: http://aws.amazon.com/security
! IAM Best Practices:
http://docs.aws.amazon.com/IAM/latest/UserGuide/IAMBestPractices.html
37. ©
2013,
2014
Amazon
Web
Services,
Inc.
and
its
affiliates.
All
rights
reserved.
AWSome Days Training and
Certification
Introduction to AWS | Module Completion and Summary
Summary
You have reached the end of this training module. In summary, you have learned:
! How to navigate the AWS Management Console
! What is the AWS Global Infrastructure
! Describe the security measures AWS provides
38. ©
2013,
2014
Amazon
Web
Services,
Inc.
and
its
affiliates.
All
rights
reserved.
AWSome Days Training and
Certification
Training and
Certification
AWS Storage
Module 2
39. ©
2013,
2014
Amazon
Web
Services,
Inc.
and
its
affiliates.
All
rights
reserved.
AWSome Days Training and
Certification
AWS Storage | Overview
Module Overview
This module describes the fundamental elements of AWS Storage with a
focus on Amazon Simple Storage Service (S3) and Amazon Elastic Block
Store (EBS).
40. ©
2013,
2014
Amazon
Web
Services,
Inc.
and
its
affiliates.
All
rights
reserved.
AWSome Days Training and
Certification
AWS Storage | Learning Objectives
1 Identify key AWS storage options.
2 Describe Amazon Elastic Block Store (EBS).
Create an Amazon S3 Bucket and manage associated objects.
3
By the end of this training you will be able to:
41. ©
2013,
2014
Amazon
Web
Services,
Inc.
and
its
affiliates.
All
rights
reserved.
AWSome Days Training and
Certification
AWS Storage | AWS Storage Products and Services
Amazon
Simple
Storage
Service
Amazon
Glacier
AWS
Storage
Gateway
Amazon
Import/
Export
Amazon
Elastic
Block Store
42. ©
2013,
2014
Amazon
Web
Services,
Inc.
and
its
affiliates.
All
rights
reserved.
AWSome Days Training and
Certification
AWS Storage | AWS Storage Products and Services
Amazon
Simple
Storage
Service
Amazon
Glacier
AWS
Storage
Gateway
Amazon
Import/
Export
Amazon
Elastic
Block Store
43. ©
2013,
2014
Amazon
Web
Services,
Inc.
and
its
affiliates.
All
rights
reserved.
AWSome Days Training and
Certification
AWS Storage | Amazon Simple Storage Service (S3)
Storage for the Internet. Natively online,
HTTP access
Store and retrieve any amount of data,
any time, from anywhere on the web
Highly scalable, reliable, fast
and durable
Amazon
Simple
Storage
Service
44. ©
2013,
2014
Amazon
Web
Services,
Inc.
and
its
affiliates.
All
rights
reserved.
AWSome Days Training and
Certification
AWS Storage | Amazon S3 Storage Concepts
Amazon S3 Concepts
Amazon
S3
Bucket
with
Objects
Bucket
Object
! Amazon S3 stores data as
objects within buckets
! An object is comprised of a file
and optionally any metadata that
describes that file
! You can have up to 100 buckets
in each account
! You can control access to the
bucket and its objects
45. ©
2013,
2014
Amazon
Web
Services,
Inc.
and
its
affiliates.
All
rights
reserved.
AWSome Days Training and
Certification
AWS Storage | Amazon S3 Concepts - Buckets
Amazon S3 Buckets
Objects are stored in Buckets.
Objects can be accessed via a URL:
! Organize Amazon S3 namespace at highest level
! Identify account – storage and data transfer charges
! Access Control
! Unit of aggregation for usage reporting Amazon S3 Bucket
http://johnsmith.s3.amazonaws.com/photos/puppy.jpg
Bucket Object
46. ©
2013,
2014
Amazon
Web
Services,
Inc.
and
its
affiliates.
All
rights
reserved.
AWSome Days Training and
Certification
AWS Storage | Amazon S3 Concepts - Objects
Amazon S3 Objects
Objects are the fundamental entities stored in Amazon S3. When using the
console, you can think of them as being files. Objects consist of data and
metadata. The data portion is opaque to Amazon S3. The metadata is a
set of name-value pairs that describe the object.
! Default metadata such as the date last modified
! Standard HTTP metadata such as Content-Type
! Custom metadata at the time the object is stored
! An object is uniquely identified within a bucket by a key (name)
Object Bucket w/Objects
47. ©
2013,
2014
Amazon
Web
Services,
Inc.
and
its
affiliates.
All
rights
reserved.
AWSome Days Training and
Certification
AWS Storage | Amazon S3 Object Lifecycle
Lifecycle Management
Lifecycle management defines how Amazon S3 manages objects during their
lifetime. Some objects that you store in an Amazon S3 bucket might have a well-
defined lifecycle:
! Log files
! Archive documents
! Digital media archives
! Financial and healthcare records
! Raw genomics sequence data
! Long-term database backups
! Data that must be retained for regulatory compliance
48. ©
2013,
2014
Amazon
Web
Services,
Inc.
and
its
affiliates.
All
rights
reserved.
AWSome Days Training and
Certification
AWS Storage | Amazon S3 Pricing
! Pay only for what you use
! No minimum fee
! Prices based on location of your Amazon S3 bucket
! Estimate monthly bill using the AWS Simple Monthly Calculator
Pricing
49. ©
2013,
2014
Amazon
Web
Services,
Inc.
and
its
affiliates.
All
rights
reserved.
AWSome Days Training and
Certification
AWS Storage | Amazon S3 Facts
Facts
! Able to store unlimited number of Objects in a Bucket
! Objects up to 5TB; no bucket size limit
! Designed for 99.999999999% durability and 99.99% availability of objects
over a given year
! HTTP/S endpoint to store and retrieve any amount of data, at any time,
from anywhere on the web
! Highly scalable, reliable, fast, and inexpensive
! Server-side Encryption using AES 256-bit symmetric keys
! Access Logs for auditing
! Provides standards-based REST and SOAP interfaces
50. ©
2013,
2014
Amazon
Web
Services,
Inc.
and
its
affiliates.
All
rights
reserved.
AWSome Days Training and
Certification
AWS Storage | Amazon Glacier
Amazon
Glacier Extremely low-cost storage
Secure, durable storage for
data archiving and backup
Optimized for data that is
infrequently accessed
51. ©
2013,
2014
Amazon
Web
Services,
Inc.
and
its
affiliates.
