aws overview (amazon web services)
TRANSCRIPT
Amazon Web Services Cloud Platform
Compute
Amazon EC2
• Amazon Elastic Compute Cloud (Amazon EC2) is a web service thatprovides resizable compute capacity in the cloud. It is designed tomake web-scale cloud computing easier for developers.
• Amazon EC2’s simple web service interface allows you to obtain andconfigure capacity with minimal friction. It provides you withcomplete control of your computing resources and lets you run onAmazon’s proven computing environment. Amazon EC2 reduces thetime required to obtain and boot new server instances to minutes,allowing you to quickly scale capacity, both up and down, as yourcomputing requirements change. Amazon EC2 changes theeconomics of computing by allowing you to pay only for capacitythat you actually use. Amazon EC2 provides developers the tools tobuild failure resilient applications and isolate themselves fromcommon failure scenarios.
Amazon EC2
Amazon EC2
• Benefits: -
– Elastic Web –Scale Computing
– Completely Controlled
– Flexible Cloud Hosting Services
– Designed for use with other Amazon Web Services
– Reliable
– Secure
– Inexpensive
Amazon EC2
Amazon EC2
• Auto Scaling- Auto Scaling helps you maintain applicationavailability and allows you to scale your Amazon EC2 capacity up ordown automatically according to conditions you define. You can useAuto Scaling to help ensure that you are running your desirednumber of Amazon EC2 instances. Auto Scaling can alsoautomatically increase the number of Amazon EC2 instances duringdemand spikes to maintain performance and decrease capacityduring lulls to reduce costs. Auto Scaling is well suited both toapplications that have stable demand patterns or that experiencehourly, daily, or weekly variability in usage.
• Elastic Load Balancing automatically distributes incomingapplication traffic across multiple Amazon EC2 instances in thecloud. It enables you to achieve greater levels of fault tolerance inyour applications, seamlessly providing the required amount of loadbalancing capacity needed to distribute application traffic.
Amazon EC2
AWS Lambda
• AWS Lambda is a compute service that runs your code inresponse to events and automatically manages the computeresources for you, making it easy to build applications thatrespond quickly to new information.
• AWS Lambda starts running your code within milliseconds of anevent such as an image upload, in-app activity, website click, oroutput from a connected device. You can also use AWS Lambdato create new back-end services where compute resources areautomatically triggered based on custom requests.
• With AWS Lambda you pay only for the requests served and thecompute time required to run your code. Billing is metered inincrements of 100 milliseconds, making it cost-effective andeasy to scale automatically from a few requests per day tothousands per second.
Amazon Lambda
Amazon EC2 Container Service (ECS)
• Amazon EC2 Container Service (ECS) allows you to easily run and manageDocker-enabled applications across a cluster of Amazon EC2 instances.Applications packaged as containers locally will deploy and run in the sameway as containers managed by Amazon ECS. Amazon ECS eliminates the needto install, operate, and scale your own cluster management infrastructure, andallows you to schedule Docker-enabled applications across your cluster basedon your resource needs and availability requirements. Amazon ECS enablesyou to grow from a single container to thousands of containers acrosshundreds of instances without any additional complexity in how you run yourapplication. You can run anything: applications, batch jobs, or microservices.Amazon ECS abstracts away all the complexity of the infrastructure so you canfocus on designing, building, and running containerized applications.
• With Amazon ECS, you have complete visibility and control of your clusterfrom creating and terminating Docker containers to viewing detailed clusterstate information. You can integrate and use your own container scheduler orconnect EC2 Container Service into your existing software delivery process(e.g., continuous integration and delivery systems).
Amazon EC2
VM Import/Export
• VM Import/Export enables you to easily import virtual machineimages from your existing environment to Amazon EC2instances and export them back to your on-premisesenvironment. This offering allows you to leverage your existinginvestments in the virtual machines that you have built to meetyour IT security, configuration management, and compliancerequirements by bringing those virtual machines into AmazonEC2 as ready-to-use instances. You can also export importedinstances back to your on-premises virtualization infrastructure,allowing you to deploy workloads across your IT infrastructure.
