Simplifying AWS Services for NOOBS.
Hello Guys, I am Samrat Gupta aka Sm4rty, a Security Researcher and a Bug Bounty Hunter. In this blog, I will explain AWS Services with the help of Real Life application design in AWS. So, let us begin with Understanding Amazon Web Services.
What is AWS (Amazon Web Services) ?
In simple terms, AWS is considered a cloud provider which means that AWS provides various cloud-based IT resources to its cloud consumers. AWS is an easy-to-use platform which is provided by Amazon. At present, AWS is one of the leading cloud service providers all around the world.
The Amazon Web Services Cloud presents a vast collection of solutions like Compute, Database, Storage, Content Delivery so on and so forth, on a pay-as-you-use basis. Each of these categories has multiple products under its hood for different functionalities.
So, the first thing before we build an application, we need is a private and isolated network for our Application. We have AWS VPC Service.
VPC (Virtual Private Cloud):
Amazon VPC is a service that lets you launch AWS resources in a logically isolated virtual network that you define. You have complete control over your virtual networking environment, including the selection of your IP address range, creation of subnets, and configuration of route tables and network gateways.
Now, Once we created Private Network the next thing we look for is Web Servers. i.e. App server and Web server to host our application. For this, we have AWS EC2 Instance.
EC2(Elastic Compute Cloud):
Amazon Elastic Compute Cloud is a web service that provides secure, resizable compute capacity in the cloud. It is designed to make web-scale cloud computing easier for developers. Amazon EC2’s simple web service interface allows you to obtain and configure capacity with minimal friction.
Now, We need to store the database of users and for storing this database we can use AWS RDS Service. Now we have 3 tier architecture.
RDS(Relational Database Service):
Amazon Relational Database Service(RDS) is a managed SQL database service provided by AWS. Amazon RDS supports an array of database engines to store and organize data and helps with database management tasks, such as Migration, backup, recovery, and patching.
Now with the application is running well and more and more users are into it we need some sort of load balancer (eg. nginx) to balance the load of the user to the server. For this, we have AWS ELB.
ELB (Elastic Load Balancer):
Elastic Load Balancing automatically distributes your incoming traffic across multiple targets, such as EC2 instances, containers, and IP addresses, in one or more Availability Zones. It monitors the health of its registered targets and routes traffic only to the healthy targets.
As for now, the application is running on its public IP address and we need some kind of DNS service to solve this problem. For this AWS has Route53.
Amazon Route 53 is a highly available and scalable cloud Domain Name System (DNS) web service. It is designed to give developers and businesses an extremely reliable and cost-effective way to route end users to Internet applications by translating names like www.example.com into numeric IP addresses like 192.0.2.1.
Now the applications are growing the users, friends, posts are growing and relational databases cannot serve this type of data. So, for this we need a scalable database, So we need to bring NoSql Database. For this AWS have DynamoDB Service.
Amazon DynamoDB is a fully managed NoSQL database service that provides fast and predictable performance with seamless scalability. DynamoDB lets you offload the administrative burdens of operating and scaling a distributed database so that you don’t have to worry about hardware provisioning, setup, and configuration, replication, software patching, or cluster scaling.
Now Some part of the database is stored in Relational Database and some part is stored in Non-Relational Database. But still, if there are Read-heavy operations on this database. We need to bring in a new component i.e. Database Cache Engine where we can query the frequently accessed data, For this AWS has ECS i.e. Elastic Cache Services.
Amazon ElastiCache allows you to seamlessly set up, run, and scale popular open-source compatible in-memory data stores in the cloud. Build data-intensive apps or boost the performance of your existing databases by retrieving data from high throughput and low latency in-memory data stores.
As the application is growing it will need to store millions of pictures, videos, etc. of the users. But our EC2 cannot do this, For this, we need to have external storage to store unlimited storage, We have AWS s3 service.