All
rights
reserved.
AWSome Days Training and
Certification
AWS Storage | Amazon Glacier Storage Facts
! Offload the administrative burdens of operating and scaling archival
storage to AWS, and make retaining data for long periods, whether
measured in years or decades, especially simple.
! Optimized for data that is infrequently accessed and for which retrieval
time of several hours are suitable.
! No limit to the amount of data you can store in Amazon Glacier.
! Automatic Server-side Encryption using AES 256-bit symmetric keys.
! Average annual durability of 99.999999999% for an archive.
Facts
52. ©
2013,
2014
Amazon
Web
Services,
Inc.
and
its
affiliates.
All
rights
reserved.
AWSome Days Training and
Certification
AWS Storage | Amazon Elastic Block Store (EBS)
Amazon
Elastic
Block
Store
Attach to running instance and
expose as a block device
Persistent block level
storage volumes for
use with Amazon EC2
instances
Snapshots stored
durably in Amazon S3
53. ©
2013,
2014
Amazon
Web
Services,
Inc.
and
its
affiliates.
All
rights
reserved.
AWSome Days Training and
Certification
AWS Storage | Amazon EBS Lifecycle
Create
Vast amounts of
unused space
Call CreateVolume
1 GB to 1 TB
Attach
Deleted
Call AttachVolume to affiliate with
one Amazon EC2 instance
Attached
&
In Use
• Format from Amazon EC2
instance OS
• Mount formatted drive
CreateSnapshot
Snapshot to
Amazon S3
Detach
Call DetachVolume
Call DeleteVolume
54. ©
2013,
2014
Amazon
Web
Services,
Inc.
and
its
affiliates.
All
rights
reserved.
AWSome Days Training and
Certification
AWS Storage | Amazon EBS Facts
Facts about Amazon EBS
! Use for persistent storage
! Can use to create RAID configuration for a server
! Off-instance block storage that persists independently
! Volumes behave like unformatted block devices for Linux or Windows instances
55. ©
2013,
2014
Amazon
Web
Services,
Inc.
and
its
affiliates.
All
rights
reserved.
AWSome Days Training and
Certification
AWS Storage | Amazon EBS Use Case
Use Cases
! OS Boot device / root file system; secondary volumes/filesystems
! Typical basis for database storage
! Raw block devices for RAID, some databases
56. ©
2013,
2014
Amazon
Web
Services,
Inc.
and
its
affiliates.
All
rights
reserved.
AWSome Days Training and
Certification
AWS Storage | Amazon EBS Pricing
* Check Amazon EBS Pricing page for current pricing for all regions.
Pay for what you Provision
! Pricing based on Region
! AWS GovCloud (US) Pricing page
! Review Pricing Calculator online
57. ©
2013,
2014
Amazon
Web
Services,
Inc.
and
its
affiliates.
All
rights
reserved.
AWSome Days Training and
Certification
AWS Storage | Amazon EBS Best Practices
Amazon EBS Volumes are in a Single Availability Zone
Availability
Zone
A
EBS Volume 1
Availability
Zone
B
EBS Volume 2
Volume data is replicated across multiple servers in an Availability Zone.
58. ©
2013,
2014
Amazon
Web
Services,
Inc.
and
its
affiliates.
All
rights
reserved.
AWSome Days Training and
Certification
AWS Storage | Amazon EBS and Amazon S3
Amazon EBS Amazon S3
Paradigm File system Object store
Performance Very fast Fast
Redundancy Across multiple servers in an
Availability Zone
Across multiple facilities and on
multiple devices within each facility
Security Visible only to your
Amazon EC2
Public Key / Private Key
Access from
the Internet?
No (1) Yes (2)
Typical use
case
Its a disk drive Write once, read many
(1) Accessible from Internet if mounted to server and set up as FTP, etc.
(2) Only with proper credentials, unless ACLs are world-readable
59. ©
2013,
2014
Amazon
Web
Services,
Inc.
and
its
affiliates.
All
rights
reserved.
AWSome Days Training and
Certification
AWS Storage | AWS Storage Gateway
AWS
Storage
Gateway
Mirror your on-premises data
to Amazon EC2 instances
Connect an on-premises
software appliance with
cloud-based storage
Securely upload data to the AWS
cloud for cost effective backup and
rapid disaster recovery
60. ©
2013,
2014
Amazon
Web
Services,
Inc.
and
its
affiliates.
All
rights
reserved.
AWSome Days Training and
Certification
AWS Storage | Gateway-Cached Volume Architecture
61. ©
2013,
2014
Amazon
Web
Services,
Inc.
and
its
affiliates.
All
rights
reserved.
AWSome Days Training and
Certification
AWS Storage | AWS Storage Gateway Virtual Tape Library
62. ©
2013,
2014
Amazon
Web
Services,
Inc.
and
its
affiliates.
All
rights
reserved.
AWSome Days Training and
Certification
AWS Storage | Amazon Import/Export
Amazon
Import/
Export
Uses Amazon high-
speed internal network
Accelerates moving large
amounts of data into and out of
Amazon S3 or Amazon EBS
Transfers your data directly onto
and off of storage devices
63. ©
2013,
2014
Amazon
Web
Services,
Inc.
and
its
affiliates.
All
rights
reserved.
AWSome Days Training and
Certification
AWS Storage | AWS Import/Export Support
Import/Export Support
! Accelerates moving large amounts of data into and out of Amazon S3 or Amazon EBS
! Transfers your data directly onto and off of storage devices
! Uses AWS high-speed internal network
Amazon
S3
AWS Import/
Export
Amazon
S3
Amazon EBS
AWS Import/
Export
AWS Import/
Export
Amazon GlacierAWS Import/
Export
Import to Amazon S3
Export from Amazon S3
Import to Amazon EBS
Import to Amazon Glacier
AWS Import/Export supports:
64. ©
2013,
2014
Amazon
Web
Services,
Inc.
and
its
affiliates.
All
rights
reserved.
AWSome Days Training and
Certification
Training and
Certification
Amazon S3 Demo
65. ©
2013,
2014
Amazon
Web
Services,
Inc.
and
its
affiliates.
All
rights
reserved.