• VM Import/Export is available at no additional charge beyondstandard usage charges for Amazon EC2 and Amazon S3.
Amazon EC2
Networking
Amazon VPC
• Amazon Virtual Private Cloud (Amazon VPC) lets you provision a logicallyisolated section of the Amazon Web Services (AWS) Cloud where you canlaunch AWS resources in a virtual network that you define. You have completecontrol over your virtual networking environment, including selection of yourown IP address range, creation of subnets, and configuration of route tablesand network gateways.
• You can easily customize the network configuration for your Amazon VirtualPrivate Cloud. For example, you can create a public-facing subnet for yourwebservers that has access to the Internet, and place your backend systemssuch as databases or application servers in a private-facing subnet with noInternet access. You can leverage multiple layers of security, including securitygroups and network access control lists, to help control access to Amazon EC2instances in each subnet.
• Additionally, you can create a Hardware Virtual Private Network (VPN)connection between your corporate datacenter and your VPC and leverage theAWS cloud as an extension of your corporate datacenter.
Amazon VPC
AWS Direct Connect
• AWS Direct Connect makes it easy to establish a dedicated networkconnection from your premises to AWS. Using AWS Direct Connect, you canestablish private connectivity between AWS and your datacenter, office, orcolocation environment, which in many cases can reduce your network costs,increase bandwidth throughput, and provide a more consistent networkexperience than Internet-based connections.
• AWS Direct Connect lets you establish a dedicated network connectionbetween your network and one of the AWS Direct Connect locations. Usingindustry standard 802.1q VLANs, this dedicated connection can be partitionedinto multiple virtual interfaces. This allows you to use the same connection toaccess public resources such as objects stored in Amazon S3 using public IPaddress space, and private resources such as Amazon EC2 instances runningwithin an Amazon Virtual Private Cloud (VPC) using private IP space, whilemaintaining network separation between the public and private environments.Virtual interfaces can be reconfigured at any time to meet your changing needs.
AWS Direct Connect
Amazon Route 53
• Amazon Route 53 is a highly available and scalable cloud Domain Name System(DNS) web service. It is designed to give developers and businesses anextremely reliable and cost effective way to route end users to Internetapplications by translating names like www.example.com into the numeric IPaddresses like 192.0.2.1 that computers use to connect to each other.
• Amazon Route 53 effectively connects user requests to infrastructure runningin AWS – such as Amazon EC2 instances, Elastic Load Balancing load balancers,or Amazon S3 buckets – and can also be used to route users to infrastructureoutside of AWS. You can use Amazon Route 53 to configure DNS health checksto route traffic to healthy endpoints or to independently monitor the health ofyour application and its endpoints. Amazon Route 53 makes it possible for youto manage traffic globally through a variety of routing types, including LatencyBased Routing, Geo DNS, and Weighted Round Robin—all of which can becombined with DNS Failover in order to enable a variety of low-latency, fault-tolerant architectures. Amazon Route 53 also offers Domain Name Registration– you can purchase and manage domain names such as example.com andAmazon Route 53 will automatically configure DNS settings for your domains.
Amazon
Route 53
Storage and
Content Delivery Network
Amazon S3
• Amazon Simple Storage Service (Amazon S3), provides developers and IT teams withsecure, durable, highly-scalable object storage. Amazon S3 is easy to use, with a simpleweb service interface to store and retrieve any amount of data from anywhere on theweb. With Amazon S3, you pay only for the storage you actually use. There is nominimum fee and no setup cost.
• Amazon S3 offers a range of storage classes designed for different use cases includingAmazon S3 Standard for general-purpose storage of frequently accessed data, Amazon S3Standard - Infrequent Access (Standard - IA) for long-lived, but less frequently accesseddata, and Amazon Glacier for long-term archive. Amazon S3 also offers configurablelifecycle policies for managing your data throughout its lifecycle. Once a policy is set,your data will automatically migrate to the most appropriate storage class without anychanges to your applications.
