Cloud computing is the on-demand delivery of IT resources over the internet with pay-as-you-go pricing. Instead of buying, owning, and maintaining physical data centers and servers, you can access thechnology services, such as computing power, storage and databases on an as-needed basis from a cloud provider like Amazon AWS/Google GCP/Microsoft Azure
The three main cloud computing service models include:
Each of these service models provides different levels of control, flexibility and management so that you can select the right set of services fr your needs.
Below are the Cloud Deployment models:
AWS Global infrastructure refers to the network of datacenters and edge locations around the world that AWS operate to deliver it's cloud computing services to AWS customers.
DataCenter: Data Center houses the server and network infrastructure to run its services.
Availability Zone (AZ): One or more Data Centers connected with each other with redundent fiber cables form AZ, for providing higher vailability, redundancy and fault tolerance.
Region: Region is a separate geographic area with multiple availability zones. AZs are physically separate from each other but are connected by low-latency links. Example of region: us-east-1 (North Virginia) or eu-west-1 (Ireland).
Edge Location: Edge locations are separate Infrastructe from regions. These Edge locations has connectivity to the other regions. Edge locations are rented rack or cage space from other providers. AWS rents them to provide web caching for customers to provide increased performance.
Local Zones: This is anotehr interesting service of AWS Global Infrastructure. AWS had cusotmer requests for placing an AZ in a specific city to have single-digit millisecond latency. Since there is no rest of the region infrastructure to justify creating a region in that city. These Local Zones associated with other regions on the same continent.
1. Scalability: Businesses often face challenges in scaling their IT infrastructure to meet fluctuating demands. Cloud computing offers scalability, allowing businesses to easily adjust resources based on demand without the need for upfront investments in hardware.
2. Cost Management: Managing IT costs can be challenging, especially for small and medium-sized businesses. Cloud computing offers cost-effective solutions, as businesses only pay for the resources they use, avoiding the need for expensive hardware and maintenance costs.
3. Data Security: Data security is a major concern for businesses, particularly with the increasing number of cyber threats. Cloud providers offer advanced security measures, such as encryption and access controls, to protect data from unauthorized access and breaches.
4. Remote Workforce: With the rise of remote work, businesses need solutions that enable collaboration and access to resources from anywhere. Cloud computing provides the flexibility for employees to work remotely while accessing the tools and data they need.
5. Disaster Recovery: Businesses need reliable disaster recovery solutions to ensure business continuity in the event of a disaster. Cloud computing offers automated backup and recovery solutions, reducing downtime and minimizing the impact of disasters.
6. Compliance: Businesses in regulated industries need to comply with various regulations and standards. Cloud providers offer compliance certifications and tools to help businesses meet their regulatory requirements.
7. Competitive Edge: In today's competitive business environment, businesses need to innovate and respond quickly to market changes. Cloud computing provides the agility and flexibility businesses need to stay competitive and adapt to changing market conditions.
In today's business landscape, companies require resilience, security, durability, scalability, and high performance, as well as reliability, cost-effectiveness, and highly optimized systems. These elements are essential to providing the best experience for customers and driving business growth at scale.
Cloud service providers offer all these valuable features in one place, providing peace of mind to consumers by managing and maintaining the services to meet all their business needs.
This page focuses on hands-on learning for AWS. AWS offers over 200 fully featured services. This page explains the basics about that service and demonstrate how to get started using. We'll begin with some of the essential and commonly used ones.
Register for free AWS account by click on Register for free AWS account
VPC (Virtual Private Cloud) is a virtual datacenter in the cloud. This setup grants you complete control over your virtual network, enabling you to select your IP ranges, create subnets, and configure route tables and network gateways.
Amazon VPC allows you to establish a logically isolated segment of the AWS cloud for deploying AWS resources within a virtual network. Upon creating an AWS account, a default VPC is automatically generated for you. If necessary, by default you can create up to 5 VPCs per region, and you have an option to increase this limit by contacting AWS support.
