We will examine how to access aws services. In addition we will examine the various aws services available, their function and how to set them up. This is part of a series of lessons on cloud computing, with a focus on AWS.
AWS Services Access
AWS services and features can be accessed and managed by a user using either of the below tools:
- Management Console
- Command Line Interface (CLI)
- Software Development Kits (SDKs)
AWS Management Console
This allows for access to features via a GUI (Graphical User Interface). They even have an app for Andorid or IOS.
One can set up users, monitor usage and set up services.
There are alot of helpful resources you can use to learn how to use Amazon Web Services to create solutions.
AWS Command Line Interface (CLI)
Ideal for users who prefer command line although the GUI is easier to navigate. Its best for automation and repetitive deployments.
AWS Software Development Kits (SDKs)
This enables access using a variety of programing languages. Therefore, one can use for access from/with existing applications.
One can customize AWS features/solutions to meet business needs.
AWS Core Services
EC2 – Amazon Elastic Cloud Compute
This is the server resource offered on cloud. This amazon elastic compute cloud servers can be used for application, web, databases, media, proxy etc servers.
- Pay as you go
- Broad selection of hardware and software
- Flexibility on where to host
Note: On Amazon Web Services we do not call them servers, we call them instances i.e. amazon ec2 instances.
Procedure for setup of an EC2 instance
NOTE: We are assuming that you already know how to create an AWS account and that the account is already setup. But, if it is not yet set up, you will need a debit card with at least $1 for the initial account setup at AWS. Thereafter, the account can have multiple users and and multiple setups.
- Login to the console
- Chose a region.
- Launch instance
- Select AMI (amazon machine image – contains OS and softwares) .
- Select instance type (hardware)
- Then, configure instance details including network and then storage.
- Remember to change/create a tag. By default the name given to an instance is hard to remember.
- Finally configure security group. This will be the rules both inbound and outbound.
- Do not forget to configure key pair (enables access once setup) and download the private key. Save the private key locally.
- You can finally launch your instance, yeeeeaaah!!
The instance will move from the pending state to the running state.
This also acts as a guide for linux instances on AWS. Later we will see how to use load balancers.
You can log in via putty or other ssh tool using the server’s public ip The default user is ec2-user. Remember. you will need to add your private key in your configs of the session.
Also note that windows need file as ppk file instead of perm. Use putygen to generate the ppk file form the perm file.
EBS – AWS Elastic Block Store
The EBS volumes can act as storage for the EC2 instances. You can chose between SSD and HDD depending on intended use (performance desired), and budget.
The advantage of this service is they once set up they are automatically replicated by AWS in multiple servers within same availability zone. This creates a high level of availability.
You can also create snapshots as backups and use them to recreate a volume from a snapshot. A snapshot can even be copied to another region.
Another great feature of the EBS is the ability to encrypt the volume. It’s important to note that this happens on the EC2 side, therefore securing communication between the EC2 and the EBS.
Note you can scale the volume up or down or even change the volume type (SSD to HDD and viseversa) without a need to stop the instances.
Procedure for setup of an EBS volume
We assume you are logged in.
- Once logged in, first click on services then go to EC2.
- After that, select instances, you will see a list of aws ec2 instances on the right that you have already created. If you had not created one, the tutorial is here.
- Select the instance you want to create a volume for.
- Confirm the availability zone the instance resides.
- Create the volume in the same AZ that the instance resides.
To do this, select volumes under ELASTIC BLOCK STORE
Then you select create volumes. Remember you MUST create it in the same availability zone as the instance you want to attach it to.
You can then attach the volume by clicking Actions then Attach Volume then specify the instance you want to attach it to as below.
You can then create a file system with the volume then mount the volume. The procedure for this is the standard procedure per your operating system and has been left out in this tutorial.
S3 – AWS Simple Storage Service
This is part of aws services portfolio and it is commonly referred to as amazon S3. This is a fully managed storage service that provides an API to store and retrieve data. It can be used for:
- Static web hosting
- Log archives
- Application assets
- Log term data storage for analysis or other use
The user does not have to manage the infrastructure. Also its not meant to be associated with any instance. One can store as many objects ans one would like and they can be of almost any size. S3 handles both the scaling of files stored and requests for the files.
The data is available publicly via http or https or privately over a virtual private cloud endpoint. You can control access to this server via different policies and access lists. By default no files are shared publicly.
You can also encrypt data in transit or service side encryption.
It is important to note that once you create a bucket in S3 it is associated with a particular region. Once data is stored, it is replicated across various sites in the same region. This increases durability.
- The bucket name must be DNS compliant and also globally unique so as to provide url based access.
- The object key should have characters that make it usable on urls too.
Procedure for setup of an S3
- First login to the AWS console
- Navigate to Services
- Then to S3 under Storage
- When you click on S3 a tab will open with the below appearing on the top left.
- Click on Create Bucket and fill in the relevant details
Once done, you can start saving objects into the bucket. If you look carefully there are other configurations you can do but you have the option of clicking create to just use all configs as default.
Remember when saving an object remember to specify a key. This is the string that will be used to retrieve the object later. The common practice is to make the key to resemble a file path.
VPC – AWS Virtual Private Cloud
This is an AWS concept that is the logical private network allocated as a pay-as-you-go on-demand service on the AWS cloud. It can be viewed as the networking layer of AWS. You create it within a region and one can have multiple VPC’s per account.
The AWS VPC is accessible via web via the console. Once setup, it gives access to other services on AWS via the IP protocol. It gives one control of what can be accessed, basically, enabling you to isolate or expose resources.
AWS have tried to simplify the setup of the VPC, whereby one does not have to think of the underlying components . This is one great advantage of cloud computing.
The features of this service include:
- Route tables
By default all subnets can communicate with each other but you can define route tables especially for access to the internet.
- Internet gateway (IGW)
Once you attach the IGW to the VPC and update the route table of the public subnet to send non-local traffic to the IGW. This makes a subnet public. It is important to note that the VPC will require a public IP to route the traffic to an internet gateway.
- Network ACLs
You can control access to subnets using access control lists.
You can use multiple subnets. Public subnets iwll have direct access to the internet while private will not.
Procedure for setup of a VPC
- First login to the AWS console and chose a region.
- Then to VPC. If you do not see it on your dashboard, you can search for it on the search bar of the console
NOTE: If there are existing VPCs you will see the summary of how many they are in the region you are as seen in the diagram below.
- Select Launch VPC Wizard to create a new VPC.
You will then have 4 options for the VPC depending on your needs
AWS Security Groups
This plays a critical role in AWS in terms of security. They act as firewalls. You can control how traffic is allowed or denied to an EC2 instance. By default all inbound traffic is blocked and all outbound traffic is allowed.
Procedure for setup of an EBS volume
- First login to the AWS console
- Navigate to Services
- Then to EC2
- Under NETWORK & SECURITY go to Security Groups
- Chose Create Security Group to create a security group.
Feel free to revisit our introduction to cloud computing here. For more aws concepts click here to discuss concepts like application load balancers, AWS Lamda, AWS beanstalk.
user guide for linux. aws services aws services how to set up an s3 on aws. how to create an ec2 instance on aws. how to set up an s3 on aws. how to create an ec2 instance on aws. aws concepts. best IT blog. Leading IT online resource