AWS For Admins For Dummies E-Book

AWS® For Admins For Dummies®

Published by: John Wiley & Sons, Inc., 111 River Street, Hoboken, NJ 07030-5774, www.wiley.com

Copyright © 2017 by John Wiley & Sons, Inc., Hoboken, New Jersey

Media and software compilation copyright © 2017 by John Wiley & Sons, Inc. All rights reserved.

Published simultaneously in Canada

No part of this publication may be reproduced, stored in a retrieval system or transmitted in any form or by any means, electronic, mechanical, photocopying, recording, scanning or otherwise, except as permitted under Sections 107 or 108 of the 1976 United States Copyright Act, without the prior written permission of the Publisher. Requests to the Publisher for permission should be addressed to the Permissions Department, John Wiley & Sons, Inc., 111 River Street, Hoboken, NJ 07030, (201) 748-6011, fax (201) 748-6008, or online at http://www.wiley.com/go/permissions.

Trademarks: Wiley, For Dummies, the Dummies Man logo, Dummies.com, Making Everything Easier, and related trade dress are trademarks or registered trademarks of John Wiley & Sons, Inc. and may not be used without written permission. AWS is a registered trademark of Amazon Technologies, Inc. All other trademarks are the property of their respective owners. John Wiley & Sons, Inc. is not associated with any product or vendor mentioned in this book.

LIMIT OF LIABILITY/DISCLAIMER OF WARRANTY: THE PUBLISHER AND THE AUTHOR MAKE NO REPRESENTATIONS OR WARRANTIES WITH RESPECT TO THE ACCURACY OR COMPLETENESS OF THE CONTENTS OF THIS WORK AND SPECIFICALLY DISCLAIM ALL WARRANTIES, INCLUDING WITHOUT LIMITATION WARRANTIES OF FITNESS FOR A PARTICULAR PURPOSE. NO WARRANTY MAY BE CREATED OR EXTENDED BY SALES OR PROMOTIONAL MATERIALS. THE ADVICE AND STRATEGIES CONTAINED HEREIN MAY NOT BE SUITABLE FOR EVERY SITUATION. THIS WORK IS SOLD WITH THE UNDERSTANDING THAT THE PUBLISHER IS NOT ENGAGED IN RENDERING LEGAL, ACCOUNTING, OR OTHER PROFESSIONAL SERVICES. IF PROFESSIONAL ASSISTANCE IS REQUIRED, THE SERVICES OF A COMPETENT PROFESSIONAL PERSON SHOULD BE SOUGHT. NEITHER THE PUBLISHER NOR THE AUTHOR SHALL BE LIABLE FOR DAMAGES ARISING HEREFROM. THE FACT THAT AN ORGANIZATION OR WEBSITE IS REFERRED TO IN THIS WORK AS A CITATION AND/OR A POTENTIAL SOURCE OF FURTHER INFORMATION DOES NOT MEAN THAT THE AUTHOR OR THE PUBLISHER ENDORSES THE INFORMATION THE ORGANIZATION OR WEBSITE MAY PROVIDE OR RECOMMENDATIONS IT MAY MAKE. FURTHER, READERS SHOULD BE AWARE THAT INTERNET WEBSITES LISTED IN THIS WORK MAY HAVE CHANGED OR DISAPPEARED BETWEEN WHEN THIS WORK WAS WRITTEN AND WHEN IT IS READ.

For general information on our other products and services, please contact our Customer Care Department within the U.S. at 877-762-2974, outside the U.S. at 317-572-3993, or fax 317-572-4002. For technical support, please visit https://hub.wiley.com/community/support/dummies.

Wiley publishes in a variety of print and electronic formats and by print-on-demand. Some material included with standard print versions of this book may not be included in e-books or in print-on-demand. If this book refers to media such as a CD or DVD that is not included in the version you purchased, you may download this material at http://booksupport.wiley.com. For more information about Wiley products, visit www.wiley.com.

Library of Congress Control Number: 2016954413

ISBN 978-1-119-31248-2; ISBN 978-1-119-31250-5 (ebk); ISBN 978-1-119-31249-9 (ebk)

AWS® For Admins For Dummies®

To view this book's Cheat Sheet, simply go to www.dummies.com and search for “AWS For Admins For Dummies Cheat Sheet” in the Search box.

Table of Contents

Cover

Introduction

About This Book

Foolish Assumptions

Icons Used in This Book

Beyond the Book

Where to Go from Here

Part 1: Getting Started with AWS

Chapter 1: Starting Your AWS Adventure

Defining the AWS Cloud

Discovering IaaS

Determining Why You Should Use AWS

Understanding the AWS Certifications

Getting a Well-Rounded Education

Chapter 2: Obtaining Free Amazon Services

Discovering the Limits of Free Services

Considering the Hardware Requirements

Considering the Network Requirements

Getting Signed Up

Performing a Few Simple Tasks

Chapter 3: Determining Which Services to Use

Getting a Quick Overview of Free-Tier Services

Choosing the Services You Need

Considering AWS Security Issues

Part 2: Configuring a Virtual Server

Chapter 4: Creating a Virtual Server Using EC2

Getting to Know the Elastic Compute Cloud (EC2)