• Amazon S3 can be used alone or together with other AWS services such as AmazonElastic Compute Cloud (Amazon EC2) and AWS Identity and Access Management (IAM),as well as third party storage repositories and gateways. Amazon S3 provides cost-effective object storage for a wide variety of use cases including cloud applications,content distribution, backup and archiving, disaster recovery, and big data analytics.
Amazon S3
Amazon Glacier
• Amazon Glacier is a secure, durable, and extremely low-cost storage service for data archiving and long-termbackup. Customers can reliably store large or smallamounts of data for as little as $0.007 per gigabyte permonth, a significant savings compared to on-premisessolutions. To keep costs low, Amazon Glacier is optimizedfor infrequently accessed data where a retrieval time ofseveral hours is suitable.
Amazon Glacier
Amazon EBS
• Amazon Elastic Block Store (Amazon EBS) providespersistent block level storage volumes for use withAmazon EC2 instances in the AWS Cloud. Each AmazonEBS volume is automatically replicated within itsAvailability Zone to protect you from component failure,offering high availability and durability. Amazon EBSvolumes offer the consistent and low-latency performanceneeded to run your workloads. With Amazon EBS, you canscale your usage up or down within minutes – all whilepaying a low price for only what you provision.
Amazon EBS
AWS Storage Gateway
• The AWS Storage Gateway is a service connecting an on-premises software appliance with cloud-based storage toprovide seamless and secure integration between anorganization’s on-premises IT environment and AWS’sstorage infrastructure. The service allows you to securelystore data in the AWS cloud for scalable and cost-effectivestorage. The AWS Storage Gateway supports industry-standard storage protocols that work with your existingapplications. It provides low-latency performance bymaintaining frequently accessed data on-premises whilesecurely storing all of your data encrypted in AmazonSimple Storage Service (Amazon S3) or Amazon Glacier.
AWS Storage
Gateway
Amazon CloudFront
• Amazon CloudFront is a content delivery web service. Itintegrates with other Amazon Web Services products togive developers and businesses an easy way to distributecontent to end users with low latency, high data transferspeeds, and no minimum usage commitments.
CloudFront
AWS Import/Export
• AWS Import/Export accelerates moving large amounts of data into andout of the AWS cloud using portable storage devices for transport. AWSImport/Export transfers your data directly onto and off of storagedevices using Amazon’s high-speed internal network and bypassing theInternet. For significant data sets, AWS Import/Export is often fasterthan Internet transfer and more cost effective than upgrading yourconnectivity.
• AWS Import/Export supports data transfer into and out of AmazonS3buckets in the US East (N. Virginia), US West (Oregon), US West(Northern California), EU (Ireland), and Asia Pacific (Singapore)Regions. The service also supports importing data into AmazonEBS snapshots in the same regions. In addition, AWS Import/Exportsupports importing data into Amazon Glacier in the US East (N.Virginia), US West (Oregon), US West (Northern California), and EU(Ireland) regions.
AWS Import/Export
Database
Amazon RDS
• Amazon Relational Database Service (AmazonRDS) makes it easy to set up, operate, and scale arelational database in the cloud. It provides cost-efficient and resizable capacity while managingtime-consuming database administration tasks,freeing you up to focus on your applications andbusiness.
Amazon RDS
Amazon DynamoDB
• Amazon DynamoDB is a fast and flexible NoSQLdatabase service for all applications that needconsistent, single-digit millisecond latency at anyscale. It is a fully managed cloud database andsupports both document and key-value storemodels. Its flexible data model and reliableperformance make it a great fit for mobile, web,gaming, ad-tech, IoT, and many other applications.
DynamoDB
Amazon Redshift
• Amazon Redshift is a fast, fully managed, petabyte-scale data warehouse that makes it simple andcost-effective to analyze all your data using yourexisting business intelligence tools. Start small for$0.25 per hour with no commitments and scale topetabytes for $1,000 per terabyte per year, lessthan a tenth the cost of traditional solutions.Customers typically see 3x compression, reducingtheir costs to $333 per uncompressed terabyte peryear.
