your first week on amazon web services
DESCRIPTION
Learn how to use Amazon Web Services (AWS). This "how-to" session will cover the basics to get started with AWS. After a brief overview, this session will dive into discussions of core AWS services and provide demonstrations of how to set up and utilize those services. Demonstrations and discussions will include: - Setting up and connecting to your first Elastic Compute Cloud (EC2) virtual machine - How to backup and restore your virtual machine instance - How to set an email alert for changes in your virtual machine instance - How to upload files to Amazon's Simple Storage Service (S3) and make them publicly available on the InternetTRANSCRIPT
![Page 1: Your First Week on Amazon Web Services](https://reader030.vdocuments.site/reader030/viewer/2022020306/540d76288d7f72747e8b49ca/html5/thumbnails/1.jpg)
© 2014 Amazon.com, Inc. and its affiliates. All rights reserved. May not be copied, modified, or distributed in whole or in part without the express consent of Amazon.com, Inc.
Getting Started with AWS
Matt Yanchyshyn
July 10th, 2014
![Page 2: Your First Week on Amazon Web Services](https://reader030.vdocuments.site/reader030/viewer/2022020306/540d76288d7f72747e8b49ca/html5/thumbnails/2.jpg)
Let’s Get Started:
We’ll learn how to:– Set up an AWS account
– Create an IAM user and enable MFA
– Create SSH key pairs (used to log into your instances)
– Create a Security Group (firewall)
– Start an EC2 instance (virtual machine)
– Connect to your EC2 instance
– Use S3 (Internet connected storage)
– Create a CloudWatch alarm
– Backup and restore your EC2 instance
– Visualize AWS costs and set spending alerts
![Page 3: Your First Week on Amazon Web Services](https://reader030.vdocuments.site/reader030/viewer/2022020306/540d76288d7f72747e8b49ca/html5/thumbnails/3.jpg)
Free tier
• Includes most of the AWS services
• Available for all new account
• Good for one year from the day the account is
created
• Everything we show today can be done within
the free tier
• More details at http://aws.amazon.com/free
![Page 4: Your First Week on Amazon Web Services](https://reader030.vdocuments.site/reader030/viewer/2022020306/540d76288d7f72747e8b49ca/html5/thumbnails/4.jpg)
Sign Up
• Sign up though https://aws.amazon.com
• You need a credit card
• There will be a phone verification
![Page 5: Your First Week on Amazon Web Services](https://reader030.vdocuments.site/reader030/viewer/2022020306/540d76288d7f72747e8b49ca/html5/thumbnails/5.jpg)
Demo: signing-up for AWS
![Page 6: Your First Week on Amazon Web Services](https://reader030.vdocuments.site/reader030/viewer/2022020306/540d76288d7f72747e8b49ca/html5/thumbnails/6.jpg)
Creating IAM Users
Using AWS Identity and Access
Management (IAM), you can
create and manage AWS users
and groups.
You can control what resources
each user has access to so you
can avoid overly permissive
accounts.
![Page 7: Your First Week on Amazon Web Services](https://reader030.vdocuments.site/reader030/viewer/2022020306/540d76288d7f72747e8b49ca/html5/thumbnails/7.jpg)
Enabling MFA
AWS allows you to require
multi-factor authentication
for your users through physical
or software-based single use
login tokens to thwart stolen
passwords and key loggers
as an attack vector.
![Page 8: Your First Week on Amazon Web Services](https://reader030.vdocuments.site/reader030/viewer/2022020306/540d76288d7f72747e8b49ca/html5/thumbnails/8.jpg)
Demo:
creating an IAM user
& enabling MFA
![Page 9: Your First Week on Amazon Web Services](https://reader030.vdocuments.site/reader030/viewer/2022020306/540d76288d7f72747e8b49ca/html5/thumbnails/9.jpg)
Creating your SSH Key
• SSH stands for Secure Shell
• SSH keys are used for secured access to EC2
(Linux)
• SSH keys avoid password weaknesses
• Can import your own or use AWS created keys
![Page 10: Your First Week on Amazon Web Services](https://reader030.vdocuments.site/reader030/viewer/2022020306/540d76288d7f72747e8b49ca/html5/thumbnails/10.jpg)
Demo: creating SSH keys
![Page 11: Your First Week on Amazon Web Services](https://reader030.vdocuments.site/reader030/viewer/2022020306/540d76288d7f72747e8b49ca/html5/thumbnails/11.jpg)
Creating a Security Group
• Security Groups are firewalls for your instances
• By default, the Security Group blocks everything
• Choose which protocols & ports are open– Can use port ranges (e.g. 22-24)
• Choose which addresses the ports are open to– Uses CIDR rules for IP address access
– (use /32 for allowing a single address)
![Page 12: Your First Week on Amazon Web Services](https://reader030.vdocuments.site/reader030/viewer/2022020306/540d76288d7f72747e8b49ca/html5/thumbnails/12.jpg)
Demo: creating a security group
![Page 13: Your First Week on Amazon Web Services](https://reader030.vdocuments.site/reader030/viewer/2022020306/540d76288d7f72747e8b49ca/html5/thumbnails/13.jpg)
Start a New Instance
• Instances are virtual machines running in the cloud
• You have full control of the instance and can install
any software that you choose
• In this process, you define what kind of machine you
want (processing power, HD space, etc.)