Working with the Identity and Access Management (IAM) Console

Working with Elastic Block Store (EBS) Volumes

Discovering Images and Instances

Chapter 5: Managing Web Apps Using Elastic Beanstalk

Considering Elastic Beanstalk (EB) Features

Deploying an EB Application

Updating an EB Application

Removing Unneeded Applications

Chapter 6: Responding to Events with Lambda

Considering the Lambda Features

Starting the Lambda Console

Creating a Basic Lambda Application

Part 3: Working with Storage

Chapter 7: Working with Cloud Storage Using S3

Considering the Simple Storage Service (S3) Features

Working with Objects

Performing Backups

Using S3 to Host a Static Website

Combining S3 with Lambda

Considering Amazon S3 Standard – Infrequent Access (Standard – IA)

Chapter 8: Managing Files Using the Elastic File System

Considering the Elastic File System (EFS) Features

Working with EFS

Working with the Elasticsearch Service

Chapter 9: Archiving Data Using Glacier

Considering the Glacier Features

Defining a Migration Strategy

Using AWS S3 to Manage Cold Storage

Using the AWS Import/Export Snowball Service to Manage Objects

Relying on Third-Party Gateways

Part 4: Performing Basic Database Management

Chapter 10: Getting Basic DBMS Using RDS

Considering the Relational Database Service (RDS) Features

Accessing the RDS Management Console

Creating a Database Server

Adding Database Support to an Application

Configuring Load Balancing and Scaling

Chapter 11: Moving Data Using Database Migration Service

Considering the Database Migration Service Features

Moving Data between Homogenous Databases

Moving Data between Heterogeneous Databases

Chapter 12: Gaining NoSQL Access Using DynamoDB

Considering the DynamoDB Features

Creating a Basic DynamoDB Setup

Developing a Basic Database

Performing Queries

Part 5: Creating a User-Friendly Cloud Environment

Chapter 13: Isolating Cloud Resources Using Virtual Private Cloud

Considering the Virtual Private Cloud (VPC) Features

Managing the Default VPC

Creating a New VPC

Chapter 14: Using the Infrastructure Software

Creating a Linux Environment with CentOS

Building Websites Using LAMP Stack

Supporting Web-Based Applications Using Couchbase

Chapter 15: Supporting Users with Business Software

Managing Content Using WordPress

Supporting E-commerce Using Magento

Relating to Customers Using SugarCRM

Part 6: The Part of Tens

Chapter 16: Ten Ways to Deploy AWS Quickly

Starting Slowly

Researching AWS Interactivity with Third-Party Products

Developing a Plan for Sensitive Data

Use Tools to Enhance Productivity

Choosing the Right Service

Ensuring That Your Plan Considers Loss of Control

Looking for All-in-One Solutions That Aren’t

Spending Free Time Where You Need It Most

Working with Templates

Discovering Implied Third-Party Use

Chapter 17: Ten Must-Have AWS Software Packages

Using the Console Internet Tools

Changing Configuration Using Command Line Editors

Checking System Performance

Working at the System Level

Making Cloud Management Easier with CloudMGR

Going Outside the Marketplace with Enstratius

Managing and Scaling Your Apps Using Heroku

Performing Browser-Based Management Using Hybridfox

Getting a Complete Management Package with RightScale

Employing Policy-Based Management with Scalr

About the Author

Advertisement Page

Connect with Dummies

End User License Agreement

Guide

Cover

Table of Contents

Begin Reading

Pages

iii

iv

vii

viii

ix

x

xi

xii

xiii

1

2

3

4

5

7

8

9

10

11

12

13

14

15

16

17

18

19

20

21

22

23

24

25

26

27

28

29

30

31

32

33

34

35

36

37

38

39

40

41

42

43

45

46

47

48

49

50

51

52

53

54

55

56

57

58

59

60

61

62

63

64

65

66

67

68

69

70

71

72

73

74

75

76

77

78

79

80

81

82

83

84

85

86

87

88

89

90

91

92

93

94

95

96

97

98

99

100

101

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

163

164

165

166

167

168

169

170

171

173

174

175

176

177

178

179

180

181

182

183

184

185

186

187

188

189

190

191

192

193

194

195

196

197

198

199

200

201

202

203

204

205

206

207

208

209

210

211

212

213

214

215

216

217

218

219

220

221

222

223

224

225

226

227

228

229

230

231

232

233

234

235

236

237

238

239

240

241

242

243

244

245

246

247

248

249

250

251

252

253

254

255

256

257

258

259

260

261

262

263

264

265

266

267

268

269

271

272

273

274

275

276

277

278

279

280

281

282

283

284

285

286

287

288

289

290

291

292

293

294

295

296

297

298

299

300

301

302

303

304

305

306

307

308

309

310

311

312

313

314

315

317

318

319

320

321

322

323

324

325

326

327

328

329

331

332

333

334

335

336

337

338

339

340

341

342

343

344

345

346

347

348

349

350

351

352

353

354

355

356

357

358

359

360

361

362

363

364

385

386

387

388

389

390

391

392

393

394

Introduction

Amazon Web Services (AWS) started out as a rather small undertaking that allowed a developer to create applications that queried all things Amazon. You could perform queries, obtain sales data, and even upload offerings for sale. However, the focus was on Amazon. That’s not the case today! Now you can manage an entire company using AWS. The offerings are varied, more than any one organization is likely to need, and the focus is no longer on Amazon, but on your company and your company’s needs.

