Please enable JavaScript.
Coggle requires JavaScript to display documents.
Module3 Aws Global Infrastructure overview - Coggle Diagram
Module3 Aws Global Infrastructure overview
AWS Global Infrastructure
regions
An AWS Region is a physical geographical location with one or more Availability Zones
Resources in one Region are not automatically replicated to other Regions
It is your responsibility to replicate data across Regions
Some Regions have restricted access
The isolated AWS GovCloud (US) Region is designed to allow US government agencies and customers to move sensitive workloads into the cloud
selecting a region
data governance and legal requirements
store your data in a Region that is as close as possible to the user and systems that will access them
not all services are available in all Regions
there is some variation in the cost of running services, which can depend on which Region you choose
Availability Zones
consist of one or more data centers.
Each Availability Zone provides the ability to operate applications and databases that are more highly available, fault-tolerant, and scalable than would be possible with a single data center.
they can include hundreds of thousands of servers
They are fully isolated partitions of the AWS Global Infrastructure.
have their own power infrastructure, and they are physically separated by many kilometers from other Availability Zones
All Availability Zones are interconnected with high-bandwidth, low-latency networking over fully redundant, dedicated fiber
The network accomplishes synchronous replication between Availability Zones.
You are responsible for selecting the Availability Zones where your systems will reside. Systems can span multiple Availability Zones. AWS recommends replicating across Availability Zones for resiliency
AWS data centers
Customers do not specify a data center for the deployment of resources. Instead, an Availability Zone is the most granular level of specification that a customer can make
data center is the location where the actual data resides.
If you host all your instances in a single location that is affected by such a failure, none of your instances will be available.
Data centers have a redundant design that anticipates and tolerates failure while maintaining service levels
a datacenter typically has between 50 000 and 80 000 servers
To ensure availability, critical system components are backed up across multiple Availability Zones
Data center locations are not disclosed and all access to them is restricted.
In case of failure, automated processes move data traffic away from the affected area.
AWS uses custom network equipment sourced from multiple original device manufacturers (ODMs).
Points of presence
AWS provides 187 locations of points of presence
176 Edge locations
11 regional Edge caches
Regional edge caches are used by default with Amazon CloudFront. Regional edge caches are used when you have content that is not accessed frequently enough to remain in an edge location
Regional edge caches absorb this content and provide an alternative to that content having to be fetched from the origin server.
AWS Points of Presence are located in most of the major cities (69 cities in total) across 30 countries around the world
continuously measuring internet connectivity, performance and computing to find the best way to route requests, the Points of Presence deliver a better near real-time user experience
used by many services
Amazon CloudFront is a content delivery network (CDN) used to distribute content to end users to reduce latency
Amazon Route 53 is a Domain Name System (DNS) service. Requests going to either one of these services will be routed to the nearest edge location automatically in order to lower latency.
AWS Shield, and AWS Web Application Firewall (AWSWAF) services.
AWS service and service category
There are 23 different product or service categories, and each category consists of one or more services.
Compute, Cost Management, Database, Management and Governance, Networking and Content Delivery, Security, identity, and Compliance, and Storage.
AWS storage services
Amazon Simple Storage Service (Amazon S3)
Use it to store and protect any amount of data for websites, mobile apps, backup and restore, archive, enterprise applications, Internet of Things (IoT) devices, and big data analytics.
Amazon Elastic Block Store (Amazon EBS)
is designed for use with Amazon EC2 for both throughput and transaction intensive workloads. such as relational and non - relational databases, enterprise applications, containerized applications, big data analytics engines, file systems, and media workflows.
Amazon Elastic File System (Amazon EFS)
provides a scalable, fully managed elastic Network File System (NFS) file system for use with AWS Cloud services and on - premises resources. It is built to scale on demand to petabytes, growing and shrinking automatically as you add and remove files. It reduces the need to provision and manage capacity to accommodate growth.
Amazon Simple Storage Service Glacier
is a secure, durable, and extremely low- cost Amazon S3 cloud storage class for data archiving and long - term backup. It is designed to deliver 11 9s of durability, and to provide comprehensive security and compliance capabilities to meet stringent regulatory requirements.
compute services
Amazon Elastic Compute Cloud
(Amazon EC2) provides resizable compute capacity as virtual machines in the cloud.
Amazon EC2 Auto Scaling
enables you to automatically add or remove EC2 instances according to conditions that you define.
Amazon Elastic Container Service
(Amazon ECS) is a highly scalable, high-performance container orchestration service that supports Docker containers.