AWSome Days Training and
Certification
Additional Resources
AWS Storage | Additional Resources
Here are some additional resources:
! Yelp Amazon Case Study: http://aws.amazon.com/solutions/case-studies/yelp/
! Getting Started with Amazon S3 Video:
http://www.youtube.com/watch?v=1qrjFb0ZTm8&feature=youtu.be
! Online Pricing Calculator: http://calculator.s3.amazonaws.com/calc5.html
! Glacier: http://aws.amazon.com/glacier/
! Introduction to Amazon EBS Video:
https://us-east-1-aws-training.s3.amazonaws.com/intro/elb.html
66. ©
2013,
2014
Amazon
Web
Services,
Inc.
and
its
affiliates.
All
rights
reserved.
AWSome Days Training and
Certification
AWS Storage | Module Completion
Summary
You have reached the end of this training module. In summary, you have learned:
! The key AWS storage options
! What is an Amazon Elastic Block Store
! How to create an Amazon S3 bucket and manage associated objects
67. ©
2013,
2014
Amazon
Web
Services,
Inc.
and
its
affiliates.
All
rights
reserved.
AWSome Days Training and
Certification
Training and
Certification
Compute Services & Networking
Module 3
Copyright
©
2013,
2014
Amazon
Web
Services,
Inc.
and
its
affiliates.
All
rights
reserved.
This
work
may
not
be
reproduced
or
redistributed,
in
whole
or
in
part,
without
prior
wriGen
permission
from
Amazon
Web
Services,
Inc.
Commercial
copying,
lending,
or
selling
is
prohibited.
QuesJons?
Email
us
at
aws-‐training-‐info@amazon.com.
68. ©
2013,
2014
Amazon
Web
Services,
Inc.
and
its
affiliates.
All
rights
reserved.
AWSome Days Training and
Certification
Compute Services & Networking | Overview
Module Overview
This module describes the fundamental elements of AWS Compute and
Networking, with a focus on Amazon Elastic Compute Cloud (EC2). This
module will build off what you learned in Module 2 by verifying how to use
Amazon Elastic Block Storage.
69. ©
2013,
2014
Amazon
Web
Services,
Inc.
and
its
affiliates.
All
rights
reserved.
AWSome Days Training and
Certification
Compute Services & Networking | Learning Objectives
1 Identify the different AWS compute and networking options.
2 Describe what is Amazon Virtual Private Cloud (VPC).
4 Verify how to use Amazon Elastic Block Storage.
Create an Amazon Elastic Compute Cloud (EC2) Instance.
3
By the end of this training you will be able to:
70. ©
2013,
2014
Amazon
Web
Services,
Inc.
and
its
affiliates.
All
rights
reserved.
AWSome Days Training and
Certification
Compute Services & Networking | AWS Compute Products and Services
Amazon Elastic
Compute Cloud
(EC2)
Amazon Elastic
MapReduce
(EMR)
Auto
Scaling
71. ©
2013,
2014
Amazon
Web
Services,
Inc.
and
its
affiliates.
All
rights
reserved.
AWSome Days Training and
Certification
Compute Services & Networking | AWS Compute Products and Services
Amazon Elastic
Compute Cloud
(EC2)
Amazon Elastic
MapReduce
(EMR)
Auto
Scaling
72. ©
2013,
2014
Amazon
Web
Services,
Inc.
and
its
affiliates.
All
rights
reserved.
AWSome Days Training and
Certification
Compute Services & Networking | Amazon Elastic Compute Cloud (EC2)
Resizable compute capacity
Complete control of your
computing resources
Reduces the time required to obtain and
boot new server instances to minutes
Amazon Elastic
Compute Cloud
(EC2)
73. ©
2013,
2014
Amazon
Web
Services,
Inc.
and
its
affiliates.
All
rights
reserved.
AWSome Days Training and
Certification
Compute Services & Networking | Amazon EC2 Facts
! Resizable compute capacity with many instance types
! Reduces the time required to obtain and boot new server instances to minutes
or seconds
! Scale capacity as your computing requirements change
! Pay only for capacity that you actually use
! Choose Linux or Windows
! Deploy across Regions and Availability Zones for reliability
Facts about Amazon EC2
74. ©
2013,
2014
Amazon
Web
Services,
Inc.
and
its
affiliates.
All
rights
reserved.
AWSome Days Training and
Certification
Compute Services & Networking | Using Amazon EC2
How to Use Amazon EC2
! Select a pre-configured, Amazon Machine Image (AMI) to get up and running
immediately. Or create an AMI containing your applications, libraries, data, and
associated configuration settings.
! Configure security and network access on your Amazon EC2 instance.
! Choose which instance type(s) you want, then start, terminate, and monitor as
many instances of your AMI as needed, using the web service APIs or the
variety of management tools provided.
! Determine whether you want to run in multiple locations, utilize static IP
endpoints, or attach persistent block storage to your instances.
! Pay only for the resources that you actually consume, like instance-hours
or data transfer.
75. ©
2013,
2014
Amazon
Web
Services,
Inc.
and
its
affiliates.
All
rights
reserved.
AWSome Days Training and
Certification
Compute Services & Networking | Amazon Machine Images (AMI)
AMIs
! Building blocks of Amazon EC2 Instances
! An AMI is a template of a computer's root volume
! Can be public or private
! Create “gold Images” of your Amazon EC2 infrastructure
AMI
76. ©
2013,
2014
Amazon
Web
Services,
Inc.
and
its
affiliates.
All
rights
reserved.
AWSome Days Training and
Certification
Compute Services & Networking | Infrastructure and Applications
! Oracle
! SAP
! Microsoft
! AWS Marketplace
Infrastructure and Applications
77. ©
2013,
2014
Amazon
Web
Services,
Inc.
and
its
affiliates.
All
rights
reserved.
AWSome Days Training and
Certification
Compute Services & Networking | Amazon EC2 Instances
256
128
64
32
16
8
4
2
1
1
2
4
8
16
32
64
128
Amazon EC2 Compute Units
Memory(GB)
78. ©
2013,
2014
Amazon
Web
Services,
Inc.
and
its
affiliates.
All
rights
reserved.
AWSome Days Training and
Certification
Compute Services & Networking | Choosing the Right Instance
Your choice of Amazon EC2 instances matters…
! A larger compute instance will sometimes save you not only time but money
too. Paying more per hour for a shorter amount of time can be less expensive.
! Instances come in multiple sizes, allowing you to optimally scale resources to
the requirements of your workload. As you choose an instance type, consider
the following:
– Core count
– Memory size
– Storage size & type
– Network performance
79. ©
2013,
2014
Amazon
Web
Services,
Inc.
and
its
affiliates.
All
rights
reserved.
