Whati
scl
oudcomput
i
ng
Cl
oudcomput
i
ng,of
t
enr
ef
er
r
edt
oassi
mpl
yt
hecl
oud,i
sondemand
del
i
v
er
yofI
Tr
esour
cesandappl
i
cat
i
onsv
i
at
heI
nt
er
netwi
t
hpay
asy
ou
gopr
i
ci
ng.
Wi
t
hcl
oudcomput
i
ng,
wedon’
tneedt
omakel
ar
geupf
r
onti
nv
est
ment
s
i
nhar
dwar
eandspendal
otoft
i
memanagi
ngt
hathar
dwar
e.I
nst
ead,
wecanpr
ov
i
si
onexact
l
yt
her
i
ghtt
y
peandsi
zeofcomput
i
ngr
esour
ces
weneed.
Wi
t
hcl
oudcomput
i
ng,wecanaccessasmanyr
esour
cesasweneed,
al
mosti
nst
ant
l
y
,
andonl
ypayf
orwhatweuse.
Cl
oud comput
i
ng pr
ov
i
desan easywayt
o accessser
v
er
s,st
or
age,
dat
abases,
andabr
oadsetofappl
i
cat
i
onser
v
i
cesov
ert
heI
nt
er
net
.
Cl
oudcomput
i
ngpr
ov
i
der
ssuchasAWSownandmai
nt
ai
nt
henet
wor
kconnect
edhar
dwar
er
equi
r
edf
ort
heseappl
i
cat
i
onser
v
i
ces,whi
l
ewe
pr
ov
i
si
onandusewhatweneedf
orourwor
kl
oads.
Adv
ant
agesofCl
oudComput
i
ng
Lowcost
Usabi
l
i
t
y
Bandwi
dt
h
Accessi
bi
l
i
t
y
Di
sast
erRecov
er
y
Secur
e
3way
sofcl
oudcomput
e
3bui
l
di
ngbl
ockofcl
oudcomput
i
ngar
e
Saas
Paas
I
aas
Saas(
Sof
t
war
easaser
v
i
ce)
Sof
t
war
easaser
v
i
cei
st
heeasi
estwayt
ocl
oudcomput
e.
Thesof
t
war
e’
sar
eaccessedov
ert
hei
nt
er
net
.
Eg.Googl
edoc,
spr
eadsheetet
c.
Adv
ant
ageofsaasi
s
al
l
appl
i
cat
i
oni
sf
r
eeandpai
dv
i
asubscr
i
pt
i
on.
Accessi
bl
ef
r
om anycomput
er
.
Paas(
Pl
at
f
or
m asaser
v
i
ce)
Pr
ov
i
des env
i
r
onment and t
ool f
or cr
eat
i
ng new onl
i
ne
appl
i
cat
i
ons
Eg.Googl
eappengi
ne,
sal
esf
or
ce(
f
or
ce.
com)
Adv
ant
ages
Faci
l
i
t
at
i
onofhost
i
ngcapabi
l
i
t
i
es.
Desi
gni
nganddev
el
opi
ngt
heappl
i
cat
i
on.
Pr
i
v
at
eorpubl
i
cdepl
oy
ment
.
Di
sadv
ant
age
Appl
i
cat
i
onbui
l
dononev
endorcannotbemov
edt
oanot
her
.
I
aas(
I
nf
r
ast
r
uct
ur
easaSer
v
i
ce)
Al
l
owexi
st
i
ngappl
i
cat
i
ont
or
unonacl
oudsuppl
i
er
’
shar
dwar
e.
I
aascomesi
n4cat
egor
i
es
1.Pr
i
v
at
ecl
oud
2.Dedi
cat
edhost
3.Hy
br
i
dhost
i
ng
4.Cl
oudhost
i
ng
Awswor
ksoni
aas.
Adv
ant
ages
Theappl
i
cat
i
oni
shost
edcent
r
al
l
y
Sof
t
war
et
est
i
ngt
akespl
aceataf
ast
err
at
e
Reduct
i
oni
nI
Toper
at
i
onal
cost
.
Cl
oudt
y
pes
Publ
i
ccl
oud
Pr
i
v
at
ecl
oud
Hy
br
i
dcl
oud
Communi
t
ycl
oud
Publ
i
ccl
oud
Ser
v
i
ce pr
ov
i
der
s use t
he i
nt
er
nett
o make r
esour
ces,such as
appl
i
cat
i
ons,
st
or
age
Exampl
esofpubl
i
ccl
oudsi
ncl
udeAmazonwebser
v
i
ce,I
BM’
sBl
ue
Cl
oud,Sun Cl
oud,Googl
e comput
e engi
ne and Wi
ndows Azur
e
Ser
v
i
cesPl
at
f
or
m.
Foruser
s,t
heset
y
pesofcl
oudswi
l
lpr
ov
i
det
hebesteconomi
esof
scal
e,ar
ei
nexpensi
v
et
oset
upbecausehar
dwar
e,appl
i
cat
i
onand
bandwi
dt
hcost
sar
ecov
er
edbyt
hepr
ov
i
der
.I
t
’
sapay
per
usage
modelandt
heonl
ycost
si
ncur
r
edar
ebasedont
hecapaci
t
yt
hati
s
used.
Di
sadv
ant
age
t
hepubl
i
ccl
oudmaynotbet
her
i
ghtf
i
tf
orev
er
yor
gani
zat
i
on.The
modelcanl
i
mi
tconf
i
gur
at
i
on,secur
i
t
y
,andSLAspeci
f
i
ci
t
y
,maki
ngi
t
l
esst
hani
dealf
orser
v
i
cesusi
ngsensi
t
i
v
edat
at
hati
ssubj
ectt
o
compl
i
ancyr
egul
at
i
ons
Pr
i
v
at
ecl
oud
Pr
i
v
at
e cl
oudsar
e dat
a cent
erar
chi
t
ect
ur
es owned by a si
ngl
e
companyt
hatpr
ov
i
desf
l
exi
bi
l
i
t
y
,
scal
abi
l
i
t
y
,
pr
ov
i
si
oni
ng,
aut
omat
i
on
andmoni
t
or
i
ng.
Thegoalofapr
i
v
at
ecl
oudi
snotsel
l“
asaser
v
i
ce”of
f
er
i
ngst
o
ex
t
er
nalcust
omer
s buti
nst
ead t
o gai
nt
he benef
i
t
s ofcl
oud
ar
chi
t
ect
ur
ewi
t
houtgi
v
i
ngupt
hecont
r
olofmai
nt
ai
ni
ngy
ourown
dat
acent
er
.
Pr
i
v
at
ecl
oudscan beexpensi
v
e,so mostt
y
pi
cal
l
yusebyl
ar
ge
ent
er
pr
i
ses.Pr
i
v
at
ecl
oudsar
edr
i
v
enbyconcer
nsar
oundsecur
i
t
y
andcompl
i
ance,
andkeepi
ngasset
swi
t
hi
nt
hef
i
r
ewal
l
.
Hy
br
i
dcl
oud
Byusi
ngaHy
br
i
dappr
oach,compani
escanmai
nt
ai
ncont
r
olofan
i
nt
er
nal
l
ymanagedpr
i
v
at
ecl
oudwhi
l
er
el
y
i
ngont
hepubl
i
ccl
oudas
needed.Fori
nst
ance,dur
i
ngpeakper
i
odsi
ndi
v
i
dualappl
i
cat
i
ons,or
por
t
i
onsofappl
i
cat
i
onscanbemi
gr
at
edt
ot
hePubl
i
cCl
oud.
Thi
swi
l
lal
so bebenef
i
ci
aldur
i
ng pr
edi
ct
abl
eout
ages:hur
r
i
cane
war
ni
ngs,
schedul
edmai
nt
enancewi
ndows,
r
ol
l
i
ngbr
own/
bl
ackout
s.
Communi
t
ycl
oud
Acommuni
t
ycl
oudi
sa mul
t
i
t
enanti
nf
r
ast
r
uct
ur
et
hati
sshar
ed
amongsev
er
alor
gani
zat
i
onsf
r
om aspeci
f
i
cgr
oupwi
t
hcommon
comput
i
ngconcer
ns.
WhyAWS
Thef
r
eet
i
er
.
Ont
hegopr
i
ci
ng.
Per
f
or
mance.
Depl
oy
mentspeed.
Secur
i
t
y
.
Fl
exi
bi
l
i
t
y
.
AWSHI
STORY
Amazoni
si
ni
t
i
al
l
yonl
i
ner
et
ai
l
sel
l
er
.
awsi
sl
aunchedi
n2006.
Amazon conv
er
t
s t
he unused st
or
age i
nf
r
ast
r
uct
ur
e as
busi
ness“
Si
mpl
eSt
or
agewebser
v
i
ce”S3.
Byt
heendof2006,
El
ast
i
cComput
eCl
oud(
EC2)wasl
aunched.
TodayAWSpr
ov
i
di
ng70+webser
v
i
cesacr
oss190count
r
i
es.
Amazon Web Ser
v
i
ces (
AWS)i
s a secur
e cl
oud ser
v
i
ces
pl
at
f
or
m,of
f
er
i
ngcomput
epower
,dat
abasest
or
age,cont
ent
del
i
v
er
yandot
herf
unct
i
onal
i
t
yt
ohel
pbusi
nessesscal
eand
gr
ow.
AWSi
sl
ocat
edi
n16geogr
aphi
cal
"
r
egi
ons"
:
Nor
t
hAmer
i
ca(
6r
egi
ons)
USEast(
Nor
t
her
nVi
r
gi
ni
a)
,wher
et
hemaj
or
i
t
yofAWSser
v
er
sar
e
based
USEast(
Ohi
o)
USWest(
Or
egon)
USWest(
Nor
t
her
nCal
i
f
or
ni
a)
AWS Gov
Cl
oud (
US)
,based i
nt
heNor
t
hwest
er
n Uni
t
ed St
at
es,
pr
ov
i
dedf
orU.
S.gov
er
nmentcust
omer
s,compl
ement
i
ngexi
st
i
ng
gov
er
nmentagenci
esal
r
eadyusi
ngt
heUSEastRegi
on
Canada(
Cent
r
al
)
Sout
hAmer
i
ca(
1r
egi
on)
Br
azi
l
(
SãoPaul
o)
Eur
ope/Mi
ddl
eEast/Af
r
i
ca(
3r
egi
ons)
EU(
I
r
el
and)
EU(
Fr
ankf
ur
t
)
,
Ger
many
EU(
London)
,
Uni
t
edKi
ngdom
Asi
aPaci
f
i
c(
6r
egi
ons)
Asi
aPaci
f
i
c(
Toky
o)
,
Japan
Asi
aPaci
f
i
c(
Seoul
)
,
Sout
hKor
ea
Asi
aPaci
f
i
c(
Si
ngapor
e)
Asi
aPaci
f
i
c(
Mumbai
)
,
I
ndi
a
Asi
aPaci
f
i
c(
Sy
dney
)
,
Aust
r
al
i
a
Chi
na(
Bei
j
i
ng)
Regi
oni
sadi
st
i
nctgeogr
aphi
cl
ocat
i
onwher
eamazonhasi
t
s
i
nf
r
ast
r
uct
ur
e
Al
lt
her
egi
onsar
edesi
gnedt
obei
ndependentofeachot
her
wi
t
h separ
at
e power sour
ces, i
nt
er
net connect
i
v
i
t
y and
geogr
aphi
cl
ocat
i
on
Anav
ai
l
abi
l
i
t
yzonei
sasepar
at
edat
acent
erwi
t
hi
nar
egi
on.
Amazonhasi
nt
ent
i
onal
l
ykeptr
egi
oni
ndependentofeachot
her
i
fonegoesdowni
tdoesnothav
eef
f
ectonot
her
.
Fore.
g.amazonhav
e2AZi
nMumbai
apsout
h1a,
apsout
h1b.
Edgel
ocat
i
onar
ecdnendpoi
nt
s.edgel
ocat
i
onsar
eusedby
cl
oudf
r
ontt
ocachef
i
l
esneart
heuserwhoaccesst
hem.For
e.
g.i
fauserwant
st
owat
chmov
i
ei
t
’
sbet
t
ert
ocachet
he
mov
i
et
ol
ocat
i
onneart
heuserf
orl
at
ency
Amazoncl
oudf
r
ontandamazonr
out
e53ar
eof
f
er
edatedge
l
ocat
i
on
Usercansel
ectt
her
egi
ondependi
nguponf
ol
l
owi
ngcr
i
t
er
i
a
1.Userpr
oxi
mi
t
y–chooset
hebasecl
osert
ot
heuser
2.Cost–costmayv
ar
i
esbasedonr
egi
on
3.Compl
i
ance–l
awsofl
andssuchasdat
apr
ot
ect
i
onl
aws
wi
l
l
i
nf
l
uencey
ourchoi
ceofr
egi
ons.
4.Ser
v
i
ceav
ai
l
abi
l
i
t
y– notal
lser
v
i
cesar
eav
ai
l
abl
ei
na
r
egi
on
Under
st
andi
ngAWSConsol
e
Awsconsol
epr
ov
i
desconv
eni
entaccessAWSser
v
i
cessuchas
comput
e,st
or
ageandot
hercl
oudr
esour
ces.Al
mostal
lwebser
v
i
cesar
e
accessedatconsol
e.
aws.
amazon.
com
AWSSERVI
CES
St
or
age
1.Amazonsi
mpl
est
or
ageser
v
i
ce(
s3)
2.Amazongl
aci
er
3.Amazonel
ast
i
cf
i
l
esy
st
em (
EFS)
4.Amazonel
ast
i
cbl
ockst
or
age(
EBS)
Comput
e
1.El
ast
i
ccomput
ecl
oud(
EC2)
2.Amazonv
i
r
t
ual
pr
i
v
at
ecl
oud(
VPC)
3.Aut
oscal
i
ng
Net
wor
ki
ngandcont
entdel
i
v
er
y
1.Rout
e53
2.El
ast
i
cl
oadbal
ancer
3.Cl
oudf
r
ont
Dev
el
oper
st
ool
1.Awscommandl
i
nei
nt
er
f
ace
Dat
abase
1.AmazonDy
namoDB
2.AmazonSi
mpl
eDB
3.Amazonr
el
at
i
onal
DB
4.Amazonaur
or
a
Managementt
ool
s
1.AWSCl
oudFor
mat
i
on
2.AWSCl
oudWat
ch
Secur
i
t
y
,
i
dent
i
t
yandcompl
i
ance
1.I
dent
i
t
yandaccessmanagement(
I
AM)
Messagi
ng
1.Amazonsi
mpl
eQueueSer
v
i
ce(
SQS)
2.Amazonsi
mpl
enot
i
f
i
cat
i
onser
v
i
ce(
SNS)
3.Amazonsi
mpl
eemai
l
ser
v
i
ce(
SES)
I
AM
I
AM (
I
dent
i
t
yandaccessmanagement
)al
l
owsy
out
omanage
user
sandt
hei
rl
ev
elofaccesst
oawsconsol
e.I
tpr
ov
i
des
mul
t
i
f
act
or aut
hent
i
cat
i
on.Pr
ov
i
des t
empor
ar
y access f
or
user
s,
ser
v
i
ceswher
enecessar
y
.
I
tal
l
owsy
out
oset
upandmai
nt
ai
npasswor
dr
ot
at
i
onpol
i
cy
.
Usi
ngI
AM,or
gani
zat
i
onscancr
eat
eandmanageAWSuser
s
andgr
oupsanduseper
mi
ssi
onst
oal
l
owanddenyt
hei
raccess
t
oAWSr
esour
ces.
RootUser
(
Not
e:Wheny
ouf
i
r
stcr
eat
eanAWSaccount
,y
oubegi
nwi
t
honl
ya
si
ngl
esi
gni
npr
i
nci
palt
hathascompl
et
eaccesst
oal
lAWSCl
oudser
v
i
ces
andr
esour
cesi
nt
heaccount
.Thi
spr
i
nci
pal
i
scal
l
edt
her
ootuser
)
Ther
ootuseri
ssi
mi
l
ari
nconceptt
ot
heUNI
Xr
ootor
Wi
ndowsAdmi
ni
st
r
at
oraccount
—i
thasf
ul
lpr
i
v
i
l
egest
o
doany
t
hi
ngi
nt
heaccount
,
i
ncl
udi
ngcl
osi
ngt
heaccount
.
The r
oot user can be used f
or bot
h consol
e and
pr
ogr
ammat
i
caccesst
oAWSr
esour
ces.
I
AM User
s
I
AM user
si
ssi
mi
l
art
onor
maluser
si
nLi
nux,t
hi
susercan
i
nt
er
actwi
t
ht
heconsol
eanduset
heCLI
.
Cr
eat
i
ngI
AM USERS
Got
oI
AM >user
s>cr
eat
euser
s>(
nameoft
heuser
)>
access t
y
pe (
AWS Management Consol
e access) > set
passwor
d.
(
Not
e:
i
fuwantt
ol
ogi
nt
hengett
heur
l
f
r
om dashboar
dpast
ei
t
andgi
v
et
heuser
nameandpasswor
d)
(
I
ti
spossi
bl
et
ocust
omi
zet
heur
l
i
ndashboar
d)
(
SHOW:
Del
et
eUser
,
Changeuserpasswd,
NewAccesskey
)
1.
ARN(
Amazonr
esour
cenamei
sauni
quenameusedf
ort
he
i
dent
i
f
i
cat
i
onofuserorgr
oup,
I
ti
st
hecombi
nat
i
onofawsaccounti
d
anduserorgr
oupname)
Max5000user
si
nanawsaccount
.
GROUPS
Agr
oupi
st
hecol
l
ect
i
onofuser
shav
i
ngsi
mi
l
arr
esponsi
bi
l
i
t
y
.
Youcanusepr
opagat
eper
mi
ssi
onst
ouser
s.
Max100gr
oupsi
nanawsaccount
.
AnI
AM usercanbememberof10gr
oups.
Cr
eat
i
nggr
oup
Got
ogr
oup>cr
eat
euser>done
ROLE
AnI
AM r
ol
ei
ssi
mi
l
art
oauser
,
i
nt
hati
ti
sanAWSi
dent
i
t
ywi
t
h
per
mi
ssi
onpol
i
ci
est
hatdet
er
mi
newhatt
hei
dent
i
t
ycanand
cannotdoi
nAWS.
i
nst
eadofbei
nguni
quel
yassoci
at
edwi
t
honeper
son,ar
ol
ei
s
i
nt
endedt
obeassumabl
ebyany
onewhoneedsi
t
.
3t
y
pesofr
ol
es
1.Amazon ser
v
i
ce Rol
es—Gr
ant
i
ng per
mi
ssi
ons t
o
appl
i
cat
i
onsr
unni
ngonanAmazonEC2i
nst
ance.
2.Cr
ossAccount Access—Gr
ant
i
ng per
mi
ssi
ons t
o
user
sf
r
om ot
her AWS account
s,whet
her y
ou
cont
r
ol
t
hoseaccount
sornot
.
