AWS Essentials

The Interactive Guide to AWS Essentials: How to use it

AWS Essentials
The Interactive Guide to AWS Essentials: How to use it

AWS Essentials has explicitly been designed for those who have no knowledge or experience with AWS. Using non-technical terms, simplified explanations of concepts, and introductory hands-on walkthroughs, this course teaches you all about the basics of AWS, from creating an account to using core AWS services. 

This course will educate you on the security measures AWS provides and fundamental concepts of AWS Identity and Access Management (IAM). It will help you understand AWS management tools like Auto Scaling, Elastic Load Balancing, and AWS Trusted Advisor. You will also learn about AWS foundational servers, including Amazon Elastic Cloud Compute (EC2), Virtual Private Cloud (VPC), and Simple Storage Service (S3). 

After completing this course, you will be able to use AWS database servers like Amazon DynamoDB and Amazon Relational Database (RDS). It will help you become proficient in identifying AWS services, allowing you to make well-informed decisions about IT solutions based on what your business requires. 

Since it is a beginner-level course, no prior AWS experience is required. However, it is recommended to have some basic knowledge of AWS concepts and a fundamental understanding of IT, storage, networking, and databases.

How to create an AWS account?

Before starting with AWS, the first step is to create an account. To do so, follow these steps:

  1. Open the Amazon Web Services home page. 
  2. Clicking on Sign in to the Console will give you two options – to sign in or create a new account. 
  3. Enter your account information and then click on Continue. Make sure the information you have entered is correct, especially your email address. 
  4. After filling in your credentials, you will be presented with two options: A personal account and a Professional account. Both of these accounts have the same features and functions. A Professional account is for your business, while a personal account is your private account. 
  5. Read and accept AWS Customer Agreement. 
  6. Click on Create an Account and Continue. 
  7. Next, you will need to enter valid credit card information. AWS is a free tier use offering, and you won’t be charged anything as long as you follow the free tier use guidelines.
  8. After clicking Continue, you have to go through an identity verification process. All you have to do is put in a security check code along with your phone number. 
  9. Next, choose one of the available support plans.
  10.  After choosing an appropriate support plan, the process of your account activation starts. 
  11.  Click on Complete Sign Up, and now you have full access to all AWS services.

Services and Tools

Identity and Access Management (IAM)

AWS Identity and Access Management (IAM) enables you to securely access control mechanisms for all of your AWS services and resources. With the help of IAM, you can create and manage AWS users and groups. It allows you to assign specific policies and permissions to specific users or groups. You can also set up multi-factor authentication for additional security. Some of its key features are:

  •  Authentication

AWS IAM allows you to create and manage identities like users, groups, and roles. An IAM user is an individual that interacts with your AWS resources or services either using the AWS CLI or from the AWS Console. 

An IAM group is a collection of users and the permissions assigned to them. Creating IAM groups is a suitable way of managing users by categorizing them according to their needs, job function, department, or other requirements.

An IAM role is an entity within AWS that defines a set of permissions the respective role can perform and what entities can assume the role. 

  • Authorization

IAM’s access management or authorization is made of two primary components: Policies and Permissions. 

Permissions allow you to carry out actions on AWS resources. They are assigned in the following two ways:

  • Identity-based: Directly attached to users, groups, and roles.
  • Resource-based: Attached to AWS resources like S3 Buckets, ECR Repositories, etc. 

A policy is a document consisting of a set of rules with one or more statements. There are two policies:

  • Managed Policies: These policies can be created or attached to multiple entities. AWS has various built-in policies that cover a variety of use cases. They can also be mixed and matched to give generalized access to users, groups, and roles. 
  • Inline Policies: These policies can be directly applied to IAM entities. These policies are used for a specific objective. 
  • Shared Access to AWS accounts

Most companies have more than one AWS account, and you need to delegate access between them. IAM allows you to do this without sharing your credentials. AWS has also recently launched ControlTower that simplifies multi-account configurations. 

       2.  Virtual Private Cloud (VPC)

Amazon Virtual Private Cloud (VPC) is a foundational AWS service in the compute and network AWS categories. VPC creates an isolated virtual network environment in the cloud for your AWS account. A VPC behaves like a conventional TCP/IP network that can be scaled based on your requirements. It defines your AWS resource needs such as IP addresses, subnets, routing, networking functionality, and security. 

Each Amazon account can host multiple VPCs. Since they are isolated from each other, you can duplicate private subnets among VPCs.

       3.  Simple Storage Device (S3)

Amazon Simple Storage Device (S3) is a high-speed, scalable, web-based cloud storage service. It is created to archive data and applications on Amazon Web Services. Amazon S3 can be used by all organizations, regardless of their size. Due to its availability, scalability, security, and performance ability, it is suitable for a variety of data storage use cases such as data archiving, disaster recovery, data storage, IoT devices, media hosting, mobile applications, application hosting, website hosting, running big data analytics tools on stored data, and software delivery. 

It provides 99.999999999% durability and supports multiple security and compliance certifications. You can also link S3 to other AWS security devices like CloudTrail, CloudWatch, and Macle. It comes in seven storage classics:

  • S3 Standard:

It is suitable for frequently accessed data that needs to be delivered with high throughput and low latency. It targets dynamic websites, content distribution, and big data workloads.

  • S3 Standard-IA:

It offers a low storage price for data that is not needed much but needs to be quickly accessible. S3 Standard-IA is used for backups, DR, and long-term data storage.

