AWS Global Infrastructure

There are 81 AZs, 25 Geographic regions, 5 Local Regions and 14 Wavelength Regions.
Regions: It is a physical location around the world where AWS cluster data centers. Each group of logical
data centers are called Availability Zone. Each AWS Region consists of multiple, physically isolated, and
physically separate AZs within a geographic area. Each AZ has independent power, cooling, and physical
security and is connected via redundant, ultra-low-latency networks. AWS customers focused on high
availability can design their applications to run in multiple AZs to achieve even greater fault-tolerance.
AWS infrastructure Regions meet the highest levels of security, compliance, and data protection. AWS
maintains multiple geographic Regions, including Regions in North America, South America, Europe,
China, Asia Pacific, South Africa, and the Middle East.
Each region has at least two AZs
AWS largest region is US-EAST (North Virginia).
US-EAST (North Virginia) is also the default region.
New Services almost always become available first in US-EAST.
Not all services are available in all regions.
US – EAST 1 is the region where you see all your billing information.
There is a charge for data transfer between regions.
Each AZ is designed as an independent failure zone.
Some services classed as global services, such as AWS Identity & Access Management (IAM) or Amazon
CloudFront, are not tied to a specific region.
US East 1 (North Virginia) Region was one of the first Regions that was up and running, it is pretty much
the cheapest Region in AWS.
Reasons for Selecting a Region
Compliance with data governance and legal requirements - Depending on your company and location,
you might need to run your data out of specific areas. For example, if your company requires all of its
data to reside within the boundaries of the UK, you would choose the London Region.
Proximity to your customers - Selecting a Region that is close to your customers will help you to get
content to them faster. For example, your company is based in Washington, DC, and many of your
customers live in Singapore. You might consider running your infrastructure in the Northern Virginia
Region to be close to company headquarters and run your applications from the Singapore Region.
Available services within a Region - Sometimes, the closest Region might not have all the features that
you want to offer to customers. Suppose that your developers want to build an application that uses
Amazon Braket (AWS quantum computing platform). As of this course, Amazon Braket is not yet
available in every AWS Region around the world, so your developers would have to run it in one of the
Regions that already offers it.
Pricing - Suppose that you are considering running applications in both the United States and Brazil. The
way Brazil’s tax structure is set up, it might cost 50% more to run the same workload out of the São
Paulo Region compared to the Oregon Region. The cost of services can vary from Region to Region.
Availability Zones: An Availability Zone (AZ) is one or more discrete data centers with redundant power,
networking, and connectivity in an AWS Region. AZs give customers the ability to operate production
applications and databases that are more highly available, fault tolerant, and scalable than would be
possible from a single data center. All AZs in an AWS Region are interconnected with high-bandwidth,
low-latency networking, over fully redundant, dedicated metro fiber providing high-throughput, low-
latency networking between AZs. All traffic between AZs is encrypted. The network performance is
sufficient to accomplish synchronous replication between AZs. AZs make partitioning applications for
high availability easy. If an application is partitioned across AZs, companies are better isolated and
protected from issues such as power outages, lightning strikes, tornadoes, earthquakes, and more. AZs
are physically separated by a meaningful distance, many kilometers, from any other AZ, although all are
within 100 km (60 miles) of each other.
AZs are represented by a region code, followed by a letter identifier e.g., US-EAST-1A
<10ms latency between AZs.
An AZ consists of one to six data centers, with redundant power supplies and networking connectivity.
AWS Local Zones: It place compute, storage, database, and other select AWS services closer to end-
users. With AWS Local Zones, you can easily run highly demanding applications that require single-digit
millisecond latencies to your end-users such as media & entertainment content creation, real-time
gaming, reservoir simulations, electronic design automation, and machine learning.
Each AWS Local Zone location is an extension of an AWS Region where you can run your latency
sensitive applications using AWS services such as Amazon Elastic Compute Cloud, Amazon Virtual Private
Cloud, Amazon Elastic Block Store, Amazon File Storage, and Amazon Elastic Load Balancing in
geographic proximity to end-users. AWS Local Zones provide a high-bandwidth, secure connection
between local workloads and those running in the AWS Region, allowing to seamlessly connect to the
full range of in-region services through the same APIs and tool sets.
A Local Zone can't be included in a Multi-AZ deployment.
Local Zones are only available in the US West (Oregon) Region. In this AWS Region, the Los Angeles AWS
Local Zone is available.