3.I
dent
i
t
ypr
ov
i
deraccess-Gr
ant
i
ngper
mi
ssi
onst
o
user
saut
hent
i
cat
edbyat
r
ust
edext
er
nal
sy
st
em.
Eachr
ol
ecanhav
eupt
o10pol
i
ci
esat
t
ached.
Max500r
ol
esi
nanawsaccount
.
Pol
i
cy
A pol
i
cy i
s a document t
hat f
ul
l
y def
i
nes a set of
per
mi
ssi
ons t
o access and mani
pul
at
e AWS r
esour
ces.
Pol
i
cydocument
scont
ai
noneormor
eper
mi
ssi
ons,wi
t
h
eachper
mi
ssi
ondef
i
ni
ng:
1.Ef
f
ect
—Asi
ngl
ewor
d:
Al
l
oworDeny
2.Ser
v
i
ce—Forwhatser
v
i
cedoest
hi
sper
mi
ssi
onappl
y
?
MostAWS Cl
oud ser
v
i
ces suppor
tgr
ant
i
ng access
t
hr
oughI
AM,
i
ncl
udi
ngI
AM i
t
sel
f
.
3.Resour
ce—Ther
esour
cev
al
uespeci
f
i
est
hespeci
f
i
c
AWSi
nf
r
ast
r
uct
ur
ef
orwhi
cht
hi
sper
mi
ssi
onappl
i
es.
Thi
si
sspeci
f
i
edasanAmazonResour
ceName(
ARN)
.
I
dent
i
t
yPr
ov
i
der
I
dent
i
t
y pr
ov
i
der
s ar
e used t
o def
i
ne t
r
ust
ed i
dent
i
t
y
r
esour
ces.
Wi
t
hani
dent
i
t
ypr
ov
i
der(
I
dP)
,y
oucanmanagey
ouruser
i
dent
i
t
i
es out
si
de ofAWS and gi
v
et
hese ext
er
naluser
i
dent
i
t
i
es per
mi
ssi
ons t
o use AWS r
esour
ces i
ny
our
account
.Thi
si
susef
uli
fy
ouror
gani
zat
i
onal
r
eadyhasi
t
s
owni
dent
i
t
ysy
st
em,
suchasacor
por
at
euserdi
r
ect
or
y
.I
ti
s
al
so usef
uli
fy
ou ar
e cr
eat
i
ng a mobi
l
e app orweb
appl
i
cat
i
ont
hatr
equi
r
esaccesst
oAWSr
esour
ces.
Mul
t
i
Fact
orAut
hent
i
cat
i
on(
MFA)
Mul
t
i
Fact
orAut
hent
i
cat
i
on(
MFA)canaddanext
r
al
ay
erof
secur
i
t
yt
oy
ouri
nf
r
ast
r
uct
ur
ebyaddi
ngasecondmet
hodof
aut
hent
i
cat
i
onbey
ondj
ustapasswor
doraccesskey
.Wi
t
h
MFA, aut
hent
i
cat
i
on al
so r
equi
r
es ent
er
i
ng a OneTi
me
Passwor
d(
OTP)f
r
om asmal
ldev
i
ce.TheMFAdev
i
cecanbe
ei
t
herasmal
lhar
dwar
edev
i
cey
oucar
r
ywi
t
hy
ou(
f
otexampl
e
Saf
eNetI
DPr
ov
e100(
OTPToken)
)orav
i
r
t
ual
dev
i
cev
i
aanapp
ony
oursmar
tphone(
f
orexampl
egoogl
eaut
hent
i
cat
i
on)
Add MFA:got
o act
i
v
at
e MFA f
orr
ootaccount> manage
MFA>v
i
r
t
ualMFA>copyt
heqrt
ogoogl
eaut
hent
i
cat
or>
t
y
pe2ot
p.
Passwor
dPol
i
cy
A passwor
dpol
i
cyi
sasetofr
ul
est
hatdef
i
net
het
y
peof
passwor
danI
AM usercanset
.
(
Not
e:
Got
hr
ought
heopt
i
ons)
Cr
edent
i
al
Repor
t
I
tl
i
st
sal
ly
ouraccount
'
suser
sandt
hest
at
usoft
hei
rv
ar
i
ous
cr
edent
i
al
si
ncl
udi
ngpasswor
ds,
accesskey
s,
andMFAdev
i
ces.
Encr
y
pt
i
onkey
s
AWS Key ManagementSer
v
i
ce (
AWS KMS)i
s a managed
ser
v
i
cet
hatmakesi
teasyf
ory
out
ocr
eat
eandcont
r
olt
he
encr
y
pt
i
on key
s used t
o encr
y
pty
ourdat
a.AWS KMS i
s
i
nt
egr
at
edwi
t
hot
herAWSser
v
i
cesi
ncl
udi
ngAmazonEl
ast
i
c
Bl
ockSt
or
e(
AmazonEBS)
,AmazonSi
mpl
eSt
or
ageSer
v
i
ce
(
AmazonS3)
,AmazonRedshi
f
t
,AmazonEl
ast
i
cTr
anscoder
,
Amazon Wor
kMai
l
, Amazon Rel
at
i
onal Dat
abase Ser
v
i
ce
(
AmazonRDS)
,andot
her
st
omakei
tsi
mpl
et
oencr
y
pty
our
dat
awi
t
hencr
y
pt
i
onkey
st
haty
oumanage
AWS KMS l
et
sy
ou cr
eat
e mast
erkey
st
hatcan nev
erbe
expor
t
edf
r
om t
heser
v
i
ceandwhi
chcanbeusedt
oencr
y
pt
anddecr
y
ptdat
abasedonpol
i
ci
esy
oudef
i
ne.
AmazonEl
ast
i
cComput
eCl
oud(
AmazonEC2)
AmazonEl
ast
i
cComput
eCl
oud(
AmazonEC2)pr
ov
i
des
scal
abl
ecomput
i
ngcapaci
t
yi
nt
heAmazonWebSer
v
i
ces
(
AWS)cl
oud.
AmazonEC2el
i
mi
nat
esy
ourneedt
oi
nv
esti
nhar
dwar
eup
f
r
ont
,
soy
oucandev
el
opanddepl
oyappl
i
cat
i
onsf
ast
er
AmazonEC2enabl
esy
out
oscal
eupordownt
ohandl
e
changesi
nr
equi
r
ement
sorspi
kesi
npopul
ar
i
t
y
,r
educi
ng
y
ourneedt
of
or
ecastt
r
af
f
i
c.
Feat
ur
esofAmazonEC2
Vi
r
t
ual
comput
i
ngenv
i
r
onment
s,
knownasi
nst
ances
Var
i
ousconf
i
gur
at
i
onsofCPU,memor
y
,st
or
age,and net
wor
ki
ng
capaci
t
yf
ory
ouri
nst
ances,
knownasi
nst
ancet
ypes.
Secur
el
ogi
ni
nf
or
mat
i
on f
ory
ouri
nst
ancesusi
ngkeypai
r
s(
AWS
st
or
est
hepubl
i
ckey
,
andy
oust
or
et
hepr
i
v
at
ekeyi
nasecur
epl
ace)
(
cr
eat
eanec2i
nst
anceandexpl
ai
nabouti
nst
ancef
ami
l
y
)
EC2ondemand
1.Gener
al
pur
pose.
2.Comput
eopt
i
mi
zed
Comput
ei
nt
ensi
v
eappl
i
cat
i
on.
3.Memor
yopt
i
mi
zed
Dat
abaseandmemor
ycachi
ngappl
i
cat
i
on.
4.St
or
ageopt
i
mi
zed
Dat
awar
ehousi
ngandpar
al
l
el
comput
i
ng.
EC2Opt
i
ons
OnDemandi
nst
ances
Payf
ort
hei
nst
ancest
haty
ouusebyt
hehour
,wi
t
hno
l
ongt
er
m commi
t
ment
sorupf
r
ontpay
ment
s.
Reser
v
edI
nst
ances
Makeal
ow,onet
i
me,upf
r
ontpay
mentf
orani
nst
ance,
r
eser
v
ei
tf
ora one-ort
hr
eey
eart
er
m,and pay a
si
gni
f
i
cant
l
yl
owerhour
l
yr
at
ef
ort
hesei
nst
ances.
Spoti
nst
ances
Bi
donunusedi
nst
ances,whi
chcanr
unasl
ongast
hey
ar
eav
ai
l
abl
eandy
ourbi
di
sabov
et
heSpotpr
i
ce,ata
si
gni
f
i
cantdi
scount
.
Dedi
cat
edhost
s
Payf
oraphy
si
calhostt
hati
sf
ul
l
ydedi
cat
edt
or
unni
ng
y
ouri
nst
ances,andbr
i
ngy
ourexi
st
i
ngper
socket
,per
cor
e,
orper
VM sof
t
war
el
i
censest
or
educecost
s.
Ondemandv
sReser
v
edv
sSpotI
nst
ances
Ondemand
1.
User
st
hatwantt
hel
ow costandf
l
exi
bi
l
i
t
yofAmazon
EC2wi
t
houtanyupf
r
ontpay
mentorl
ongt
er
m commi
t
ment
.
2.
Appl
i
cat
i
on wi
t
h shor
tt
er
m,spi
ky
,or unpr
edi
ct
abl
e
wor
kl
oadst
hatcannotbei
nt
er
r
upt
ed.
3.
Appl
i
cat
i
onwhi
chi
sdev
el
opedort
est
edonAmazonEC2
f
ort
hef
i
r
stt
i
me.
(
not
e:
Payperhour
)
Reser
v
ed
1.Appl
i
cat
i
onwi
t
hst
eadyst
at
eorpr
edi
ct
abl
eusage
Eg;
webser
v
er
sr
unni
ngi
nani
nst
ance
2.Appl
i
cat
i
ont
hatr
equi
r
especi
f
i
ccapaci
t
y
3.User
sar
eabl
et
omakeupf
r
ontpay
mentt
or
educet
he
t
ot
al
comput
i
ngcost
.
Spot
1.Appl
i
cat
i
ont
hathasf
l
ex
i
bl
est
ar
tandendt
i
me.
2.Appl
i
cat
i
ont
hatar
ef
easi
bl
eatv
er
yl
owcomput
epr
i
ces.
3.User
swi
t
hur
gentcomput
i
ngneedsf
orl
ar
geamountof
addi
t
i
onal
capaci
t
y
Dedi
cat
edHost
1.AnAmazonEC2Dedi
cat
edHosti
saphy
si
calser
v
erwi
t
h
EC2i
nst
ancecapaci
t
yf
ul
l
ydedi
cat
edt
oy
ouruse.
2.Dedi
cat
edHost
sal
l
owy
out
ousey
ourexi
st
i
ngper
socket
,
per
cor
e,orper
VM sof
t
war
el
i
censes,i
ncl
udi
ngWi
ndows
Ser
v
er
,Mi
cr
osof
tSQLSer
v
er
,SUSEandLi
nuxEnt
er
pr
i
se
Ser
v
er
.
(
cr
eat
eawi
ndowsi
nst
ance>got
oconnectopt
i
on>downl
oadt
he
r
emot
edeskt
opf
i
l
e>getpasswor
d>choosekeypai
r>gett
hepasswor
d
>openr
emot
edeskt
op>ent
ert
hepasswor
d)
PRACTI
CAL
1.Logi
nt
oani
nst
ance
Usi
ngSSHi
fi
ti
saLi
nuxI
nst
ance.
Usi
ng RDP (
Remot
e deskt
op pr
ot
ocol
)i
fi
ti
sa
Wi
ndowsI
nst
ance
2.Launchmor
el
i
ket
hi
s
Got
oi
nst
ance>l
aunchmor
el
i
ket
hi
s
(
Not
e:Thi
sopt
i
on doesnotcl
oney
oursel
ect
ed
i
nst
ance,
i
tonl
yr
epl
i
cat
essomeconf
i
gur
at
i
ondet
ai
l
s.
)
3.Ter
mi
nat
i
onpr
ot
ect
i
on
Sel
ectt
hei
nst
ance>act
i
on>i
nst
anceset
t
i
ng>
change t
er
mi
nat
i
on ory
ou can add whi
l
e cr
eat
i
ng a
i
nst
ance.
4.At
t
achi
ngr
ol
e
Sel
ect t
he i
nst
ance > act
i
on >i
nst
ance
set
t
i
ng>at
t
ach/
r
epl
acei
am r
ol
e
5.Changei
nst
ancet
y
pe
St
opt
hei
nst
ance>act
i
on>i
nst
anceset
t
i
ng>
changei
nst
ancet
y
pe
(
not
e:
Whenani
nst
ancet
er
mi
nat
es,
t
hedat
aonanyi
nst
ance
st
or
ev
ol
umesassoci
at
edwi
t
ht
hati
nst
ancei
sdel
et
ed.
)
EBS
AmazonEl
ast
i
cBl
ockSt
or
e(
AmazonEBS)pr
ov
i
desbl
ockl
ev
el
st
or
agev
ol
umesf
orusewi
t
hEC2i
nst
ances.
EBSv
ol
umesar
ehi
ghl
yav
ai
l
abl
eandr
el
i
abl
est
or
agev
ol
umes
t
hatcanbeat
t
achedt
oanyr
unni
ngi
nst
ancet
hati
si
nt
hesame
Av
ai
l
abi
l
i
t
yZone.
STORAGEBACKEDBYEBS
1.EBSGener
al
Pur
poseSSD(
gp2)
2.Pr
ov
i
si
onedI
OPSSSD(
i
o1)
3.Thr
oughputOpt
i
mi
zedHDD(
st
1)(
cantseef
orr
ootadda
newebcv
ol
umeandcheck,
i
t
snotabootv
ol
ume)
4.Col
dHDD(
sc1)
Gener
alPur
pose SSD (
gp2)v
ol
umes,y
ou can expectbase
per
f
or
manceof3I
OPS/
Gi
B,wi
t
ht
heabi
l
i
t
yt
obur
stt
o3,
000
I
OPSf
orext
endedper
i
odsoft
i
me.Gp2v
ol
umesar
ei
dealf
ora
br
oadr
angeofusecasessuchasbootv
ol
umes,smal
land
medi
umsi
ze dat
abases, and dev
el
opment and t
est
env
i
r
onment
s.Gp2v
ol
umessuppor
tupt
o10,
000I
OPSand160
MB/
soft
hr
oughput
.
Pr
ov
i
si
oned I
OPS SSD (
i
o1)v
ol
umes,y
ou can pr
ov
i
si
on a
speci
f
i
cl
ev
elofI
/
O per
f
or
mance.I
o1v
ol
umessuppor
tupt
o
20,
000I
OPSand320MB/
soft
hr
oughput
.Thi
sal
l
owsy
out
o
pr
edi
ct
abl
yscal
et
ot
ensoft
housandsofI
OPSperEC2i
nst
ance.
Thr
oughputOpt
i
mi
zed HDD (
st
1)v
ol
umes pr
ov
i
de l
owcost
magnet
i
c st
or
age t
hat def
i
nes per
f
or
mance i
nt
er
ms of
t
hr
oughputr
at
hert
hanI
OPS.Wi
t
ht
hr
oughputofupt
o 500
Mi
B/
s,t
hi
sv
ol
ume t
y
pe i
s a good f
i
tf
orl
ar
ge,sequent
i
al
wor
kl
oadssuchasAmazonEMR,ETL,dat
awar
ehouses,and
l
ogpr
ocessi
ng.
Col
dHDD (
sc1)v
ol
umespr
ov
i
del
owcostmagnet
i
cst
or
age
t
hatdef
i
nesper
f
or
mancei
nt
er
msoft
hr
oughputr
at
hert
han
I
OPS.Wi
t
ht
hr
oughputofupt
o250Mi
B/
s,
sc1i
sagoodf
i
ti
deal
f
or l
ar
ge,sequent
i
al
,col
ddat
a wor
kl
oads.I
fy
ou r
equi
r
e
i
nf
r
equentaccess t
oy
ourdat
a and ar
el
ooki
ng t
o sav
e
cost
s,
sc1pr
ov
i
desi
nexpensi
v
ebl
ockst
or
age.
EBSv
ol
umesar
ecr
eat
edi
naspeci
f
i
cAv
ai
l
abi
l
i
t
yZone,
andcan
t
henbeat
t
achedt
oanyi
nst
ancesi
nt
hatsameAv
ai
l
abi
l
i
t
yZone
Youcanmountmul
t
i
pl
ev
ol
umesont
hesamei
nst
ance,but
eachv
ol
umecanbeat
t
achedt
oonl
yonei
nst
anceatat
i
me.
Tomakeav
ol
umeav
ai
l
abl
eout
si
deoft
heAv
ai
l
abi
l
i
t
yZone,
y
ou
cancr
eat
easnapshotandr
est
or
et
hatsnapshott
oanew
v
ol
umeany
wher
ei
nt
hatr
egi
on.Youcancopysnapshot
st
o
ot
herr
egi
onsandt
henr
est
or
et
hem t
onew v
ol
umest
her
e,
maki
ng i
t easi
er t
o l
ev
er
age mul
t
i
pl
e AWS r
egi
ons f
or
geogr
aphi
calexpansi
on,dat
acent
ermi
gr
at
i
on,and di
sast
er
r
ecov
er
y
.
(
Not
e:Cr
eat
e an i
nst
ance > at
t
ach a new v
ol
ume t
ot
hat
i
nst
ance>mountt
hev
ol
ume>addsomef
i
l
es>det
ach>
at
t
acht
hev
ol
umet
oanot
heri
nst
ance>v
er
i
f
yt
hecont
ent
sar
e
pr
esent
)
PRACTI
CAL
1.At
t
achi
ngt
hev
ol
umet
odi
f
f
er
enti
nst
ance
addanewv
ol
umet
oanexi
st
i
ngi
nst
ance>mount
i
t> add some cont
ent> unmount> det
ach t
he
v
ol
ume>at
t
acht
hev
ol
umet
oanot
heri
nst
ance>mount
andv
er
i
f
y
(
donotdet
acht
her
ootv
ol
ume)
2.I
ti
spossi
bl
et
oext
endt
hesi
zeofav
ol
ume
Sel
ectt
hev
ol
ume>act
i
on>modi
f
yv
ol
ume(
i
tmay
t
akesomet
i
met
ot
akeef
f
ect
)
Snapshot
Youcanbackupt
hedat
aony
ourEBSv
ol
umest
oAmazonS3
byt
aki
ngpoi
nt
i
nt
i
mesnapshot
s.
Snapshot
sar
ei
ncr
ement
albackups,
whi
chmeanst
hatonl
yt
he
bl
ocksont
hedev
i
cet
hathav
echangedaf
t
ery
ourmostr
ecent
snapshotar
esav
ed
Forcr
eat
i
ngconsi
st
entsnapshotst
opt
hev
ol
umeandt
aket
he
snapshot
,snapshotcanbet
akenwi
t
houtst
oppi
ngt
hev
ol
ume
butmaybei
nconsi
st
ent
.