AWSome Days Training and
Certification
Compute Services & Networking | Amazon EC2 Instances with Intel®
Additional Features that impact your workload:
! Intel AES-NI1 – Intel processors that support these new encryption instructions
allow you to enable encryption for enhanced data security without paying a
performance penalty
! Intel AVX – Get dramatically better performance for highly parallel HPC
workloads such as life science engineering, data mining, financial analysis, or
other technical computing applications. AVX also enhances image, video, and
audio processing.
! Intel Turbo Boost Technology2 – Get a turbo boost of compute speed,
accelerating performance for peak loads. This Instance is appropriate for
traditional non-parallel workloads.
1. Intel AES-New Instructions (Intel AES-NI) requires a system with an AES-NI enabled processor, as well as non-Intel software to execute the instructions in the correct
sequence. AES-NI is available on select Intel processors. For more information, see
http://software.intel.com/en-us/articles/intel-advanced-encryption-standard-instructions-aes-ni/.
2. Intel Turbo Boost Technology requires a system with Intel Turbo Boost Technology capability. Performance varies depending on hardware, software, and system
configuration. For more information, see http://www.intel.com/content/www/us/en/architecture-and-technology/turbo-boost/turbo-boost-technology.html
80. ©
2013,
2014
Amazon
Web
Services,
Inc.
and
its
affiliates.
All
rights
reserved.
AWSome Days Training and
Certification
Compute Services & Networking | Choosing the Right Instance
Instances with All Three Intel® Xeon® Processor Technologies
81. ©
2013,
2014
Amazon
Web
Services,
Inc.
and
its
affiliates.
All
rights
reserved.
AWSome Days Training and
Certification
Compute Services & Networking | Instances with Intel®
Amazon EC2 Intel Processor Specifications
82. ©
2013,
2014
Amazon
Web
Services,
Inc.
and
its
affiliates.
All
rights
reserved.
AWSome Days Training and
Certification
Compute Services & Networking | Amazon EC2 Instances Pricing
Reserved Instances
! 1- or 3-year terms
! Pay 1 time low up-
front fee for significant
hourly discount
! Pay low up-front fee,
receive significant
hourly discount
! Helps ensure
compute capacity is
available when
needed
! Pay as you go for
compute power
! Pay only for what you
use, no up-front
commitments or
long-term contracts
On-Demand Instances Spot Instances
! Bid on unused
Amazon EC2
capacity
! Spot Price based on
supply/demand,
determined
automatically
! Spot Price below bid,
instances start
! Spot Price above bid,
instances terminate
AWS Free
Usage Tier
83. ©
2013,
2014
Amazon
Web
Services,
Inc.
and
its
affiliates.
All
rights
reserved.
AWSome Days Training and
Certification
Reserved Instances
Billing Options
ArchitecSng
With
AWS
Designing for Cost |
84. ©
2013,
2014
Amazon
Web
Services,
Inc.
and
its
affiliates.
All
rights
reserved.
AWSome Days Training and
Certification
Reserved Instances
On Demand
Spot
ComputeResources
Compute Services & Networking | Leverage all 3 Instances
85. ©
2013,
2014
Amazon
Web
Services,
Inc.
and
its
affiliates.
All
rights
reserved.
AWSome Days Training and
Certification
Compute Services & Networking | Compute Example
Virtual Machine
Configuration
AMI
Running or
Stopped VM
Instances VPC
EC2 “Classic”
“Public”
AZ Availability Zone
VPC
Region
VPC
EC2 “Classic”
“Public”
EBS EBS EBS EBS EBS EBS
Region
S3
EBS
Snapshots
S3 Buckets
86. ©
2013,
2014
Amazon
Web
Services,
Inc.
and
its
affiliates.
All
rights
reserved.
AWSome Days Training and
Certification
Training and
Certification
Amazon EC2 Demo
87. ©
2013,
2014
Amazon
Web
Services,
Inc.
and
its
affiliates.
All
rights
reserved.
AWSome Days Training and
Certification
Compute Services & Networking | Amazon Virtual Private Cloud (VPC)
Availability Zone
Virtual Private Cloud
AWS Cloud
Public Subnet
Internet
Virtual
Private
Cloud
Availability Zone
Private Subnet
Availability Zone
VPN Only Subnet
DB
Server
DB
Server
DB
Server
DB
Server
DB
Server
DB
Server
Web
Server
Web
Server
NAT
Customer
Network
R
88. ©
2013,
2014
Amazon
Web
Services,
Inc.
and
its
affiliates.
All
rights
reserved.
AWSome Days Training and
Certification
Compute Services & Networking | Amazon EC2 Security Groups
Public Amazon EC2 Virtual Private Cloud
Inbound Only Inbound and Outbound
TCP, UDP, ICMP only Any Internet Protocol
Assigned at launch Can be assigned or removed at
anytime, including when running
Modify anytime Modify anytime
89. ©
2013,
2014
Amazon
Web
Services,
Inc.
and
its
affiliates.
All
rights
reserved.
AWSome Days Training and
Certification
Compute Services & Networking | Amazon Elastic MapReduce (EMR)
Easily and cost-effectively
process vast amounts of data
Utilizes a hosted
Hadoop framework
Highly scalable
Amazon Elastic
MapReduce
(EMR)
90. ©
2013,
2014
Amazon
Web
Services,
Inc.
and
its
affiliates.
All
rights
reserved.
AWSome Days Training and
Certification
Compute Services & Networking | Amazon EMR Example
Amazon EMR
Job Flow
Amazon Simple
Storage Service (S3)
Amazon
CloudWatch
Amazon EC2 Instance
The Amazon EMR
job flow runs on a
cluster of Amazon
EC2 Instances
Input Data
Output Results
Metrics
91. ©
2013,
2014
Amazon
Web
Services,
Inc.
and
its
affiliates.
All
rights
reserved.
AWSome Days Training and
Certification
Compute Services & Networking | Amazon Auto Scaling
Auto
Scaling
Scale your Amazon EC2
capacity automatically
Available at no
additional charge
Well-suited for applications
that experience variability
in usage
92. ©
2013,
2014
Amazon
Web
Services,
Inc.
and
its
affiliates.
All
rights
reserved.
AWSome Days Training and
Certification
Compute Services & Networking | Amazon Auto Scaling Cont.
Elastic Capacity
1
Ease of Use
2
Cost Savings
3
Actions
5
Geographic
4
93. ©
2013,
2014
Amazon
Web
Services,
Inc.
and
its
affiliates.