AWS Wavelength: It enables developers to build applications that deliver single-digit millisecond
latencies to mobile devices and end-users. AWS developers can deploy their applications to Wavelength
Zones, AWS infrastructure deployments that embed AWS compute and storage services within the
telecommunications providers’ datacenters at the edge of the 5G networks, and seamlessly access the
breadth of AWS services in the region. This enables developers to deliver applications that require
single-digit millisecond latencies such as game and live video streaming, machine learning inference at
the edge, and augmented and virtual reality (AR/VR). AWS Wavelength brings AWS services to the edge
of the 5G network, minimizing the latency to connect to an application from a mobile device.
Application traffic can reach application servers running in Wavelength Zones without leaving the mobile
provider’s network. This reduces the extra network hops to the Internet that can result in latencies of
more than 100 milliseconds, preventing customers from taking full advantage of the bandwidth and
latency advancements of 5G.
AWS Outposts: AWS Outposts is an on-premises IT as a service (ITaaS) platform from Amazon Web
Services (AWS). AWS Outposts is a managed device that brings Amazon cloud services into your data
center. It is a fully managed compute, networking and storage rack built with AWS-designed hardware
that allow customers to run AWS services on-premises or in co-location sites and is connected to the
AWS public cloud.  It brings native AWS services, infrastructure, and operating models to virtually any
data center, co-location space, or on-premises facility. Outposts, acts as a hybrid cloud, allows users to
host an environment similar to a public cloud on premises. AWS Outposts is designed for connected
environments and can be used to support workloads that need to remain on-premises due to low
latency or local data processing needs.
The Outposts rack contains servers, storage, AWS software, redundant power supplies and built-in top-
of-rack network switches. The switch supports 1/10/40/100 Gbit/s uplinks. The Outposts rack must be
connected across the public internet to a parent AWS region with a high-availability link. AWS uploads
and executes software upgrades and patches across this link.
There is no option to select specific server CPU models with their cores and clock rating. You cannot
specify the amount of memory nor the amount and type of storage media. There is no option to specify
software or Amazon services.
Customers can pay all upfront, make a partial upfront payment or pay through monthly subscription.
AWS Services on Outposts are priced based on usage by the hour per instance and excludes underlying
EC2 instance and EBS storage charges.
To run Outposts, users will require physical space, power, and a network to deploy Outpost hardware on
premise. Users then can securely connect to an AWS Availability Zone over a VPN or AWS Direct
Connect. Once everything is set up, users can log into the AWS Management Console, and configure and
order their Outposts service. Users can choose EC2 instances and storage options. AWS will ship
Outposts to the user, where they can then hook the service up, and view Outposts in the AWS
Management Console. Users will then be able to launch their applications as part of the Amazon Virtual
Private Cloud (VPC). Users can start with one Outpost server and scale them as needed.
Edge Locations: It is DC owned by trusted partner of AWS which has a direct connection to the AWS
Network which is used to Get Data Fast or Upload Data Fast to AWS. These locations serve requests for
Cloud Front and Route 53. Requests going to either of these services will be routed to the nearest edge
location automatically. S3 Transfer Acceleration traffic or API Gateway endpoint traffic also uses AWS
Edge Network. This allows for low latency no matter when the end user is geographically located. Edge
locations are the endpoints for AWS used for caching content. Edge locations consist of CloudFront,
Amazon’s Content Delivery Network (CDN). Edge locations are more than regions. Currently, there are
over 150 edge locations. Edge location is not a region but a small location that AWS have. It is used for
caching the content. Edge locations are mainly located in most of the major cities to distribute the
content to end users with reduced latency. For example, some user accesses your website from
Singapore; then this request would be redirected to the edge location closest to Singapore where
cached data can be read.
Regional Edge Cache: AWS announced a new type of edge location in November 2016, known as a
Regional Edge Cache. Regional Edge cache lies between CloudFront Origin servers and the edge
locations. A regional edge cache has a large cache than an individual edge location. Data is removed
from the cache at the edge location while the data is retained at the Regional Edge Caches. When the
user requests the data, then data is no longer available at the edge location. Therefore, the edge
location retrieves the cached data from the regional edge cache instead of the Origin servers that have
high latency. A Regional Edge Cache has a larger cache-width than each of the individual Edge Locations,
and because data expires from the cache at the Edge Locations, the data is retained at the Regional Edge
Caches.
Therefore, when data is requested at the Edge Location that is no longer available, the Edge Location
can retrieve the cached data from the Regional Edge Cache instead of the Origin servers, which would
have a higher latency.
Region and AWS Naming Convention: AWS has a specific naming convention for both Regions and
Availability Zones. Depending on where you are viewing and using the Region name, it can be
represented as two different names for the same Region.
Regions have both a ‘friendly’ name, indicating a location that can be viewed within the Management
Console and a Code Name that is used when referencing regions programmatically, for example when
using the AWS CLI.
