Home > Articles

  • Print
  • + Share This
This chapter is from the book

Amazon Web Services Model

This section describes some of the services offered by Amazon Web Services and some of the AWS naming conventions. AWS offers a very wide variety of services, and the purpose of this section is not to describe all of them. Rather, this section is useful to the network administrator for two reasons:

  • As a reference for a popular IaaS service
  • The potential need to extend a private cloud into the Amazon Virtual Private Cloud

The following list provides some key AWS terminology:

  • Availability Zone: A distinct location within a region that is insulated from failures in other Availability Zones, and provides inexpensive, low-latency network connectivity to other Availability Zones in the same region.
  • Region: A collection of Availability Zones, such as us-west, us-east-1a, eu-west, etc., in the same geographical region
  • Access credentials: A public key that is used to access AWS resources allocated to a given user
  • Amazon Machine Image (AMI): The image of a given virtual machine (which Amazon calls an instance)
  • Instance: A virtual machine that is running a given AMI image
  • Elastic IP address: A static address associated with an instance

Amazon Elastic Compute Cloud (EC2) services enable you to launch an AMI in a region of the user’s choice and in an Availability Zone of the user’s choice. Instances are protected by a firewall. The instance also gets an IP address and a DNS entry. The EC2 services can also be accompanied by the Elastic Load Balancing, which distributes traffic across EC2 compute instances. Auto Scaling helps with provisioning enough EC2 instances based on the utilization. Amazon CloudWatch provides information about CPU load, disk I/O rate, and network I/O rate of each EC2 instance.

Amazon Simple Storage Service (S3) is accessed via web services API based on SOAP or with the HTTP API that uses the standard HTTP verbs (GET, PUT, HEAD, and DELETE). The objects are identified by using the protocol name, the S3 endpoint (s3.amazonaws.com), the object key, and what is called the bucket name.

All resources can be created and manipulated by using Amazon SDKs available for various programming languages, such as the Python and PHP SDKs available at the following respective URLs:



With this approach, you can fully automate tasks such as the following:

  • Locating the server resources
  • Attaching storage
  • Providing Internet connectivity
  • Setting up switching and routing
  • Booting the server
  • Installing the OS
  • Configuring applications
  • Assigning IP addresses
  • Configuring firewalling
  • Scaling up the infrastructure

You can access the AWS-hosted Amazon Virtual Private Cloud (VPC) in multiple ways. One way is to set a jumphost to which you log in over SSH with the public key that AWS generates. Another approach is to connect the enterprise network to the Amazon VPC via VPNs.

  • + Share This
  • 🔖 Save To Your Account