• You will need:– A Key Pair to connect to your instance via SSH
– A Security Group to put your instance in
![Page 14: Your First Week on Amazon Web Services](https://reader030.vdocuments.site/reader030/viewer/2022020306/540d76288d7f72747e8b49ca/html5/thumbnails/14.jpg)
Demo: starting an EC2 instance
![Page 15: Your First Week on Amazon Web Services](https://reader030.vdocuments.site/reader030/viewer/2022020306/540d76288d7f72747e8b49ca/html5/thumbnails/15.jpg)
S3
• S3 is Amazon’s Simple Storage Service
• Store and retrieve almost any amount of data: 1 Byte to 5 Terabytes
• Highly scalable and durable– Regular S3 has 99.999999999% durability
– Reduced Redundancy Storage (RRS) offers 99.99% durability at discount
• Encryption available– At rest and for ingest/delivery
• Storage is isolated by AWS Region
• Object-level permissions
• Easily Accessible – Web (HTTP/HTTPS), P2P (BitTorrent) & APIs (REST & SOAP)
![Page 16: Your First Week on Amazon Web Services](https://reader030.vdocuments.site/reader030/viewer/2022020306/540d76288d7f72747e8b49ca/html5/thumbnails/16.jpg)
Demo: using S3
![Page 17: Your First Week on Amazon Web Services](https://reader030.vdocuments.site/reader030/viewer/2022020306/540d76288d7f72747e8b49ca/html5/thumbnails/17.jpg)
Connecting to EC2 Instances
• SSH is used to connect to Linux– There is a Java-based terminal available in the EC2 Console
– Linux/OSX: Terminal
– Windows: PuTTY
– Note: If you are using an Linux distribution that has a GUI, you can use a remote GUI tool like VNC
• Remote Desktop is used to connect to Windows– Windows: MSTSC (Microsoft Terminal Services Client)
– Linux/OSX: 2X client
– Note: you can also use Remote PowerShell or a 3rd party shell extension with Windows.
![Page 18: Your First Week on Amazon Web Services](https://reader030.vdocuments.site/reader030/viewer/2022020306/540d76288d7f72747e8b49ca/html5/thumbnails/18.jpg)
Connecting to a Linux Instancefrom Linux/OSX
• Open a terminal window
• ssh -i {ssh private key location} ec2-
user@{public DNS name}
![Page 19: Your First Week on Amazon Web Services](https://reader030.vdocuments.site/reader030/viewer/2022020306/540d76288d7f72747e8b49ca/html5/thumbnails/19.jpg)
Connecting to a Linux Instance from Windows
• Download/Install PuTTY– http://bit.ly/1jsQjnt
• Convert .pem file to .ppk with PuTTYgen
• Create a connection in PuTTY
![Page 20: Your First Week on Amazon Web Services](https://reader030.vdocuments.site/reader030/viewer/2022020306/540d76288d7f72747e8b49ca/html5/thumbnails/20.jpg)
Connecting to a Windows Instance from Windows
• Open a Remote Desktop connection
• Windows + r or start and then the “run” option
• mstsc /v:{EC2 instance public DNS Name}
![Page 21: Your First Week on Amazon Web Services](https://reader030.vdocuments.site/reader030/viewer/2022020306/540d76288d7f72747e8b49ca/html5/thumbnails/21.jpg)
Demo:
connecting to a Linux EC2
Instance from Windows
![Page 22: Your First Week on Amazon Web Services](https://reader030.vdocuments.site/reader030/viewer/2022020306/540d76288d7f72747e8b49ca/html5/thumbnails/22.jpg)
Demo:
connecting to an instance from
AWS Management Console
![Page 23: Your First Week on Amazon Web Services](https://reader030.vdocuments.site/reader030/viewer/2022020306/540d76288d7f72747e8b49ca/html5/thumbnails/23.jpg)
CloudWatch
• CloudWatch provides monitoring information for your
EC2 instances