All
rights
reserved.
AWSome Days Training and
Certification
Compute Services & Networking | Elastic Capacity
1
With Auto Scaling, you can ensure that the number of Amazon EC2 instances you are using
increases seamlessly during demand spikes to maintain performance, and decreases
automatically during demand lulls to minimize costs.
Ease of Use
2
Cost Savings
3
Actions
5
Geographic
4
Elastic Capacity
94. ©
2013,
2014
Amazon
Web
Services,
Inc.
and
its
affiliates.
All
rights
reserved.
AWSome Days Training and
Certification
Compute Services & Networking | Ease of Use
1 2 3 54
Manage your instances as a single collective entity and define rules for when instances should be
added and removed. Replace lost or unhealthy instances automatically based on predefined
thresholds.
Ease of Use Cost Savings ActionsGeographicElastic Capacity
95. ©
2013,
2014
Amazon
Web
Services,
Inc.
and
its
affiliates.
All
rights
reserved.
AWSome Days Training and
Certification
Compute Services & Networking | Cost Savings
1 2 3 54
Save compute costs by terminating underused instances automatically and launching new
instances when you need them, without the need for manual intervention.
Ease of Use Cost Savings ActionsGeographicElastic Capacity
96. ©
2013,
2014
Amazon
Web
Services,
Inc.
and
its
affiliates.
All
rights
reserved.
AWSome Days Training and
Certification
Compute Services & Networking | Geographic
1 2 3 54
Distribute, scale, and balance applications automatically over multiple Availability Zones within
a region to support scalability and geographic redundancy.
Ease of Use Cost Savings ActionsGeographicElastic Capacity
97. ©
2013,
2014
Amazon
Web
Services,
Inc.
and
its
affiliates.
All
rights
reserved.
AWSome Days Training and
Certification
Compute Services & Networking | Actions
1 2 3 54
Schedule scaling actions for future times and dates when you expect to need more or less
capacity.
Ease of Use Cost Savings ActionsGeographicElastic Capacity
98. ©
2013,
2014
Amazon
Web
Services,
Inc.
and
its
affiliates.
All
rights
reserved.
AWSome Days Training and
Certification
Compute Services & Networking | Trinity of Services
Amazon Auto Scaling
Elastic Load
Balancer
CloudWatchAuto Scaling
Latency
Execute Scaling
Policy
98
Utilization
99. ©
2013,
2014
Amazon
Web
Services,
Inc.
and
its
affiliates.
All
rights
reserved.
AWSome Days Training and
Certification
Training and
Certification
Networking
100. ©
2013,
2014
Amazon
Web
Services,
Inc.
and
its
affiliates.
All
rights
reserved.
AWSome Days Training and
Certification
Compute Services & Networking | AWS Networking Products & Services
Amazon
Virtual
Private
Cloud
Amazon
Route 53
AWS Direct
Connect
Elastic
Load
Balancing
101. ©
2013,
2014
Amazon
Web
Services,
Inc.
and
its
affiliates.
All
rights
reserved.
AWSome Days Training and
Certification
Compute Services & Networking | AWS Networking Products & Services
Amazon
Route 53
AWS Direct
Connect
Amazon
Virtual
Private
Cloud
Elastic
Load
Balancing
102. ©
2013,
2014
Amazon
Web
Services,
Inc.
and
its
affiliates.
All
rights
reserved.
AWSome Days Training and
Certification
Compute Services & Networking | Amazon Virtual Private Cloud (VPC)
Amazon
Virtual
Private
Cloud
Provision a private, isolated section of the
AWS Cloud where you can launch AWS
resources in a virtual network that you define
You have complete control over your virtual networking
environment: selection of IP address range, creation of
subnets, configuration of route tables, and network gateways
Define a virtual network topology that closely
resembles a traditional network that you
might operate in your own datacenter
103. ©
2013,
2014
Amazon
Web
Services,
Inc.
and
its
affiliates.
All
rights
reserved.
AWSome Days Training and
Certification
Compute Services & Networking | Amazon VPC
Bridge your Amazon VPC to
your own IT infrastructure via an
encrypted VPN connection.
Attach an Amazon Elastic IP
address to any instance in your
VPC so it can be reached
directly from the Internet.
Control inbound and
outbound access to
subnets using Network
Access Control Lists.
Divide your VPC’s private
IP address range into
multiple subnets.Create an Amazon VPC and
specify its private IP address
range from any range you choose.
Amazon
VPC
Internet
Amazon
VPC
104. ©
2013,
2014
Amazon
Web
Services,
Inc.
and
its
affiliates.
All
rights
reserved.
AWSome Days Training and
Certification
Compute Services & Networking | AWS Direct Connect
AWS Direct
Connect
All AWS services, including
Amazon EC2 and Amazon
S3 can be used with AWS
Direct Connect
Use the same connection to access public
resources such as objects stored in Amazon S3
Virtual interfaces can be
reconfigured at any time
105. ©
2013,
2014
Amazon
Web
Services,
Inc.
and
its
affiliates.
All
rights
reserved.
AWSome Days Training and
Certification
Compute Services & Networking | Networking
AWS Direct Connect
! AWS Direct Connect establishes a
dedicated network connection from your
premises to AWS.
! Establish private connectivity between
AWS and your datacenter, office, or
colocation environment.
! Create multiple virtual interfaces to use
the same connection to access public
resources such as Amazon S3 and
private resources such as Amazon EC2
instances running within a VPC.
106. ©
2013,
2014
Amazon
Web
Services,
Inc.
and
its
affiliates.
All
rights
reserved.
AWSome Days Training and
Certification
Compute Services & Networking | Amazon Route 53
Amazon
Route 53
Route end users to
Internet applications
Provides secure and reliable
routing to your application instances
Answers DNS queries
with low latency by
using a global network
of DNS servers
107. ©
2013,
2014
Amazon
Web
Services,
Inc.
and
its
affiliates.
All
rights
reserved.
AWSome Days Training and
Certification
Compute Services & Networking | Networking with Amazon Route 53
Amazon Route 53
! Answers DNS queries with low latency by using a global network of DNS servers.
! Queries for your domain are automatically routed to the nearest DNS server,
and thus answered with the best possible performance.
! You pay only for managing domains through the service and the number of queries
that the service answers.
108. ©
2013,
2014
Amazon
Web
Services,
Inc.
and
its
affiliates.
All
rights
reserved.
