In the previous episode, we introduced Amazon Web Services, talked a little about history, concepts, notions and briefly about competition. We looked at three categories of services which are the basic building blocks of software systems, namely Compute, Storage and Network. Today we will continue the walk through the AWS jungle.
Categories and services are changing rapidly. When I started the previous article few weeks ago, there were 17 categories, now there is one more. Let’s see what’s in there.
Security, Identity and Compliance should be considered one of core aspects of any application environment, even if the application itself has no business notion of identified users.
- IAM or Identity and Access Management. Users, groups, roles, permissions, access keys – controlling who can do what in AWS ecosystem.
- Inspector is an automatic assessment of security of our assets according to best practices most common vulnerabilities.
- Certificate Manager deals with SSL/TSL certificates.
- Directory Service is an integration with Microsoft Active Directory.
- WAF or Web Application Firewall, together with Shield filters traffic and protects against DDoS attacks.
- KMS or Key Management Service is about creation and control over encryption keys.
- CloudHSM or Hardware Security Module is dedicated hardware component integrated into AWS physical infrastructure, used when client is in need of physical control of encryption keys to meet certain regulations and compliance.
- Organizations are about managing access policies to multiple resources.
Database category comes handy, as most applications have to store some organized data at some point, even if they rely on web services and data obtained from third parties. You can find more in Episode 70.
- RDS or Relational Database Service. Managed database service offering Amazon Aurora, PostgreSAL, MySQL, MariaDB, Oracle and Microsoft SQL Server systems.
- DynamDB is a NoSQL database, suitable for document storing.
- ElastiCache is an in-memory data grid offering Redis and Memcached engines. Appropriate when fast access to data is required.
- Redshift is a data warehouse solution. Contrary to RDS, it uses column-oriented database.
Migration category encompasses services that helps with transferring data and infrastructure from on premise to cloud hosting.
- Application Discovery Service gathers information about local infrastructure and software, configuration and dependencies to simplify migration planning process.
- DMS or Database Migration Service, is focused on transferring data between local and cloud databases. Supports conversions between different engines.
- Server Migration is focused on migrating entire server volumes.
- Snowball is basically a physical suitcase loaded with hard drives, delivered on premise by a courier. If we need to transfer Petabyte of data, and have slow Internet connection, it’s the way to go.
- Snowmobile is something we might need if the suitcase is not enough. Amazon can get to our data center with a damn truck, capable of storing 100 PB of data, connect with a fiber cable and drive the data to Amazon data center (the cloud, you know).
Developer Tools support various phases of software development process.
- CodeCommit is source control service for Git – if, for some reason, you don’t like GitHub or BitBucket.
- CodeBuild, CodeDeploy and CodePipeline are basically build system and continuous integration and delivery solutions. If for some other reasons, you don’t want to run an EC2 instance hosting Jenkins.
- X-Ray is an experimental tool that tracks requests between our application components and helps pin down performance problems and errors.
- Command Line Interface is a command line tool that can be used to connect to other AWS services via API.
Management Tools are plenty. Somehow, I have a feeling that there are two managers per single developer in here…
- CloudWatch is about monitoring, metrics, logging and alerts.
- CloudFormation is about managing collections of AWS resources using templates.
- CloudTrail is about compliance, auditing and risk assessment of AWS API calls.
- Config is about assessing and evaluating AWS resources configuration.
- OpsWorks is about configuration management using Chef.
- Service Catalog is a facade that helps catalog IT services based on AWS resources and feel more corporate and enterprise.
- Trusted Advisor is an optimization tool that helps fine tune the AWS infrastructure regarding cost, performance, security or fault tolerance.
- Personal Health Dashboard is a customized view of relevant services metrics, associated events and notifications.
- …and Managed Services. If you don’t have enough of management already, you can formalize some life cycle management in accordance with ITIL best practices in here.
Messaging category is about asynchronous sending small, standalone pieces of data.
- SQS or Simple Queue Service is a Message-oriented middleware, similar to anything that implements JMS specification.
- SNS or Simple Notification Service, allows to push notifications and send sms messages to mobile devices and other endpoints.
- SES or Simple Email Service is about sending and receiving emails.
Are we there yet?
Nope. We are nowhere near the end of the list. There are still Analytic, Artificial Intelligence, Application Services, Mobile Services, Business Productivity, Desktop & App Streaming, IoT and Connect categories. Initially, I was going to cover all that in one article, but finally I decided to split the list in two (in addition to the introduction from previous week where we started with Compute, Storage and Networking. We will continue next week, stay tuned.