• CloudWatch allows you to specify actions to take when a
condition is met
– Example 1: Send an email when CPU Utilization >80% for 5 minutes
– Example 2: Add another machine to an Auto-Scaling Group if Average Disk
Read IOPS across an Auto-Scaling Group exceeds 500
– Example 3: Remove a machine from an Auto-Scaling Group if Network
input drops below 2,000 Bytes
![Page 24: Your First Week on Amazon Web Services](https://reader030.vdocuments.site/reader030/viewer/2022020306/540d76288d7f72747e8b49ca/html5/thumbnails/24.jpg)
Demo: creating a CloudWatch alarm
![Page 25: Your First Week on Amazon Web Services](https://reader030.vdocuments.site/reader030/viewer/2022020306/540d76288d7f72747e8b49ca/html5/thumbnails/25.jpg)
Additional Information
• CloudWatch works with Auto Scaling
• When you have defined an Auto-Scaling Group,
CloudWatch Alarms can be used to increase
and decrease the resources in the Auto-Scaling
Group
![Page 26: Your First Week on Amazon Web Services](https://reader030.vdocuments.site/reader030/viewer/2022020306/540d76288d7f72747e8b49ca/html5/thumbnails/26.jpg)
Elastic Block Storage
• Elastic Block Storage (EBS) is block level
storage for EC2 instances (think HDD)
• EBS volumes can be removed and re-attached
• Custom volume sizes from 1TB – 1 GB (RAID
for larger)
• Use Provisioned IOPS for predictable I/O
![Page 27: Your First Week on Amazon Web Services](https://reader030.vdocuments.site/reader030/viewer/2022020306/540d76288d7f72747e8b49ca/html5/thumbnails/27.jpg)
Demo: backing up an EBS volume
![Page 28: Your First Week on Amazon Web Services](https://reader030.vdocuments.site/reader030/viewer/2022020306/540d76288d7f72747e8b49ca/html5/thumbnails/28.jpg)
Restoring a Snapshot / Creating an AMI
• AMIs are Amazon Machine Images
• AMIs are bootable versions of a snapshot
(backup)
• AMIs are private, but you can choose to share
them with others
![Page 29: Your First Week on Amazon Web Services](https://reader030.vdocuments.site/reader030/viewer/2022020306/540d76288d7f72747e8b49ca/html5/thumbnails/29.jpg)
Demo:
creating an AMI
& restoring a snapshot
![Page 30: Your First Week on Amazon Web Services](https://reader030.vdocuments.site/reader030/viewer/2022020306/540d76288d7f72747e8b49ca/html5/thumbnails/30.jpg)
AWS Billing and Cost Management
• Several features to help you monitor costs and
visualize your AWS spend:– Cost Explorer
– Alerts on Spending Limits
– Detailed Billing Reports
– Consolidated Billing
![Page 31: Your First Week on Amazon Web Services](https://reader030.vdocuments.site/reader030/viewer/2022020306/540d76288d7f72747e8b49ca/html5/thumbnails/31.jpg)
Demo: AWS Account billing console
![Page 32: Your First Week on Amazon Web Services](https://reader030.vdocuments.site/reader030/viewer/2022020306/540d76288d7f72747e8b49ca/html5/thumbnails/32.jpg)
Summary
• We covered:– Set up an AWS account
– Create an IAM user and enable MFA
– Create SSH key pairs (used to log into your instances)
– Create a Security Group (firewall)
– Start an EC2 instance (virtual machine)
– Connect to your EC2 instance
– Use S3 (Internet connected storage)
– Create a CloudWatch alarm
– Backup and restore your EC2 instance
– Visualize AWS costs and set spending alerts
![Page 33: Your First Week on Amazon Web Services](https://reader030.vdocuments.site/reader030/viewer/2022020306/540d76288d7f72747e8b49ca/html5/thumbnails/33.jpg)
Thank you!