Amazon Elastic Container Registry
(Amazon ECR) is a fully-managed Docker container registry that makes it easy for developers to store, manage, and deploy Docker container images.
AWS Elastic Beanstalk
is a service for deploying and scaling web applications and services on familiar servers such as Apache and Microsoft Internet Information Services (IIS).
AWS Lambda
enables you to run code without provisioning or managing servers. You pay only for the compute time that you consume. There is no charge when your code is not running.
Amazon Elastic Kubernetes Service
(Amazon EKS) makes it easy to deploy, manage, and scale containerized applications that use Kubernetes on AWS.
AWS Fargate
is a compute engine for Amazon ECS
**
that allows you to run containers without having to manage servers or clusters.
networking and content delivery services
Amazon Virtual Private Cloud (Amazon VPC)
enables you to provision logically isolated sections of the AWS Cloud.
Elastic Load Balancing
automatically distributes incoming application traffic across multiple targets, such as Amazon EC2 instances, containers, IP addresses, and Lambda functions.
Amazon CloudFront
is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and application programming interfaces (APIs) to customers globally, with low latency and high transfer speeds.
AWS Transit Gateway
is a service that enables customers to connect their Amazon Virtual Private Clouds (VPCs) and their on-premises networks to a single gateway.
Amazon Route 53
is a scalable cloud Domain Name System (DNS) web service designed to give you a reliable way to route end users to internet applications. It translates names (like www.example.com) into the numeric IP addresses (like 192.0.2.1) that computers use to connect to each other.
AWS Direct Connect
provides a way to establish a dedicated private network connection from your data center or office to AWS, which can reduce network costs and increase bandwidth throughput.
AWS VPN
provides a secure private tunnel from your network or device to the AWS global network.
security, identity, and compliance services
AWS Identity and Access Management (IAM)
enables you to manage access to AWS services and resources securely. By using IAM, you can create and manage AWS users and groups. You can use IAM permissions to allow and deny user and group access to AWS resources.
AWS Organizations
allows you to restrict what services and actions are allowed in your accounts.
Amazon Cognito
lets you add user sign-up, sign-in, and access control to your web and mobile apps.
AWS Artifact
provides on-demand access to AWS security and compliance reports and select online agreements.
AWS Key Management Service (AWS KMS)
enables you to create and manage keys.You can use AWS KMS to control the use of encryption across a wide range of AWS services and in your applications.
AWS Shield is a managed Distributed Denial of Service (DDoS)
protection service that safeguards applications running on AWS.
cost management services
The AWS Cost
and Usage Report contains the most comprehensive set of AWS cost and usage data available, including additional metadata about AWS services, pricing, and reservations.
AWS Budgets
enables you to set custom budgets that alert you when your costs or usage exceed (or are forecasted to exceed) your budgeted amount.
AWS Cost Explorer
has an easy – to - use interface that enables you to visualize, understand, and manage your AWS costs and usage over time.
management and governance services
The AWS Management Console
provides a web-based user interface for accessing your AWS account.
AWS Config
provides a service that helps you track resource inventory and changes.
Amazon CloudWatch
allows you to monitor resources and applications.
AWS Auto Scaling
provides features that allow you to scale multiple resources to meet demand.
AWS Command Line Interface
provides a unified tool to manage AWS services.
AWS Trusted Advisor
helps you optimize performance and security.
AWS Well-Architected Tool
provides help in reviewing and improving your workloads.
AWS CloudTrail
tracks user activity and API usage
database services
Amazon Relational Database Service
(Amazon RDS)makes it easy to set up, operate, and scale a relational database in the cloud. It provides resizable capacity while automating time-consuming administration tasks such as hardware provisioning, database setup, patching, and backups.
Amazon Aurora
is a MySQL and PostgreSQL-compatible relational database. It is up to five times faster than standard MySQL databases and three times faster than standard PostgreSQL databases.
Amazon Redshift
enables you to run analytic queries against petabytes of data that is stored locally in Amazon Redshift, and directly against exabytes of data that are stored in Amazon S3. It delivers fast performance at any scale.
Amazon DynamoDB
is a
key-value and document database
that delivers single-digit millisecond performance at any scale, with built - in security, backup and restore, and in - memory caching.
AWS infrastructure features
it is elastic and scalable
resources can dynamically adjust to increases or decreases in capacity requirements. It can also rapidly adjust to accommodate growth.
this infrastructure is fault tolerant
it has built-in component redundancy which enables it to continue operations despite a failed component
high availability
it requires minimal to no human intervention, while providing high availability with minimal down time