Amazon Redshift
Amazon ElastiCache
• ElastiCache is a web service that makes it easy to deploy,operate, and scale an in-memory cache in the cloud. Theservice improves the performance of web applications byallowing you to retrieve information from fast, managed,in-memory caches, instead of relying entirely on slowerdisk-based databases. Using Amazon ElastiCache, you canadd an in-memory caching layer to your infrastructure in amatter of minutes by using the AWS Management Console.
ElastiCache
Analytics
Amazon EMR
• Amazon Elastic MapReduce (Amazon EMR) is a web service that makes it easy to quickly and cost-effectively process vast amounts of data.
• Amazon EMR simplifies big data processing, providing a managed Hadoop framework that makes it easy, fast, and cost-effective for you to distribute and process vast amounts of your data across dynamically scalable Amazon EC2 instances. You can also run other popular distributed frameworks such as Spark and Presto in Amazon EMR, and interact with data in other AWS data stores such as Amazon S3 and Amazon DynamoDB.
• Amazon EMR securely and reliably handles your big data use cases, including log analysis, web indexing, data warehousing, machine learning, financial analysis, scientific simulation, and bioinformatics.
Amazon EMR
Amazon Kinesis
• Amazon Kinesis is a fully managed, cloud-based service for real-time data processing over large, distributed data streams.Amazon Kinesis can continuously capture and store terabytes ofdata per hour from hundreds of thousands of sources such aswebsite clickstreams, financial transactions, social media feeds,IT logs, and location-tracking events. With Amazon KinesisClient Library (KCL), you can build Amazon Kinesis Applicationsand use streaming data to power real-time dashboards, generatealerts, implement dynamic pricing and advertising, and more.
• You can also emit data from Amazon Kinesis to other AWSservices such as Amazon Simple Storage Service (Amazon S3),Amazon Redshift, Amazon Elastic Map Reduce (Amazon EMR),and AWS Lambda.
Amazon
Kinesis
AWS Data Pipeline
• AWS Data Pipeline is a web service that helps you reliably process and move data between different AWS compute and storage services, as well as on-premise data sources, at specified intervals. With AWS Data Pipeline, you can regularly access your data where it’s stored, transform and process it at scale, and efficiently transfer the results to AWS services such as Amazon S3, Amazon RDS, Amazon DynamoDB, and Amazon Elastic MapReduce (EMR).
• AWS Data Pipeline helps you easily create complex data processing workloads that are fault tolerant, repeatable, and highly available. You don’t have to worry about ensuring resource availability, managing inter-task dependencies, retrying transient failures or timeouts in individual tasks, or creating a failure notification system. AWS Data Pipeline also allows you to move and process data that was previously locked up in on-premise data silos.
AWS Data
Pipeline
Application Services
Amazon SQS
• Amazon Simple Queue Service (SQS) is a fast, reliable,scalable, fully managed message queuing service. SQSmakes it simple and cost-effective to decouple thecomponents of a cloud application. You can use SQS totransmit any volume of data, at any level of throughput,without losing messages or requiring other services to bealways available.
• With SQS, you can offload the administrative burden ofoperating and scaling a highly available messaging cluster,while paying a low price for only what you use.
Amazon SQS
Amazon Simple Workflow Service (SWF)
• Amazon SWF helps developers build, run, andscale background jobs that have parallel orsequential steps. You can think of Amazon SWF asa fully-managed state tracker and task coordinatorin the Cloud.
• If your app's steps take more than 500milliseconds to complete, you need to track thestate of processing, and you need to recover orretry if a task fails, Amazon SWF can help you.
Amazon SWF
Amazon AppStream
• Amazon AppStream lets you deliver your Windows applications to any device.
• Amazon AppStream enables you to stream your existing Windowsapplications from the cloud, reaching more users on more devices,without code modifications. With Amazon AppStream, yourapplication will be deployed and rendered on AWS infrastructureand the output is streamed to mass-market devices, such aspersonal computers, tablets, and mobile phones. Because yourapplication is running in the cloud, it can scale to handle vastcomputational and storage needs, regardless of the devices yourcustomers are using. Amazon AppStream provides an SDK forstreaming your application from the cloud. You can integrate yourown custom clients, subscriptions, identity, and storage solutionwith AppStream to build a custom streaming solution that meetsthe needs of your business.