  • S3 Intelligent-Tiering:

It is suitable for data with access needs that keep changing. It further has four different access tiers: Infrequent Access, Frequent Access, Archive, and Deep Archive. 

  • S3 One Zone-IA:

This type of tier is suitable for data that is infrequently accessed without high resilience or availability needs. 

  • S3 Outposts:

It adds APIs to an on-premises AWS environment. It is used when performance needs call for data to satisfy specific data residency requirements.

  • S3 Glacier:

It is used only for archival storage because it takes a lot of time to access the data.

  • S3 Glacier Deep Archive:

It is the lowest-price option for S3 storage. It retains data that only needs to be accessed once or twice a year. 

       4.  Elastic Cloud Compute (EC2)

Amazon Elastic Cloud Compute (EC2) provides resizable compute capacity in the AWS cloud. It allows businesses to run applications on the public cloud. Using the EC2 web interface, you can easily create instances of virtual machines and configure the scaling capacity of instances. You can also build apps to automate scaling according to your needs and peak periods. Its key features are:

  • Secure

Amazon EC2 provides a secure and robust network of resources. You even have the power to control which instances remain private and which ones have internet exposure. 

  • Inexpensive

You only pay for the resources you use. It consists of multiple purchase plans such as on-demand instances, spot instances, reserved instances, and many more. You can choose any of these plans based on your requirement. EC2 offers hourly rates. 

  • Flexible Tools:

Amazon EC2 offers several tools for developers and network administrators to build failure resilient applications. You can also isolate yourself from common failure situations using these tools. 

  • Reliable: 

Amazon EC2 provides a highly reliable environment where you can replace instances. Service Level Agreement commitment is 99.9% for each Amazon EC2 region.

      5.   Amazon Relational Database Service (RDS)

Amazon Relational Database allows you to create, run, and manage relational databases in the cloud. This database functions with a relational model. The relational model is a technique of structuring information that uses tables with columns and rows. The top features of Amazon RDS are:

  • Availability:

Amazon Relational Database Service allows you to access data anytime, anywhere. It provides high availability through a feature called Multi-AZ deployment. It maintains a redundant copy of your data in a different location. 

  • Scalability:

It offers two different types of automatic scaling: Horizontal (adding more machines) and Vertical (adding more resources). It has a load balancer that can distribute requests even when the database is under increased demand. You can also add RDS instances to an instance class that can scale them simultaneously. 

  • Performance:

Amazon RDS consists of a Performance Insights dashboard that allows you to analyze and troubleshoot the performance of your relational databases. It enables you to form metrics to get a clearer view of your business. The system provides two different types of storage: General Purpose SSD Storage and Provisioned IOPS Storage. 

  • Price:

You only have to pay for what you need. It comes without any minimum fee. If you want to test out the service, you can use the free tier, which offers 750 hours of use with 20 GB of storage. 

      6.   Auto Scaling

It is defined as a cloud computing technique that dynamically assigns computational resources—providing you with recommendations that help you optimize, your performance, costs, or balance between them. It simplifies scaling. 

AWS Auto Scaling helps you build plans that automate how groups of different resources respond to changes. AWS Auto Scaling monitors your applications to ensure that they are operating at your desired performance levels. It is free to use and allows you to optimize the costs of your AWS environment.

      7.   Route 53 (Domains and DNS)

Amazon Route 53 is a highly scalable and reliable Domain Name System (DNS) web service. It connects the internet traffic to suitable servers hosting the requested web application. In addition, it contains information about the mapping of IP addresses to domain names. Following are the key features of Route 53:

  • Resolver:

Route 53 can perform DNS resolution between local networks and VPC. It supports both IPv6 and IPv4 formats. 

  • Health checks, Monitoring, and Failover:

Route 53 directs internet traffic to healthy target instances as per the specified configurations. In case of an outage, the traffic will be routed to healthy endpoints by health-checking agents. 

  • Domain Registration:

The DNS management service allows you to transfer management of existing domains or register new ones to Route 53. 

  • S3 and CloudFront Zone Apex:

Zone apex allows you to return requests for the root domain without suffering any performance penalty.

  • Can be used with other AWS services:

Route 53 lets you map domain names to your Amazon S3 buckets, Amazon EC2 instances, and other AWS resources.  

    8.     Simple Notification Service:

Simple notification service (SNS) is a highly scalable, cost-effective, and flexible web service that makes it easy to set up, operate, and send a notification from the cloud. Amazon SNS enables you to group multiple users using topics. The topic, here, is an access point that sends duplicate copies of the same message to the users. There are two clients of SNS:

  • Subscribers:

Web servers, email addresses, SQS queues, and AWS Lambda functions act as subscribers. They receive the notification or message from SNS over one of the supported protocols.

  • Producers:

Also known as Publishers, they generate and send the message to the SNS which is a logical access point. 

Whether you are a developer, an architect, or a technical project manager, the AWS essentials course is the right place to start. This course will reinforce your learning with real-world scenarios and hands-on activities using a live environment. Earning an AWS certification offers lucrative advantages. It helps you advance your expertise, build credibility and confidence. Once AWS certified, you will be able to claim benefits at aws. 

Share your love
Christophe Rude

Christophe Rude

Articles: 15888

Related Posts

Leave a Reply

Your email address will not be published. Required fields are marked *