Beruflich Dokumente
Kultur Dokumente
What’s before Cloud Computing ? What’s current scenario with Cloud Computing ?
Buy more servers to handle the peek traffic in mind Scalability (server capacity will vary according to traffic..)
Monitors and Maintenance of the servers Cloud Providers manages the servers
Challenges faced :
- Server setup is expensive
- If any problems , troubleshooting can be difficult
- Servers would be idle most of the time ie the servers are
utilized only during peek time and after which the servers
would be idle
SaaS
IaaS->the basic building blocks for cloud PaaS->removes the need for our organization to
IT and typically provide access to manage the underlying infrastructure (usually
networking features, computers (virtual hardware and operating systems) and allows us
Cloud to focus on the deployment and management of
or on dedicated hardware), and data computing
storage space. our applications
Service models
IaaS PaaS
Cloud
Deployment Private networks => accessible within an organization
models
Cloud Solutions
Cloud providers Accordingly to the recent cloud offerings, Amazon has been
chosen by many customers to build their businesses. The AWS
cloud computing platform provides the flexibility to build your
application, your way, regardless of your use case or industry
• Easy to use
• Flexible • Security
• Cost-Effective • Networking
Benefits of AWS AWS Core
Cloud • Reliable • Servers
computing • Scalable and high- Services • Storage
performance • Database
• Secure
▪ Consider a user tries to access a web page - https://www.sify.com/ . Below would be overall high level
architecture.
Suddenly when a lot of users started to hit, cloud computing
sense the traffic automatically by provisioning additional
servers to normalize
DB
EC2 server
RDS
USER Route 53 Elastic Load Balancer EC2 server
* Network
Amazon Elastic Load Balancing
AWS S3, AWS EFS,AWS EBS, AWS S3 Glacier , AWS Snowball, AWS Storage
* Storage
Gateway
* Security and Identity AWS IAM, Amazon Inspector, AWS Artifact ,AWS Shield
Database:
- AWS offers the
Compute: broadest range of
databases purpose-built
-Building and running Storage :
Network : for your specific
your organization starts
-A reliable, scalable, and application use cases.
with compute, whether -Isolate your cloud secure place for your Security and Identity : - database services
you are building infrastructure, scale your data -AWS cloud provides a includes relational
enterprise, cloud-native request handling
or mobile apps, or capacity, and connect Storage that allows you platform to scale and databases for
running your physical network to to store and retrieve any innovate, while still transactional
your private virtual amount of data, anytime, maintaining a secure applications, non-
-Allows to develop,
network from anywhere on the environment. relational databases for
deploy, run, and scale
web Example – IAM.. internet-scale
your applications and Example – VPC..
Example – S3.. applications, a data
workloads
warehouse for analytics,
Example - EC2 … an in-memory data store
for caching
Example - Aurora
▪ VPC provision a private, isolated virtual network on the AWS Cloud. It has the complete control over your virtual networking
environment
▪ Subnets: Defines a range of IP addresses in the VPC
Subnet
Each subnet must reside entirely within one Availability Zone and
Cannot span zones
Bucket object/Key
▪ AWS Identity and Access Management (IAM) is an access management service for your AWS cloud resources.
• AWS IAM enables you to securely control access to AWS services and resources for your users.
• Using IAM, you can create and manage AWS users and groups, and use permissions to allow and deny their access
to AWS resources
• IAM is a feature of your AWS account offered at no additional charge. You will be charged only for use of other AWS
services by your users.
▪ IAM allows:
o Manage IAM users and their access - You can create users in IAM, assign them individual security credentials
o Manage IAM roles and their permissions - You can create roles in IAM and manage permissions to control
which operations can be performed by the entity, or AWS service, that assumes the role.
o Manage Federated users and their permissions - You can enable identity federation to allow existing identities
(users, groups, and roles) in your enterprise to access the AWS Management Console, call AWS APIs, and
access resources, without the need to create an IAM user for each identity.
▪ Amazon Aurora is a MySQL and PostgreSQL-compatible relational database built for the cloud, that combines
the performance and availability of traditional enterprise databases with the simplicity and cost-effectiveness
of open source databases.
▪ Regions
• Areas that host two or more geographic locations
▪ Availability Zones
• Collection of datacenters within a specific region
• Isolate – protect from failures
• Best Practice: multiple availability zones
▪ Edge locations
• host a content delivery network(CDN) – Amazon Cloud
Front
• Cloud Front is used to deliver content to customers faster
▪ Availability Zones ▪ Requests are automatically routed to the nearest edge location for
faster delivery
▪ Located in highly populated areas similarly to regions and availability
zones
Cloud computing security is a fast-growing service that provides many of the same functionalities as traditional IT
security. This includes protecting critical information from theft, data leakage and deletion.