Amazon
AppStream
Amazon SES
• Amazon Simple Email Service (Amazon SES) is a cost-effective emailservice built on the reliable and scalable infrastructure thatAmazon.com developed to serve its own customer base.
• With Amazon SES, you can send transactional email, marketingmessages, or any other type of high-quality content to your customers.You can also use Amazon SES to receive messages and deliver them toan Amazon S3 bucket, call your custom code via an AWS Lambdafunction, or publish notifications to Amazon SNS. With Amazon SES,you have no required minimum commitments – you pay as you go, andyou only pay for what you use.
Amazon SES
Amazon Elastic Transcoder
• Amazon Elastic Transcoder is media transcoding in thecloud. It is designed to be a highly scalable, easy to use anda cost effective way for developers and businesses toconvert (or “transcode”) media files from their sourceformat into versions that will playback on devices likesmartphones, tablets and PCs.
Elastic
Transcoder
Amazon CloudSearch
• Amazon CloudSearch is a managed service in theAWS Cloud that makes it simple and cost-effectiveto set up, manage, and scale a search solution foryour website or application.
• Amazon CloudSearch supports 34 languages andpopular search features such as highlighting,autocomplete, and geospatial search.
Amazon
CloudSearch
Deployment and Management
Elastic Beanstalk
• With, you can quickly deploy and manage applications in the AWS cloudwithout worrying about the infrastructure that runs those applications.AWS Elastic Beanstalk reduces management complexity withoutrestricting choice or control. You simply upload your application, andElastic Beanstalk automatically handles the details of capacityprovisioning, load balancing, scaling, and application health monitoring.
• To use Elastic Beanstalk, you create an application, upload an applicationversion in the form of an application source bundle (for example, a Java.war file) to Elastic Beanstalk, and then provide some information aboutthe application. Elastic Beanstalk automatically launches an environmentand creates and configures the AWS resources needed to run your code.After your environment is launched, you can then manage yourenvironment and deploy new application versions.
Elastic Beanstalk
AWS OpsWorks
• AWS OpsWorks is an application management service that makes iteasy to deploy and operate applications of all shapes and sizes. You candefine the application’s architecture and the specification of eachcomponent including package installation, software configuration andresources such as storage.
• Start from templates for common technologies like application serversand databases or build your own to perform any task that can bescripted. AWS OpsWorks includes automation to scale your applicationbased on time or load and dynamic configuration to orchestratechanges as your environment scales.
AWS OpsWorks
AWS CloudFormation
• AWS CloudFormation gives developers and systems administrators an easyway to create and manage a collection of related AWS resources, provisioningand updating them in an orderly and predictable fashion.
• You can use AWS CloudFormation’s sample templates or create your owntemplates to describe the AWS resources, and any associated dependencies orruntime parameters, required to run your application. You don’t need to figureout the order for provisioning AWS services or the subtleties of making thosedependencies work. CloudFormation takes care of this for you. After the AWSresources are deployed, you can modify and update them in a controlled andpredictable way, in effect applying version control to your AWS infrastructurethe same way you do with your software. You can also visualize your templatesas diagrams and edit them using a drag-and-drop interface with the AWSCloudFormation Designer.
• You can deploy and update a template and its associated collection of resources(called a stack) by using the AWS Management Console, AWS Command LineInterface, or APIs. CloudFormation is available at no additional charge, and youpay only for the AWS resources needed to run your applications.
AWS
CloudFormation
AWS CodeDeploy
• AWS CodeDeploy is part of a family of AWS deploymentservices that includes AWS Elastic Beanstalk, AWSCloudFormation, and AWS OpsWorks. AWS CodeDeploycoordinates application deployments to Amazon EC2instances, on-premise instances, or both. (On-premiseinstances are physical devices that are not Amazon EC2instances.)
• An application can contain deployable content like code,web, and configuration files, executables, packages, scripts,and so on. AWS CodeDeploy deploys applications fromAmazon S3 buckets and GitHub repositories.