Al
l
snapshot
sar
est
or
edi
ns3ser
v
i
ceofaws.
Thesesnapshot
scanbeusedt
ocr
eat
emul
t
i
pl
eawsv
ol
ume
acr
ossav
ai
l
abi
l
i
t
yzone.
Snapshot
scanbeshar
edwi
t
hspeci
f
i
cawsaccount
sormade
publ
i
c.
PRACTI
CAL
1.Cr
eat
esnapshotf
r
om av
ol
ume
St
opt
hei
nst
ance>got
ov
ol
ume>act
i
on>cr
eat
e
snapshot
2.Cr
eat
ev
ol
umef
r
om asnapshot
Sel
ectt
hesnapshot>act
i
on>cr
eat
ev
ol
ume>
sel
ectt
hedesi
r
edav
ai
l
abi
l
i
t
ysong.
3.Copy
i
ngsnapshot
Snapshotcanbecopi
edt
odi
f
f
er
entr
egi
on,copy
i
ng
i
nanot
herr
egi
onhel
pst
ocr
eat
eav
ol
umei
nt
hat
r
egi
on
Sel
ectt
hesnapshot>act
i
on>copy>sel
ectt
he
desi
r
edr
egi
on
4.Shar
i
ngsnapshot
Snapshotcanbeshar
edbet
weent
heuser
sormake
i
tpr
i
v
at
e.
Sel
ect t
he snapshot > act
i
on > modi
f
y
per
mi
ssi
on>publ
i
c
5.Del
et
esnapshot
Sel
ectasnapshot>act
i
on>del
et
e
AMI
AnAmazonMachi
neI
mage(
AMI
)i
saspeci
alt
y
peofv
i
r
t
ual
appl
i
ancet
hat i
s used t
o cr
eat
e av
i
r
t
ual machi
newi
t
hi
n
t
heAmazonEl
ast
i
cComput
eCl
oud(
"
EC2"
)
.I
tser
v
esast
he
basi
cuni
tofdepl
oy
mentf
orser
v
i
cesdel
i
v
er
edusi
ngEC2.
LaunchPer
mi
ssi
ons
TheownerofanAMIdet
er
mi
nesi
t
sav
ai
l
abi
l
i
t
ybyspeci
f
y
i
ng
l
aunchper
mi
ssi
ons.Launchper
mi
ssi
onsf
al
li
nt
ot
hef
ol
l
owi
ng
cat
egor
i
es.
1.Publ
i
c>Theownergr
ant
sl
aunchper
mi
ssi
onst
oal
l
AWSaccount
s.
2.Expl
i
ci
t> The ownergr
ant
sl
aunch per
mi
ssi
ons t
o
speci
f
i
cAWSaccount
s.
3.I
mpl
i
ci
t>Theownerhasi
mpl
i
ci
tl
aunchper
mi
ssi
ons
f
oranAMI
.
PRACTI
CAL
1.Cr
eat
i
ngami
Cr
eat
e and i
nst
ance wi
t
h webpage >
cr
eat
e snap f
r
om v
ol
ume > cr
eat
ei
mage
f
r
om snap>l
aunch
2.L
aunchper
mi
ssi
on
Sel
ect t
he ami > modi
f
y i
mage
per
mi
ssi
on
3.Co
py
i
ngt
heami
Sel
ectt
heami>copy
.(
whi
l
ecopy
i
ng
t
he amit
he snapshotwi
l
lbe copi
ed t
oo
dest
i
nat
i
on)
SECURI
TYGROUPS
Asecur
i
t
ygr
oupact
s as a v
i
r
t
ualf
i
r
ewal
lt
hatcont
r
ol
st
he
t
r
af
f
i
cf
oroneormor
ei
nst
ances.
When y
ou l
aunch an i
nst
ance,y
ou associ
at
e one ormor
e
secur
i
t
y gr
oups wi
t
ht
he i
nst
ance.You add r
ul
es t
o each
secur
i
t
ygr
oup t
hatal
l
ow t
r
af
f
i
ct
o orf
r
om i
t
s associ
at
ed
i
nst
ances.
t
henewr
ul
esar
eaut
omat
i
cal
l
yappl
i
edt
oal
li
nst
ancest
hatar
e
associ
at
edwi
t
ht
hesecur
i
t
ygr
oup.
Max500sg.
Max100r
ul
esf
orasg(
50i
nboundand50out
bound)
Foreachr
ul
e,
y
ouspeci
f
yt
hef
ol
l
owi
ng.
1.Ty
pe:
pr
ot
ocol
2.Pr
ot
ocol
:
Thepr
ot
ocol
t
oal
l
ow.
3.Por
tr
ange:ForTCP,UDP,oracust
om pr
ot
ocol
,t
he
r
angeofpor
t
st
oal
l
ow.Youcanspeci
f
yasi
ngl
epor
t
number(
f
orexampl
e,
22)
,
orr
angeofpor
tnumber
s(
f
or
exampl
e,
70008000)
.
4.Sour
ceordest
i
nat
i
on:Thesour
ce(
i
nboundr
ul
es)or
dest
i
nat
i
on(
out
boundr
ul
es)f
ort
het
r
af
f
i
c
AmazonEC2KeyPai
r
s
Amazon EC2 uses publ
i
c–keycr
y
pt
ogr
aphyt
o encr
y
ptand
decr
y
ptl
ogi
ni
nf
or
mat
i
on.Publ
i
c–key cr
y
pt
ogr
aphy uses a
publ
i
ckeyt
oencr
y
ptapi
eceofdat
a,suchasapasswor
d,t
hen
t
her
eci
pi
entusest
hepr
i
v
at
ekeyt
odecr
y
ptt
hedat
a.Thepubl
i
c
andpr
i
v
at
ekey
sar
eknownasakeypai
r
.
Tol
ogi
nt
oy
ouri
nst
ance,y
oumustcr
eat
eakeypai
r
,speci
f
y
t
henameoft
hekeypai
rwheny
oul
auncht
hei
nst
ance,and
pr
ov
i
det
hepr
i
v
at
ekeywheny
ouconnectt
ot
hei
nst
ance.Li
nux
i
nst
anceshav
enopasswor
d,andy
ouuseakeypai
rt
ol
ogi
n
usi
ng SSH.Wi
t
h Wi
ndowsi
nst
ances,y
ou usea keypai
rt
o
obt
ai
nt
headmi
ni
st
r
at
orpasswor
dandt
henl
ogi
nusi
ngRDP.
Max5000key
pai
r
.
PRACTI
CAL
1.Del
et
i
ngakey
Got
okey
pai
r>sel
ectt
hepr
i
v
at
ekeyy
ouwantt
o
del
et
e
2.I
mpor
tkey
Openput
t
y
gen>cr
eat
epubl
i
ckey>i
mpor
t{
wot
userhav
ei
spr
i
v
at
ekeyandwhatawshav
ei
spubl
i
c
key
)
El
ast
i
ci
p
AnEl
ast
i
cI
P addr
essi
sa st
at
i
cI
Pv
4 addr
essdesi
gned f
or
dy
nami
ccl
oudcomput
i
ng.
Wi
t
hanEl
ast
i
cI
P addr
ess,y
oucanmaskt
hef
ai
l
ur
eofan
i
nst
ance orsof
t
war
e by r
api
dl
yr
emappi
ng t
he addr
ess t
o
anot
heri
nst
ancei
ny
ouraccount
.
TouseanEl
ast
i
cI
P addr
ess,y
ouf
i
r
stal
l
ocat
eonet
oy
our
account
,andt
henassoci
at
ei
twi
t
hy
ouri
nst
anceoranet
wor
k
i
nt
er
f
ace.
Wheny
ouassoci
at
eanEl
ast
i
cI
Paddr
esswi
t
hani
nst
anceor
i
t
spr
i
mar
ynet
wor
ki
nt
er
f
ace,
t
hei
nst
ance'
spubl
i
cI
Pv
4addr
ess
(
i
fi
thadone)i
sr
el
easedbacki
nt
oAmazon'
spoolofpubl
i
c
I
Pv
4addr
esses.Youcannotr
euseapubl
i
cI
Pv
4addr
ess.
Adi
sassoci
at
edEl
ast
i
cI
Paddr
essr
emai
nsal
l
ocat
edt
oy
our
accountunt
i
l
y
ouexpl
i
ci
t
l
yr
el
easei
t
.
I
fan El
ast
i
cI
P addr
ess i
s notassoci
at
ed wi
t
har
unni
ng
i
nst
ance,ori
fi
ti
sassoci
at
edwi
t
hast
oppedi
nst
anceoran
unat
t
achednet
wor
ki
nt
er
f
acei
twi
l
l
bechar
ged.
AnEl
ast
i
cI
Paddr
essi
sr
egi
onspeci
f
i
c.
Wheny
ouassoci
at
eanEl
ast
i
cI
Paddr
esswi
t
hani
nst
ancet
hat
pr
ev
i
ousl
yhadapubl
i
cI
Pv
4addr
ess,t
hepubl
i
cDNShost
name
oft
hei
nst
ancechangest
omat
cht
heEl
ast
i
cI
Paddr
ess.
5El
ast
i
cI
Paddr
essesperr
egi
on.
Pr
act
i
cal
1.Associ
at
ei
p
Got
oel
ast
i
ci
p>al
l
ocat
eanew addr
ess>al
l
ocat
e>
act
i
ons>associ
at
eaddr
ess>sel
ecti
nst
ance
2.Di
ssoci
at
ei
p
Sel
ectt
hei
nst
ance>di
ssoci
at
ei
p
3.Rel
easei
p
Sel
ecti
p>r
el
ease(
onl
yaf
t
erdi
ssoci
at
ewecanr
el
ease)
Net
wor
ki
nt
er
f
aces
Anel
ast
i
cnet
wor
ki
nt
er
f
ace(
net
wor
ki
nt
er
f
ace)i
sav
i
r
t
ualnet
wor
k
i
nt
er
f
acet
haty
ou can at
t
ach t
o an i
nst
ancei
n aVPC.Net
wor
k
i
nt
er
f
acesar
eav
ai
l
abl
eonl
yf
ori
nst
ancesr
unni
ngi
naVPC.
Anet
wor
ki
nt
er
f
acecani
ncl
udet
hef
ol
l
owi
ngat
t
r
i
but
es:
1.Ap
r
i
mar
ypr
i
v
at
eI
Pv
4addr
ess.
2.On
eormor
esecondar
ypr
i
v
at
eI
Pv
4addr
esses
3.On
eEl
ast
i
cI
Paddr
ess(
I
Pv
4)perpr
i
v
at
eI
Pv
4addr
ess
4.On
epubl
i
cI
Pv
4addr
ess
5.On
eormor
eI
Pv
6addr
esses
Youcancr
eat
eanet
wor
ki
nt
er
f
ace,
at
t
achi
tt
oani
nst
ance,
det
achi
t
f
r
om ani
nst
ance,
andat
t
achi
tt
oanot
heri
nst
ance.
Wheny
oumov
eanet
wor
ki
nt
er
f
acef
r
om onei
nst
ancet
oanot
her
,
net
wor
kt
r
af
f
i
ci
sr
edi
r
ect
edt
ot
henewi
nst
ance.
Ev
er
yi
nst
ance i
n a VPC has a def
aul
tnet
wor
ki
nt
er
f
ace,cal
l
ed
t
hepr
i
mar
ynet
wor
ki
nt
er
f
ace(
et
h0)
.Youcannotdet
achapr
i
mar
y
net
wor
ki
nt
er
f
ace f
r
om an i
nst
ance.You can cr
eat
e and at
t
ach
addi
t
i
onal
net
wor
ki
nt
er
f
aces
(
Themaxi
mum numberofnet
wor
ki
nt
er
f
acest
haty
oucanusev
ar
i
es
byi
nst
ancet
y
pe)
.
Pr
act
i
cal
1.Cr
eat
i
ngnewnet
wor
ki
nt
er
f
aces
Cr
eat
enet
wor
ki
nt
er
f
aces>adddescr
i
pt
i
on>subnet>pr
i
v
at
e
i
p(
def
aul
t
)>secur
i
t
ygr
oup
AWSCLI
TheAWSCommandLi
neI
nt
er
f
ace(
CLI
)i
sauni
f
i
edt
oolt
omanage
y
ourAWSser
v
i
ces.Wi
t
hj
ustonet
oolt
odownl
oadandconf
i
gur
e,
y
ou
can cont
r
olmul
t
i
pl
e AWS ser
v
i
ces f
r
om t
he command l
i
ne and
aut
omat
et
hem t
hr
oughscr
i
pt
s.
Pr
act
i
cal
1.At
t
achi
ngs3r
ol
et
oec2
Cr
eat
ear
ol
eso t
hatf
r
om ec2 i
ti
spossi
bl
et
o
accesss3>Launchandawsami(
noot
heramican
access s3 by def
aul
t
)> sel
ect t
he r
ol
e whi
l
e
cr
eat
i
ng>l
auncht
hei
nst
ance
2.Hel
p
#aws
#awss3hel
p
3.Accessi
ngs3f
r
om ec2
#awss3l
s
Cmdt
ol
i
stal
l
bucket
si
ns3
4.Cr
eat
i
ngbucket
#awss3mbs3:
/
/
<bucketname>
r
egi
on
Cmd t
o cr
eat
ebucketwi
t
houtspeci
f
y
i
ng a
#awss3apicr
eat
ebucketbucket<bucketname>r
egi
onuseast
1(
cannotcr
eat
ei
nal
l
r
egi
onbecauseof
endpoi
nt
)
5.Copy
i
ngt
obucket
Bucketmustaper
mi
ssi
onsot
hatwecanwr
i
t
et
he
changest
obucket
#awss3cp<F.
N>s3:
/
/
<bucketname>
6.Copy
i
ngf
r
om bucket
#awss3s3:
/
/
<bucketname>/
<F.
N>.
7.Sy
nci
ngBucketwi
t
hl
ocal
di
sk
#awss3sy
ncs3:
/
/
<bucketname>.
Cmd t
o sy
ncal
ldat
af
r
om buckett
ol
ocal
st
or
age
8.Del
et
i
ngabucket
#awss3r
bs3:
/
/
<bucketname>
#awss3r
bs3:
/
/
<bucketname>f
or
ce
Cmdt
or
emov
eanonempt
ybucket
#awss3api
del
et
ebucketbucket<bucketname>
(
not
e:Mumbair
egi
onbucket
sar
enotsuppor
t
edi
n
awscl
i
)
AWSCLIi
nRHEL
1.I
nst
al
l
t
hepy
t
hon
2.I
nst
al
lpi
p(
Bydef
aul
tt
hepackagedoesnotcomes
wi
t
hr
eposi
t
or
y
,downl
oad and i
nst
al
lpy
t
honpi
p
f
r
om r
pmf
i
nd.
net
,
#y
um l
ocal
i
nst
al
l
py
t
honpi
p)
(
pi
pi
s a package managementsy
st
em used t
o
i
nst
al
landmanagesof
t
war
epackageswr
i
t
t
eni
n
Py
t
hon)
3.Checkpi
pi
si
nst
al
l
edornot(
#pi
pl
i
st
)
4.Use pi
p t
o i
nst
al
lawscl
i(
#pi
p i
nst
al
lawscl
i
bot
ocor
e,bot
ocor
ei
st
hepackageawscl
iusesf
or
al
l
i
t
swor
k)
5.Useawscmd(
#awss3l
s
AWSCLIi
nWI
NDOWS
1.Launchanwi
ndowsi
nst
ance
2.Logi
n
3.I
nst
al
lawscl
imsii
nst
al
l
er f
r
om aws websi
t
e
(
googl
ef
orawscl
i
f
orwi
ndows)
4.Opent
hecmdpr
omptandst
ar
texecut
i
ngawscmd.
BOOTSTRAPSCRI
PTS
Boot
st
r
apscr
i
pt
sar
eusedf
orexecut
i
ngt
hesetofcmdsorscr
i
pt
st
o
r
unassoonasec2i
nst
ancegoesl
i
v
ei
nr
ootl
ev
el
.
Wecandoaut
omat
i
onbyusi
ngt
hescr
i
pt
s
Pr
act
i
cal
>
Cr
eat
eani
nst
ance>r
edhatami>adv
anceddet
ai
l
>asat
ext
#!
/
bi
n/
bash
y
um i
nst
al
l
yht
t
pd
sy
st
emct
l
r
est
ar
tht
t
pd
sy
st
emct
l
enabl
eht
t
pd
echo“
checki
ngf
orboot
st
r
apscr
i
pt
”>/
v
ar
/
www/
ht
ml
/
i
ndex.
ht
ml
sy
st
emct
l
r
est
ar
tht
t
pd
sy
st
emct
l
enabl
eht
t
pd
st
at
uschecki
s2/
2.
>addSG(
sshandht
t
p)>l
aunch>wai
tt
i
l
l
LOADBALANCER
El
ast
i
cLoadBal
anci
ngdi
st
r
i
but
esi
ncomi
ngappl
i
cat
i
ont
r
af
f
i
cacr
oss
mul
t
i
pl
eEC2i
nst
ances,i
nmul
t
i
pl
eAv
ai
l
abi
l
i
t
yZones.Thi
si
ncr
eases
t
hef
aul
tt
ol
er
anceofy
ourappl
i
cat
i
ons.
Thel
oadbal
ancerser
v
esasasi
ngl
epoi
ntofcont
actf
orcl
i
ent
s,
whi
chi
ncr
easest
heav
ai
l
abi
l
i
t
yofy
ourappl
i
cat
i
on.Youcanaddand
r
emov
ei
nst
ancesf
r
om y
ourl
oadbal
ancer
.
Pr
act
i
cal
1.Cr
eat
i
ngal
oadbal
ancer
Cr
eat
eani
nst
ance(
r
hel
)>i
nst
al
lht
t
pd>ser
v
i
cer
est
ar
t
>cr
eat
ei
ndex.
ht
ml(
anycont
ent
)>ser
v
i
ce>addht
t
pf
orsg>
checki
ti
swor
ki
ng>got
ol
oadbal
ancer>basedont
hel
oad
bal
ancery
ouneedsel
ectt
hel
oadbal
ancer>cl
assi
cl
oadbal
ancer
>addanameanddef
aul
tv
pc>sel
ectsgwhi
chsuppor
tsshand
ht
t
p>conf
i
gur
eheal
t
hcheck>r
esponset
i
meout(
5sec:t
i
met
o
wai
twhenr
ecei
v
i
ngar
esponsef
r
om t
heheal
t
hcheck)>i
nt
er
v
al
(
amountoft
i
mebet
weenheal
t
hchecks)>unheal
t
hyt
hr
eshol
d(
2
noofconsecut
i
v
eheal
t
hcheckf
ai
l
ur
esbef
or
edecl
ar
i
nganEC2
i
nst
anceunheal
t
hy
,not
e:i
n60seci
tchecks2t
i
mesi
ncei
nt
er
v
al
i
s 30)> heal
t
hy t
hr
eshol
d(
no ofconsecut
i
v
e heal
t
h check
successesbef
or
edecl
ar
i
nganec2i
nst
anceheal
t
hy
)>addt
he
i
nst
ance>enabl
ecr
ossendl
oadbal
anci
ng
(
cr
oss end l
oad
bal
anci
ng di
st
r
i
but
es t
r
af
f
i
c ev
enl
y acr
oss al
ly
ourbackend
i
nst
ancesi
nal
lav
ai
l
abl
ezones)>enabl
econnect
i
ondr
ai
ni
ng(
t
he
no.
ofsect
oal
l
owexi
st
i
ngt
r
af
f
i
ct
ocont
i
nuef
l
owi
ng)> cr
eat
e>
wai
tf
or1mi
nt
i
l
li
tbecomei
nser
v
i
ce(
st
at
usofi
nst
ance)>get
t
hepubl
i
cdnsofl
oadbal
ancerandpast
ei
ti
nt
henew t
abe.
g.
dns/
i
ndex.
ht
ml
Wheny
oucr
eat
eal
oadbal
anceri
naVPC,
y
oumustchoosewhet
her
t
o make i
tan i
nt
er
nall
oad bal
anceroran I
nt
er
net
f
aci
ng l
oad
bal
ancer
.
