Swimming with Elvis: Part 12
Cloud Services via Amazon Web Services (AWS)
Amazon Web Services (AWS) is a comprehensive, evolving cloud computing platform provided by Amazon. It provides a mix of infrastructure as a service (IaaS), platform as a service (PaaS), and packaged software as a service (SaaS) offerings. AWS services can offer an organization tools such as compute power, database storage, and content delivery services. Over the years, I've tended to use it as my primary go-to for cloud computing services, over Google's Google Cloud Platform (GCP) or Microsoft's Azure.
IAM (Identity and Access Management) is a web service that helps you securely control access to AWS resources. It controls who can sign in to your AWS infrastructure and who is authorized to use the resources (EC2, S3 buckets, and so on). It can be a real pain in the butt, but it provides essential functionality to keep resources and applications secure.
S3 (Simple Storage Service) is an object storage service that offers industry-leading scalability, data availability, security, and performance. This means customers of all sizes and industries can use it to store and protect any amount of data for a range of use cases.
CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds, all within a developer-friendly environment.
EC2 (Elastic Compute Cloud) is a web service that provides resizable compute capacity in the cloud. It is designed to make web-scale cloud computing easier by providing a simple interface that allows you to obtain and configure capacity with minimal friction. EC2 instances are created from "blueprints" called AMIs. I started creating my own custom AMIs in 2009, so that all required code, packages and OS-level customizations were ready to go as soon as the instance was up and running. These days that's typically done with containers (e.g. Docker).
ECR (Elastic Container Registry) is a fully-managed Docker container registry that makes it easy for developers to store, manage, and deploy Docker container images.
ECS (Elastic Container Service) is a highly scalable, high-performance container orchestration service that supports Docker containers and allows you to easily run and scale containerized applications on AWS. Getting it working requires jumping through some challenging IAM hoops, but once it's working, it's a fast way to run applications and services.
Fargate is a serverless compute engine for containers that works with both Amazon Elastic Container Service (ECS) and Amazon Elastic Kubernetes Service (EKS). Fargate makes it easy for you to focus on building your applications; I've done very little with it directly, in the lake_washington_and_sammamish_temps project.
Route 53 is a scalable and highly available Domain Name System (DNS) web service. It is designed to give developers and businesses an extremely reliable and cost-effective way to route end users to Internet applications. I've used it since 2009 for all of my DNS configuration needs.
CloudWatch is a monitoring and observability service built for DevOps engineers, developers, site reliability engineers (SREs), and IT managers. CloudWatch provides you with data and actionable insights to monitor your applications, respond to system-wide performance changes, optimize resource utilization, and get a unified view of operational health. I find it to be kind of clunky.
EventBridge is a serverless event bus that makes it easy to connect applications together using data from your own applications, integrated Software-as-a-Service (SaaS) applications, and AWS services.
Certificate Manager is a service that lets you easily provision, manage, and deploy public and private Secure Sockets Layer/Transport Layer Security (SSL/TLS) certificates for use with AWS services and your internal connected resources. It's a pretty incredible, far cry from how certificate management had to be done years ago. Once your certificate is created by AWS, all of the renewals are handled for you automatically, making those browser warnings about expired certs a thing of the not-so-distant past.
Secrets Manager protects access to your applications, services, and IT resources. This service enables you to easily rotate, manage, and retrieve database credentials, API keys, and other secrets throughout their lifecycle. Authentication credential rotation can be a real pain, and AWS has made it very easy to make sure it's done on a regular schedule.
All for the wonderful low price of: reasonably inexpensive, for the lake_washington_and_sammamish_temps project. LMGBTY WRT monthly costs.
Next: Containerization
touch fam && echo "yo!" > fam && mkdir -p hawaii && mv fam hawaii/