Of course, you might wonder why Amazon deserves special attention given that there are many other cloud providers (such as Google, Microsoft, and IBM) available today. According to a recent ComputerWorld article (http://www.computerworld.com/article/3102904/cloud-computing/four-us-companies-rule-the-worlds-cloud-infrastructure.html), Amazon currently owns 31 percent of the cloud computing market, which means that your organization stands to benefit from Amazon’s huge installed base of customer-tested services. According to CIO magazine, AWS is so popular that companies like Gartner that track statistics for it have had to change their charting methods just to keep AWS on the charts when compared to the competition. AWS For Admins For Dummies helps you understand not only why you need these services to remain competitive but also how to use them to gain the maximum effectiveness and efficiency for your organization.

Following the progress of AWS over the years gives me a unique perspective of the services it offers today, which is why you need AWS For Admins For Dummies if your job is to administer your organization’s offerings and perform tasks like getting a cloud-based setup started. Just digging through the offerings and figuring out what you need is likely to prove daunting, which is why this book offers you clear-cut paths and helps you overcome the hype to do something useful in a short time.

About This Book

The purpose of AWS For Admins For Dummies is to help you figure out what you need and create a basic functional setup that enables you to become productive sooner than later. This book separates the programming aspects of AWS from the administrative aspects, so you don’t have to read reams of developer-specific information to find the one item you really need as an administrator. Of course, this book isn’t just for administrators, but for anyone who needs to get a basic AWS setup configured for any need. DevOps and developers can use this book as well, even though it does focus on administrative tasks.

AWS For Admins For Dummies is designed to make things simple. That’s why it focuses on using the AWS consoles to perform tasks whenever possible and resorts to the command-line interface only when necessary. By following the procedures in this book, you can set up and configure a computing environment quickly and easily.

This book also helps you separate hype from reality. The Amazon documentation would often have you believe that everything works perfectly in AWS, which clearly can’t happen. Every piece of software, even cloud software, has quirks and issues that you need to know about. Most important, this book helps you understand when moving to the cloud might be a bad idea because of a number of issues that even the media is less than thrilled to tell you about. Rather than be lured by the hype, you’ll be best served by knowing when a cloud environment actually does meet your needs, rather than set you up for problems at some point or, worse yet, prove useless.

To help you absorb the concepts, this book uses the following conventions:

Text that you’re meant to type just as it appears in the book is in

bold.

The exception is when you’re working through a step list: Because each step is bold, the text to type is not bold.

Words for you to type in that are also in

italics

are meant as placeholders; you need to replace them with something that works for you. For example, if you see “Type

Your Name

and press Enter,” you need to replace

Your Name

with your actual name.

I also use

italics

for terms I define. This means that you don’t have to rely on other sources to provide the definitions you need.

Web addresses and programming code appear in

monofont

. If you’re reading a digital version of this book on a device connected to the Internet, you can click the live link to visit a website, like this:

http://www.dummies.com

.

When you need to click command sequences, you see them separated by a special arrow, like this: File ⇒   New File, which tells you to click File and then click New File.

Foolish Assumptions

You might find it difficult to believe that I’ve assumed anything about you — after all, I haven’t even met you yet! Although most assumptions are indeed foolish, I made certain assumptions to provide a starting point for the book.

The first assumption is that you’re familiar with the platform you want to use, because the book doesn’t provide any guidance in this regard. This book doesn’t discuss any platform-specific issues. You really do need to know how to install applications, use applications, and generally work with your chosen platform before you begin working with this book.

You also need to be familiar with your browser and understand how to interact with browser-based applications. Sprinkled throughout are numerous references to online material that will enhance your learning experience. In addition, most of the tasks you perform with AWS require that you work in your browser.

This book is pretty much platform independent. However, none of the procedures are tested using small mobile devices, such as a smartphone (and some are almost guaranteed not to work on a small device). Differences in appearance will emerge when using a smaller device — that is, a control that appears as a button on a larger device could appear as a link or other control on a smaller device. You need access to the sort of setup that an administrator will use to create and configure online setups, which means a larger tablet, notebook, or, better yet, a full desktop system. The various individuals working on this book used desktop systems running the Windows, Linux, and Mac OS X platforms using a number of common browsers.

Icons Used in This Book

As you read this book, you encounter icons in the margins that indicate material of special interest (or not, as the case may be!). Here’s what the icons mean:

Tips are nice because they help you save time or perform some task without a lot of extra work. The tips in this book are time-saving techniques or pointers to resources that you should try so that you can get the maximum benefit when performing AWS-related tasks.

I don’t want to sound like an angry parent or some kind of maniac, but you should avoid doing anything that’s marked with a Warning icon. Otherwise, you might find that your configuration fails to work as expected, you get incorrect results from seemingly bulletproof processes, or (in the worst-case scenario) you lose data.

Whenever you see this icon, think advanced tip or technique. You might find these tidbits of useful information just too boring for words, or they could contain the solution you need to get an AWS service running. Skip these bits of information whenever you like.

If you don’t get anything else out of a particular chapter or section, remember the material marked by this icon. This text usually contains an essential process or a bit of information that you must know to work with AWS, or to perform cloud-based-setup tasks successfully.

Beyond the Book

This book isn’t the end of your AWS learning experience — it’s really just the beginning. I provide online content to make this book more flexible and better able to meet your needs. That way, as I receive email from you, I can address questions and tell you how updates to AWS or its associated add-ons affect book content. In fact, you gain access to these cool additions:

Cheat sheet:

You remember using crib notes in school to make a better mark on a test, don’t you? You do? Well, a cheat sheet is sort of like that. It provides you with some special notes about tasks that you can do with AWS that not every other person knows. You can find the cheat sheet for this book by going to

www.dummies.com

and searching

AWS For Admins For Dummies Cheat Sheet

. The cheat sheet contains really neat information such as figuring out which service you want to use.

