Assignment 2
Assignment 2
Assignment 2
Advantages Disadvantages
AWS allows you to easily scale your AWS can be complex, with a wide range of
resources up or down as your needs services and features that may be difficult
change, helping you to save money and to understand and use, especially for new
ensure that your application always has the Users
resources it needs
AWS provides a highly reliable and secure • AWS can be expensive, especially if you
infrastructure, with multiple data centers andhave a high-traffic application or need to run
a commitment to 99.99% availability for multiple services. Additionally, the cost of
many of its services. services can increase over time, so you need
to regularly monitor your spending
AWS offers a wide range of services and tools While AWS provides many security features
that can be easily combined to build and and tools,
deploy a variety of applications, making it securing your resources on AWS can still be
highly flexible. challenging, and you may need to
implement additional security measures to
meet your specific requirements
AWS offers a pay-as-you-go pricing model, AWS manages many aspects of the
allowing you to infrastructure, which can limit your control
only pay for the resources you actually use over certain parts of your application and
and avoid upfront costs and long-term environment.
commitments
• Container:
- A way to package an application with all the necessary dependencies and
configuration
- It can be easily shared
- Makes deployment and development efficient.
• Use Cases:
Lambda is an ideal compute service for application
scenarios that need to scale up rapidly, and scale down to
zero when not in demand. For example, you can use
Lambda for:
• File processing: Use Amazon Simple Storage Service
(Amazon S3) to trigger Lambda data processing in real time
after an upload.
• Stream processing: Use Lambda and Amazon Kinesis to
New Section 4 Page 6
• Stream processing: Use Lambda and Amazon Kinesis to
process real-time streaming data for application activity
tracking, transaction order processing, clickstream analysis,
data cleansing, log filtering, indexing, social media analysis,
Internet of Things (IoT) device data telemetry, and
metering.
• Web applications: Combine Lambda with other AWS
services to build powerful web applications that
automatically scale up and down and run in a highly
available configuration across multiple data centers.
• IoT backends: Build serverless backends using Lambda
to handle web, mobile, IoT, and third-party API
requests.
• Mobile backends: Build backends using Lambda and
Amazon API Gateway to authenticate and process API
requests. Use AWS Amplify to easily integrate with
your iOS, Android, Web, and React Native frontends
• Key Features
• Lambda’s key features and selling points are as
follows:
• Highly scalable
• Completely event-driven
• Support multiple languages and frameworks
• Pay-as-you-go pricing
• Language support:
1. node JS
2. Python
3.Ruby
4.Power Shell
5. Go
New Section 4 Page 7
5. Go
6. C#
7.JAVA
• Data Center:
- A data center is a physical facility that houses hundreds of computer
systems, network devices, and storage appliances.
- We can run our applications in two or more data centers to achieve high
availability, so If there is an outage in one of the data centers, we still have
other servers running in another data center.
New Section 4 Page 15
other servers running in another data center.
- A data center can also deliver cached content to your global end-users to
improve response times.
- At its core, the AWS Global Infrastructure utilizes multiple data centers and
group them into Availability Zones, Regions, and Edge Locations.
• S3 bucket?:
Amazon S3 bucket is a fundamental Storage Container feature in AWS S3
Service. It provides a secure and scalable repository for storing of Objects
such as Text data, Images, Audio and Video files over AWS Cloud. Each S3
bucket name should be named globally unique and should be configured
with ACL (Access Control List).
• IAM Policies:
IAM policies are mostly used to manage the permissions to
the users and groups and resources available in the AWS by using the
IAM roles options. You can attach an IAM policy to an IAM entity (user,
group, or role) granting them access to specific S3 buckets and
operations.
IAM Policies can manage access for AWS by attaching them to the IAM
Identities or resources IAM policies defines permissions of AWS identities
and AWS resources when a user or any resource makes a request to AWS
will validate these policies and confirms whether the request to be allowed
or to be denied.
- AWS policies are stored in the form of Jason format
• IAM Roles:
While policies cannot be directly given to any of the services accessible
through the
New Section 4 Page 16
through the
Amazon dashboard, IAM roles are similar to IAM users in that they may be
assumed
by anybody who requires them. By using roles, we can provide AWS
Services access
rights to other AWS Services
• IAM Groups:
A group is a collection of users, and a single person can be a member of
several groups.
With the aid of groups, we can manage permissions for many users quickly
and efficiently.
• IAM Users:
We can utilize IAM users to access the AWS Console and their
administrative permissions differ from those of the Root user and if we can
keep track of their login information.
• Root user:
The root user will automatically be created and granted unrestricted rights.
We can create an admin user with fewer powers to control the entire
Amazon account.
• VPC:
A virtual private cloud (VPC) is a virtual network dedicated to your AWS
account.
It is logically isolated from other virtual networks in the AWS Cloud. You
can specify an IP
address range for the VPC,
add subnets, add gateways, and associate security groups. A subnet is a
range of IP addresses in
your VPC.
has a default VPC in each AWS Region. The default VPC includes a default
New Section 4 Page 17
has a default VPC in each AWS Region. The default VPC includes a default
public subnet in
each Availability Zone and an internet gateway that is attached to your
VPC. The VPC also
includes a default security group.
• Security group :
A security group controls the traffic that is allowed to reach and leave the
resources that it is associated with. For example, after you associate a
security group with an EC2 instance, it controls the inbound and outbound
traffic for the instance. When you create a VPC, it comes with a default
security group.