AWS CodeDeploy
AWS CodeCommit
• AWS CodeCommit is a fully-managed source controlservice that makes it easy for companies to host secure andhighly scalable private Git repositories. CodeCommiteliminates the need to operate your own source controlsystem or worry about scaling its infrastructure.
• You can use CodeCommit to securely store anything fromsource code to binaries, and it works seamlessly with yourexisting Git tools.
AWS CodeCommit
AWS CodePipeline
• AWS CodePipeline is a continuous delivery service for fast andreliable application updates. CodePipeline builds, tests, anddeploys your code every time there is a code change, based onthe release process models you define. This enables you torapidly and reliably deliver features and updates. You can easilybuild out an end-to-end solution by using our pre-built pluginsfor popular third-party services like GitHub or integrating yourown custom plugins into any stage of your release process. WithAWS CodePipeline, you only pay for what you use. There are noupfront fees or long-term commitments.
AWS Data
Pipeline
Administration and Security
AWS Identity and Access Management (IAM)
• AWS Identity and Access Management (IAM) enables you to securely control accessto AWS services and resources for your users. Using IAM, you can create andmanage AWS users and groups, and use permissions to allow and deny their accessto AWS resources.
• AWS IAM allows you to:
– Manage IAM users and their access – You can create users in IAM, assign them individualsecurity credentials (in other words, access keys, passwords, and multi-factor authenticationdevices), or request temporary security credentials to provide users access to AWS services andresources. You can manage permissions in order to control which operations a user can perform.
– Manage IAM roles and their permissions – You can create roles in IAM and manage permissionsto control which operations can be performed by the entity, or AWS service, that assumes therole. You can also define which entity is allowed to assume the role.
– Manage federated users and their permissions – You can enable identity federation to allowexisting identities (e.g. users) in your enterprise to access the AWS Management Console, to callAWS APIs, and to access resources, without the need to create an IAM user for each identity.
IAM
AWS Key Management Service• AWS Key Management Service (KMS) is a managed service that makes
it easy for you to create and control the encryption keys used toencrypt your data, and uses Hardware Security Modules (HSMs) toprotect the security of your keys. AWS Key Management Service isintegrated with other AWS services including Amazon EBS, Amazon S3,Amazon RDS, Amazon Redshift, Amazon Elastic Transcoder, andAmazon WorkMail. AWS Key Management Service is also integratedwith AWS CloudTrail to provide you with logs of all key usage to helpmeet your regulatory and compliance needs.
AWS CloudTrail
• AWS CloudTrail is a web service that records AWS API calls for youraccount and delivers log files to you. The recorded informationincludes the identity of the API caller, the time of the API call, thesource IP address of the API caller, the request parameters, and theresponse elements returned by the AWS service.
• With CloudTrail, you can get a history of AWS API calls for youraccount, including API calls made via the AWS Management Console,AWS SDKs, command line tools, and higher-level AWS services (such asAWS CloudFormation). The AWS API call history produced byCloudTrail enables security analysis, resource change tracking, andcompliance auditing.
AWS CloudTrail
Amazon CloudWatch
• Amazon CloudWatch is a monitoring service for AWS cloudresources and the applications you run on AWS. You can useAmazon CloudWatch to collect and track metrics, collect andmonitor log files, and set alarms. Amazon CloudWatch canmonitor AWS resources such as Amazon EC2 instances, AmazonDynamoDB tables, and Amazon RDS DB instances, as well ascustom metrics generated by your applications and services, andany log files your applications generate.
• You can use Amazon CloudWatch to gain system-wide visibilityinto resource utilization, application performance, andoperational health. You can use these insights to react and keepyour application running smoothly.
CloudWatch
AWS Directory Service
• AWS Directory Service is a managed service that allows you to connectyour AWS resources with an existing on-premises Microsoft ActiveDirectory or to set up a new, stand-alone directory in the AWS cloud.Connecting to an on-premises directory is easy and once thisconnection is established, all users can access AWS resources andapplications with their existing corporate credentials.
• You can also launch managed, Samba-based directories in a matter ofminutes, simplifying the deployment and management of Linux andMicrosoft Windows workloads in the AWS cloud.