Also, check out the blog posts with answers to reader questions and demonstrations of useful book-related techniques at

http://blog.johnmuellerbooks.com/

.

Where to Go from Here

It’s time to start your AWS adventure! If you’re completely new to AWS, you should start with Chapter 1 and progress through the book at a pace that allows you to absorb as much of the material as possible. Chapter 2 is especially important because it helps you understand what Amazon means by free-tier services. You should also read Chapter 3, even if you have experience with AWS, because it provides information about the services discussed in the book.

Readers who have some exposure to AWS can move directly to Chapter 4. You can always go back to earlier chapters as necessary when you have questions. However, you do need to understand how each technique works before moving to the next one. Every technique and procedure has important lessons for you, and you could miss vital content if you start skipping too much information.

Part 1

Getting Started with AWS

IN THIS PART …

Get started with Amazon Web Services (AWS).

Understand the AWS free tier.

Get an overview of the various AWS services.

Decide which of the AWS services your organization needs.

Chapter 1

Starting Your AWS Adventure

IN THIS CHAPTER

Considering the AWS cloud environment

Defining Infrastructure as a Service (IaaS)

Specifying a need for AWS

Getting an AWS-related certification

Rounding out your education

Amazon Web Services (AWS) started out as a tiny bit of software that enabled people to perform a limited number of tasks directly on Amazon, such as querying a product, placing a product request, or checking on an order status. The initial service didn’t do much, but people loved it, so it grew and then kept growing. Today, AWS is a huge web service, so big that it’s nearly impossible for anyone to explore it fully. It performs all sorts of tasks that don’t even relate to buying and selling products. In fact, the buying and selling of products is more of a sideline today as people use AWS more for computing services of all types (things like data storage and running applications). The purpose of this chapter is to help you understand what makes AWS special — namely, those services that administrators are most likely to get excited about. The chapter doesn’t cover many of the services because AWS is simply too large. For example, the chapter doesn’t cover much about services that are specifically designed to meet developer needs.

Part of making AWS small enough to understand is to define the AWS environment. For such an understanding, you need to know a little about Infrastructure as a Service (IaaS), Software as a Service (SaaS), and Platform as a Service (PaaS). You don’t delve too deeply into these topics in this chapter, but you do gain enough information to understand how the AWS environment meets specific administration needs.

After you gain an understanding of how AWS works, you need to consider how to actually use it to perform useful work. As organizations continue to downsize IT, administrators must become more efficient, and AWS has a lot to offer in that regard. In fact, even if you look only at the administrator-related services, you’re likely to find the number of services nearly overwhelming. This chapter helps you make sense of how you might use various services to meet specific needs in your organization.

Even though you can use AWS quite well without a certification, obtaining an AWS certification will help you get a better job with the organization of your dreams. This chapter gives you a basic overview of what certification can do for you and helps you determine whether you really need certification to meet your needs today. Of course, those needs will change over time, so knowing what certification has to offer is helpful, even if you don’t intend to get certified today.

Finally, you need to round out your AWS education to use AWS effectively. The last part of the chapter offers some ideas of the types of educational resources you might use. Of course, this book is your starting point, but to meet specific needs, you may need to do more.

Defining the AWS Cloud

Amazon Web Services (AWS) is actually a huge array of services that can affect consumers, Small to Medium-Sized Business (SMB), and enterprises. Using AWS, you can do everything from backing up your personal hard drive to creating a full-fledged IT department in the cloud. The installed base is immense. You can find case studies of companies like Adobe and Netflix that use AWS at https://aws.amazon.com/solutions/case-studies/. (The page also includes a link to create an account, a topic discussed in Chapter 2.) AWS use isn’t just for private companies either — even the government makes use of its services.

The technologies that make all these services possible are actually simple in conception. Think of a pair of tin cans with a string attached between them. Amazon holds one tin can and you hold the other. By talking into one tin can, you can hear what is said at the other end. The implementation, however, relies on details that make communication harder than you might initially think. The following sections give you an overview on how the AWS cloud works.

Understanding service-driven application architectures

Service-driven application architectures, sometimes known as Service-Oriented Architectures (SOA), come in many forms. No matter how you view them, service-driven application architectures are extensions of the client-server technologies used in the early days of computing, in that a client makes a request that a server fulfills by performing an action or sending a response. However, the implementation details have changed significantly over the years, making modern applications far more reliable, flexible, and less reliant on a specific network configuration. The request and response process can involve multiple levels of granularity, with the term microservice applied to the smallest request and response pairs. Developers often refer to an application that relies on a service-driven application architecture as a composite application because it exists as multiple pieces glued together to form a whole. Service-driven application architectures follow many specific patterns, but in general, they use the following sequence to perform communication tasks.

Create a request on the client using whatever message technology the server requires.

Package the request, adding security or other information as needed.

Send the request using a protocol, such as Simple Object Access Protocol (SOAP), or an architecture, such as REpresentational State Transfer (REST). (You can discover how SOAP works at

http://www.w3schools.com/xml/xml_soap.asp

and how REST works at

http://www.tutorialspoint.com/restful/

— a passing knowledge of both is helpful in working with AWS.)

Process the request on the server.