AWSome Days Training and
Certification
Compute Services & Networking | Elastic Load Balancing (ELB)
Elastic
Load
Balancing
Supports the routing and load balancing of HTTP,
HTTPS, and TCP traffic to Amazon EC2 instances
Dynamically grows and
shrinks required resources
based on traffic
Supports health checks
to ensure detect and
remove failing instances
109. ©
2013,
2014
Amazon
Web
Services,
Inc.
and
its
affiliates.
All
rights
reserved.
AWSome Days Training and
Certification
Compute Services & Networking | Elastic Load Balancing Diagram
110. ©
2013,
2014
Amazon
Web
Services,
Inc.
and
its
affiliates.
All
rights
reserved.
AWSome Days Training and
Certification
Training and
Certification
Elastic Load Balancing : Demo
111. ©
2013,
2014
Amazon
Web
Services,
Inc.
and
its
affiliates.
All
rights
reserved.
AWSome Days Training and
Certification
Compute Services & Networking | Additional Resources
Additional Resources
Here are some additional resources:
! Amazon EC2 Instance Types: http://aws.amazon.com/ec2/instance-types/
! Service Documentation: http://aws.amazon.com/documentation
! White Papers: http://aws.amazon.com/whitepapers
! AWS Free Usage Tier: http://aws.amazon.com/free/
! AWS Support: http://aws.amazon.com/premiumsupport/
! APN Partners supporting AWS Direct Connect:
http://aws.amazon.com/directconnect/partners/
! AWS Security Process:
http://d36cz9buwru1tt.cloudfront.net/pdf/AWS_Security_Whitepaper.pdf
112. ©
2013,
2014
Amazon
Web
Services,
Inc.
and
its
affiliates.
All
rights
reserved.
AWSome Days Training and
Certification
Summary
Compute Services & Networking | Module Completion
You have reached the end of this training module. In summary, you have learned:
! Amazon Virtual Private Cloud lets you provision a logically isolated section
with complete control over your virtual networking environment, including IP
address range, creation of subnets, and configuration of route tables and
network gateways
! VPN and Direct Connect allows you to leverage the AWS cloud as an
extension of your corporate datacenter
! Elastic Load Balancing service provides load balancing across multiple
instances in a region
! Amazon Route 53 is a highly available scalable Domain Name System (DNS)
web service
113. ©
2013,
2014
Amazon
Web
Services,
Inc.
and
its
affiliates.
All
rights
reserved.
AWSome Days Training and
Certification
Training and
Certification
Managed Services
& Database
Module 4
Copyright
©
2013,
2014
Amazon
Web
Services,
Inc.
and
its
affiliates.
All
rights
reserved.
This
work
may
not
be
reproduced
or
redistributed,
in
whole
or
in
part,
without
prior
wriGen
permission
from
Amazon
Web
Services,
Inc.
Commercial
copying,
lending,
or
selling
is
prohibited.
QuesJons?
Email
us
at
aws-‐training-‐info@amazon.com.
114. ©
2013,
2014
Amazon
Web
Services,
Inc.
and
its
affiliates.
All
rights
reserved.
AWSome Days Training and
Certification
Managed Services & Database | Overview
Module Overview
This module describes the fundamental elements of AWS Managed Services
and Databases. This module will focus on key aspects of Amazon Relational
Database Service (RDS) and how to execute Amazon RDS.
115. ©
2013,
2014
Amazon
Web
Services,
Inc.
and
its
affiliates.
All
rights
reserved.
AWSome Days Training and
Certification
Managed Services & Database | Learning Objectives
1 Describe Amazon DynamoDB.
2 Verify the key aspects of Amazon Relational Database Service (RDS).
Execute Amazon Relational Database Service.
3
By the end of this training you will be able to:
116. ©
2013,
2014
Amazon
Web
Services,
Inc.
and
its
affiliates.
All
rights
reserved.
AWSome Days Training and
Certification
Managed Services & Database | Product and Services
Amazon
ElastiCache
Amazon
Relational
Database
Service
Amazon
DynamoDB
Amazon
Redshift
117. ©
2013,
2014
Amazon
Web
Services,
Inc.
and
its
affiliates.
All
rights
reserved.
AWSome Days Training and
Certification
Managed Services & Database | Product and Services
Amazon
ElastiCache
Amazon
Relational
Database
Service
Amazon
DynamoDB
Amazon
Redshift
118. ©
2013,
2014
Amazon
Web
Services,
Inc.
and
its
affiliates.
All
rights
reserved.
AWSome Days Training and
Certification
Managed Services & Database | Amazon Relational Database Service
Cost-efficient and resizable capacity
Access to the full capabilities of familiar MySQL,
PostgreSQL, Oracle and SQL Server databases
Manages time-consuming
database administration tasks
Amazon
Relational
Database
Service
119. ©
2013,
2014
Amazon
Web
Services,
Inc.
and
its
affiliates.
All
rights
reserved.
AWSome Days Training and
Certification
Managed Services & Database | Amazon RDS
Amazon Relational Database Services (RDS)
! Easy to set up, operate, and scale a relational database in the cloud
! Cost-efficient and resizable capacity while managing time-consuming database
administration tasks
! Access to the full capabilities of a familiar SQL database
! Automatically patches the database software and backs up your database
! Ability to scale the compute resources or storage capacity associated with
your relational database instance via a single API call
120. ©
2013,
2014
Amazon
Web
Services,
Inc.
and
its
affiliates.
All
rights
reserved.
AWSome Days Training and
Certification
Managed Services & Database | Amazon RDS & VPC
Amazon RDS & VPC
! You can select your own IP address range.
! Create subnets, and configure routing and access control lists.
! The basic functionality of Amazon RDS is the same whether it is running in a
VPC or not: Amazon RDS manages backups, software patching, automatic
failure detection, and recovery.
! There is no additional cost to run your DB instance in a VPC.
121. ©
2013,
2014
Amazon
Web
Services,
Inc.
and
its
affiliates.
All
rights
reserved.
AWSome Days Training and
Certification
Managed Services & Database | Amazon DynamoDB
Store any amount of
data – no limits
Easily provision and change the request
capacity needed for each table
Fast, predictable performance
using SSDs
Amazon
DynamoDB
122. ©
2013,
2014
Amazon
Web
Services,
Inc.
and
its
affiliates.
All
rights
reserved.
AWSome Days Training and
Certification
If You Need Consider Using
A relational database service
with minimal administration
Amazon RDS, a fully managed service that
offers a choice of MySQL, Oracle or SQL Server
database engines, scale compute & storage,
Multi-AZ availability and more.