The nodes ofan I
nt
er
net
f
aci
ng l
oad bal
ancerhav
e publ
i
cI
P
addr
esses.TheDNS nameofanI
nt
er
net
f
aci
ng l
oad bal
anceri
s
publ
i
cl
yr
esol
v
abl
et
ot
hepubl
i
cI
Paddr
essesoft
henodes.Ther
ef
or
e,
I
nt
er
net
f
aci
ngl
oadbal
ancer
scanr
out
er
equest
sf
r
om cl
i
ent
sov
er
t
heI
nt
er
net
.
Thenodesofani
nt
er
nal
l
oadbal
ancerhav
eonl
ypr
i
v
at
eI
Paddr
esses.
TheDNSnameofani
nt
er
nall
oadbal
anceri
spubl
i
cl
yr
esol
v
abl
et
o
t
he pr
i
v
at
eI
P addr
esses oft
he nodes.Ther
ef
or
e,i
nt
er
nall
oad
bal
ancer
scanonl
yr
out
er
equest
sf
r
om cl
i
ent
swi
t
haccesst
ot
he
VPCf
ort
hel
oadbal
ancer
.
Max20l
oadbal
ancerperr
egi
on.
Max5SGf
orl
oadbal
ancer
.
Max1subnetf
orl
oadbal
ancer
.
Del
et
i
ngal
oadbal
ancerdoesnotaf
f
ecti
t
sEC2i
nst
ance.
PLACEMENTGROUPS(
ONLYTHEORY)
Apl
acementgr
oupi
sal
ogi
calgr
oupi
ngofi
nst
anceswi
t
hi
nasi
ngl
e
Av
ai
l
abi
l
i
t
yZone.
Pl
acementgr
oupsar
er
ecommendedf
orappl
i
cat
i
onst
hatbenef
i
t
f
r
om l
ownet
wor
kl
at
ency
,
hi
ghnet
wor
kt
hr
oughput
,
orbot
h.
I
fy
oust
opani
nst
ancei
napl
acementgr
oupandt
henst
ar
ti
tagai
n,
i
t
st
i
l
lr
unsi
nt
hepl
acementgr
oup.Howev
er
,
t
hest
ar
tf
ai
l
si
ft
her
ei
sn'
t
enoughcapaci
t
yf
ort
hei
nst
ance.
Apl
acementgr
oupcan'
tspanmul
t
i
pl
eAv
ai
l
abi
l
i
t
yZones.
Thenamey
ouspeci
f
yf
orapl
acementgr
oupmustbeuni
quewi
t
hi
n
y
ourAWSaccount
.
(
not
e:pl
acementgr
oupconcepti
smai
nl
yusedi
n10Gnet
wor
k(
f
or
connect
i
ngDB,10gi
gabi
t
spersecond(
or10bi
l
l
i
onbi
t
s)checkt
he
i
nst
ance,i
t
sav
ai
l
abl
ewi
t
hi
nanAZ becausei
t
’
snotpossi
bl
et
o
connectf
r
om oneAZt
oanot
herAZusi
ngt
hi
sconnect
i
on)
.
AUTOSCALI
NG
Aut
oScal
i
nghel
psy
ouensur
et
haty
ouhav
et
hecor
r
ectnumberof
Amazon EC2 i
nst
ances av
ai
l
abl
et
o handl
et
he l
oad f
ory
our
appl
i
cat
i
on.
Col
l
ect
i
onofec2i
nst
ancei
scal
l
edaut
oscal
i
nggr
oups.
Wecanspeci
f
yt
hemi
ni
mum andmaxi
mum numberofi
nst
ancesi
n
eachAut
oScal
i
nggr
oup,andAut
oScal
i
ngensur
est
haty
ourgr
oup
nev
ergoesbel
oworabov
et
hi
ssi
ze.
Wheny
oucr
eat
eanAut
oScal
i
nggr
oup,y
oumustspeci
f
yal
aunch
conf
i
gur
at
i
on.
Max20aut
oscal
i
nggr
oupsperr
egi
on.
Pr
act
i
cal
1.Cr
eat
i
ngaLaunchConf
i
gur
at
i
onGr
oup
Al
aunchconf
i
gur
at
i
oni
sat
empl
at
et
hatanAut
oScal
i
nggr
oup
uses t
ol
aunch EC2 i
nst
ances.When we cr
eat
eal
aunch
conf
i
gur
at
i
on,
wespeci
f
yi
nf
or
mat
i
onf
ort
hei
nst
ancessuchast
he
I
Doft
heAmazonMachi
neI
mage(
AMI
)
,t
hei
nst
ancet
y
pe,akey
pai
r
,oneormor
esecur
i
t
ygr
oups,andabl
ockdev
i
cemappi
ng.I
f
wel
aunchedanEC2i
nst
ancebef
or
e,wecanspeci
f
yt
hesame
i
nf
or
mat
i
oni
nor
dert
ol
auncht
hei
nst
ance.
Cr
eat
el
aunchconf
i
gur
at
i
on>sel
ectt
hei
nst
ance>assi
gna
nameandr
ol
ei
fany>addst
or
age>conf
i
gur
eSGsot
hati
tcan
accessht
t
pandssh>assi
gnakeypai
r>l
aunch
2.Cr
eat
i
nganAut
oScal
i
ngGr
oup
Cr
eat
eanaut
oscal
i
nggr
oupwi
t
hexi
st
i
ngl
aunchconf
i
gur
at
i
on
>assi
gnagr
oupname>gr
oupsi
zewi
t
h1i
nst
ance>sel
ectt
he
def
aul
tnet
wor
k> add subnetav
ai
l
abl
ei
nr
egi
on (subnet
r
epr
esentAZ,
i
fwesel
ectonl
y1subneti
nst
ancewi
l
lbecr
eat
edi
n
t
hatAZf
orf
aul
tt
ol
er
ancecr
eat
ei
nal
lav
ai
l
abl
eAZ)>usescal
i
ng
pol
i
ci
est
oadj
ustt
hecapaci
t
yoft
hi
sgr
oup>i
ncr
easegr
oup
si
ze>addanewal
ar
m (gi
v
ey
ourmai
li
dsot
hatwewi
l
lr
ecei
v
e
mai
li
fcpuut
i
l
i
zat
i
onr
eachesabov
et
hel
i
mi
t)>l
s:60%>per
i
od
:1mi
n>t
aket
heact
i
onadd1i
nst
ance>decr
easegr
oupsi
ze>
addanewal
ar
m (gi
v
ey
ourmai
li
dsot
hatwewi
l
lr
ecei
v
emai
li
f
cpuut
i
l
i
zat
i
onr
eachesabov
et
hel
i
mi
t)>l
s:30%>per
i
od:1mi
n
>t
aket
heact
i
onr
emov
e1i
nst
ance>conf
i
gur
enot
i
f
i
cat
i
on>
addt
ags>cr
eat
eaut
oscal
i
nggr
oup.
(
not
e:f
orv
er
i
f
i
cat
i
onl
ogi
nt
oi
nst
anceanduse#y
es>/
dev
/
nul
l&
or#dd/
dev
/
nul
l
>/
dev
/
nul
l
)
.
Cl
oudWat
ch
AmazonCl
oudWat
chmoni
t
or
sy
ourAWSr
esour
cesandt
he
appl
i
cat
i
onsy
our
unonAWSi
nr
eal
t
i
me.
WecanuseCl
oudWat
cht
ocol
l
ectandt
r
ackmet
r
i
cs,
whi
char
e
v
ar
i
abl
esy
oucanmeasur
ef
ory
ourr
esour
cesandappl
i
cat
i
ons.
Cl
oudWat
chal
ar
mssendnot
i
f
i
cat
i
onsoraut
omat
i
cal
l
ymake
changest
ot
her
esour
cesy
ouar
emoni
t
or
i
ngbasedonr
ul
est
haty
ou
def
i
ne.
2t
y
pes
1.Basi
cCl
oudwat
ch–Moni
t
or
si
nev
er
y5mi
n
2.Det
ai
l
edCl
oudwat
ch-Moni
t
or
si
nev
er
y1mi
n
Basi
cmoni
t
ormat
r
i
cesar
ef
r
eef
orEC2,
EBS,
ELB,
RDS.
Bydef
aul
t
,
basi
cCl
oudWat
chi
senabl
ed.
Pr
act
i
cal
1.Det
ai
l
edCl
oudWat
ch
Wecanenabl
edet
ai
l
edCl
oudWat
chei
t
herwhi
l
ecr
eat
i
ng
ani
nst
anceorcl
i
cki
ngonact
i
on>Cl
oudWat
ch>enabl
e
det
ai
l
edmoni
t
or
i
ng
2.Cr
eat
eanal
ar
m
Cl
oudwat
ch>cr
eat
eanal
ar
m>ec2met
r
i
cs>per
i
nst
ancemet
r
i
cs>sel
ectanal
ar
m(
cpuut
i
l
i
zat
i
on)>
name(
hi
ghl
oadav
g)>descr
i
pt
i
on(
hi
ghl
oadav
g)>
whenev
er(
cpuut
i
l
i
zat
i
oni
smor
et
han80%)>act
i
ons>
whenev
ert
hi
sal
ar
m(
st
at
ei
sALARM)>sendnot
i
f
i
cat
i
on
t
o(
l
oadav
g)>+EC2opt
i
on(
opt
i
onal
opt
i
on)>t
aket
hi
s
act
i
on(
st
opt
hi
si
nst
ance)>per
i
od(
i
fwewantt
o
change)
.
or
sel
ectt
hei
nst
ance>act
i
on>cl
oudwat
ch>edi
t
/
add
al
ar
m>cr
eat
eaal
ar
m>shutdownt
hei
nst
ancewhen
r
eachi
ngcpuut
i
l
i
zat
i
on60%>sav
e.
CREATEABI
LLI
NGCYCLE
Wecanmoni
t
orourAWS cost
sbyusi
ngCl
oudWat
ch.Wi
t
h
Cl
oudWat
ch,y
oucancr
eat
ebi
l
l
i
ngal
er
t
st
hatnot
i
f
yuswhen
ourusageofser
v
i
cesexceedst
hr
eshol
dst
hatwedef
i
ne.
Wecanspeci
f
yt
heset
hr
eshol
damount
swhenwecr
eat
et
he
bi
l
l
i
ngal
er
t
s.
Whenourusageexceedst
heseamount
s,AWSsendsusan
emai
l
not
i
f
i
cat
i
on.
Wecanal
sosi
gnupt
or
ecei
v
enot
i
f
i
cat
i
onswhenAWSpr
i
ces
change.
PRACTI
CAL
Got
o my bi
l
l
i
ng dashboar
d> al
er
t
s $ not
i
f
i
cat
i
on >
r
ecei
v
ebi
l
l
i
ngal
er
t>managebi
l
l
i
ngal
er
t(
i
twi
l
lt
akey
out
o
cl
oudwat
chi
nN.
Vi
r
gi
ni
a) >cl
i
ckonbi
l
l
i
ng>cr
eat
eal
ar
m>
exceed(
$10)>sendanot
i
f
i
cat
i
ont
o>newl
i
st>gi
v
eamai
l
i
d
>cr
eat
eanal
ar
m>checkmai
l
f
orconf
i
r
mat
i
on.
S3
AmazonSi
mpl
eSt
or
ageSer
v
i
ce(
AmazonS3)i
sobj
ectst
or
agewi
t
ha
si
mpl
ewebser
v
i
cei
nt
er
f
acet
ost
or
eandr
et
r
i
ev
eanyamountofdat
a
f
r
om any
wher
eont
heweb.
S3i
sobj
ectbasedi
.
e.al
l
owsy
out
oupl
oadf
i
l
es.
Fi
l
esar
est
or
edi
nbucket
.
Abucketi
sal
ogi
caluni
tofst
or
ageusedt
ost
or
edat
ai
nS3.Bucket
s
hav
eauni
quenamespacef
oreachr
egi
on.
S3i
sr
egi
onspeci
f
i
ci
.
e.dat
ai
sst
or
edi
nbot
ht
heAZoft
her
egi
on.
I
ti
sdesi
gnedt
odel
i
v
er99.
999999999%dur
abi
l
i
t
y
.
Amazon S3 suppor
t
s dat
at
r
ansf
er ov
er SSL and aut
omat
i
c
encr
y
pt
i
onofy
ourdat
aoncei
ti
supl
oaded.
Fi
l
escanbef
r
om 1by
t
et
o5t
b.
Bydef
aul
t
,y
oucancr
eat
eupt
o100bucket
si
neachofy
ourAWS
account
s.
Abuckethasnosi
zel
i
mi
t
.I
tcanst
or
enumber
sofobj
ect
sofany
si
ze
Fr
eeUsage
1.Fr
ee5GBusagest
or
age
2.20,
000get
s
3.2000put
s
4.15GBdat
at
r
ansf
er
(
Al
l
ar
emont
hl
ybasi
s)
St
or
aget
y
pe
1.St
andar
ds3st
or
age
2.St
andar
ds3-I
nf
r
equentAccess
3.Reducedr
edundancy
4.Amazongl
aci
er
St
andar
d s3 st
or
age: Thi
s st
or
age cl
ass i
s i
deal f
or
per
f
or
mancesensi
t
i
v
eusecasesandf
r
equent
l
yaccesseddat
a.
I
ti
st
hedef
aul
tst
or
agecl
ass;i
fy
oudon'
tspeci
f
yst
or
agecl
ass
att
het
i
met
haty
ouupl
oadanobj
ect
,AmazonS3assumest
he
st
andar
dst
or
agecl
ass.
St
andar
ds3-I
nf
r
equentAccess(St
andar
d-I
A):Thi
sst
or
age
cl
ass(
I
A,f
ori
nf
r
equentaccess)i
sopt
i
mi
zedf
orl
ongl
i
v
edand
l
essf
r
equent
l
yaccesseddat
a,f
orexampl
ebackupsandol
der
dat
awher
eofaccesshasdi
mi
ni
shed,butt
heusecasest
i
l
l
demandshi
ghper
f
or
mance.
Reducedr
edundancy
:TheReducedRedundancySt
or
age(
RRS)
st
or
age cl
ass i
s desi
gned f
ornoncr
i
t
i
cal
,r
epr
oduci
bl
e dat
a
st
or
ed atl
owerl
ev
el
s ofr
edundancyt
han t
he STANDARD
st
or
agecl
ass,
whi
chr
educesst
or
agecost
s.Thedur
abi
l
i
t
yl
ev
el
cor
r
espondst
oanav
er
ageannualexpect
edl
ossof0.
01% of
obj
ect
s.Forexampl
e,i
fy
oust
or
e10,
000obj
ect
sy
oumayl
oss
100f
i
l
es.
Amazon gl
aci
er
:TheGLACI
ERst
or
age cl
ass i
s sui
t
abl
ef
or
ar
chi
v
i
ng dat
a wher
e dat
a access i
si
nf
r
equent
.Ar
chi
v
ed
obj
ect
sar
enotav
ai
l
abl
ef
orr
eal
t
i
meaccess.Youmustf
i
r
st
r
est
or
e t
he obj
ect
s bef
or
e y
ou can access
t
hem.TheGLACI
ERst
or
age cl
ass uses t
he v
er
yl
owcost
AmazonGl
aci
erst
or
ageser
v
i
ce.
(
not
e:i
ni
t
i
al
l
yy
oumi
ghtupl
oadobj
ect
susi
ngt
heSTANDARD
st
or
agecl
ass,
andt
henuseabucketl
i
f
ecy
cl
econf
i
gur
at
i
onr
ul
e
t
ot
r
ansi
t
i
onobj
ect
sSTANDARD_
I
AorGLACI
ERst
or
age)
(
not
e:consi
st
encymodels3usesr
eadaf
t
er
wr
i
t
econsi
st
ency
f
orPUTSofnewobj
ect
sandev
ent
ualconsi
st
encyf
orov
er
wr
i
t
ePUTSand
DELETES)
Cr
eat
i
ngabucket
1.Cr
eat
i
ngabucket
Cr
eat
ebucket>sel
ectauni
quename>sel
ectt
her
egi
ony
ou
wantt
ocr
eat
ebucket
2.Cr
eat
eaf
ol
der
Sel
ectt
hebucket>cr
eat
eaf
ol
der
3.Addi
nganobj
ect
Sel
ectt
hebucket>upl
oadt
hef
i
l
e
4.Makepubl
i
c
Sel
ectt
hef
i
l
e>pr
oper
t
i
es>makepubl
i
c
Per
mi
ssi
on
Bucketper
mi
ssi
ons speci
f
y who i
s al
l
owed access t
ot
he
obj
ect
si
nabucketandwhatper
mi
ssi
onsy
ouhav
egr
ant
ed
t
hem.
Youcangr
antt
heper
mi
ssi
onf
or
:
1.Ev
er
y
one—Uset
hi
sgr
oupt
ogr
antanony
mousaccess
2.Aut
hent
i
cat
edUser
s—Thi
sgr
oupconsi
st
sofanyusert
hat
has an Amazon AWS Account
.When y
ou gr
ant t
he
Aut
hent
i
cat
ed Usergr
oup per
mi
ssi
on,any v
al
i
d si
gned
r
equestcanper
f
or
mt
heappr
opr
i
at
eact
i
on.Ther
equestcan
besi
gnedbyei
t
heranAWSAccountorI
AM User
.
3.LogDel
i
v
er
y
—Thi
sgr
oupgr
ant
swr
i
t
eaccesst
oy
ourbucket
whent
hebucketi
susedt
ost
or
eser
v
eraccessl
ogs.
4.Me
—Thi
sgr
oupr
ef
er
st
oy
ourAWSr
ootaccount
,
andnotan
I
AM user
.