Perform an action or return data as required by the request.

When working with data, process the response on the client and present the results to the user (or other recipient).

AWS provides a service-driven application architecture in which you choose a specific service, such as S3, to perform specific tasks, such as to back up files on a hard drive. In many cases, you must perform setup steps in addition to simply interacting with the service. For example, if you look at the ten-minute tutorial at http://aws.amazon.com/getting-started/tutorials/backup-files-to-amazon-s3/, you find that you must first create a bucket to store the files you want to upload to Amazon. This additional step makes sense because you have to establish a location from which to retrieve the files later, and you don’t want your files mixed in with files from other people.

Even though many of the processes you perform with AWS require using an app (so that you have a user interface rather than code to work with), the underlying process is the same. The code provided in the app makes requests for you and then waits for a response. In some cases, the app must determine the success or failure of an action on the server. You need to realize, however, that these actions take place in code and that the code uses a sequence of steps to accomplish the task you’ve asked it to perform.

Understanding process- and function-driven workflows

In creating apps to help manage underlying services, AWS also defines workflows. A workflow is an organized method of accomplishing tasks. For example, when you want to save a file to AWS using S3, you must first create a bucket to hold the file. Only after you create a bucket can you save a file to AWS. In addition, you can’t retrieve a file from the bucket until you first save a file there, which makes sense because you can’t grab a file out of thin air. In short, a workflow defines a procedure for working with software, and the concept has been around for a long time. (The first workflows appeared in the mid-1970s with simple office automation prototypes at Xerox Parc and the University of Pennsylvania’s Wharton School of Business.)

Workflows can consist of additional workflows. In addition, workflows manage the interaction between users and underlying services. A process is the aggregation of services managed by workflows into a cohesive whole. The workflows may perform generic tasks, but processes tend to be specific and help users accomplish particular goals. A process-driven workflow is proactive and attempts to circumvent potential problems by

Spotting failure patterns and acting on them

Looking for trends that tend to lead to failures

Locating and extinguishing potential threats

In looking through the tutorials at http://aws.amazon.com/getting-started/tutorials/, you find that they all involve using some type of user interface. The user interface provides the workflow used to manage the underlying services. Each major tutorial step is a workflow that performs a specific task, such as creating a bucket. When you combine these individual workflows into an aggregate whole, the process can help a user perform tasks such as moving files between the cloud and the user’s system. Creating a cloud file system is an example of a process-driven workflow: The workflow exists to make the process viable. Workflows can become quite complex in large-scale operations, but viewing them helps you understand AWS better. You can find a more detailed discussion of workflows and processes at https://msdn.microsoft.com/library/bb833024.aspx.

A function is the reactive use of services managed by workflows to address specific problems in real time. Even though it would be nice if process-driven workflows worked all the time, the reality is that even with 99.999 percent reliability, the process will fail at some point, and a function-driven workflow must be in place to address that failure. Although process-driven workflows focus on flexible completion of tasks, function-driven workflows focus on procedurally attenuating the effect of a failure. In short, function-driven workflows address needs. The AWS services and workflows also deal with this issue through the user interface, such as by manually restoring a backup to mitigate a system failure.

Discovering IaaS

Even though this book frequently refers to virtual environments and services that you can’t physically see, these elements all exist as part of a real computer environment that Amazon hosts on your behalf. You need to understand how these elements work to some extent because they have a physical presence and impact on your personal or business needs. Three technologies enable anyone to create a virtual computer center using AWS:

IaaS:

A form of cloud computing that provides virtualized computing resources. You essentially use IaaS to replace physical resources, such as servers, with virtual resources hosted and managed by Amazon.

SaaS:

A software distribution service that lets you use applications without actually having the applications installed locally. Another term used to describe this service is

software on demand

. The host, Amazon, maintains the software, provides the required licenses, and does all the other work needed to make the software available.

PaaS:

A

platform

provides a complete solution for running software in an integrated manner on a particular piece of hardware. For example, Windows is a particular kind of platform. The virtual platform provided by PaaS allows a customer to develop, run, and manage applications of all sorts.

The following sections provide an extended discussion of these three technologies and help you understand how they interact with each other. The point of these sections is that each element performs a different task, yet you need all three to create a complete solution.

Defining IaaS

The simplest way to view IaaS is as a means of providing access to virtualized computer resources over an Internet connection. IaaS acts as one of three methods of sharing resources over the Internet, alongside SaaS and PaaS. AWS supports IaaS by providing access to virtualized hardware, software, servers, storage, and other infrastructure components. In short, you can use IaaS to replace every physical element in your computing setup except those required to establish and maintain Internet connectivity and those required to provide nonvirtualized services (such as printing). The advantages of IaaS are many, but here are the ones that most people consider essential:

The host handles tasks such as system maintenance, backup, and resiliency planning.

A client can gain immediate access to additional resources when needed and then doesn’t need to worry about getting rid of them when the need has ended.

Detailed administrative tasks are handled by the host, but the client can manage overall administrative tasks, such as deciding how much capacity to use for a particular task.

Users have access to desktop virtualization, which means that their desktop appears on whatever device they happen to use at a given moment.

The use of policy-based services ensures that users must still adhere to company requirements when using computer resources.

All required updates (software and hardware) occur automatically and without any interaction required by the client.

Keep in mind that there is no free lunch. AWS and other IaaS providers are interested in making a profit. They do so by investing in huge quantities of hardware, software, and management personnel to oversee it all. The benefits of scale help create profit, and many businesses simply can’t create setups they require for less money.