AWS Directory
Service
AWS Config
• AWS Config is a fully managed service that provides you with an AWSresource inventory, configuration history, and configuration changenotifications to enable security and governance.
• With AWS Config you can discover existing AWS resources, export acomplete inventory of your AWS resources with all configurationdetails, and determine how a resource was configured at any point intime. These capabilities enable compliance auditing, security analysis,resource change tracking, and troubleshooting.
AWS
Config
AWS Trusted Advisor
• AWS Trusted Advisor acts like your customized cloud expert, and it helps you provisionyour resources by following best practices. Trusted Advisor inspects your AWSenvironment and finds opportunities to save money, improve system performance andreliability, or help close security gaps. Since 2013, customers have viewed over 2.6million best-practice recommendations and realized over $350 million in estimated costreductions.
• You can start with AWS Trusted Advisor in the AWS Management Console with four ofthe most popular performance and security recommendations, and access to thesechecks never expires. All of the AWS Trusted Advisor checks are available to customerswith Business-level and Enterprise-level support, and the best-practicerecommendations can be integrated into your application through theAWS Support API.
• AWS Trusted Advisor provides best practices in four categories: costoptimization, security, fault tolerance, and performance improvement. You can use over40 Trusted Advisor checks to monitor and improve the deployment of Amazon EC2,Elastic Load Balancing, Amazon EBS, Amazon S3, Auto Scaling, AWS Identity and AccessManagement, Amazon RDS, Amazon Route 53, and other services. You can view theoverall status of your AWS resources and savings estimations on the Trusted Advisordashboard.
AWS Trusted
Advisor
AWS Service Catalog
• AWS Service Catalog allows organizations to create andmanage catalogs of IT services that are approved for use onAWS. These IT services can include everything from virtualmachine images, servers, software, and databases tocomplete multi-tier application architectures.
• AWS Service Catalog allows you to centrally managecommonly deployed IT services, and helps you achieveconsistent governance and meet your compliancerequirements, while enabling users to quickly deploy onlythe approved IT services they need.
AWS CloudHSM• The AWS CloudHSM service helps you meet corporate, contractual and regulatory compliance
requirements for data security by using dedicated Hardware Security Module (HSM) applianceswithin the AWS cloud. With CloudHSM, you control the encryption keys and cryptographic operationsperformed by the HSM.
• AWS and AWS Marketplace partners offer a variety of solutions for protecting sensitive data withinthe AWS platform, but for applications and data subject to rigorous contractual or regulatoryrequirements for managing cryptographic keys, additional protection is sometimes necessary. Untilnow, your only option was to store the sensitive data (or the encryption keys protecting the sensitivedata) in your on-premises datacenters. Unfortunately, this either prevented you from migrating theseapplications to the cloud or significantly slowed their performance. The AWS CloudHSM serviceallows you to protect your encryption keys within HSMs designed and validated to governmentstandards for secure key management. You can securely generate, store, and manage thecryptographic keys used for data encryption such that they are accessible only by you. AWSCloudHSM helps you comply with strict key management requirements without sacrificingapplication performance.
• The AWS CloudHSM service works with Amazon Virtual Private Cloud (VPC). CloudHSM instances areprovisioned inside your VPC with an IP address that you specify, providing simple and privatenetwork connectivity to your Amazon Elastic Compute Cloud (EC2) instances. Placing CloudHSMinstances near your EC2 instances decreases network latency, which can improve applicationperformance. AWS provides dedicated and exclusive (single tenant) access to CloudHSM instances,isolated from other AWS customers. Available in multiple Regions and Availability Zones (AZs), AWSCloudHSM allows you to add secure and durable key storage to your applications.
AWS Management Console
• You can use the AWS Management Console, a simple andintuitive web-based user interface, to access and manage yourAWS services. When you’re on the go, you can also use the AWSConsole mobile app to quickly view resources.
• The AWS Management Console is a single destination formanaging all your AWS resources, from Amazon EC2 instancesto DynamoDB tables. Use the console to perform any number oftasks, from deploying new applications to monitoring the healthof your application.
