We have Seen Cloud Services Like IAAS, PAAS, and SAAS, and also learned how to select the right EC2 instance type and initialize with all required configurations, But lets the different service categories in the AWS services are broadly divided. We discussed the compute and Storage categories in the last article where we learned about 2-3 services in each category lets see about the rest of the categories.
AWS Cloud Service Categories
The Compute Categories' most used services are AWS EC2, Beanstalk, and Lambda, and AWS Simple storage service or S3 and AWS Elastic File System are the services in storage lets see about the rest of the categories which are Security, Backup, Networking, Database. Monitoring and scaling are an Important Topic, and there is a lot of things to learn about this category so we shall see this category in a separate article.
Databases in AWS
1. AWS Relational Database System or RDS
Amazon Relation database system is a managed database service that supports database systems like MySQL, Oracle, Microsoft Aurora, MariaDB, etc. In this service, the data is stored in the form of tablets in the same way how Databases work. In the time of making an RDS we need to choose the type of instance and the type of DB we are using, we can also select the VPC in which we want to run the RDS. It is always recommended to run a Database service in a private network so other services or instances cant interact with it and only the specified application which we mention can access it.
RDS is very useful when we want to do Complex transactions into the database, but when an application needs a lot of reading write operation like 100,000/sec then we should not go for RDS. Another major feature of RDS is that it replicates into multiple AZ's and does the transaction Synchronously in all the AZ's. If one of the RDS instances in one AZ's is stopped or terminates then the other copy is considered as the main instance, so there will be no outage and data loss. The Billing of the RDS depends on the Instance type we have selected like CPU, Storage, and also the DB engine.
2. Amazon DynamoDB
There are 2 types of database one is a relational database, the other is a NoSQL database, and DynamoDB comes in the second type. The main feature of this service is it can handle large amounts of datasets with reading, write operation is almost zero latency. It also comes under fully managed service and customers need not configure much. Unlike RDS which uses rows and tables for storing the data NoSQL instances store data in the form of key-value pairs, and they can be scaled horizontally. Amazon DynamoDB also assures that it can provide an infinite amount of data storage.
DynamoDB is used for the application needs where the datasets are growing more as the interaction with the user increases. It can quickly adapt to a new dataset and add multiple attributes to the datasets. It uses Solid State Drives or SSD's to store the data which causes the data retrieval faster than the traditional DB's. We can use DynamoDB with Auto-scaling services which can scale in and scale out based on the requirements and the traffic flow.
AWS Networking And Security
1. AWS Identity And Access Management or IAM
AWS IAM allows you to manage the cloud, It is like assigning roles to users and even applications and their restrictions and roles. We can configure what permissions does a user has and what kind of changes he can do in the cloud. It is a Global service so it can control the whole cloud. We can give roles like System Administrators, Database Administrators, etc., and assign each permission and restrictions to roles. For this, every user should have a unique name with no spaces in the name. We can also make groups to keep similar types of users together.
User Should first be added into the cloud with a unique name, he should protect his account with a password or some key-value pair like public-private keys. Then he will be given a role by default, all Permissions of the role are denied implicitly, for giving permission we should policies and give assign this policy to the user. The policies may be of 2 types resource-based or Identity Based. Identity-Based policies are the restrictions imposed on a single entity, where are restrictions imposed on specific services or applications are resources-based policies.
2. AWS Virtual Private Network or VPC
AWS VPC is one of the important services in AWS, many other services also depend on this service. VPC creates a virtual private network that is isolated from the rest of the network. It is similar to running a physical data center or on-premise infrastructure. We have multiple attributes inside a VPC like subnets, IP address, Routing, and Routing tables, and the networking functionalities. You can get many functionalities with a VPC, we can add a VPC to the cloud which has all the confidential information so that no one can access it and only the information flows through an encrypted network.
It is mostly used to Isolates networks in a cloud, and launch required instances or services in each VPC, like database VPC only has databases and its services, etc. It also adds many levels of security to the cloud and the instances are isolated from each other. Later in a VPC, we can subdivide into subnets as public and private subnets, we should remember that private subnets cant directly access the internet there should be some mediator like a NAT gateway to access the internet. We can also make VPC in Multiple AZ's.
Tags:
Cloud_Computing