S3VERSI
ONI
NG
Ver
si
oni
ngi
sameansofkeepi
ngmul
t
i
pl
ev
ar
i
ant
sofanobj
ect
i
nt
hesamebucket
.Youcanusev
er
si
oni
ngt
opr
eser
v
e,
r
et
r
i
ev
e,
andr
est
or
eev
er
yv
er
si
onofev
er
yobj
ectst
or
edi
ny
ourAmazon
S3bucket
.Wi
t
hv
er
si
oni
ng,y
oucaneasi
l
yr
ecov
erf
r
om bot
h
uni
nt
endeduseract
i
onsandappl
i
cat
i
onf
ai
l
ur
es.
Onceweenabl
ev
er
si
oni
nabucket
,i
tcannev
err
et
ur
nt
oan
unv
er
si
onedst
at
e.Youcan,howev
er
,suspendv
er
si
oni
ngon
t
hatbucket
.
Pr
act
i
cal
(
not
e:Bef
or
eenabl
i
ngv
er
si
ont
ocr
eat
eaf
i
l
ef
1wi
t
hany
cont
ent(
hi
)>upl
oadi
t>t
henr
emov
et
hecont
entandadd
anot
hercont
ent(
hel
l
o)> u can see t
he ol
d cont
enti
s
r
epl
acedwi
t
ht
henewcont
ent
)
1.Enabl
ev
er
si
oni
ng
Sel
ectt
hebucket>enabl
ev
er
si
oni
ng
(
not
e:dot
hesamepr
ocessasabov
ei
nv
er
si
ont
abgof
or
showy
oucanseeal
l
t
hev
er
si
onoff
i
l
e)
(
not
e:i
tal
lal
sopossi
bl
et
or
ecov
ert
hedel
et
edf
i
l
egot
o
v
er
si
ont
ab>show>del
et
et
hef
i
l
ehav
i
ngt
hename“
del
et
e
mar
ker
”
)
2.Suspendi
ngv
er
si
oni
ng
Sel
ectt
hebucket>suspendv
er
si
oni
ng
Li
f
ecy
cl
eManagement
Youcanmanaget
hel
i
f
ecy
cl
eofobj
ect
sbyusi
ngLi
f
ecy
cl
er
ul
es.
Li
f
ecy
cl
er
ul
esenabl
ey
out
oaut
omat
i
cal
l
yt
r
ansi
t
i
onobj
ect
st
o
t
heSt
andar
d-I
nf
r
equentAccessSt
or
ageCl
ass,and/
orar
chi
v
e
obj
ect
st
ot
heGl
aci
erSt
or
ageCl
ass,and/
orr
emov
eobj
ect
s
af
t
eraspeci
f
i
edt
i
meper
i
od.
Pr
act
i
cal
1.Addi
ngaLi
f
ecy
cl
er
ul
e
Cr
eat
eabucket>enabl
ev
er
si
on>got
ol
i
f
ecy
cl
e>add
r
ul
e>addr
ul
eei
t
hert
obucketort
ot
hedi
r
ect
or
yi
nabucket
>act
i
onsoncur
r
entv
er
si
on>sel
ectt
heopt
i
ony
ouwantt
o
enabl
e>act
i
onsonpr
ev
i
ousv
er
si
on(
f
orv
er
si
oni
ng,
whatt
o
dof
orf
i
l
eal
r
eadyexi
st
i
ng)>r
ev
i
ew>cr
eat
eandsav
et
he
r
ul
e.
(
not
e:y
ou can di
r
ect
l
yupl
oad f
i
l
es t
o st
andar
d st
or
age,
st
andar
dst
or
ageI
A,r
educedr
edundancy
,whi
l
esel
ect
i
ng
t
hef
i
l
ef
orupl
oadi
ngsel
ectsetdet
ai
l
s>sel
ectst
or
age
t
y
pe)
.
Rest
or
i
ngf
r
om gl
aci
er
Obj
ect
s ar
chi
v
ed t
o Amazon Gl
aci
er ar
e not
accessi
bl
ei
nr
eal
t
i
me.
Wemustf
i
r
sti
ni
t
i
at
ear
est
or
er
equestandt
hen
wai
tunt
i
lat
empor
ar
ycopyoft
heobj
ecti
sav
ai
l
abl
e
f
ort
hedur
at
i
on(
numberofday
s)t
haty
ouspeci
f
yi
n
t
her
equest
.
AmazonS3pr
ocessesonl
yoner
est
or
er
equestata
t
i
meperobj
ect
.
Tempor
ar
yobj
ecti
scopi
edt
oRRSst
or
age,sowe
hav
et
opayf
orgl
aci
eraswel
l
asRRS.
Pr
act
i
cal
Sel
ectt
heobj
ect>i
ni
t
i
at
er
est
or
e>Speci
f
yt
he
numberofday
st
haty
ourar
chi
v
ed dat
a wi
l
lbe
accessi
bl
e(
5,so dat
a wi
l
lbe abl
et
o access
t
empor
ar
i
l
y
)>sel
ectr
et
r
i
ev
al
opt
i
on>r
est
or
e
St
at
i
cwebsi
t
ehost
i
ng
Youcanhostast
at
i
cwebsi
t
eonAmazonS3.Onast
at
i
c
websi
t
e,
i
ndi
v
i
dual
webpagesi
ncl
udest
at
i
ccont
ent
.
To hosty
ourst
at
i
c websi
t
e,y
ou conf
i
gur
e an Amazon S3
bucketf
orwebsi
t
e host
i
ng and t
hen upl
oad y
ourwebsi
t
e
cont
entt
ot
hebucket
.
Pr
act
i
cal
1.Cr
eat
i
ngst
at
i
cwebsi
t
e
Cr
eat
eabucket>addt
hef
i
l
es(
i
ndex
.
ht
ml
ander
r
orpage)
>makepubl
i
c>gi
v
eper
mi
ssi
onf
orbuckett
oev
er
y
one>
cl
i
ck on enabl
e websi
t
e host
i
ng >i
ndex document>
i
ndex.
ht
ml>er
r
ordocument(
usedt
oshow cust
om er
r
or
messages r
at
her t
han unr
eachabl
e er
r
or
)> er
r
or
.
ht
ml
(
i
ncor
r
ectwebsi
t
e)>cl
i
ckonendpoi
ntt
ov
i
ew
(
not
e:i
fweent
eri
ncor
r
ectur
li
twi
l
ldi
spl
ayt
hemessage
f
r
om er
r
orpage)
2.Redi
r
ectal
l
r
equestt
oanot
herhost
Redi
r
ect
sal
lr
equestt
o>ent
ert
hedomai
n(
her
ej
ustgi
v
e
gmai
l
.
com t
oshowhowr
edi
r
ect
i
onwor
ks)
Loggi
ng
I
nor
dert
ot
r
ackr
equest
sf
oraccesst
oy
ourbucket
,y
oucan
enabl
eaccessl
oggi
ng.
Eachaccessl
ogr
ecor
dpr
ov
i
desdet
ai
l
saboutbucketname,
r
equestt
i
me,
r
equestact
i
on,
r
esponsest
at
us,
ander
r
orcode,
i
f
any
.
Accessl
ogi
nf
or
mat
i
oncanbeusef
uli
nsecur
i
t
yandaccess
audi
t
s.
Loggi
ngi
sr
egi
onspeci
f
i
c.
Pr
act
i
cal
1.Enabl
el
oggi
ng
Sel
ectbucket>gi
v
eper
mi
ssi
ont
ol
ogdel
i
v
er
y>l
oggi
ng
>enabl
ed>t
ar
getbucket(
bucketnamewher
ey
ouwant
AmazonS3t
osav
et
heaccessl
ogsasobj
ect
s)>t
ar
get
pr
ef
i
x(
l
ogf
i
l
ename)
.
Cr
ossr
egi
onr
epl
i
cat
i
on
Cr
ossr
egi
onr
epl
i
cat
i
oni
sabucket
l
ev
elf
eat
ur
et
hatenabl
es
aut
omat
i
c,asy
nchr
onouscopy
i
ngofobj
ect
sacr
ossbucket
si
n
di
f
f
er
entAWSr
egi
ons.
Theobj
ectr
epl
i
casi
nt
hedest
i
nat
i
onbucketar
eexactr
epl
i
cas
oft
heobj
ect
si
nt
hesour
cebucket
.Theyhav
et
hesamekey
namesandt
hesamemet
adat
a.
Exi
st
i
ng obj
ect
s ofsour
ce bucketwi
l
lnotbe copi
ed t
o
dest
i
nat
i
onbucket
.
The sour
ce and dest
i
nat
i
on bucket
s mustbe v
er
si
oni
ngenabl
ed.
Thesour
ceanddest
i
nat
i
onbucket
smustbei
ndi
f
f
er
entAWS
r
egi
ons.
Youcanr
epl
i
cat
eobj
ect
sf
r
om asour
cebuckett
oonl
yone
dest
i
nat
i
onbucket
.
Pr
act
i
cal
1.Cr
eat
ecr
ossr
egi
onr
epl
i
cat
i
on
Sel
ectt
hebucket>enabl
ev
er
si
oni
ng>enabl
ecr
oss
r
egi
on r
epl
i
cat
i
on > sour
ce bucket> dest
i
nat
i
on r
egi
on
(
Or
egon) > dest
i
nat
i
on bucket (
gi
v
e any name) >
Dest
i
nat
i
onst
or
agecl
ass(
any
)>cr
eat
eani
am r
ol
e>sav
e
Ver
i
f
ybyupl
oadi
ngaf
i
l
ei
nsour
cebucket
.
(
not
e:
v
er
i
f
yl
ogsaf
t
ercr
ossr
egi
onr
epl
i
cat
i
on)
S3Mul
t
i
par
tUpl
oad
S3mul
t
i
par
tal
l
owsy
out
oupl
oadasi
ngl
eobj
ecti
nmul
t
i
pl
epar
t
.
Theobj
ecti
sassembl
edaf
t
eral
l
upl
oads.
Par
t
scanbeupl
oadedi
npar
al
l
el
f
orhi
ght
hr
oughput
.
Upl
oadscanbepausedandr
esumed.
Obj
ect
scanbeupl
oadedandwhi
l
ewear
ecr
eat
i
ngi
t
.
S3Dat
aEncr
y
pt
i
on
S3dat
aencr
y
pt
i
onpr
ov
i
desaddedsecur
i
t
yf
ory
ourdat
a.
Ser
v
er
si
deencr
y
pt
i
onencr
y
pt
sy
ourdat
abef
or
est
or
i
ngi
ti
ni
t
s
dat
acent
eranddecr
y
pt
si
twheny
ouaccessi
t
.
S3uses256bi
tAdv
ancedEncr
y
pt
i
onSt
andar
d(
AES)t
oencr
y
pt
y
ourdat
a.
Ev
ent
s
The Amazon S3 not
i
f
i
cat
i
on f
eat
ur
e enabl
es y
ou t
or
ecei
v
e
not
i
f
i
cat
i
onswhencer
t
ai
nev
ent
shappeni
ny
ourbucket
.
Ev
ent
sar
e
1.Anewobj
ectcr
eat
edev
ent
2.Anobj
ectr
emov
al
ev
ent
3.AReducedRedundancySt
or
age(
RRS)obj
ectl
ostev
ent
Tags
Tagsar
eusedt
oi
dent
i
f
yandcat
egor
i
esy
ourawsr
esour
ces.
Wecanuset
agst
oor
gani
zey
ourAWSbi
l
lt
or
ef
l
ecty
ourown
costst
r
uct
ur
e.
Tagsconsi
st
sofkeyandv
al
ue.
(
not
e:
mai
nl
yusedt
oi
dent
i
f
yf
r
om whi
chbucketbi
l
l
i
shi
gh)
Request
erPay
sbucket
I
ngener
al
,
bucketowner
spayf
oral
lAmazonS3st
or
ageanddat
a
t
r
ansf
ercost
sassoci
at
edwi
t
ht
hei
rbucket
.
Wi
t
hRequest
erPay
sbucket
s,
t
her
equest
eri
nst
eadoft
hebucket
ownerpay
st
hecostoft
her
equestandt
hedat
adownl
oadf
r
om
t
hebucket
.Thebucketowneral
way
spay
st
hecostofst
or
i
ng
dat
a.
Wecanconf
i
gur
ebucket
st
obeRequest
erPay
swheny
ouwantt
o
shar
e dat
a but not i
ncur char
ges associ
at
ed wi
t
h ot
her
s
accessi
ngt
hedat
a.
AmazonS3Tr
ansf
erAccel
er
at
i
on
Amazon S3 Tr
ansf
erAccel
er
at
i
on enabl
es f
ast
,easy
,and
secur
et
r
ansf
er
soff
i
l
esov
erl
ong di
st
ancesbet
ween y
our
cl
i
entandanS3bucket
Tr
ansf
erAccel
er
at
i
ont
akesadv
ant
ageofAmazonCl
oudFr
ont
’
s
gl
obal
l
ydi
st
r
i
but
ededgel
ocat
i
ons.Ast
hedat
aar
r
i
v
esatan
edgel
ocat
i
on,dat
ai
sr
out
edt
oAmazonS3ov
eranopt
i
mi
zed
net
wor
kpat
h.
When usi
ng Tr
ansf
erAccel
er
at
i
on,addi
t
i
onaldat
at
r
ansf
er
char
gesmayappl
y
.
Use
cust
omer
st
hatupl
oadt
oacent
r
al
i
zedbucketf
r
om al
lov
ert
he
wor
l
d.
t
r
ansf
ergi
gaby
t
es t
ot
er
aby
t
es ofdat
a on a r
egul
arbasi
s
acr
osscont
i
nent
s.
under
ut
i
l
i
ze t
he av
ai
l
abl
e bandwi
dt
h ov
ert
he I
nt
er
netwhen
upl
oadi
ngt
oAmazonS3
St
or
ageManagement
AmazonS3St
or
ageManagementcapabi
l
i
t
i
eshel
psy
oubet
t
er
anal
y
zeandmanagey
ourst
or
ageby
1. S
3Obj
ectTaggi
ng
2. S
3Anal
y
t
i
cs,
St
or
ageCl
assAnal
y
si
s
3. S
3I
nv
ent
or
y
4. S
3Cl
oudWat
chMet
r
i
cs
S3Obj
ectTaggi
ng–Wi
t
hS3Obj
ectTaggi
ngy
oucanmanage
andcont
r
ol
accessf
orAmazonS3obj
ect
s.S3Obj
ectTagsar
e
key
v
al
uepai
r
sappl
i
edt
oS3obj
ect
swhi
chcanbecr
eat
ed,
updat
edordel
et
edatanyt
i
medur
i
ngt
hel
i
f
et
i
meoft
heobj
ect
.
Wi
t
ht
hese,
y
ou’
l
l
hav
et
heabi
l
i
t
yt
ocr
eat
eI
dent
i
t
yandAccess
Management(
I
AM)pol
i
ci
es,
set
upS3Li
f
ecy
cl
epol
i
ci
es,
and
cust
omi
zest
or
agemet
r
i
cs.Theseobj
ect
l
ev
el
t
agscant
hen
managet
r
ansi
t
i
onsbet
weenst
or
agecl
assesandexpi
r
eobj
ect
s
i
nt
hebackgr
ound.
S3 Anal
y
t
i
cs,St
or
age Cl
ass Anal
y
si
s– Wi
t
h st
or
age cl
ass
anal
y
si
s,y
ou can anal
y
ze st
or
age access pat
t
er
ns and
t
r
ansi
t
i
ont
her
i
ghtdat
at
ot
her
i
ghtst
or
agecl
ass.Thi
snewS3
Anal
y
t
i
csf
eat
ur
eaut
omat
i
cal
l
yi
dent
i
f
i
est
heopt
i
mall
i
f
ecy
cl
e
pol
i
cyt
ot
r
ansi
t
i
onl
essf
r
equent
l
yaccessedst
or
aget
oSI
A.You
canconf
i
gur
east
or
agecl
assanal
y
si
spol
i
cyt
omoni
t
oran
ent
i
r
ebucket
,
apr
ef
i
x,
orobj
ectt
ag.Onceani
nf
r
equentaccess
pat
t
er
ni
sobser
v
ed,y
oucaneasi
l
ycr
eat
eanew l
i
f
ecy
cl
eage
pol
i
cy based on t
he r
esul
t
s.St
or
age cl
ass anal
y
si
s al
so
pr
ov
i
desdai
l
yv
i
sual
i
zat
i
onsofy
ourst
or
ageusagei
nt
heAWS
ManagementConsol
e.Youcanexpor
tt
heset
oanS3buckett
o
anal
y
zeusi
ngt
hebusi
nessi
nt
el
l
i
gencet
ool
sofy
ourchoi
ce,
suchasAmazonQui
ckSi
ght
.
S3 I
nv
ent
or
y– You can si
mpl
i
f
y and speed up busi
ness
wor
kf
l
owsandbi
gdat
aj
obsusi
ngS3I
nv
ent
or
y
,
whi
chpr
ov
i
des
aschedul
edal
t
er
nat
i
v
et
oAmazonS3’
ssy
nchr
onousLi
stAPI
.
S3I
nv
ent
or
ypr
ov
i
desaCSV(
CommaSepar
at
edVal
ues)f
l
at
f
i
l
eout
putofy
ourobj
ect
sandt
hei
rcor
r
espondi
ngmet
adat
aon
adai
l
yorweekl
ybasi
sf
oranS3bucketorashar
edpr
ef
i
x.
S3Cl
oudWat
chMet
r
i
cs–Under
st
andandi
mpr
ov
et
he
per
f
or
manceofy
ourappl
i
cat
i
onst
hatuseAmazonS3by
moni
t
or
i
ngandal
ar
mi
ngon13newS3Cl
oudWat
chMet
r
i
cs.
Youcanr
ecei
v
e1mi
nut
eCl
oudWat
chMet
r
i
cs,
setCl
oudWat
ch
al
ar
ms,
andaccessCl
oudWat
chdashboar
dst
ov
i
ewr
eal
t
i
me
oper
at
i
onsandper
f
or
mancesuchasby
t
esdownl
oadedandt
he
4xxHTTPr
esponsecountofy
ourAmazonS3st
or
age.Forweb
andmobi
l
eappl
i
cat
i
onst
hatdependoncl
oudst
or
age,
t
hesel
et
y
ouqui
ckl
yi
dent
i
f
yandactonoper
at
i
onal
i
ssues.Bydef
aul
t
,
1mi
nut
emet
r
i
csar
eav
ai
l
abl
eatt
heS3bucketl
ev
el
.Youal
so
hav
et
hef
l
exi
bi
l
i
t
yt
odef
i
neaf
i
l
t
erf
ort
hemet
r
i
cscol
l
ect
ed
usi
ngashar
edpr
ef
i
xorobj
ectt
ag,
al
l
owi
ngy
out
oal
i
gnmet
r
i
cs
t
ospeci
f
i
cbusi
nessappl
i
cat
i
ons,
wor
kf
l
ows,
ori
nt
er
nal
or
gani
zat
i
ons.