However, you must consider the definite disadvantages of IaaS as well:

Billing can become complex because some services are billed at different rates and within different time frames. In addition, billing can include resource usage. The client must ensure that the amount on the bill actually matches real-world usage; paying too much for services that the client didn’t actually use can easily happen.

Systems management monitoring becomes more difficult. The client loses control over the precise manner in which activities occur.

A lag often occurs between the time a change in service is needed and the host provides it, so the client can find that even though services are more flexible, they aren’t as responsive.

Host downtime can affect a large group of people and prove difficult to fix, which means that a particular client may experience downtime at the worst possible time without any means to resolve it.

Building and testing custom applications can become more difficult. Many experts recommend using in-house equipment for application development needs to ensure that the environment is both protected and responsive.

IaaS service contracts vary a great deal between vendors. Even though this book focuses on AWS, you need to consider other offerings, including Windows Azure, Google Compute Engine, Rackspace Open Cloud, and IBM SmartCloud Enterprise. In some cases, you might actually find it useful to obtain services from multiple hosts to obtain the best service for a particular need.

Comparing IaaS to SaaS

SaaS is all about cloud-based applications. Products like online email and office suites are examples of cloud-based applications. A client typically accesses the application using a local application, such as a browser. The browser runs on local hardware, but the application runs on the host hardware. What a client sees is the application running in the browser as if it is working locally. In most cases, the application runs within a browser without any alteration to the local system. However, some applications do require the addition of plug-ins.

The difference between IaaS and SaaS is the level of service. When working with IaaS, a client typically requires detailed support that spans entire solutions. A SaaS solution may include only the application. However, it can also include the following:

Application runtimes

Data access

Middleware

Operating system support

Virtualization

Server access

Data storage

Networking

SaaS typically keeps the host completely in control and doesn’t offer any sort of monitoring. Even though the host keeps the application updated and ensures data security, the client company administrators typically can’t access SaaS solutions in any meaningful way (SaaS offers application usage, but not necessarily application configuration, and is therefore not as flexible as other alternatives). In addition, the client company typically accepts the application as is, without any modifications or customizations. Using client-developed applications is out of the question in this scenario.

Comparing IaaS to PaaS

PaaS is more of a development solution than a production environment solution. A development team typically uses PaaS to create custom solutions or modify existing solutions. The development staff has full control over the application and can perform all development-related tasks, such as debugging and testing. As with the SaaS solution, the host normally maintains control over

Middleware

Operating system support

Virtualization

Server access

Data storage

Networking

In this case, however, the development staff can access the middleware to enhance application development without reinventing the wheel. Writing application code to make the application cloud-ready isn’t necessary because the middleware already contains these features. The development team gains access to cloud-based application features that include the following:

Scalability

High availability

Multitenancy

SaaS enablement

Administrators can also perform monitoring and management tasks within limits when working with a PaaS (depending on the contract the client has with the host). However, realize that PaaS is oriented toward development needs, so the developer takes precedence when it comes to performing some tasks that an administrator might normally perform. In addition, PaaS relates to development, not production setups, so the host may take care of all administration tasks locally.

Determining Why You Should Use AWS

Even though AWS has a lot to offer, you still need to consider how it answers your specific needs. This consideration goes beyond simply determining whether you really want to move to cloud-based services, but also taking into account other offerings that might serve your needs just as well (if not better). Even though this book is about AWS, you should compare AWS with other cloud services. You may choose to use AWS as part of your solution rather than as the only solution. Of course, this means knowing the areas in which AWS excels. The following sections address both of these possibilities: using other cloud services instead of AWS, or in addition to it.

Comparing AWS to other cloud services

You have many ways to compare cloud services. One of the ways in which companies commonly look at services is by the market share they have. A large market share tends to ensure that the cloud service will be around for a long time and that many people find its services both useful and functional. A recent InfoWorld article (http://www.infoworld.com/article/3065842/cloud-computing/beyond-aws-the-clouds-next-stage.html) points out that AWS currently corners 70 to 80 percent of the cloud market. In addition, AWS revenues keep increasing, which lets Amazon continue adding new features while maintaining existing features at peak efficiency.

Large market share and capital to invest don’t necessarily add up to a cloud service that fulfills your needs. You also need to know that the host can provide the products you need in a form that you can use. The AWS product list appears at http://aws.amazon.com/products/. It includes all the major IaaS, SaaS, and PaaS categories. However, you should compare these products to the major AWS competitors:

Cisco Metapod (

http://www.cisco.com/c/en/us/products/cloud-systems-management/metapod/index.html

)

Google Cloud Platform (

https://cloud.google.com/products/

)

Joyent (

https://www.joyent.com/

)

Microsoft Azure (

https://azure.microsoft.com/

)

Of the competitors listed here, Google Cloud Platform comes closest to offering the same feature set found in AWS. However, in looking at the Google offerings, you should note the prominence of machine learning services that aren’t found in AWS. On the other hand, AWS has more to offer in the way of the Internet of Things (IoT), applications, and mobile services.

Each of the vendors offering these services is different. For example, Joyent offers a simple setup that may appeal more strongly to an SMB that has only a few needs to address and no desire to become involved in a complex service. Microsoft, on the other hand, has strong SQL database-management support as well as the connection with the Windows platform that businesses may want to maintain. The point is that you must look at each of the vendors to determine who can best meet your needs (although, as previously stated, most people are voting with their dollars on AWS).