A fast, highly scalable NoSQL
database service
Amazon DynamoDB, a fully managed service
that offers extremely fast performance, seamless
scalability and reliability, low cost and more.
A relational database you can
manage on your own
Your choice of relational AMIs on Amazon EC2
and Amazon EBS that provide scale compute &
storage, complete control over instances, and more.
Managed Services & Database | Database Considerations
123. ©
2013,
2014
Amazon
Web
Services,
Inc.
and
its
affiliates.
All
rights
reserved.
AWSome Days Training and
Certification
Managed Services & Database | Amazon RDS and DynamoDB
Factors Relational (RDS) NoSQL (DynamoDB)
Application
Type
• Existing database apps
• Business process-centric apps
Example: Financial transactions,
ERP apps, Multi-stage approval
flows
• New Web scale applications
• Large # of small writes and reads
Example: Web, social, mobile apps,
shopping cart, order mgt, user
preferences
Application
Characteristics
• Relational data models,
transactions
• Complex queries, joins and
updates
• Simple data models, transactions
• Range queries, simple updates
Scaling
Application or DBA architected
(clustering, partitions, sharding)
Seamless, on-demand scaling per
application needs
QoS
• Performance – depends on
data model, indexing, query,
and storage optimization
• Reliability and availability –
Managed Durability – Managed
• Performance – Automatically optimized
by the system
• Reliability and availability – Managed
• Durability – Managed
Skill Set
Existing programming skills –
SQL + Programming languages
Web style programming – queries managed
through programming and developers
124. ©
2013,
2014
Amazon
Web
Services,
Inc.
and
its
affiliates.
All
rights
reserved.
AWSome Days Training and
Certification
Amazon
ElastiCache
Managed Services & Database | Amazon ElastiCache
Seamlessly caches
in front of Amazon
RDS instances
Manages patching, cache node
failure detection and recovery
Memcached and Redis compliant
cache cluster on-demand
125. ©
2013,
2014
Amazon
Web
Services,
Inc.
and
its
affiliates.
All
rights
reserved.
AWSome Days Training and
Certification
Managed Services & Database | Amazon ElastiCache Security Groups
126. ©
2013,
2014
Amazon
Web
Services,
Inc.
and
its
affiliates.
All
rights
reserved.
AWSome Days Training and
Certification
Amazon
Redshift
Managed Services & Database | Amazon Redshift
Petabyte-scale service that manages all
the work need to set up, operate, and scale
a data warehouse cluster
Dramatically reduces IO
Continuously monitors the health of the
cluster and replaces any component
127. ©
2013,
2014
Amazon
Web
Services,
Inc.
and
its
affiliates.
All
rights
reserved.
AWSome Days Training and
Certification
Managed Services & Database | Amazon Redshift Facts
Amazon Redshift
Amazon Redshift manages all the work needed to set up, operate, and scale a
data warehouse cluster, from provisioning capacity to monitoring and backing
up the cluster, to applying patches and upgrades. Scaling a cluster to improve
performance or increase capacity is simple and incurs no downtime. The service
continuously monitors the health of the cluster and automatically replaces any
component, if needed.
Redshi]
Redshi]
Redshi]
128. ©
2013,
2014
Amazon
Web
Services,
Inc.
and
its
affiliates.
All
rights
reserved.
AWSome Days Training and
Certification
Training and
Certification
Amazon RDS Demo
129. ©
2013,
2014
Amazon
Web
Services,
Inc.
and
its
affiliates.
All
rights
reserved.
AWSome Days Training and
Certification
Additional Resources
Managed Services & Database | Additional Resources
Here are some additional resources:
! Service Documentation: http://aws.amazon.com/documentation
! Pricing Calculator: http://aws.amazon.com/calculator/
! Economics: http://aws.amazon.com/economics/
! Pricing details for all services: http://aws.amazon.com/pricing/
! Solutions Case Studies: http://aws.amazon.com/solutions/case-studies
! Marketing Overview Materials: http://aws.amazon.com
! Videos & Webinars: http://www.youtube.com/AmazonWebServices
! AWS Blog: http://aws.typepad.com/
130. ©
2013,
2014
Amazon
Web
Services,
Inc.
and
its
affiliates.
All
rights
reserved.
AWSome Days Training and
Certification
Summary
You have reached the end of this training module. In summary, you have learned:
! Describe Amazon DynamoDB
! Verify key aspects of Amazon Relational Database Service (RDS)
! How to execute Amazon RDS
Managed Services & Database | Module Completion
131. ©
2013,
2014
Amazon
Web
Services,
Inc.
and
its
affiliates.
All
rights
reserved.
AWSome Days Training and
Certification
Training and
Certification
Deployment & Management
Module 5
Copyright
©
2013,
2014
Amazon
Web
Services,
Inc.
and
its
affiliates.
All
rights
reserved.
This
work
may
not
be
reproduced
or
redistributed,
in
whole
or
in
part,
without
prior
wriGen
permission
from
Amazon
Web
Services,
Inc.
Commercial
copying,
lending,
or
selling
is
prohibited.
QuesJons?
Email
us
at
aws-‐training-‐info@amazon.com.
132. ©
2013,
2014
Amazon
Web
Services,
Inc.
and
its
affiliates.
All
rights
reserved.
AWSome Days Training and
Certification
Deployment & Management | Overview
Module Overview
This module describes the fundamental elements of AWS Deployment &
Management products and services.
133. ©
2013,
2014
Amazon
Web
Services,
Inc.
and
its
affiliates.
All
rights
reserved.
AWSome Days Training and
Certification
Deployment & Management | Learning Objectives
1 Identify AWS CloudFormation.
2 Describe Amazon CloudWatch metrics and alarms.
Describe Amazon Identity and Access Management (IAM).
3
By the end of this training you will be able to:
134. ©
2013,
2014
Amazon
Web
Services,
Inc.
and
its
affiliates.
All
rights
reserved.
AWSome Days Training and
Certification
Deployment & Management | Product and Services
AWS Identity
and Access
Management
Amazon
CloudWatch
Amazon
Elastic
Beanstalk
Amazon
CloudFormation
135. ©
2013,
2014
Amazon
Web
Services,
Inc.
and
its
affiliates.
All
rights
reserved.