(
Not
e:
AmazonS3br
owseri
sawi
ndowscl
i
entt
ool
t
omanage
S3.
)
PRACTI
CAL
(
cr
eat
eabucket>per
mi
ssi
onev
er
y
one>upl
oad
asmal
l
v
i
deo>publ
i
c)
1.Pl
ay
i
ngt
hev
i
deof
r
om s3usi
ngWor
dPr
ess
LaunchanWor
dPr
essi
nst
ance>f
r
om sy
sl
ogof
i
nst
ancel
ogi
nt
oWor
dPr
esswebsi
t
ewi
t
ht
hehel
p
ofpubl
i
ci
p(
user
name:
user
,
passwor
d:
(
getf
r
om
sy
sl
og)>cl
i
ckonpost>addnewpost>past
et
he
v
i
deol
i
nkf
r
om s3
2.Pl
ay
i
ngt
hev
i
deof
r
om s3usi
ngFi
l
e
Cr
eat
eaf
i
l
eaddt
hef
ol
l
owi
ngcont
ent
<h1>Fr
om S3</
h1>
<v
i
deowi
dt
h="
320"hei
ght
="
240"cont
r
ol
s>
<sour
ce
sr
c="
ht
t
ps:
/
/
s3.
apsout
h1.
amazonaws.
com/
awscdncheck/
v
i
deopl
ay
back.
mp4"
t
y
pe="
v
i
deo/
mp4"
>
</
v
i
deo>
CDN
Acont
entdel
i
v
er
ynet
wor
korcont
entdi
st
r
i
but
i
onnet
wor
k(
CDN)
i
sasy
st
em ofdi
st
r
i
but
edser
v
er
st
hatdel
i
v
erwebpagesand
ot
herwebcont
ent
st
ouserbasedongeogr
aphi
cl
ocat
i
onsof
t
heuser
,
t
heor
i
gi
noft
hewebpageandcont
entdel
i
v
er
yser
v
er
ThegoalofaCDNi
st
oser
v
econt
entt
oenduser
swi
t
hhi
gh
av
ai
l
abi
l
i
t
yandhi
ghper
f
or
mance.
AmazonCl
oudFr
ont
Cl
oudf
r
onti
samazoncdn.
AmazonCl
oudFr
onti
sagl
obalcont
entdel
i
v
er
ynet
wor
k(
CDN)
ser
v
i
cet
hataccel
er
at
esdel
i
v
er
yofy
ourwebsi
t
es,API
s,v
i
deo
cont
entorot
herwebasset
st
hr
oughCDNcachi
ng.
I
ti
nt
egr
at
eswi
t
hot
herAmazonWebSer
v
i
cespr
oduct
ssuchas
S3,ec2,ELB,Rout
e53t
ogi
v
edev
el
oper
sandbusi
nessesan
easywayt
oaccel
er
at
econt
entt
oenduser
swi
t
hnomi
ni
mum
usagecommi
t
ment
s.
Cl
oudFr
ontdel
i
v
er
sy
ourcont
entt
hr
oughawor
l
dwi
denet
wor
k
ofdat
acent
er
scal
l
ededgel
ocat
i
ons.
When a user r
equest
s cont
ent t
hat y
ou'
r
e ser
v
i
ng wi
t
h
Cl
oudFr
ont
,
t
heuseri
sr
out
edt
ot
heedgel
ocat
i
ont
hatpr
ov
i
des
t
hel
owestl
at
ency
,sot
hatcont
enti
sdel
i
v
er
edwi
t
ht
hebest
possi
bl
eper
f
or
mance.I
ft
hecont
enti
sal
r
eadyi
nt
heedge
l
ocat
i
on wi
t
h t
he l
owest l
at
ency
,Cl
oudFr
ont del
i
v
er
s i
t
i
mmedi
at
el
y
.I
ft
he cont
enti
s noti
nt
hatedge l
ocat
i
on,
Cl
oudFr
ontr
et
r
i
ev
esi
tf
r
om anAmazonS3bucketoranHTTP
ser
v
er
.
Cl
oudFr
ontdi
st
r
i
but
i
ons
1.Webdi
st
r
i
but
i
on– Usest
hepr
ot
ocolHTTP orHTTPSt
o
di
st
r
i
but
emedi
acont
ent
2.RTMP di
st
r
i
but
i
on – An RTMP (
Real
Ti
me Messagi
ng
Pr
ot
ocol
)d
i
st
r
i
but
i
onal
l
owsanendusert
obegi
npl
ay
i
nga
medi
af
i
l
ebef
or
et
hef
i
l
ehasf
i
ni
sheddownl
oadi
ngf
r
om a
Cl
oudFr
ontedgel
ocat
i
on.
Ter
ms
1.Or
i
gi
nDomai
nName- TheDNSdomai
nnameoft
he
AmazonS3bucketorHTTPser
v
erf
r
om whi
chy
ouwant
Cl
oudFr
ontt
ogetobj
ect
sf
ort
hi
sor
i
gi
n
2.Or
i
gi
n Pat
h -I
fy
ou wantCl
oudFr
ontt
or
equesty
our
cont
entf
r
om adi
r
ect
or
yi
ny
ourAmazonS3bucketor
y
ourcust
om or
i
gi
n,ent
ert
hedi
r
ect
or
ypat
h,begi
nni
ng
wi
t
ha/
.Cl
oudFr
ontappendst
hedi
r
ect
or
ypat
ht
ot
he
v
al
ueofOr
i
gi
nDomai
nName.
3.Or
i
gi
nI
D-Ast
r
i
ngt
hatuni
quel
ydi
st
i
ngui
shest
hi
sor
i
gi
n
f
r
om ot
heror
i
gi
nsi
nt
hi
sdi
st
r
i
but
i
on.
4.Rest
r
i
ctBucketAccess(
AmazonS3Onl
y
)ChooseYesi
f
y
ouwantt
or
equi
r
euser
st
oaccessobj
ect
si
nanAmazon
S3bucketbyusi
ngonl
yCl
oudFr
ontURLs,
notbyusi
ng
AmazonS3URLs.Thenspeci
f
yt
heappl
i
cabl
ev
al
ues.
ChooseNoi
fy
ouwantuser
st
obeabl
et
oaccessobj
ect
s
usi
ngei
t
herCl
oudFr
ontURLsorAmazonS3URLs.
5.Vi
ewerpr
ot
ocolpol
i
cy-Chooset
hepr
ot
ocolpol
i
cyt
hat
y
ou wantv
i
ewer
st
o use t
o access y
ourcont
enti
n
Cl
oudFr
ontedgel
ocat
i
ons.
6.Al
l
owedht
t
pmet
hods-Speci
f
yt
heHTTPmet
hodst
hat
y
ou wantCl
oudFr
ontt
o pr
ocess and f
or
war
dt
oy
our
or
i
gi
n:
(
not
e: GET, HEAD, OPTI
ONS, PUT, POST, PATCH,
DELETE:
YoucanuseCl
oudFr
ontt
oget
,add,updat
e,and
del
et
eobj
ect
s,andt
ogetobj
ectheader
s.I
naddi
t
i
on,y
ou
canper
f
or
m ot
herPOSToper
at
i
onssuchassubmi
t
t
i
ng
dat
af
r
om awebf
or
m)
7.Cached HTTP met
hod -Speci
f
y whet
her y
ou want
Cl
oudFr
ontt
ocachet
her
esponsef
r
om y
ouror
i
gi
nwhen
av
i
ewersubmi
t
sanOPTI
ONSr
equest
.Cl
oudFr
ontal
way
s
cachest
her
esponset
oGETandHEADr
equest
s.
8.For
war
dheader-Speci
f
ywhet
hery
ouwantCl
oudFr
ontt
o
f
or
war
dr
equestheader
st
oy
ouror
i
gi
n ser
v
erand t
o
cacheobj
ect
sbasedonheaderv
al
ues.
9.Obj
ectcachi
ng–Speci
f
yhowl
ongt
heobj
ect
sst
ayi
nt
he
Cl
oudFr
ontcache.
10.
Mi
ni
mum TTL-Speci
f
yt
hemi
ni
mum amountof
t
i
me,i
n seconds,t
haty
ou wantobj
ect
st
o st
ay i
n
Cl
oudFr
ontcaches.Thedef
aul
tv
al
uef
orMi
ni
mum TTLi
s
0seconds.
11.
For
war
d Cooki
es -Speci
f
y whet
her y
ou want
Cl
oudFr
ontt
of
or
war
dcooki
est
oy
ouror
i
gi
nser
v
er
.
12.
Quer
ySt
r
i
ngFor
war
di
ngandCachi
ng-Cl
oudFr
ont
cancachedi
f
f
er
entv
er
si
onsofy
ourcont
entbasedont
he
v
al
uesofquer
yst
r
i
ngpar
amet
er
s.
13.
Smoot
h St
r
eami
ng -ChooseYesi
fy
ou wantt
o
di
st
r
i
but
emedi
af
i
l
esi
nt
heMi
cr
osof
tSmoot
hSt
r
eami
ng
f
or
matusi
ngt
heor
i
gi
nt
hati
sassoci
at
edwi
t
ht
hi
scache
behav
i
or
.Ot
her
wi
se,
chooseNo.
14.
Rest
r
i
ctVi
ewerAccess-I
fy
ouwantr
equest
sf
or
obj
ect
s t
hat mat
ch t
hePat
hPat
t
er
nf
or t
hi
s cache
behav
i
ort
ousepubl
i
cURLs,
chooseNoEl
seYes.
15.
SSLCer
t
i
f
i
cat
e– Speci
f
i
est
heopt
i
ont
o access
y
ourdomai
nbyusi
ngdef
aul
t
scl
oudf
r
ontordomai
nor
cust
om cl
oudf
r
ontdomai
n.
PRACTI
CAL
1.Cr
eat
i
ngCl
oudFr
ont
cl
oudf
r
ont > cr
eat
e di
st
r
i
but
i
on >
web>sel
ector
i
gi
ndomai
nname(
bucketdnsname)
>v
i
ewer pr
ot
ocolpol
i
cy (
HTTP & HTTPS) >
al
l
owedHTTPmet
hod(
GET,HEAD)>pr
i
cecl
ass
(
useal
l
edgel
ocat
i
on)>cr
eat
edi
st
r
i
but
i
on.
Copy t
he domai
n name f
r
om di
st
r
i
but
i
on and
r
epl
acei
ti
nt
hef
i
l
e>wai
tt
i
l
lt
hecdnget
sdepl
oy
ed
(
upt
o20mi
ns)
2.Cr
eat
i
ngaCl
oudFr
ontwi
t
hBI
TNAMI
Uset
heexi
st
i
ngWor
dPr
essi
nst
ancet
hatwehav
e
l
aunched>cr
eat
epostpast
et
hecdnur
l
.
(
not
e:Forcdnr
epl
acet
hecdndomai
nnamewi
t
hs3
andht
t
pswi
t
hht
t
p)
3.Cr
eat
i
ngaCl
oudFr
ontwi
t
hFi
l
e
Uset
heexi
st
i
ngf
i
l
eadd
<h1>Fr
om CDN</
h1>
<v
i
deowi
dt
h="
320"hei
ght
="
240"cont
r
ol
s>
<sour
ce
sr
c="
ht
t
p:
/
/
s3.
apsout
h1.
amazonaws.
com/
awscdncheck/
v
i
deopl
ay
back.
mp4"
t
y
pe="
v
i
deo/
mp4"
>
</
v
i
deo>
(
not
e:
t
ov
er
i
f
yv
i
deoi
spubl
i
c)
4.Cr
eat
epr
i
v
at
econt
ent
Mai
nl
y used t
o secur
el
y ser
v
et
hi
s pr
i
v
at
e
cont
entusi
ngCl
oudFr
ont
user
saccessy
ourpr
i
v
at
econt
entbyusi
ng
speci
alCl
oudFr
ontsi
gned URLs orsi
gned
cooki
es.
user
saccessy
ourAmazonS3cont
entusi
ng
Cl
oudFr
ontURLs,
notAmazonS3URLs.
Cl
oudf
r
ont> pr
i
v
at
e cont
ent>
or
i
gi
naccessi
dent
i
t
y(
oai
)>cr
eat
eoai(
Cl
oudFr
ont
OAIt
o obj
ect
sS3 bucket
)>sel
ectt
heexi
st
i
ng
di
st
r
i
but
i
on>got
oor
i
gi
n>edi
t>r
est
r
i
ctbucket
access (
y
es)> or
i
gi
n access i
dent
i
t
y(
use an
exi
st
i
ngone)>y
ouri
dent
i
t
i
es(
Cl
oudFr
ontOAIt
o
obj
ect
s S3 bucket
)> gr
antr
ead per
mi
ssi
on on
bucket (
y
es updat
e bucket pol
i
cy
)>v
er
i
f
yt
he
bucketpol
i
cyi
supdat
ebysel
ect
i
ngt
hebucketcl
i
ck
onedi
tbucketpol
i
cyt
her
ey
oucanseet
heupdat
ed
pol
i
cy>sel
ectt
heobj
ecti
nt
hebucket>r
emov
e
“
ev
er
y
one”per
mi
ssi
on t
or
est
r
i
ctpubl
i
c access
f
r
om s3>sav
e>checkt
hef
i
l
ewi
t
hs3l
i
nkwhi
ch
won’
tbeabl
et
oaccess.
Or
i
gi
naccessi
dent
i
t
y
An or
i
gi
n access i
dent
i
t
y i
s a speci
al
Cl
oudFr
ontusert
haty
ou can use t
o gi
v
e
Cl
oudFr
ontaccesst
oy
ourAmazonS3bucket
.
Thi
si
susef
ul
wheny
ouar
eusi
ngsi
gnedURLs
orsi
gnedcooki
est
or
est
r
i
ctaccesst
opr
i
v
at
e
cont
enti
nAmazonS3.
EFS
AmazonEl
ast
i
cFi
l
eSy
st
em (
AmazonEFS)pr
ov
i
dessi
mpl
e,
scal
abl
e
f
i
l
est
or
agef
orusewi
t
hAmazonEC2.
Wi
t
hEFS,
st
or
agecapaci
t
yi
sel
ast
i
c,
gr
owi
ngandshr
i
nki
ng
aut
omat
i
cal
l
yasy
ouaddandr
emov
ef
i
l
es,
soy
ourappl
i
cat
i
onshav
e
t
hest
or
aget
heyneed,
whent
heyneedi
t
.
Mul
t
i
pl
eAmazonEC2i
nst
ancescanaccessanEFSf
i
l
esy
st
em att
he
samet
i
me,
pr
ov
i
di
ngacommondat
asour
cef
orwor
kl
oadsand
appl
i
cat
i
onsr
unni
ngonmor
et
hanonei
nst
anceorser
v
er
.
Wi
t
hAmazonEFS,
y
oupayonl
yf
ort
hest
or
ageusedbyy
ourf
i
l
e
sy
st
em.
Youdon'
tneedt
opr
ov
i
si
onst
or
agei
nadv
anceandt
her
ei
sno
mi
ni
mum f
eeorset
upcost
.
AmazonEFSusest
hepr
ot
ocol
V4andV4.
1t
oshar
et
hef
i
l
esy
st
em.
AmazonEFSf
i
l
esy
st
emsst
or
edat
aandmet
adat
aacr
ossmul
t
i
pl
e
Av
ai
l
abi
l
i
t
yZonesi
nar
egi
onandcangr
owt
opet
aby
t
escal
e,
dr
i
v
e
hi
ghl
ev
el
soft
hr
oughput
,
andal
l
owmassi
v
el
ypar
al
l
el
accessf
r
om
AmazonEC2i
nst
ancest
oy
ourdat
a.
(
Not
e:
AmazonEFSi
saf
i
l
est
or
ageser
v
i
cef
orusewi
t
hAmazonEC2.
AmazonEFSpr
ov
i
desaf
i
l
esy
st
em i
nt
er
f
ace,
f
i
l
esy
st
em access
semant
i
cs(
suchasst
r
ongconsi
st
encyandf
i
l
el
ocki
ng)
,
and
concur
r
ent
l
y
accessi
bl
est
or
agef
orupt
ot
housandsofAmazonEC2
i
nst
anceswher
easAmazonS3i
sanobj
ectst
or
ageser
v
i
ce.Amazon
S3makesdat
aav
ai
l
abl
et
hr
oughanI
nt
er
netAPIt
hatcanbe
accessedany
wher
e.Wecanuseanyazf
ormount
i
ng.Max128act
i
v
e
connect
i
onatsamet
i
me)
Pr
act
i
cal
1.Cr
eat
i
ngandaccessi
ngEFS
Cr
eat
easg(
ef
s)>addnf
sasi
nboundr
ul
e>got
o
ef
s>cr
eat
eaf
i
l
esy
st
em >sel
ectt
hedef
aul
tv
pc>
r
emov
eal
l
sgandaddef
sast
hesg>next>cr
eat
ef
i
l
e
sy
st
em >l
aunchanr
edhati
nst
anceunderef
ssg>
l
ogi
n
$sudosu
#y
um updat
ey&&y
um i
nst
al
l
ynf
sut
i
l
s
#sy
st
emct
l
r
est
ar
tnf
sser
v
er
#sy
st
emct
l
enabl
enf
sser
v
er
#mkdi
r/
ef
s
#mounttnf
s4<i
pofef
s>:
/ /
ef
s(
checkt
he
subnetofi
nst
ance,
t
heni
nef
scheckt
hei
pof
cor
r
espondi
ngsubnet
)
#dfh
STORAGEGATEWAY
AWSSt
or
ageGat
ewayi
saser
v
i
cet
hatconnect
sanonpr
emi
ses
sof
t
war
eappl
i
ancewi
t
hcl
oudbasedst
or
aget
opr
ov
i
deseaml
ess
andsecur
ei
nt
egr
at
i
onbet
weeny
ouronpr
emi
sesI
Tenv
i
r
onment
andt
heAWSst
or
agei
nf
r
ast
r
uct
ur
e.
Theser
v
i
ceenabl
esy
out
osecur
el
yst
or
edat
ai
nt
heAWSCl
oud
f
orscal
abl
eandcost
ef
f
ect
i
v
est
or
age.
(
Basi
cal
l
y
,
i
ti
sanappl
i
cat
i
ont
hatwei
nst
al
l
onv
Spher
eorHy
per
Vandassoci
at
ewi
t
hourawsaccount
,
t
hi
st
ool
wi
l
l
asy
nchr
onousl
ycopyy
ourdat
at
os3)
4t
y
pesofSt
or
ageGat
eway
1.Fi
l
egat
eway
2.Vol
umegat
eway
3.Tapegat
eway
Fi
l
egat
eway
a.Fi
l
esar
est
or
edasobj
ecti
ns3bucketandal
l
ows
y
out
ost
or
eandr
et
r
i
ev
eobj
ect
st
hr
oughnf
s.
b.Oncet
heobj
ecti
st
r
ansf
er
r
edt
os3t
heycanbe
managedasnat
i
v
es3obj
ectsowecanappl
y
bucketpol
i
cessuchasv
er
si
oni
ng,
l
i
f
ecy
cl
e
management
,
cr
ossr
egi
onr
epl
i
cat
i
oncanbe
appl
i
eddi
r
ect
l
y
.