• The console enables cloud management for all aspects of yourAWS account, including accessing your monthly spending byservice, managing security credentials, or setting up new IAMusers.
AWS Management
Console
AWS Command Line Interface
• The AWS Command Line Interface (CLI) is a unified tool tomanage your AWS services. With just one tool to downloadand configure, you can control multiple AWS services fromthe command line and automate them through scripts.
Mobile Services
Amazon SNS
• Amazon Simple Notification Service (Amazon SNS) is a fast, flexible,fully managed push notification service that lets you send individualmessages or to fan-out messages to large numbers of recipients.Amazon SNS makes it simple and cost effective to send pushnotifications to mobile device users, email recipients or even sendmessages to other distributed services.
• With Amazon SNS, you can send notifications to Apple, Google, Fire OS,and Windows devices, as well as to Android devices in China withBaidu Cloud Push. You can use SNS to send SMS messages to mobiledevice users in the US or to email recipients worldwide.
• Beyond these endpoints, Amazon SNS can also deliver messages toAmazon Simple Queue Service (SQS), AWS Lambda functions, or to anyHTTP endpoint.
Amazon SNS
Amazon Cognito
• Amazon Cognito is a service that makes it easy to save mobile userdata, such as app preferences or game state, in the AWS Cloud withoutwriting any backend code or managing any infrastructure.
• Cognito offers mobile identity management and data synchronizationacross devices. You can save data locally on users’ devices allowingyour applications to work even when the devices are offline.
• You can also synchronize data across a user’s devices so that their appexperience will be consistent regardless of the device they use. WithAmazon Cognito, you can focus on creating great app experiencesinstead of having to worry about building and managing a backendsolution to handle user authentication, network state, storage, andsync.
Amazon Cognito
Amazon Mobile Analytics
• Amazon Mobile Analytics is a service that lets you easily collect,visualize, and understand app usage data at scale. Many mobile appanalytics solutions deliver usage data several hours after the eventsoccur. Amazon Mobile Analytics is designed to deliver usage reportswithin 60 minutes of receiving data from an app so that you can act onthe data more quickly.
• Amazon Mobile Analytics is built to scale with your app, allowing youto collect and process billions of events per day from millions of users.It’s easy to get started with Amazon Mobile Analytics. You simply addthe AWS Mobile SDK to your app and publish the app using yourexisting distribution mechanism (such as the iTunes Store, Google Play,or Amazon Appstore), and you can start accessing reports in the AWSManagement Console. Amazon Mobile Analytics automatically starts tocollect metrics on active users, sessions, and retention, and you can addreporting on in-app revenue or any custom event you choose.
Amazon Mobile
Analytics
AWS Mobile SDK
• The AWS Mobile SDK helps you build high quality mobileapps quickly and easily. It provides easy access to a rangeof AWS services, including Amazon Lambda, S3, MobileAnalytics, Machine Learning, Elastic Load balancing, AutoScaling and more.
• The AWS Mobile SDK includes libraries, code samples, anddocumentation for iOS, Android, Fire OS, and Unity so youcan build apps that deliver great experiences acrossdevices and platforms.
Enterprise Applications
Amazon WorkSpaces
• WorkSpaces is a managed desktop computing service in the cloud.Using Amazon WorkSpaces allows you to easily provision cloud-baseddesktops and provide users access to the documents, applications, andresources they need from any supported device including Windowsand Mac computers, Chromebooks, iPads, Kindle Fire tablets, andAndroid tablets.
• With just a few clicks in the AWS Management Console, you can deploya high-quality cloud desktop experience for any number of users at acost that is competitive with traditional desktops and half the cost ofmost Virtual Desktop Infrastructure (VDI) solutions.
WorkSpaces
Amazon WorkDocs
• Amazon WorkDocs is a fully managed, secure enterprisestorage and sharing service with strong administrativecontrols and feedback capabilities that improveuser productivity.
• Users can comment on files, send them to others forfeedback, and upload new versions without having toresort to emailing multiple versions of their files asattachments. Users can take advantage of thesecapabilities wherever they are, using the device of theirchoice, including PCs, Macs, tablets and phones.
WorkDocs
Thank You