Defining target areas where AWS works best

In looking at the services that AWS provides, you can see that the emphasis is on enterprise productivity. For example, Google Cloud Platform offers four enhanced machine learning services that you could use for analysis purposes, but AWS offers only one. However, Google Cloud Platform can’t match AWS when it comes to mobile service, which is an area that users most definitely want included for accessing applications. Unless your business is heavily involved in analysis tasks, the offerings that AWS provides are significantly better in many ways. Here are the service categories that AWS offers:

Compute

Storage and content delivery

Database

Networking

Analytics

Enterprise applications

Mobile services

IoT

Developer tools

Management tools

Security and identity

Application services

Understanding the AWS Certifications

A certification doesn’t make you an expert. However, it does provide a quantified description of your minimum level of expertise — a textbook look of what you know, but not an assessment of real-world knowledge. In other words, you get a certification to prove that you have a given level of provable expertise and most employers will probably assume that you possess expertise in addition to what the certification tests.

The pursuit of a certification can also help you better understand areas in which your current education is weak. Going through the learning and testing process can help you become a better administrator. With the need to obtain the guidelines to achieve proficiency and later demonstrate proficiency in mind, the following sections discuss the various AWS certifications so that you can get a better idea of where to spend your time when getting one.

Getting a certification is generally useful only when you want to apply for a new job or advance in your current job. After all, you likely know your own skills well enough to determine your level of proficiency to some degree without a certification. Filling out your education and then demonstrating what you know to others for specific personal gains are the reason to get a certification. Some people miss the point and discover later that they’ve spent a lot of money and time getting something they really didn’t need in the first place.

Gaining an overview of the certifications

AWS currently provides a number of certifications, which you can see at https://aws.amazon.com/certification/. You can expect Amazon to add more as AWS continues to expand. The following list provides a quick overview of the levels of certifications:

AWS Certified Solutions Architect – Associate:

Tests the ability of a developer to perform basic AWS design and development tasks. Before you can even contemplate taking this exam, you need to know how to program and have experience designing applications on AWS. A number of sources also recommend this certification for administration because many of the administration tasks build on the knowledge you get here.

AWS Certified Solutions Architect – Professional:

Tests the ability of a developer to perform the next level of development tasks on AWS, such as migrating complex, multitier applications to AWS. The exam still focuses on development tasks but depends on the developer’s having already passed the AWS Certified Solutions Architect – Associate exam and mastering new skills. (The resources specify a minimum of two years of hands-on AWS programming.)

AWS Certified Developer – Associate:

Determines whether the developer can perform specific levels of application development using AWS. For example, you need to know which of the services to use to add specific features to an application. Rather than have you actually use AWS to host the application, this exam focuses more on using AWS in conjunction with existing applications.

AWS Certified SysOps Administrator – Associate:

Determines whether an administrator has the skills required to deploy and manage applications on an AWS setup. In addition, the administrator must show proficiency in operating various AWS services and in determining which service to use to meet a specific need.

AWS Certified DevOps Engineer – Professional:

Evaluates the ability of the test taker to perform

DevOps

(that is, create an interface between developers and other IT professionals). This means having some level of skill in both administration and development. In addition, the candidate must have knowledge of processes that enable smooth design, development, deployment, management, and operation of applications.

If you find that potential employers really do want you to obtain certifications to prove your skill level, you may find that obtaining just an AWS-specific certification may not be enough to get that six-figure income. Cloud administrators typically need to demonstrate proficiency with more than one service. Fortunately, you can often find online aids to help you decide which certifications are most popular at a given time. For example, the article at https://anturis.com/blog/7-valuable-certifications-for-cloud-administrators/ provides a listing of the most popular certifications at the current time, one of which is the AWS Certified SysOps Administrator.

Locating certification resources

You can find all sorts of interesting aids online for getting your certification. However, the best place to start is directly on the Amazon website. Unfortunately, the information you find isn’t the best organized at times. Start by ensuring that you meet the requirements in the Candidate Overview section. Until you meet those requirements, it isn’t particularly useful to move forward (unless you want to end up with a paper certification — one that doesn’t actually mean anything).

After you have fulfilled the minimum requirements, download the Exam Guide. The guide tells you that you need to be proficient in a number of areas in order to pass, which shouldn’t surprise you. AWS wants to ensure that you actually know the material. Fortunately, you can also find online sources to help you make sense of the Exam Guide. For example, there is an excellent video on the requirements for the AWS Certified SysOps Administrator – Associate exam at https://www.youtube.com/watch?v=JCkD8lpadj8. Watching the video and going through the Exam Guide can help you get a better idea of what you need to do.

At some point, you want to download the example questions. However, given that AWS provides only one set of example questions and that those precise questions are unlikely to appear on the exam, memorizing them won’t do you any good. What you need to do is study and when you feel you’re ready, try the example questions, which can help you determine your weak areas. Unfortunately, there are only a few example questions — not enough to give you a good feel for the exam.

Every certification also comes with a Take a Practice Exam option. Be sure to save this feature for last. Again, you don’t get many questions, the questions don’t change, and they’re not likely to appear on the exam in the precise form you see them. The purpose of the practice exam is to help you sense whether you’re ready.