(
i
ti
smai
nl
yusedt
ocopyy
ourf
i
l
est
os3,
t
he
f
i
l
escanbev
i
deos,
i
mages,
document
set
c.
)
(
usesnf
sv
3or4.
1)
Vol
umegat
eway
a.I
ti
sabl
ockbasedst
or
agewhi
chusesi
scsi
bl
ock
pr
ot
ocol
mai
nl
yusedt
ost
or
eos,
appl
i
cat
i
ons,
db
et
c.
b.I
tact
sasav
i
r
t
ual
har
ddi
ski
ncl
oud.
(
Basi
cal
l
y
,
wear
et
aki
ngt
hehar
ddi
skonpr
emi
se
andwebackt
hem upasav
i
r
t
ual
hddi
ncl
oud)
c.Vol
umegat
ewayar
e2di
f
f
er
entt
y
pe
1.St
or
edv
ol
ume:
wecanconf
i
gur
et
ost
or
e
t
hepr
i
mar
ydat
al
ocal
l
yandt
hen
asy
nchr
onousl
ybackuppoi
nt
i
nt
i
me
snapshot
soft
hi
sdat
at
oAmazonS3.
2.Cachedv
ol
ume:
west
or
eourdat
ai
nS3
andr
et
ai
nacopyoff
r
equent
l
yaccessed
dat
al
ocal
l
y
.Cachedv
ol
umesof
f
era
subst
ant
i
al
costsav
i
ngsonpr
i
mar
y
st
or
ageandmi
ni
mi
zet
heneedt
oscal
e
y
ourst
or
ageonpr
emi
ses.
Tapegat
eway
a.Al
socal
l
edasv
i
r
t
ual
t
apel
i
br
ar
y(
VTL)
.
b.I
tof
f
er
sacost
ef
f
ect
i
v
eanddur
abl
ear
chi
v
e
backupdat
ai
nAmazonGl
aci
er
.
c.I
tpr
ov
i
desav
i
r
t
ual
t
apei
nf
r
ast
r
uct
ur
et
hat
scal
esseaml
essl
ywi
t
hy
ourbusi
nessneedsand
el
i
mi
nat
est
heoper
at
i
onal
bur
denofpr
ov
i
si
oni
ng,
scal
i
ng,
andmai
nt
ai
ni
ngaphy
si
cal
t
ape
i
nf
r
ast
r
uct
ur
e.
DI
RECTCONNECT
AWSDi
r
ectConnectmakesi
teasyt
oest
abl
i
shadedi
cat
ed
net
wor
kconnect
i
onf
r
om y
ourpr
emi
sest
oAWS.
AWSDi
r
ectConnectl
i
nksy
ouri
nt
er
nal
net
wor
kt
oanAWSDi
r
ect
Connectl
ocat
i
onov
erast
andar
d1gi
gabi
tor10gi
gabi
tEt
her
net
f
i
ber
opt
i
ccabl
ewhi
chpr
ov
i
despr
i
v
at
econnect
i
v
i
t
ybet
ween
AWSandy
ourdat
acent
er
,
of
f
i
ce,
orcol
ocat
i
onenv
i
r
onment
.
Oneendoft
hecabl
ei
sconnect
edt
oy
ourr
out
er
,
t
heot
hert
oan
AWSDi
r
ectConnectr
out
er
.
Benef
i
t
s
Reducecostwhenusi
ngl
ar
gev
ol
umesoft
r
af
f
i
c
I
ncr
easer
el
i
abi
l
i
t
y
I
ncr
easebandwi
dt
ht
hr
oughput
VPNVSDI
RECTCONNECT
Vpnconnect
i
onscanbeconf
i
gur
edi
nmi
nut
esandar
eagood
sol
ut
i
oni
fy
ouhav
eani
mmedi
at
eneed,
hav
el
owt
omodest
bandwi
dt
hr
equi
r
ement
sandcant
ol
er
at
et
hei
nher
entv
ar
i
abi
l
i
t
y
i
ni
nt
er
net
basedconnect
i
v
i
t
y
.
Di
r
ectconnectdoesnoti
nv
ol
v
et
hei
nt
er
net
,
i
nst
eadi
tuses
dedi
cat
ed,
pr
i
v
at
enet
wor
kconnect
i
onsbet
weeny
ouri
nt
r
anetand
amazonv
pc.
SNOWBALL
AWSSnowbal
l
i
saser
v
i
cet
hataccel
er
at
est
r
ansf
er
r
i
ngl
ar
ge
amount
sofdat
ai
nt
oandoutofAWSusi
ngphy
si
cal
st
or
age
appl
i
ances,
by
passi
ngt
heI
nt
er
net
.
EachAWSSnowbal
l
appl
i
ancet
y
pecant
r
anspor
tdat
aatf
ast
er
t
han
i
nt
er
netspeeds.Thi
st
r
anspor
ti
sdonebyshi
ppi
ngt
hedat
ai
nt
he
appl
i
ancest
hr
oughar
egi
onal
car
r
i
er
.Theappl
i
ancesar
er
ugged
shi
ppi
ngcont
ai
ner
s,
compl
et
ewi
t
hEI
nkshi
ppi
ngl
abel
s.
Wi
t
haSnowbal
l
,
y
oucant
r
ansf
erhundr
edsoft
er
aby
t
esorpet
aby
t
es
ofdat
abet
weeny
ouronpr
emi
sesdat
acent
er
sandAmazonS3.
AWSSnowbal
l
usesSnowbal
l
appl
i
ancesandpr
ov
i
despower
f
ul
i
nt
er
f
acest
haty
oucanuset
ocr
eat
ej
obs,
t
r
ansf
erdat
a,
andt
r
ackt
he
st
at
usofy
ourj
obst
hr
ought
ocompl
et
i
on.
EachSnowbal
l
i
spr
ot
ect
edbyAWSKeyManagementSer
v
i
ce(
AWS
KMS)andmadephy
si
cal
l
yr
uggedt
osecur
eandpr
ot
ecty
ourdat
a
whi
l
et
heSnowbal
l
i
si
nt
r
ansi
t
.
I
nt
heUSr
egi
ons,
Snowbal
l
scomei
nt
wosi
zes:
50TBand80TB.Al
l
ot
herr
egi
onshav
e80TBSnowbal
l
sonl
y
.
Oncet
hedat
ai
spr
ocessedandv
er
i
f
i
ed,
awspr
ef
or
msasof
t
war
e
er
asur
eoft
hesnowbal
l
appl
i
ance.
(
pr
ev
i
ousl
yt
hi
sser
v
i
cewascal
l
edasi
mpor
t
/
expor
tser
v
i
ce)
Usecases
1.Cl
oudmi
gr
at
i
on
2.Di
sast
err
ecov
er
y(
f
r
om s3t
oonpr
emi
se)
3.Dat
acent
erdecommi
ssi
ons
4.Cont
entdi
st
r
i
but
i
on
Snowbal
l
edge
AWSSnowbal
l
Edgei
sa100TBdat
at
r
ansf
erdev
i
cewi
t
honboar
dst
or
ageandcomput
ecapabi
l
i
t
i
es.
(
Not
e:
snowbal
l
hasonl
yst
or
agenotcomput
ecapabi
l
i
t
i
es,
whi
chact
sasaawsdat
acent
eri
nbox.I
ti
sal
sopossi
bl
et
or
un
t
hel
ambdaf
unct
i
on)
WecanuseSnowbal
l
Edget
omov
el
ar
geamount
sofdat
ai
nt
o
andoutofAWS,
asat
empor
ar
yst
or
aget
i
erf
orl
ar
gel
ocal
dat
aset
s,
ort
osuppor
tl
ocal
wor
kl
oadsi
nr
emot
eorof
f
l
i
ne
l
ocat
i
ons.
Snowbal
l
Edgeconnect
st
oy
ourexi
st
i
ngappl
i
cat
i
onsand
i
nf
r
ast
r
uct
ur
eusi
ngst
andar
dst
or
agei
nt
er
f
aces,
st
r
eaml
i
ni
ng
t
hedat
at
r
ansf
erpr
ocessandmi
ni
mi
zi
ngset
upandi
nt
egr
at
i
on.
Snowbal
l
Edgecancl
ust
ert
oget
hert
of
or
m al
ocal
st
or
aget
i
er
andpr
ocessy
ourdat
aonpr
emi
ses,
hel
pi
ngensur
ey
our
appl
i
cat
i
onscont
i
nuet
or
unev
enwhent
heyar
enotabl
et
o
accesst
hecl
oud.
Snowmobi
l
e
AWSSnowmobi
l
ei
sanExaby
t
escal
edat
at
r
ansf
erser
v
i
ce
usedt
omov
eext
r
emel
yl
ar
geamount
sofdat
at
oAWS.Youcan
t
r
ansf
erupt
o100PBperSnowmobi
l
e,
a45f
ootl
ong
r
uggedi
zedshi
ppi
ngcont
ai
ner
,
pul
l
edbyasemi
t
r
ai
l
ert
r
uck.
Snowmobi
l
emakesi
teasyt
omov
emassi
v
ev
ol
umesofdat
at
o
t
hecl
oud,
i
ncl
udi
ngv
i
deol
i
br
ar
i
es,
i
mager
eposi
t
or
i
es,
orev
ena
compl
et
edat
acent
ermi
gr
at
i
on.Tr
ansf
er
r
i
ngdat
awi
t
h
Snowmobi
l
ei
ssecur
e,
f
astandcostef
f
ect
i
v
e.
Af
t
erani
ni
t
i
al
assessment
,
aSnowmobi
l
ewi
l
l
bet
r
anspor
t
edt
o
y
ourdat
acent
erandAWSper
sonnel
wi
l
l
conf
i
gur
ei
tf
ory
ouso
i
tcanbeaccessedasanet
wor
kst
or
aget
ar
get
.Wheny
our
Snowmobi
l
ei
sonsi
t
e,
AWSper
sonnel
wi
l
l
wor
kwi
t
hy
ourt
eam
t
oconnectar
emov
abl
e,
hi
ghspeednet
wor
kswi
t
chf
r
om
Snowmobi
l
et
oy
ourl
ocal
net
wor
kandy
oucanbegi
ny
ourhi
ghspeeddat
at
r
ansf
erf
r
om anynumberofsour
ceswi
t
hi
ny
our
dat
acent
ert
ot
heSnowmobi
l
e.Af
t
ery
ourdat
ai
sl
oaded,
Snowmobi
l
ei
sdr
i
v
enbackt
oAWSwher
ey
ourdat
ai
si
mpor
t
ed
i
nt
oAmazonS3orAmazonGl
aci
er
.
Snowmobi
l
eusesmul
t
i
pl
el
ay
er
sofsecur
i
t
ydesi
gnedt
o
pr
ot
ecty
ourdat
ai
ncl
udi
ngdedi
cat
edsecur
i
t
yper
sonnel
,
GPS
t
r
acki
ng,
al
ar
m moni
t
or
i
ng,
24/
7v
i
deosur
v
ei
l
l
ance,
andan
opt
i
onal
escor
tsecur
i
t
yv
ehi
cl
ewhi
l
ei
nt
r
ansi
t
.Al
l
dat
ai
s
encr
y
pt
edwi
t
h256bi
tencr
y
pt
i
onkey
smanagedt
hr
ough
t
heAWSKeyManagementSer
v
i
ce(
KMS)anddesi
gnedt
o
ensur
ebot
hsecur
i
t
yandf
ul
l
chai
nof
cust
odyofy
ourdat
a.
SQS
I
nt
r
oducedi
n2004bef
or
est
ar
t
i
ngaws.
AmazonSi
mpl
eQueueSer
v
i
ce(
AmazonSQS)i
sawebser
v
i
ce
t
hatgi
v
esy
ouaccesst
oamessagequeuet
hatcanbeusedt
o
st
or
emessageswhi
l
ewai
t
i
ngf
oracomput
ert
opr
ocessi
t
.
SQSof
f
er
sar
el
i
abl
e,
hi
ghl
y
scal
abl
ehost
edqueuef
orst
or
i
ng
messagesast
heyt
r
av
el
bet
weenappl
i
cat
i
onsormi
cr
oser
v
i
ces.
SQSi
sadi
st
r
i
but
edqueuesy
st
em t
hatenabl
eswebser
v
i
ce
appl
i
cat
i
onst
oqui
ckl
yandr
el
i
abl
equeuemessagest
hatone
componenti
nt
heappl
i
cat
i
ongener
at
est
obeconsumedby
anot
hercomponent
.
Aqueuei
sat
empor
ar
yr
eposi
t
or
yf
ormessagest
hatar
eawai
t
i
ng
pr
ocessi
ng.
Messagescancont
ai
n256KBoft
exti
nanyf
or
mat
.
SQSensur
esdel
i
v
er
yofeachmessageatl
eastonce,
andsuppor
t
atl
eastoner
eaderandwr
i
t
eri
nt
er
act
i
ngwi
t
ht
hesamequeue.
Asi
ngl
equeuecanbeusedsi
mul
t
aneousl
ybymanydi
st
r
i
but
ed
appl
i
cat
i
oncomponent
,
wi
t
hnoneedf
ort
hosecomponent
st
o
coor
di
nat
ewi
t
heachot
hert
oshar
et
hequeue.
AmazonSQSsuppor
t
sbot
hst
andar
dandFI
FOqueues.(
A
st
andar
dqueueal
l
owsy
out
ohav
eanear
l
yunl
i
mi
t
ednumberof
t
r
ansact
i
onspersecond.St
andar
dqueuessuppor
tat
l
east
once
messagedel
i
v
er
y
)
,
Hencei
tpr
ov
i
desanev
ent
ual
consi
st
ency
.
(
wi
t
houtwr
i
t
i
ngi
tI
snotpossi
bl
et
oaccesst
hecont
ent
)
.
Wor
ki
ng
1.Asy
nchr
onousl
ypul
l
st
het
askmessagesf
r
om t
hequeue.
2.Ret
r
i
ev
est
henamedf
i
l
e.
3.Pr
ocesst
heconv
er
sat
i
on.
4.Wr
i
t
est
hei
magebackt
os3.
5.Wr
i
t
esa“
t
askcompl
et
e”messaget
oanot
herqueue.
6.Del
et
est
heor
i
gi
nal
t
askmessage.
7.Checksf
ormor
emessagesi
nt
hewor
kqueue.
SQSREQUEST
Fr
eef
or1stonemi
l
l
i
onr
equest
s/mont
h.
$0.
50peronemi
l
l
i
ont
her
eaf
t
er
.
DATATRANSFER
Fr
eet
r
ansf
eroutf
or1st1GB/
mont
h.
$0.
12perGB/
mont
h.
SNS
AmazonSi
mpl
eNot
i
f
i
cat
i
onSer
v
i
ce(
AmazonSNS)i
sawebser
v
i
ce
t
hatcoor
di
nat
esandmanagest
hedel
i
v
er
yorsendi
ngofmessages
t
osubscr
i
beendpoi
nt
sorcl
i
ent
s.
SNSf
ol
l
owpushmechani
sm t
odel
i
v
ert
henot
i
f
i
cat
i
ont
ot
hecl
i
ent
,
i
t
el
i
mi
nat
est
heneedofper
i
odi
cal
l
ycheckorpol
l
newi
nf
or
mat
i
onand
updat
e.
SNScanpushnot
i
f
i
cat
i
onst
omobi
l
edev
i
ces,
emai
l
,
oranyht
t
p
endpoi
nt
.
Topr
ev
entt
hemessagesf
r
om bei
ngl
ostal
l
messagespubl
i
shedt
o
SNSar
est
or
edr
edundant
l
yacr
ossmul
t
i
pl
eAZ.
SNSal
l
owsy
out
ogr
oupmul
t
i
pl
er
eci
pi
ent
susi
ngt
opi
cs.At
opi
ci
s
an“
accesspoi
nt
”f
oral
l
owi
ngr
eci
pi
ent
st
ody
nami
cal
l
ysubscr
i
bef
or
i
dent
i
cal
copi
esoft
hesamenot
i
f
i
cat
i
on.
Onet
opi
ccansuppor
tdel
i
v
er
i
est
omul
t
i
pl
eendpoi
nt
s.
Benef
i
t
s
1.I
nst
ant
aneous,
pushbaseddel
i
v
er
y
2.Si
mpl
eapi
andeasyi
nt
egr
at
i
onwi
t
happl
i
cat
i
ons.
3.f
l
exi
bl
emessagedel
i
v
er
yov
ermul
t
i
pl
et
r
anspor
tpr
ot
ocol
.
4.I
nexpensi
v
e,
pay
asy
ougomodel
wi
t
hnoupf
r
ontcost
s.
$0.
50per1mi
l
l
i
onSNSr
equest
.
Pr
act
i
cal
1.Cr
eat
i
ngabucket
Got
os3>cr
eat
eabucket(
awst
est
ev
ent
)
2.Cr
eat
i
ngandat
t
achi
ngasubscr
i
pt
i
on
Got
osns>t
opi
c>cr
eat
et
opi
c>t
opi
cname(
ev
ent
)>
ot
hert
opi
cact
i
on>edi
tt
opi
cpol
i
cy>adv
ancedv
i
ew>
copyandpast
et
hepol
i
cyf
r
om googl
e(
enabl
i
ngev
ent
not
i
f
i
cat
i
ons,
maket
hechangessuchasr
egi
on,
accno,
t
opi
c
name,
bucketname)>updat
epol
i
cy>cr
eat
e
subscr
i
pt
i
on>pr
ot
ocol
(
emai
l
)>endpoi
nt(
ent
ert
hemai
l
i
d)
>cr
eat
esubscr
i
pt
i
on.
3.At
t
achi
ngt
heev
entt
oBucket
Got
obucket>ev
ent
s>name(
ev
ent
)>ev
ent
s(
any
)>
snst
opi
c(
sel
ectt
heexi
st
i
ng)
(
not
e:
Bucketandt
opi
cshoul
dbei
nsamer
egi
on)
SES
AmazonSi
mpl
eEmai
l
Ser
v
i
ce(
AmazonSES)i
sanemai
l
pl
at
f
or
mt
hat
pr
ov
i
desaneasy
,
cost
ef
f
ect
i
v
ewayf
ory
out
osendandr
ecei
v
e
emai
l
usi
ngy
ourownemai
l
addr
essesanddomai
ns.
Wi
t
hSES,
y
ourawsappl
i
cat
i
oncansentasmanymai
l
asy
ouneedt
o.
SESi
si
nt
egr
at
edwi
t
hawsconsol
esot
hatwecanmoni
t
ort
hat
sendi
ngact
i
v
i
t
y
.
