AWS First Week Notes

AWS -CLASS
By – Rohit Singh
ASW Class Notes – By Rohit Singh

• AWS Solution Architect – Associate:

• What is cloud ?
o It is a service which we are using over the internet.
o The cloud is made up of servers in data centres all over the world. Moving to the
cloud can save companies money and add convenience for users.
ASW Class Notes – By Rohit Singh
ASW Class Notes – By Rohit Singh

• What is AWS?
o Amazon Web Services (AWS) is the world’s most comprehensive and broadly
adopted cloud, offering over 200 fully featured services from data centres globally.
o Millions of customers—including the fastest-growing startups, largest enterprises,
and leading government agencies—are using AWS to lower costs, become more
agile, and innovate faster.
o
• AWS Account Type
o Root
o IAM
• AWS Core Services:
• Elastic Compute Cloud (EC2)
o EC2 spins up resizable server instances that can scale up and down quickly.
o An instance is a virtual server in the cloud. With Amazon EC2, you can set up and
configure the operating system and applications that run on your instance.
o Its configuration at launch is a live copy of the Amazon Machine Image (AMI) that
you specify when you launched the instance.
o EC2 has an extremely reduced time frame for provisioning and booting new
instances and EC2 ensures that you pay as you go, pay for what you use, pay less as
you use more, and pay even less when you reserve capacity.
ASW Class Notes – By Rohit Singh

o When your EC2 instance is running, you are charged on CPU, memory, storage, and
networking.
o When it is stopped, you are only charged for EBS storage.
• EC2 Key features :
o You can launch different types of instances from a single AMI.
o An instance type essentially determines the hardware of the host computer used for
your instance. Each instance type offers different compute and memory capabilities.
o You should select an instance type based on the amount of memory and computing
power that you need for the application or software that you plan to run on top of
the instance.
o You can launch multiple instances of an AMI, as shown in the following figure:

o You have the option of using dedicated tenancy with your instance. This means that
within an AWS data center, you have exclusive access to physical hardware. Naturally,
this option incurs a high cost, but it makes sense if you work with technology that
has a strict licensing policy.
o With EC2 VM Import, you can import existing VMs into AWS as long as those hosts
use VMware ESX, VMware Workstation, Microsoft Hyper-V, or Citrix Xen
virtualization formats.
o When you launch a new EC2 instance, EC2 attempts to place the instance in such a
way that all of your VMs are spread out across different hardware to limit failure to a
single location. You can use placement groups to influence the placement of a group
of interdependent instances that meet the needs of your workload. There is an
explanation about placement groups in a section below.
o When you launch an instance in Amazon EC2, you have the option of passing user
data to the instance when the instance starts. This user data can be used to run
common automated configuration tasks or scripts. For example, you can pass a bash
script that ensures htop is installed on the new EC2 host and is always active.
o By default, the public IP address of an EC2 Instance is released when the instance is
stopped even if its stopped temporarily. Therefore, it is best to refer to an instance
by its external DNS hostname. If you require a persistent public IP address that can
ASW Class Notes – By Rohit Singh

be associated to the same instance, use an Elastic IP address which is basically a

static IP address instead.
o If you have requirements to self-manage a SQL database, EC2 can be a solid
alternative to RDS. To ensure high availability, remember to have at least one other
EC2 Instance in a separate Availability zone so even if a DB instance goes down, the
other(s) will still be available.
o A golden image is simply an AMI that you have fully customized to your liking with all
necessary software/data/configuration details set and ready to go once. This
personal AMI can then be the source from which you launch new instances.
o Instance status checks check the health of the running EC2 server, systems status
check monitor the health of the underlying hypervisor. If you ever notice a systems
status issue, just stop the instance and start it again (no need to reboot) as the VM
will start up again on a new hypervisor.
• EC2 Instance Pricing:

o On-Demand instances are based on a fixed rate by the hour or

second. As the name implies, you can start an On-Demand instance
whenever you need one and can stop it when you no longer need it.
There is no requirement for a long-term commitment.
o Reserved instances ensure that you keep exclusive use of an instance
on 1 or 3 year contract terms. The long-term commitment provides
significantly reduced discounts at the hourly rate.
o Spot instances take advantage of Amazon’s excess capacity and work
in an interesting manner. In order to use them, you must financially bid
for access. Because Spot instances are only available when Amazon has
excess capacity, this option makes sense only if your app has flexible
start and end times. You won’t be charged if your instance stops due to
a price change (e.g., someone else just bid a higher price for the access)
and so consequently your workload doesn’t complete. However, if you
terminate the instance yourself you will be charged for any hour the
instance ran. Spot instances are normally used in batch processing jobs.