Availability Zones are always referenced by their Code Name, which is defined by the AZs Region Code
Name that the AZ belongs to, followed by a letter. For example, the AZs within the eu-west-1 region (EU
Ireland), are: eu-west-1a, eu-west-1b, eu-west-1c. To coordinate Availability Zones across accounts, you
must use the AZ ID, which is a unique and consistent identifier for an Availability Zone.
GovCloud Regions: AWS GovCloud (US) is designed specifically for agencies at the federal, state, and
local levels, as well as organizations in government regulated industries, such as Defense, Law
Enforcement, Energy, Aerospace, Healthcare, Financials, and many more. AWS GovCloud (US) gives
government customers and their partners the flexibility to architect secure cloud solutions that comply
with
FedRAMP High Baseline
DOJ’s Criminal Justice Information System (CJIS) Security Policy
US International Traffic in Arms Regulations (ITAR)
Export Administration Regulations (EAR)
Department of Defense (DoD)
AWS GovCloud - US West and US East are only operated by employees who are US Citizens on US Soil.
They are only accessible to US Entities and root account holders who pass a screening process.
From Controlled Unclassified Information (CUI), Personally Identifiable Information (PII), sensitive
patient medical records, and financial data to law enforcement data, export-controlled data and other
forms of CUI, AWS GovCloud (US) Regions can help customers address compliance at every stage of their
cloud journey. AWS GovCloud is also generally more expensive than the commercial version.

Provision AWS Resources

AWS Management Console: It is a web application for managing Amazon Web Services. AWS
Management Console consists of list of various services to choose from. It also provides all information
related to our account like billing. This console provides an inbuilt user interface to perform AWS tasks
like working with Amazon S3 buckets, launching, and connecting to Amazon EC2 instances, setting
Amazon CloudWatch alarms, etc. Multiple identities can stay logged into the AWS Console mobile app at
the same time. The AWS Management Console gives you secure login using your AWS or IAM account
credentials. For added security, your login session automatically expires after 12 hours. The Console
supports the three latest versions of Google Chrome, Mozilla Firefox, Microsoft Edge, and Apple Safari
as well as Microsoft Internet Explorer 11. The AWS Console mobile app lets you easily view your existing
resources, including CloudWatch alarms, and perform operational tasks from your iOS or Android mobile
device.
AWS Command Line Interface: The AWS Command Line Interface (CLI) is a unified tool to manage your
AWS services. With just one tool to download and configure, you can control multiple AWS services
from the command line and automate them through scripts. To save time when making API requests,
you can use the AWS Command Line Interface (AWS CLI). AWS CLI enables you to control multiple
AWS services directly from the command line within one tool. AWS CLI is available for users on
Windows, macOS, and Linux. By using AWS CLI, you can automate the actions that your services and
applications perform through scripts. The AWS CLI accepts three output formats: JSON, tab-delimited
text and ASCII-formatted table.
AWS Elastic Beanstalk: It is a service that helps you provision Amazon EC2-based environments. Instead
of clicking around the console or writing multiple commands to build out your network, EC2 instances,
scaling and Elastic Load Balancers, you can instead provide your application code and desired
configurations to the AWS Elastic Beanstalk service, which then takes that information and builds out
your environment for you. AWS Elastic Beanstalk also makes it easy to save environment configurations,
so they can be deployed again easily. AWS Elastic Beanstalk gives you the convenience of not having to
provision and manage all of these pieces separately, while still giving you the visibility and control of the
underlying resources. It is an easy-to-use service for deploying and scaling web applications and services
developed with Java, .NET, PHP, Node.js, Python, Ruby, Go, and Docker on familiar servers such as
Apache, Nginx, Passenger, and IIS.
There is no additional charge for Elastic Beanstalk - you pay only for the AWS resources needed to store
and run your applications. You only provide code and configuration settings, and Elastic Beanstalk
deploys the resources necessary to perform the following tasks: Adjust capacity, Load balancing,
Automatic scaling, and Application health monitoring.
AWS Elastic Beanstalk is a PaaS offering from AWS, which helps developers deploy applications on the
AWS cloud.
AWS CloudFormation: It is an infrastructure as code tool that allows you to define a wide variety of AWS
resources in a declarative way using JSON or YAML text-based documents called CloudFormation
templates. A declarative format like this allows you to define what you want to build without specifying
the details of exactly how to build it. CloudFormation lets you define what you want and the
CloudFormation engine will worry about the details on calling APIs to get everything built out.
It determines the right operations to perform when managing your stack and rolls back changes
automatically if it detects errors. You can use a template to create, update, and delete an entire stack as
a single unit, as often as you need to, instead of managing resources individually.