• Built-in firewalls • AWS customers • Encryption • Deployment tools • Tools and features to • IAM (Identity and
• Encryption in transit benefit from AWS capabilities • Inventory and reduce the profile Access Management
• Private/dedicated services and • Key management configuration tools risk- deep visibility (IAM)
connections technologies built options –AWS Key • Template definition into API calls, Log • MFA( Multi-Factor
from the ground up Management service aggregation and Authentication
• Distributed denial of and management
to provide resilience • Hardware- based tools options, Alert • Integration and
service(DDoS)
in the face of DDoS cryptographic key notifications federation with
mitigation
attacks. storage options – corporate directories
• Click Here – DDoS AWS Cloud HSM • Amazon Cognito
Best Practices
• AWS SSO
Below are the controls that are managed by AWS, AWS Customers and/or both.
▪ Inherited Controls - Controls which a customer fully inherits from AWS
• Physical and Environmental controls
▪ Shared Controls - Controls which apply to both the infrastructure layer and customer layers, but in completely
separate contexts or perspectives.
• Patch Management
• Configuration Management
• Awareness & Training
▪ Customer Specific - Controls which are solely the responsibility of the customer based on the application they
are deploying within AWS services
• Service and Communications Protection or Zone Security which may require a customer to route or zone
data within specific security environments
▪ AWS offers you a pay-as-you-go approach for pricing for over 120 cloud services.
▪ AWS Pricing model - you pay for utilities like water and electricity. You only pay for the services you
consume, and once you stop using them, there are no additional costs or termination fees
▪ AWS helps you reduce Total Cost of Ownership (TCO) by reducing the need to invest in large capital
expenditures and providing a pay-as-you-go model that empowers you to invest in the capacity you need and
use it only when the business requires it.
Comparison between on-premises or traditional hosting environment to AWS:
▪ 1. Describe your existing or planned on-premises or hosting infrastructure in four steps, or enter detailed
configurations.
▪ 2. Get an instant summary report which shows you the three year TCO comparison by cost categories.
▪ 3. Download a full report including detailed cost breakdowns, Methodology, Assumptions, and FAQ or store
the report in Amazon S3 for sharing with others.
Click the calculator@ https://awstcocalculator.com/ to compare the cost of running your applications in an on-
premises or colocation environment to AWS
▪ AWS has designed its model support model to provide the right resources with the unique combination of tools and
expertise to fit the current and future cases
▪ AWS Supports
• AWS Technical Account Manager(TAM) provides Proactive guidance like architectural review, continuous ongoing
communication to provide updates about the plan, deployment and optimize their solutions
• Trusted Advisor provides the overall Best Practices support for users to ensure they follow best practices to increase
their performance and fault tolerance in the AWS environment
o Trusted Advisor is a pool of online AWS experts who checks for opportunities to reduce monthly expenditures
and increase productivity
• AWS Support Concierge (billing and account experts) provides the Account assistance who will provide a quick and
efficient analysis on any issue(non technical queries), freeing up the users time to run their business
▪ Categories are
Available for all AWS customers that includes
- Customer Services & Communities – 24x7 access
Basic Support Plan
- AWS Trusted Advisor – access to 7 core Trusted Advisor checks and guidance
- AWS Personal Health Dashboard to view the health of AWS services, alerts….
Business Support Plan This plan recommended if you have production workloads in AWS.
Enterprise Support Plan This plan recommended if you have business and/or mission critical workloads in AWS.
Credit/ Debit
card
verification to
be completed
Get enabled using Free AWS Digital /Internal • AWS Cloud Practitioner Essentials(II Edition) | AWS Digital Learning
courses • Internal Skillsoft Courses
Get
Enabled !
Learn AWS concepts through self-paced • Learn Sify’s AWS Cloud Essentials Handouts (Self-paced)
enablement (Prep-material)
Take the Sify’s AWS Certified Cloud Practitioner – • Sify Certified AWS Cloud Practitioner Essentials (Internal)
Internal assessment
Get
Certified !
Schedule Your External Exam and Get AWS • AWS Certified Cloud Practitioner (External)
Certified(Optional)
AWS Cloud Practitioner Essentials (II Edition) Amazon Web Services (AWS) - Skillsoft courses
Get
Enabled !
Get
Cloud Concepts Certified !
• 1.1 Define the AWS Cloud and its value proposition
1.2 Identify aspects of AWS Cloud economics
1.3 List the different cloud architecture design principles
Technology
• 3.1 Define methods of deploying and operating in the AWS Cloud
3.2 Define the AWS global infrastructure
3.3 Identify the core AWS services
3.4 Identify resources for technology support
Thank You!
Business Aligned | Learner Centric | Outcome Based