PurposePurpose of this post is, to achieve a knowledge enrichment for myself. It’s more than a repetition, I also add some findings to the content I learned from additional sources and I get some practice using draw.io for architecture visualization. And as well for free, some Use Cases for training using my AWS Account! TopicBelow […]
Coming from the On Premises approach (1st column), you own the server mostly in redundancy to ensure reliability. Infrastructure-as-a-Service/IaaS (2nd column) IaaS is the next stage and we already use a virtual machine, a server located in the data center. Platform-as-a-Service/PaaS (3rd column) is following. There is no more access to the machine, but we […]
There are three ways to manage your AWS solutions. I just give a short overview about them. Software Development Kit SDK The access to the service is possible via your code. SDK’s in JavaScript, Python, PHP, .NETm Ruby, Go, Nodes.js, C++, Java and IoT are supported. Comand Line Interface CLIUsing the CMI, gives access to AWS […]
EBS volumes offer block storage for instances, are scalable, encrypted and replication ensures availability. For each day per month data is stored in a separate bucket in this example above.
S3 a fast core functionality for object storage, but no file system. The use cases above give an overview of scenarios to store data in S3 buckets. Data is stored as an object within the buckets. The max. size for a single object i limited to 5 TB and 99.999999999% durable is a value to […]
S3 Glacier is a low-cost data archive. S3 Glacier helps to deploy and enforce compliance controls, if the use case requires it. Vaults becomes immutable once locked.
Secure your data, secure your network. To ensure security from the very first beginning each customer choose the Availability Zones for his cloud to ensure the replication of the data, only mirrored in the selected Region/s. An other security aspect is the separation in Public Subnet and Private Subnet. Everything for the Public Subnet has […]
Inbound Access. From Public Internet and Datacenter This example above shows, how Security Groups provide aditional control of the access to diffrent servers. The Security Groups have only „allow“ rules an dno „deny“ rules. The default value is always no inbound traffic is allowed and all outbound traffic is allowed. The rules allow responses from […]
Improve the initial project. „You can’t fix what you don’t monitor!“ In this very simple architecture example we use an EC2 instance, placed in the center. We mount EBS volume as a network block store for database files. The instance store (ephemeral) is used only to support high performance cache and is local block store, […]
You only can control, what you measure! So CloudWatch is a possibility for monitoring your resources and applications running on AWS by collecting and tracking standard and custom metrics, like log files. If the defined alarm state is achieved, CloudWatch Alarm sends via SNS e.g. a email notification to the ops team, automatically EC2 starts […]