AWS Cloud Essentials

AWS provides on-demand delivery of technology services through the Internet with pay-as-you-go pricing. This is known as cloud computing.

The AWS Cloud encompasses a broad set of global cloud-based products that includes compute, storage, databases, analytics, networking, mobile, developer tools, management tools, IoT, security, and enterprise applications: on-demand, available in seconds, with pay-as-you-go pricing. With over 200 fully featured services available from data centers globally, the AWS Cloud has what you need to develop, deploy, and operate your applications, all while lowering costs, becoming more agile, and innovating faster.

For example, with the AWS Cloud, you can spin up a virtual machine, specifying the number of vCPU cores, memory, storage, and other characteristics in seconds, and pay for the infrastructure in per-second increments only while it is running. One benefit of the AWS global infrastructure network is that you can provision resources in the Region or Regions that best serve your specific use case. When you are done with the resources, you can simply delete them. With this built-in flexibility and scalability, you can build an application to serve your first customer, and then scale to serve your next 100 million.

This video explores how millions of customers are using AWS to take advantage of the efficiencies of cloud computing.
 

Dive deeper with these additional resources
Cloud Computing with AWS
A full list of AWS Services by category

Cloud computing provides developers with the ability to focus on what matters most and avoid infrastructure procurement, maintenance, and capacity planning, or undifferentiated heavy lifting.

With the growing popularity of cloud computing, several different service models have emerged to help meet specific needs of different users. Each type of cloud service provides you with different levels of abstraction, control, flexibility, and management. Understanding the differences between Infrastructure as a Service (IaaS), Platform as a Service (PaaS), and Software as a Service (SaaS) can help you decide what service type is right for your needs as a developer.

AWS Cloud infrastructure is extensive, offering 200 fully featured services from data centers globally. With the largest global infrastructure footprint of any cloud provider, AWS provides you the cloud infrastructure where and when you need it.

Dive deeper with these additional resources
Global infrastructure: Overview
Regions and Availability Zones
AWS Regional Services List

When infrastructure becomes virtual, as with cloud computing, the way developers work with infrastructure changes slightly. Instead of physically managing infrastructure, you logically manage it, through the AWS Application Programming Interface (AWS API). When you create, delete, or change any AWS resource, you will use API calls to AWS to do that.

You can make these API calls in several ways, but we will focus on these to introduce this topic:

•        The AWS Management Console
•        The AWS Command Line Interface (AWS CLI)
•        IDE and IDE toolkits
•         AWS Software Development Kits (SDKs)

When first getting started with AWS, people often begin with the AWS Management Console, a web-based console that you log in to through a browser. The console comprises a broad collection of service consoles for managing AWS resources. By working in the console, you do not need to worry about scripting or syntax. You can also select the specific Region you want an AWS service to be in.

After working in the console, you may want to move away from manual deployment of AWS service, perhaps because you have become more familiar with AWS or are working in a production environment that requires a degree of risk management. This is where the AWS Command Line Interface (CLI) comes in.

The AWS CLI is an open source tool that enables you to create and configure AWS services using commands in your command-line shell. You can run commands in Linux or macOS using common shell programs such as bash, zsh, and tcsh, or on Windows, at the Windows command prompt or in PowerShell. One option for getting up and running quickly with the AWS CLI is AWS CloudShell, a browser-based shell that provides command-line access to AWS resources. CloudShell is pre-authenticated with your console credentials. Common development and operations tools are pre-installed, so no local installation or configuration is required.

By moving to the AWS CLI, you can script or program the API calls. Instead of using a GUI, you create commands using a defined AWS syntax. One benefit of the CLI is that you can create single commands to create multiple AWS resources, which could help reduce the chance of human error when selecting and configuring resources. With the CLI, you need to learn the proper syntax for forming commands, but as you script these commands, you make them repeatable. This should save you time in the long run.

AWS offers support for popular Integrated Development Environments (IDEs) and IDE toolkits so you can author, debug, and deploy your code on AWS from within your preferred environment. Supported IDEs and toolkits include AWS Cloud9, IntelliJ, PyCharm, Visual Studio, Visual Studio Code, Azure DevOps, Rider, and WebStorm.

Software Development Kits (SDKs) are tools that allow you to interact with the AWS API programmatically. AWS creates and maintains SDKs for most popular programming languages, including those shown in the following diagram.

SDKs come in handy when you want to integrate your application source code with AWS services. For example, you might use the Python SDK to write code to store files in HAQM Simple Storage Service (HAQM S3) instead of on your local hard drive. The ability to manage AWS services from a place where you can run source code, with conditions, loops, arrays, lists, and other programming elements, provides a lot of power and creativity.

These are just some of the tools available to developers on AWS. For a full list of AWS tools for developing applications faster and easier, see Tools to Build on AWS.

Dive deeper with these additional resources
AWS Management Console
Documentation: AWS Management Console
AWS Command Line Interface
Documentation: AWS Command Line Interface
AWS CLI GitHub Project
Start building with SDKs and tools

AWS also offers the AWS Cloud Development Kit for Kubernetes (cdk8s), an open-source software development framework for defining Kubernetes applications using general-purpose programming languages.

Try it out: Get Started with AWS CDK

Try it out: Getting started with AWS CloudFormation

Dive deeper with these additional resources
AWS CDK v2
What is AWS CloudFormation?

Designing a solid cloud architecture is foundational work that involves the entire technical team. Understanding the six pillars of the AWS Well-Architected Framework will help orient your thinking toward best practices as you work with AWS services.

AWS Well-Architected helps cloud architects and developers build secure, high-performing, resilient, and efficient infrastructure for a variety of applications and workloads. Built around six pillars—operational excellence, security, reliability, performance efficiency, cost optimization, and sustainability—AWS Well-Architected provides a consistent approach for you to evaluate architectures and implement scalable designs.

The AWS Well-Architected Framework includes domain-specific lenses, hands-on labs, and the AWS Well-Architected Tool. The AWS Well-Architected Tool, available at no charge in the AWS Management Console, provides a mechanism for regularly evaluating workloads, identifying high-risk issues, and recording improvements.

Hover over each section below to learn more:

When you build applications on AWS, managing security and compliance is a shared responsibility between AWS and you. To depict this shared responsibility, AWS created the shared responsibility model (see the following diagram). The distinction of responsibility is commonly referred to as security “of” the cloud compared to security “in” the cloud.

Being responsible for security of the cloud means that AWS protects and secures the infrastructure that runs the services offered in the AWS Cloud. AWS is responsible for:

• Protecting and securing AWS Regions, Availability Zones, and data centers, down to the physical security of the buildings
• Managing the hardware, software, and networking components that run AWS services, such as the physical servers, host operating systems, virtualization layers, and AWS networking components.

Customers, or anyone building on the cloud, are responsible for security in the cloud. When using any AWS service, you’re responsible for properly configuring the service and your applications, in addition to ensuring that your data is secure.

Your level of responsibility depends on the AWS service. Some services require you to perform all the necessary security configuration and management tasks, while other more abstracted services require you to only manage the data and control access to your resources.

Due to the varying levels of effort, customers must consider which AWS services they use and review the level of responsibility required to secure each service. They must also review how the shared security model aligns with the security standards in their IT environment, in addition to any applicable laws and regulations.

A key concept is that customers maintain complete control of their data and are responsible for managing the security related to their content.

This short summary of cloud security introduces core concepts only. Browse the Security Learning page to learn more about key topics, areas of research, and training opportunities for cloud security on AWS.

Security
AWS Shared Responsibility Model
Security Learning