• Standard Reserved vs. Convertible Reserved vs. Scheduled Reserved:

o Standard Reserved Instances have inflexible reservations that are

discounted at 75% off of On-Demand instances. Standard Reserved
Instances cannot be moved between regions. You can choose if a
Reserved Instance applies to either a specific Availability Zone, or an
Entire Region, but you cannot change the region.
o Convertible Reserved Instances are instances that are discounted at
54% off of On-Demand instances, but you can also modify the instance
type at any point. For example, you suspect that after a few months
your VM might need to change from general purpose to memory
ASW Class Notes – By Rohit Singh

optimized, but you aren't sure just yet. So if you think that in the future
you might need to change your VM type or upgrade your VMs
capacity, choose Convertible Reserved Instances. There is no
downgrading instance type with this option though.
o Scheduled Reserved Instances are reserved according to a specified
timeline that you set. For example, you might use Scheduled Reserved
Instances if you run education software that only needs to be available
during school hours. This option allows you to better match your
needed capacity with a recurring schedule so that you can save money.
• EC2 Instance Lifecycle:

The following table highlights the many instance states that a VM can be in at
a given time.

Note: Reserved Instances that are terminated are billed until the end of their term.

• EC2 Security:
o When you deploy an Amazon EC2 instance, you are responsible for
management of the guest operating system (including updates and
security patches), any application software or utilities installed on the
instances, and the configuration of the AWS-provided firewall (called a
security group) on each instance.
o With EC2, termination protection of the instance is disabled by default.
This means that you do not have a safe-guard in place from
ASW Class Notes – By Rohit Singh

accidentally terminating your instance. You must turn this feature on if

you want that extra bit of protection.
o Amazon EC2 uses public–key cryptography to encrypt and decrypt
login information. Public–key cryptography uses a public key to encrypt
a piece of data, such as a password, and the recipient uses their private
key to decrypt the data. The public and private keys are known as a key
pair.
o You can encrypt your root device volume which is where you install the
underlying OS. You can do this during creation time of the instance or
with third-party tools like bit locker. Of course, additional or secondary
EBS volumes are also encryptable as well.
o By default, an EC2 instance with an attached AWS Elastic Block Store
(EBS) root volume will be deleted together when the instance is
terminated. However, any additional or secondary EBS volume that is
also attached to the same instance will be preserved. This is because
the root EBS volume is for OS installations and other low-level settings.
This rule can be modified, but it is usually easier to boot a new instance
with a fresh root device volume than make use of an old one.
• EC2 Placement Groups:
o Placement groups balance the tradeoff between risk tolerance and
network performance when it comes to your fleet of EC2 instances. The
more you care about risk, the more isolated you want your instances to
be from each other. The more you care about performance, the more
conjoined you want your instances to be with each other.
o There are three different types of EC2 placement groups:

▪ Clustered Placement Groups

• Clustered Placement Grouping is when you put all of your

EC2 instances in a single availability zone. This is
recommended for applications that need the lowest
latency possible and require the highest network
throughput.
• Only certain instances can be launched into this group
(compute optimized, GPU optimized, storage optimized,
and memory optimized).

▪ Spread Placement Groups

• Spread Placement Grouping is when you put each

individual EC2 instance on top of its own distinct
hardware so that failure is isolated.
ASW Class Notes – By Rohit Singh

• Your VMs live on separate racks, with separate network

inputs and separate power requirements. Spread
placement groups are recommended for applications that
have a small number of critical instances that should be
kept separate from each other.

▪ Partitioned Placement Groups

• Partitioned Placement Grouping is similar to Spread

placement grouping, but differs because you can have
multiple EC2 instances within a single partition. Failure
instead is isolated to a partition (say 3 or 4 instances
instead of 1), yet you enjoy the benefits of close proximity
for improved network performance.
• With this placement group, you have multiple instances
living together on the same hardware inside of different
availability zones across one or more regions.
• If you would like a balance of risk tolerance and network
performance, use Partitioned Placement Groups.
• Each placement group name within your AWS must be unique.
• You can move an existing instance into a placement group provided that it is
in a stopped state. You can move the instance via the CLI or an AWS SDK, but
not the console. You can also take a snapshot of the existing instance, convert
it into an AMI, and launch it into the placement group where you desire it to
be.