Most people need information presented in more than one way and more than one time to remember it. By going through this book and participating in the various examples, you build skills and gain knowledge that you can couple with other sources to build your AWS knowledge. The essential thing is not to try to rush the process, because you’re almost guaranteed not to pass if you do.

As you go through the book, make sure to also look at the Getting Started and FAQs for each of the services covered. These two sources of information contain a great deal of information that Amazon is likely to use for exam questions. You don’t have to memorize the material, but being familiar with it gives you a definite advantage.

Everyone has different ways of learning material, and you may find that reading the exam materials simply doesn’t work for you. Hands-on training can help, but sometimes you need a little more than that. If you’re still confused, you may want to use Computer Based Training (CBT) courses, such as the ones found at https://www.cbtnuggets.com/it-training/amazon-web-services-training and https://linuxacademy.com/amazon-web-services/training/course/name/aws-certified-sysops-administrator-associate-level.

Getting a Well-Rounded Education

Obtaining a certification helps you prove your level of proficiency to someone else, which is one level of the education process. In many cases, you can skip this level unless you have specific needs that a certification can address. However, you must continue to build on your expertise. Simply learning the basics and then never cracking a book again will result in your eventual termination as an administrator because computer technology continues to change. In short, education is continuous when you’re an administrator. Getting a well-rounded education is essential, as is continuing to learn more whenever you can and in whatever way that you can. Even dibs and dabs of time spent learning can make a big difference.

The problem with computer technology is the vast amount of available information. Information overload is a serious problem because spending time learning the wrong information using an inappropriate approach costs you time without helping you to continue to develop your career at all. That’s the point of this section: to list the approaches that other people use to improve their chances of getting the right information in the most efficient manner possible, enabling you to keep up with the current state of computer technology. Here are some techniques you can use to remain current when working with AWS and other cloud technologies:

Get a free AWS account (see

Chapter 2

for details) and use it to practice new techniques that you don’t dare try on your production system.

Keep track of the free tier offerings and try anything new, even if you don’t have plans to use it in your business.

Read the trade press — let the people with the connections get the latest news for you.

Watch videos on sites such as YouTube (

https://www.youtube.com/

) that demonstrate techniques for working with AWS.

Ask questions on professional sites, such as Quora (

https://www.quora.com/

), to obtain additional insights into cloud strategies from other professionals.

Chapter 2

Obtaining Free Amazon Services

IN THIS CHAPTER

Considering the free service offerings

Ensuring that you have the right hardware

Ensuring that you have the right networking setup

Getting your free account

Using your free account for the first time

One of the purposes of this book is to help you discover a lot more about Amazon Web Services (AWS) through experimentation. Of course, Amazon would just love to have you buy these services, but a free option, which is the focus of this chapter, is also available. The issue is one of figuring out just what Amazon means by free. This chapter’s first section clears up the questions you might have about what free means, because some services are always free and others are free for a limited time. In addition, you must consider the limits of free. If you use some of these services too much, you end up paying for them. Therefore, you need to know the rules in order to get the services free.

The next two sections of the chapter consider hardware and network requirements. Note that Amazon likes you to have both Linux and Windows knowledge when you take your certification exams (see the “Understanding the AWS Certifications” section of Chapter 1), and such knowledge is helpful even if you don’t want to obtain a certification. This chapter doesn’t delve too deeply into platform specifics, but it does help you understand what you need to do to get a basic setup running.

Now that you have some idea of what you’re getting and what you need in order to get it, it’s time to get your free account. The rest of the book assumes that you have a free account to use. Going through the various procedures is the best way to build an understanding of AWS. Yes, some people can get a feeling for how things work just by reading, but doing things hands on really is better.

The chapter ends by having you perform a simple task using AWS, just to get a feel for how it works. Don’t worry: You really can’t mess up the account. If you do make an unfortunate choice, starting over is easy enough. Nothing will get damaged by the exercise in this chapter — it’s totally safe. Make sure you have some fun doing it! After all, cloud computing should be an easier and more efficient way to perform administrative tasks, and you’ll find that it truly is as the book progresses.

Discovering the Limits of Free Services

Amazon does provide the means for using many of its cloud services for free. In fact, you can see some of these services at http://aws.amazon.com/free/. However, as you look through the list of services, you see that the some expire, others don’t. In addition, some have limits and others don’t. Those that do have limits don’t have the same limits, so you need to watch usage carefully. It’s really quite confusing. The following sections help clarify what Amazon actually means by saying some services are free.

Expiring services versus nonexpiring services

Many of the AWS services you obtain through the free tier have expiration dates, and you need to consider this limitation when evaluating and possibly using the service to perform useful work. Figure 2-1 shows an example of a service with an expiration date. Notice that you must begin paying for the service 12 months after you begin using it.

In some cases, the product itself doesn’t have an expiration date, but the service on which it runs does. For example, when viewing the terms for using the free software, the software itself is indeed free. However, in order to run the software, you must have the required service, which does come with an expiration date (see Figure 2-2).

You also have access to some products that are both free and have no expiration date. These nonexpiring offers still have limitations, but you don’t have to worry about using those products within the limits for however long you want (or until Amazon changes the terms). Figure 2-3 shows examples of these kinds of services.

Knowing the terms under which you use a service is essential. The free period for services with an expiration date goes all too quickly, and you may suddenly find yourself paying for something that you thought remained free for a longer time frame. Given that Amazon can change the terms of usage at any time, you need to keep checking the terms of service for the services that you use. A service that lacks an expiration date today may have an expiration date tomorrow.