AWSome Days Training and
Certification
Deployment & Management | AWS Identity and Access Management (IAM)
AWS Identity
and Access
Management
(IAM)
Create and manage AWS users and groups
and use permissions to allow and deny their
permissions to AWS resources
Use existing corporate identities to grant
secure access to AWS resources, such as
Amazon S3 buckets, without creating new
AWS identities for those users
Enables identity federation between
your corporate directory and AWS
services
136. ©
2013,
2014
Amazon
Web
Services,
Inc.
and
its
affiliates.
All
rights
reserved.
AWSome Days Training and
Certification
Deployment & Management | Using AWS IAM
Enable identity
federation to allow
existing identities (e.g.
users) in your
enterprise to access
the AWS Management
Console, to call AWS
APIs, and to access
resources, without the
need to create an IAM
user for each identity..
3
Manage federated users
and their permissions
Create users in AWS
IAM, assign them
individual security
credentials or request
temporary security
credentials to provide
users access to AWS
services and resources.
Manage permissions
in order to control which
operations a user can
perform.
2
Manage AWS IAM users
and their access
1
Create roles in AWS
IAM, and manage
permissions to control
which operations can be
performed by the entity,
or AWS service, that
assumes the role.
Define which entity is
allowed to assume the
role.
Manage AWS IAM roles
and their permissions
137. ©
2013,
2014
Amazon
Web
Services,
Inc.
and
its
affiliates.
All
rights
reserved.
AWSome Days Training and
Certification
Deployment & Management | Amazon CloudWatch
Amazon
CloudWatch
Visibility into resource
utilization, operational
performance, and overall
demand patterns
Accessible via AWS Management
Console, APIs, SDK, or CLI
Custom application-
specific metrics of your
own
138. ©
2013,
2014
Amazon
Web
Services,
Inc.
and
its
affiliates.
All
rights
reserved.
AWSome Days Training and
Certification
Deployment & Management | AWS CloudWatch Facts
AWS CloudWatch
! Visibility into resource utilization, operational performance, and overall
demand patterns
! Metrics including CPU utilization, disk reads and writes, and network traffic
! Custom application-specific metrics of your own
! Accessible via AWS Management Console, APIs, SDK, or CLI
139. ©
2013,
2014
Amazon
Web
Services,
Inc.
and
its
affiliates.
All
rights
reserved.
AWSome Days Training and
Certification
Deployment & Management | Amazon Elastic Beanstalk
Amazon
Elastic
Beanstalk
Simply upload your
application
Automatically handles the
deployment details of capacity
provisioning, load balancing, auto
scaling, and application health
monitoring
Retain full control over the
AWS resources powering
your application
140. ©
2013,
2014
Amazon
Web
Services,
Inc.
and
its
affiliates.
All
rights
reserved.
AWSome Days Training and
Certification
Deployment & Management | AWS Elastic Beanstalk Facts
AWS Elastic Beanstalk
! Quickly deploy and manage applications in the AWS cloud without worrying
about the infrastructure that runs those applications.
! Reduce management complexity without restricting choice or control.
141. ©
2013,
2014
Amazon
Web
Services,
Inc.
and
its
affiliates.
All
rights
reserved.
AWSome Days Training and
Certification
Deployment & Management | Amazon CloudFormation
Create templates of stack
of resources
Use templates as a starting
point or create your own
Deploy stack from template
with runtime parameters
Amazon
CloudFormation
142. ©
2013,
2014
Amazon
Web
Services,
Inc.
and
its
affiliates.
All
rights
reserved.
AWSome Days Training and
Certification
Deployment & Management | Deployment and Management
Amazon CloudFormation Deployment and Management
! Templates are simple JSON formatted text files
! CloudFormer supports generating templates from running environments
"Resources" : {!
"Ec2Instance" : {!
"Type" : "AWS::EC2::Instance",!
"Properties" : {!
"SecurityGroups" : [ { "Ref" : "InstanceSecurityGroup" } ],!
"ImageId" : { "Fn::FindInMap" : [ "RegionMap", { "Ref" : "AWS::Region" }, "AMI" ]},!
"Tags" : [{!
"Key" : "MyTag",!
"Value" : "TagValue"!
}]!
}!
},!
143. ©
2013,
2014
Amazon
Web
Services,
Inc.
and
its
affiliates.
All
rights
reserved.
AWSome Days Training and
Certification
Deployment & Management | Deployment and Management
Amazon CloudFormation Deployment and Management
Use AWS CloudFormation’s sample templates or create your own
templates to describe the AWS resources, and any associated
dependencies or runtime parameters, required to run your application.
Deploy and update a template and its associated collection of resources
“called a stack” via the AWS Management Console, AWS CloudFormation
command line tools or APIs. CloudFormation is available at no additional
charge, and you pay only for the AWS resources needed.
Template
AWS
CloudFormaJon
Stack
144. ©
2013,
2014
Amazon
Web
Services,
Inc.
and
its
affiliates.
All
rights
reserved.
AWSome Days Training and
Certification
Additional Resources
Deployment & Management | Additional Resources
Here are some additional resources:
! AWS CloudFormation Sample Templates:
https://aws.amazon.com/cloudformation/aws-cloudformation-templates/
! AWS User Groups: http://aws.amazon.com/usergroups/
! Introduction to AWS IAM Training Video:
https://us-east-1-aws-training.s3.amazonaws.com/intro/iam.html
145. ©
2013,
2014
Amazon
Web
Services,
Inc.
and
its
affiliates.
All
rights
reserved.
AWSome Days Training and
Certification
Summary
You have reached the end of this training module. In summary, you have learned:
! The key fundamental elements of AWS Deployment & Management
products and services.
Deployment & Management | Module Completion
146. ©
2013,
2014
Amazon
Web
Services,
Inc.
and
its
affiliates.
All
rights
reserved.
AWSome Days Training and
Certification
Certification
aws.amazon.com/certification
Demonstrate your
skills, knowledge, and
expertise with the
AWS platform
Self-Paced Labs
aws.amazon.com/training/
self-paced-labs
Try products, gain
new skills, and get
hands-on practice
working with AWS
technologies
aws.amazon.com/training
Training
Skill up and gain
confidence to design,
develop, deploy and
manage your
applications on AWS
Completion | Training Next Steps
147. ©
2013,
2014
Amazon
Web
Services,
Inc.
and
its
affiliates.
All
rights
reserved.
AWSome Days Training and
Certification
Training and
Certification
Thank You
Hope you enjoyed the training!
We value your feedback
parejav@amazon.lu