S3(Simple Storage Services):
Amazon S3 has a simple web services interface that you can use to store and retrieve any amount of data, at any time, from anywhere on the web. It gives any developer access to the same highly scalable, reliable, fast, and inexpensive data storage infrastructure that Amazon uses to run its global network of websites.
When the user uploads the media(photo/video), it may have malicious/inappropriate content. So, we need to filter this before we store them in s3. For this, we have AWS Rekognition.
Amazon Rekognition makes it easy to add image and video analysis to your applications using proven, highly scalable, deep learning technology that requires no machine learning expertise to use. With Amazon Rekognition, you can identify objects, people, text, scenes, and activities in images and videos, as well as detect any inappropriate content.
Now, our application needs to throw ads or give suggestions to users on what product they are interested in. This can be done by analyzing what kind of products /posts they are liking and based on that it gives them suggestions and the friend request will throw a lot of ads right so this is called clickstream analysis. For this AWS has Kinesis Service.
Amazon Kinesis makes it easy to collect, process, and analyze real-time, streaming data so you can get timely insights and react quickly to new information. Amazon Kinesis offers key capabilities to cost-effectively process streaming data at any scale, along with the flexibility to choose the tools that best suit the requirements of your application.
The Clickstream data needs to be stored in S3 and we need to sort the data to find some meaning out of that data and that’s where you need some kind of platform that can perform the computing on distributed systems. For this, we have AWS EMR.
EMR(Amazon Elastic Map):
Amazon Elastic Map Reduce is the industry-leading cloud big data platform for processing vast amounts of data using open source tools. Amazon EMR makes it easy to set up, operate, and scale your big data environments by automating time-consuming tasks like provisioning capacity and tuning clusters.
At the end of the year, we need a lot of data analytics to find out which kind of users are accessing our application, what are their age, which region they come from. So that they can concentrate more on those kinds of features what is trending. All this information is taken out by storing this information in some kind of data warehousing engine. For this purpose, we have AWS Redshift.
AWS Redshift is a cloud-based data warehouse and analytics service run by AWS that allows users to upload and process huge amounts of data. By creating a virtually unlimited data storage option, Amazon Redshift provides people and companies with a platform for analyzing data so they can gain new insights about their operations.
Now we need some business intelligence tool that can query this data, analyze this data, and then there are reports generated out of which then we can take decisions and we will focus on a particular area. For this, we have AWS Athena.
Amazon Athena is an interactive query service that makes it easy to analyze data directly in Amazon S3 using standard SQL. With a few clicks in the Amazon Web Services Management Console, customers can point Athena at their data stored in S3 and begin using standard SQL to run ad-hoc queries and get results in seconds.
Now, if some of the media get viral and when everyone tries to retrieve it from the server. It may create a load on the server. We need content delivery services to deliver data at high speed and low latency. For this, we have CloudFront Services.
Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds, all within a developer-friendly environment.
Now our Application needs some sort of notification like SMS or email notification to the users. We have AWS SNS and SES services.
SNS (Simple Notification Service):
Amazon SNS is a fully managed messaging service for both application-to-application and application-to-person communication. This functionality provides push-based, many-to-many messaging between distributed systems, micro services, and event-driven server-less applications.
SES (Simple Email Service):
Amazon SES is a cost-effective, flexible, and scalable email service that enables developers to send mail from within any application. You can configure Amazon SES quickly to support several email use cases, including transactional, marketing, or mass email communications.
Now we have our application fully deployed. So, we need some sort of monitoring service to keep an eye on the application’s smooth functioning. For this, We have AWS Cloudwatch Service.
Amazon CloudWatch is a monitoring service for Amazon Web Services cloud resources and the applications you run on Amazon Web Services. You can use Amazon CloudWatch to collect and track metrics, collect and monitor log files, set alarms, and automatically react to changes in your Amazon Web Services resources.
This is just few of the basic services of the AWS. AWS has 200+ services which is very difficult to fit in a blog. So if you are further interested in AWS, the best resource would be AWS Documentation and Hands-on Practice.