AWS Key Terms

How is AWS structured: AWS has servers throughout the world. These servers are categorized into regions, VPC’s, and availability zones.

• Region: Collection of availability zones
• Virtual Private Cloud (VPC): Specific space within a region that spans across all availability zones within a region.
• Availability Zone: A data center within a region
• Subnetwork (subnet): A subnet is a range of IP addresses contained in a single availability zone. External routes use 0.0.0.0/0 and will be routed to the “Internet Gateway.” All other specified addresses will router to internal resources. A VPC router is used to send data internally between subnets. Public subnets have a public IP address and can utilize the internet gateway to connect with the internet. Of note, private subnets do not have a public IP address and cannot utilize the internet gateway. However, you could use a Network Address Translation (NAT) gateway, which is located in a public subnet, to connect a private subnet to the internet gateway.

Amazon Resource Name (ARN): ARN’s are unique identifiers assigned to individual AWS resources. It can be an EC2 instance, S3 bucket, load balancers, VPCs, route tables. ARN syntax:

Syntax
arn:aws:service:region:account-id:resource-id arn:aws:service:region:account-id:resource-type/resource-id arn:aws:service:region:account-id:resource-type:resource-id
Examples:
arn:aws:ec2:us-east-1:4575734578134:instance/i-054dsfg34gdsfg38
arn:aws:ecr:us-west-2:123456789012:repository/root/987410873387401

AWS Certificate Manager (ACM): AWS Certif­icate Manager allows you to provision, manage, and deploy Secure Sockets Layer/­Tra­nsport Layer Security (SSL/TLS) certif­icates for use with AWS services.

CloudF­orm­ation: AWS CloudF­orm­ation lets you create “stacks” of AWS resources. Stacks are a collection of AWS resources.

CloudFront: Creates a Content Delivery Networks (CDN’s).

CloudTrail: A log of all actions

CloudWatch: Monitors the status of services and resources

Cluster: Collection of EC2 instances.

Container: A container is the running version of your image (images are typically stored in a registry such as dockerhub). It contains the code, dependencies (3rd party libraries, dependencies to run in the environment), runtime (i.e. javascript, golang, etc), config, and application code.

DynamoDB: AWS’ noSQL database

Elastic Cloud Compute (EC2): An EC2 is a server known as an instance. Each EC2 instance is launched inside of a subnet. You can have multiple EC2 instances in a subnet (within a single available zone). Each EC2 instance has its own CPU, RAM, storage, and operating system. If the EC2 instance is located in a public subnet, it will have a public IP address. Otherwise, it will have a private IP address.

• Autoscaling: An autoscaling group is a collection of EC2 instances that are treated as a logical unit. You can configure them to have the correct number of EC2 instances to handle the application’s workload. You can scale 1) manually, 2) based on a schedule, or 3) based on demand. You must configure a “launch template” that contains the configuration for the EC2 instance.
• Credit specification: You can specify how the EC2 instance will behave if you exceed the capacity of your instance. If you choose “unlimited,” you will be charged if you exceed the limit. If you choose “standard,” the instance will not perform
• Elastic IP: A static IPv4 public address. You get charged if you don’t use it because they are in short supply.
• Private IP: IP address used internally and not accessible by the internet
• Public IP: IP address accessible by the internet
• Public IPv4 address: Each EC2 instance will receive a DNS you can use to contact the instance from the internet. You must configure the Security Group to allow access to the EC2 instance. HTTP (port 80), HTTPS (port 443), SSH (port 22)
• Security Group: Virtual firewall. This is where you can specify SSH access
• Tags: Tags enable you to categorize your AWS resources (ie by purpose, owner, environment)
• Tenancy: Share your hardware with other users or get dedicated hardware
• User data: Perform automated configuration tasks and run scripts after the instance starts
• Volumes: Storage you can attach to your EC2 instances

Elastic Container Registry (ECR): A storage for images.

1. Create repository for each image
2. Fetch repository URL
3. Login to ECR
4. Tag local images with URL
5. Push images to repository

Elastic Container Service (ECS): ECS manages containers in a cluster (group of EC2 instances). Multiple containers can run in a single EC2 instance. Without EC2, when traffic scales up, the load balancer would simply create new copies of the EC2 instances. Creating new EC2 instances is expensive. Instead, ECS will replicate new containers inside of each EC2 instance until the EC2 instance has reached its CPU capacity. Only after the EC2 instance has reached its capacity, will ECS create a new EC2 instance. To configure ECS, you will write a yaml file. You will configure the URL of the images (repository) and configure a “service” for each application/microservice.

In CI/CD, ECS will push the container from the staging environment to the production environment.

• Cluster: Collection of EC2 instances
• Control plane: EC2 instances created by ECS to manage the containers.
• Load balancer: When an application scales up, the incoming traffic is directed to a load balancer which directs the traffic to the appropriate EC2 instance.
• Service: A Service is used to guarantee that you always have some number of Tasks running at all times. If a Task’s container exits due to an error, or the underlying EC2 instance fails and is replaced, the ECS Service will replace the failed Task.
• Task: Pull an image from the image registry (dockerhub or ECR) and run container.
• Worker node: EC2 instance in cluster

Elastic Kubernetes Service (EKS): Instead of using ECS, you can use Kubernetes to manage containers.

Fargate: A container orchestrator that you don’t have to configure.

Image: Blueprint for a container. The blueprint contains the code, dependencies (3rd party libraries, dependencies to run in the environment), runtime (i.e. javascript, golang, etc), config, and application code.

Kinesis: A streaming service

Lambda: The user can deploy their app AWS without any cloud configuration.

Route 53: Domain name service

Simple Storage Service (S3): Data storage