To understand or work effectively with VPC, it's essential to learn about the following concepts:
While there is vast content available for in-depth exploration of VPC, here I aim to simplify the concept for easier understanding. For more details about each aspect, you can refer to the AWS public documentation.
Public Subnet: Which has a route to the internet gateway. Associated Route table has a route to Internet Gateway (IGW)
Private Subnet: Which has no route to the internet gateway. Associated Route table has no route to Internet Gateway(IGW)
Inbound rule: control the incoming traffic to the instance.
Outbound rule: control the outgoing traffic from the instance.
Note: If you want to change the NACL of a particular subnet, You need to navigate to the subnet console and click on "Edit network ACL association". You are not allowed to disassociate a subnet from NACL directly.
Let's Dive into the VPC Demo
During this demo, I will demonstrate the following:
Login to AWS using user name and password
Select the region to create VPC:
Search for VPC and select VPC to navigate to VPC console:
Click on Create VPC button
Enter vpc name, IP address, select Tenancy. You have option to choose dedicated or default. If you choose "dedicated", vpc will be created on dedicated hardware and which is going to be extra cost for you.
The custom VPC has been successfully created with the CIDR 10.0.0.0/16 using the above steps.
Using AWS CLI for creating VPC:
aws ec2 create-vpc \
--cidr-block 10.0.0.0/16 \
--tag-specifications 'ResourceType=vpc,Tags=[{Key=Name,Value=VPCNAME}]' Verifying Default NACL and Main Route Table
Creating subnets named "subnet-public" and "subnet-private"
Click on "Subnets" in the left sidebar of the VPC console to access the subnet console, and proceed by clicking on "Create Subnet."
The creation of "subnet-public" was successful. Now, proceed to create "subnet-private", using AWS CLI
Using AWS CLI for creating Subnet:
aws ec2 create-subnet \
--vpc-id vpc-020174e754d99308f --cidr-block 10.0.2.0/24 \
--tag-specifications 'ResourceType=subnet,Tags=[{Key=Name,Value=subnet-private}]'
In the above step, subnets are successfully created. However, before you can start using a subnet for deploying resources, you need to associate the subnet with a route table. The route table determines the routing configuration for the subnet, including how traffic is directed within the subnet and to external networks.
We already have a default route table that allows communication between any IP addresses within the VPC CIDR range internally. However, in this demo, I am creating two route tables: one for internet communication and one for internal communication without internet access.
Create route table:Navigate to "Route Tables" in the vpc console -> click on "Create route table"
Now lets have a look on the Routes and Subnet association information of the routetable
To enable internet communication, we must create an Internet Gateway and add a route in the route table that points to the Internet Gateway.
Navigate to "Internet Gateway" in VPC console and click on "Create Internet Gateway".
After creating the IGW, it needs to be attached to the demo VPC.
Next, we need to create a route in the route table to direct traffic to the IGW.
Navigate to VPC -> Route tables -> rtb-0be92ee0f5b30e7ae -> Edit routes and click on "Add route"
Now, associate the subnet with the route table that has a route to the IGW. Once this step is completed, this subnet is referred to as the public subnet and is ready to deploy resources accessible publicly.
Navigate to VPC -> Route tables -> rtb-0be92ee0f5b30e7ae -> Edit subnet associations and then select "subnet-public" then click on "Save Changes"
Here is the screenshot of the route table configuration after the above steps.
The public subnet has been successfully configured and is ready for deploying AWS services accessible publicly. We have also created a subnet named subnet-private, which does not have a route to the IGW. Therefore, resources created in this subnet cannot be accessed via the internet. This subnet is used for inter-cloud resource communication.
Advanced topics such as VPC peering for communicating between resources in different VPCs and Private Gateway for private communication between on-premises and AWS resources will be explained in later demos.
Next, let's explore the fundamentals of IAM and how to begin utilizing the IAM service.
Working on this section.. It will be published soon..