WecanuseAmazonSESt
or
ecei
v
emai
l
,
y
oucandev
el
opsof
t
war
e
sol
ut
i
onssuchasemai
l
aut
or
esponder
s,
emai
l
unsubscr
i
besy
st
ems,
andappl
i
cat
i
onst
hatgener
at
ecust
omersuppor
tt
i
cket
sf
r
om
i
ncomi
ngemai
l
s.
(
not
e:
BOUNCE>emai
l
sendermakesar
equestt
oSESt
osenda
mai
l
t
oar
eci
pi
enti
ft
her
equesti
sv
al
i
di
tf
or
war
dt
hemai
l
t
oi
nt
er
net
andt
or
eci
pi
ent
’
sI
SPi
ft
her
eci
pi
entdoesnotexi
stI
SPsendsa
bouncenot
i
f
i
cat
i
ont
oaws.
COMPLAI
NTS>Ther
eci
pi
ent
swhodon’
twantt
or
ecei
v
et
he
messager
egi
st
eracompl
ai
ntt
owi
t
hI
SP,
I
SPf
or
war
dst
hecompl
ai
nt
t
oawswhi
chi
sf
or
war
dedt
osender
)
SWF
TheAmazonSi
mpl
eWor
kf
l
owSer
v
i
ce(
AmazonSWF)makesi
teasy
t
obui
l
dappl
i
cat
i
onst
hatuseAmazon'
scl
oudt
ocoor
di
nat
ewor
k
acr
ossdi
st
r
i
but
edcomponent
s.
SWFenabl
est
heappl
i
cat
i
onf
orar
angeofusecases,
i
ncl
udi
ng
medi
apr
ocessi
ngwebappl
i
cat
i
onbackends,
busi
nesspr
ocess
wor
kf
l
ows,
andanal
y
t
i
cspi
pel
i
ne,
t
obedesi
gnedasacoor
di
nat
eof
t
asks.
Tasksr
epr
esent
si
nv
ocat
i
onsofv
ar
i
ouspr
ocessi
ngst
epsi
nan
appl
i
cat
i
onwhi
chcanbeper
f
or
medbyexecut
abl
ecode,
webser
v
i
ce,
cal
l
s,
humanact
i
ons,
andscr
i
pt
s.
SWFpr
esent
sat
askor
i
ent
edAPI
,
wher
easSQSof
f
er
samessageor
i
ent
edAPI
.
SWFensur
est
het
aski
sdoneonl
yonceandi
snev
erdupl
i
cat
ed.
SWFkeepst
r
ackofal
l
t
het
asksandev
ent
si
nanappl
i
cat
i
on.Wi
t
h
SQSy
ouneedt
oi
mpl
ementy
ourownappl
i
cat
i
onl
ev
el
t
r
acki
ng,
especi
al
l
yi
fy
ourappl
i
cat
i
onusesmul
t
i
pl
equeues.
VPC
AmazonVi
r
t
ual
Pr
i
v
at
eCl
oud(
AmazonVPC)enabl
esy
out
ol
aunch
AmazonWebSer
v
i
ces(
AWS)r
esour
cesi
nt
oav
i
r
t
ual
net
wor
kt
hat
y
ou'
v
edef
i
ned.
VPCi
sav
i
r
t
ual
net
wor
kdedi
cat
edt
oy
ourAWSaccount
.I
ti
sl
ogi
cal
l
y
i
sol
at
edf
r
om ot
herv
i
r
t
ual
net
wor
ksi
nt
heAWScl
oud
ByVPC,
wecanhav
ecompl
et
econt
r
ol
ov
ery
ourv
i
r
t
ual
net
wor
ki
ng
env
i
r
onment
,
i
ncl
udi
ngsel
ect
i
onofy
ourownI
Paddr
essr
ange,
cr
eat
i
onofsubnet
s,
andconf
i
gur
at
i
onofr
out
et
abl
esandnet
wor
k
gat
eway
.
Topr
ot
ectt
heAWSr
esour
cesi
neachsubnet
,
y
oucanusemul
t
i
pl
e
l
ay
er
sofsecur
i
t
y
,
i
ncl
udi
ngsecur
i
t
ygr
oupsandnet
wor
kaccess
cont
r
ol
l
i
st
s(
ACL)
.
2t
y
pesofVPC
1.Def
aul
tVPC
2.Cust
om VPC(
nondef
aul
tVPC)
Def
aul
tVPC
1.Def
aul
tVPCi
suserf
r
i
endl
y
,
al
l
owi
ngy
out
oi
mmedi
at
el
ydepl
oy
i
nst
ances.
2.I
fy
ouhav
eadef
aul
tVPCanddon'
tspeci
f
yasubnetwheny
ou
l
aunchani
nst
ance,
t
hei
nst
ancei
sl
aunchedi
nt
oy
ourdef
aul
tVPC.
3.Al
l
subnet
si
ndef
aul
tVPChav
eani
nt
er
netgat
ewayat
t
ached.
4.EachEC2i
nst
anceunderVPChav
epr
i
v
at
eandpubl
i
cI
Paddr
ess.
5.I
fy
oudel
et
et
hedef
aul
tVPConl
ywayt
ogeti
tbacki
st
ocont
act
AWS.
Cust
om VPC
VPCwhi
chi
scr
eat
edbyt
heuseraccor
di
ngt
ot
hecust
om
conf
i
gur
at
i
oni
scal
l
edcust
om VPC.
Subnet
st
haty
oucr
eat
ei
ny
ournondef
aul
tVPCandaddi
t
i
onal
subnet
st
haty
oucr
eat
ei
ny
ourdef
aul
tVPCar
e
cal
l
ednondef
aul
tsubnet
s.
Subnet
Asubneti
sar
angeofI
Paddr
essesi
ny
ourVPC.Youcan
l
aunchAWSr
esour
cesi
nt
oasubnett
haty
ousel
ect
.Wecan
useapubl
i
csubnetf
orr
esour
cest
hatmustbeconnect
edt
o
t
heI
nt
er
net
,
andapr
i
v
at
esubnetf
orr
esour
cest
hatwon'
tbe
connect
edt
ot
heI
nt
er
net
.
Rout
et
abl
e
Ar
out
et
abl
econt
ai
nsasetofr
ul
es,
cal
l
edr
out
es,
t
hatar
eused
t
odet
er
mi
newher
enet
wor
kt
r
af
f
i
ci
sdi
r
ect
ed.
Eachsubneti
nourVPCmustbeassoci
at
edwi
t
har
out
et
abl
e,
t
het
abl
econt
r
ol
st
her
out
i
ngf
ort
hesubnet
.
Asubnetcanonl
ybeassoci
at
edwi
t
honer
out
et
abl
eatat
i
me,
butwecanassoci
at
emul
t
i
pl
esubnet
swi
t
ht
hesamer
out
e
t
abl
e.
I
nt
er
netgat
eway
AnI
nt
er
netgat
ewayi
sahor
i
zont
al
l
yscal
ed,
r
edundant
,
and
hi
ghl
yav
ai
l
abl
eVPCcomponentt
hatal
l
owscommuni
cat
i
on
bet
weeni
nst
ancesi
ny
ourVPCandt
heI
nt
er
net
.
Ani
nt
er
netgat
ewaypr
ov
i
desar
out
eoutt
ot
hei
nt
er
net
.
AnI
nt
er
netgat
ewayser
v
est
wopur
poses:
t
opr
ov
i
deat
ar
geti
n
y
ourVPCr
out
et
abl
esf
orI
nt
er
net
r
out
abl
et
r
af
f
i
c,
andt
o
per
f
or
m net
wor
kaddr
esst
r
ansl
at
i
on(
NAT)f
ori
nst
ancest
hat
hav
ebeenassi
gnedpubl
i
cI
Pv
4addr
esses.
ForaVPCy
oucanhav
e1i
nt
er
netgat
eway
.
NAT
Net
wor
kAddr
essTr
ansl
at
i
on(
NAT)gat
ewayi
susedt
oenabl
e
i
nst
ancesi
napr
i
v
at
esubnett
oconnectt
ot
heI
nt
er
netorot
her
AWSser
v
i
ces,
butpr
ev
entt
heI
nt
er
netf
r
om i
ni
t
i
at
i
nga
connect
i
onwi
t
ht
hosei
nst
ances.
NETWORKACL
Anet
wor
kaccesscont
r
oll
i
st(
ACL)i
sanopt
i
onal
l
ay
erof
secur
i
t
yf
ory
ourVPCt
hatact
sasaf
i
r
ewal
l
f
orcont
r
ol
l
i
ng
t
r
af
f
i
ci
nandoutofoneormor
esubnet
s.
VPCaut
omat
i
cal
l
ycomeswi
t
hamodi
f
i
abl
edef
aul
tnet
wor
k
ACL.Bydef
aul
t
,
i
tal
l
owsal
l
i
nboundandout
boundI
Pv
4t
r
af
f
i
c
and,
i
fappl
i
cabl
e,
I
Pv
6t
r
af
f
i
c.
Wecancr
eat
eacust
om net
wor
kACLandassoci
at
ei
twi
t
ha
subnet
.Bydef
aul
t
,
eachcust
om net
wor
kACLdeni
esal
l
i
nboundandout
boundt
r
af
f
i
cunt
i
l
y
ouaddr
ul
es.
Wecanassoci
at
eanet
wor
kACLwi
t
hmul
t
i
pl
esubnet
s;
howev
er
,
asubnetcanbeassoci
at
edwi
t
honl
yonenet
wor
k
ACLatat
i
me.
Anet
wor
kACLcont
ai
nsanumber
edl
i
stofr
ul
est
hatwe
ev
al
uat
ei
nor
der
,
st
ar
t
i
ngwi
t
ht
hel
owestnumber
edr
ul
e,
t
o
det
er
mi
newhet
hert
r
af
f
i
ci
sal
l
owedi
noroutofanysubnet
associ
at
edwi
t
ht
henet
wor
kACL.Thehi
ghestnumbert
haty
ou
canusef
orar
ul
ei
s32766
VPCpeer
i
ng
AVPCpeer
i
ngconnect
i
oni
sanet
wor
ki
ngconnect
i
onbet
ween
t
woVPCst
hatenabl
esy
out
or
out
et
r
af
f
i
cbet
weent
hem usi
ng
pr
i
v
at
eI
Pv
4addr
essesorI
Pv
6addr
esses
I
nst
ancesi
nei
t
herVPCcancommuni
cat
ewi
t
heachot
herasi
f
t
heyar
ewi
t
hi
nt
hesamenet
wor
k.
WecanpeerVPCwi
t
hot
herAWSaccountaswel
l
aswi
t
hot
her
VPCi
nt
hesameaccount
,
butVPCsmustbei
nt
hesamer
egi
on.
VPN
Wecanconnecty
ourVPCt
or
emot
enet
wor
ksbyusi
ngaVPN
connect
i
on.
Her
eweuseAWShar
dwar
eVPN.
Egr
essonl
yi
nt
er
netgat
eway
Anegr
essonl
yI
nt
er
netgat
ewayi
saVPCcomponentt
hat
al
l
owsout
boundcommuni
cat
i
onov
erI
Pv
6f
r
om i
nst
ancesi
n
y
ourVPCt
ot
heI
nt
er
net
,
andpr
ev
ent
st
heI
nt
er
netf
r
om
i
ni
t
i
at
i
nganI
Pv
6connect
i
onwi
t
hy
ouri
nst
ances.
DHCPOpt
i
onsSet
TheDy
nami
cHostConf
i
gur
at
i
onPr
ot
ocol
(
DHCP)pr
ov
i
desa
st
andar
df
orpassi
ngconf
i
gur
at
i
oni
nf
or
mat
i
ont
ohost
sona
TCP/
I
Pnet
wor
k.
VPCendpoi
nt
AVPCendpoi
ntenabl
esy
out
ocr
eat
eapr
i
v
at
econnect
i
on
bet
weeny
ourVPCandanot
herAWSser
v
i
cewi
t
houtr
equi
r
i
ng
accessov
ert
heI
nt
er
net
.
Anendpoi
ntenabl
esi
nst
ancesi
ny
ourVPCt
ouset
hei
rpr
i
v
at
e
I
Paddr
essest
ocommuni
cat
ewi
t
hr
esour
cesi
not
herser
v
i
ces.
Youri
nst
ancesdonotr
equi
r
epubl
i
cI
Pv
4addr
esses,
andy
ou
donotneedanI
nt
er
netgat
eway
,
aNATdev
i
ce,
orav
i
r
t
ual
pr
i
v
at
egat
ewayi
ny
ourVPC.
Weuseendpoi
ntpol
i
ci
est
ocont
r
ol
accesst
or
esour
cesi
n
ot
herser
v
i
ces.
Tr
af
f
i
cbet
weeny
ourVPCandt
heAWSser
v
i
cedoesnotl
eav
e
t
heAmazonnet
wor
k.
(
not
e:
onl
ys3i
ssuppor
t
edasofnow)
VPCRest
r
i
ct
i
ons
1.5el
ast
i
cI
PperVPC.
2.5i
nt
er
netgat
eway
sperr
egi
on.
3.5VPCperr
egi
on(
canbei
ncr
easeduponr
equest
)
.
4.5NATperr
egi
on.
5.5v
i
r
t
ual
pr
i
v
at
egat
eway
sperr
egi
on.
6.50VPNconnect
i
onperr
egi
on.
7.50r
ul
espersg.
8.50cust
omergat
eway
sperr
egi
on.(
Thecust
omergat
ewayi
st
he
appl
i
anceaty
ourendoft
heVPNconnect
i
on)
9.100secur
i
t
ygr
oupperVPC.
10. 200net
wor
kACLperr
egi
on.
11. 200Rout
et
abl
eperr
egi
on.
PRACTI
CAL
1.Cr
eat
eVPC
Forcr
eat
i
ngVPCwehav
e4conf
i
gur
at
i
ons
1.VPCwi
t
haSi
ngl
ePubl
i
cSubnet
:
Theconf
i
gur
at
i
onf
or
t
hi
sscenar
i
oi
ncl
udesav
i
r
t
ual
pr
i
v
at
ecl
oud(
VPC)wi
t
h
asi
ngl
epubl
i
csubnet
,
andanI
nt
er
netgat
ewayt
o
enabl
ecommuni
cat
i
onov
ert
heI
nt
er
net
.
2.VPCwi
t
hPubl
i
candPr
i
v
at
eSubnet
s:
The
conf
i
gur
at
i
onf
ort
hi
sscenar
i
oi
ncl
udesav
i
r
t
ual
pr
i
v
at
e
cl
oud(
VPC)wi
t
hapubl
i
csubnetandapr
i
v
at
e
subnet
.(
not
e:
Acommonexampl
ei
samul
t
i
t
i
er
websi
t
e,
wi
t
ht
hewebser
v
er
si
napubl
i
csubnetand
t
hedat
abaseser
v
er
si
napr
i
v
at
esubnet
)
3.VPCwi
t
hPubl
i
candPr
i
v
at
eSubnet
sandHar
dwar
e
VPNAccess:
Theconf
i
gur
at
i
onf
ort
hi
sscenar
i
o
i
ncl
udesav
i
r
t
ual
pr
i
v
at
ecl
oud(
VPC)wi
t
hapubl
i
c
subnetandapr
i
v
at
esubnet
,
andav
i
r
t
ual
pr
i
v
at
e
gat
ewayt
oenabl
ecommuni
cat
i
onwi
t
hy
ourown
net
wor
kov
eranI
PsecVPNt
unnel
.(
not
e:
Thi
sscenar
i
o
enabl
esy
out
or
unamul
t
i
t
i
er
edappl
i
cat
i
onwi
t
ha
scal
abl
ewebf
r
ontendi
napubl
i
csubnet
,
andt
ohouse
y
ourdat
ai
napr
i
v
at
esubnett
hati
sconnect
edt
oy
our
net
wor
kbyanI
PsecVPNconnect
i
on)
.
(
not
e:
I
PSeci
sanI
nt
er
netEngi
neer
i
ngTaskFor
ce
(
I
ETF)st
andar
dsui
t
eofpr
ot
ocol
st
hatpr
ov
i
desdat
a
aut
hent
i
cat
i
on,
i
nt
egr
i
t
y
,
andconf
i
dent
i
al
i
t
yasdat
ai
s
t
r
ansf
er
r
edbet
weencommuni
cat
i
onpoi
nt
sacr
ossI
P
net
wor
ks.I
PSecpr
ov
i
desdat
asecur
i
t
yatt
heI
Ppacket
l
ev
el
.
)
4.VPCwi
t
haPr
i
v
at
eSubnetOnl
yandHar
dwar
eVPN
Access:
Theconf
i
gur
at
i
onf
ort
hi
sscenar
i
oi
ncl
udesa
v
i
r
t
ual
pr
i
v
at
ecl
oud(
VPC)wi
t
hasi
ngl
epr
i
v
at
esubnet
,
andav
i
r
t
ual
pr
i
v
at
egat
ewayt
oenabl
ecommuni
cat
i
on
wi
t
hy
ourownnet
wor
kov
eranI
PsecVPNt
unnel
.
(
not
e:
wear
egoi
ngt
ocr
eat
et
hesubnetf
r
om v
er
y
basi
cs)
Sel
ecty
ourVPC>cr
eat
eVPC>gi
v
eanyname>
CI
DR(
Cl
assl
essI
nt
er
Domai
nRout
i
ngbl
ocki
sasetof
I
nt
er
netpr
ot
ocol
(
I
P)st
andar
dst
hati
susedt
ocr
eat
e
uni
quei
dent
i
f
i
er
sf
ornet
wor
ksandi
ndi
v
i
dual
dev
i
ces)
(
i
ngener
al
casewehav
e254hosti
nan/
wbutI
nAWS
i
ti
s251,
0=uni
cast
,
1=gat
eway
,
2=dns,
3=unknown
and255=br
oadcast
)>10.
0.
0.
0/
16>def
aul
tt
enancy
>cr
eat
e.
2.Cr
eat
esubnet
Got
ot
hesubnetpar
t>cr
eat
esubnet>addt
ag(
1a-
publ
i
c)>sel
ectt
hecust
om VPC>AZ(
1a)>I
PV4CI
DR
(
10.
0.
1.
0/
24)>cr
eat
esubnet>addt
ag(
1bpubl
i
c)>
sel
ectcust
om v
pc>AZ(
1b)>I
PV4CI
DR(
10.
0.
2.
0/
24)
3.Spi
nni
nganEC2i
nst
ance
(
not
e:
Nowt
hesubnett
hatwehav
ecr
eat
edi
sapr
i
v
at
e
subnetsowewon’
tbeabl
et
oaccessi
nt
er
net
)
Cr
eat
eani
nst
ance>at
t
achcr
eat
edVPC>sel
ectsubnet
(
1b)>Aut
oassi
gnpubl
i
ci
p(
ev
eni
fy
ouassi
gnwewon’
t
beabl
et
oaccess)>def
aul
t>addst
or
age>addt
ag>
addsg(
ssh)>l
aunch.
4.Cr
eat
i
ngar
out
et
abl
e
(
not
e:
whenwecr
eat
eaVPCar
out
et
abl
ewi
l
l
becr
eat
ed
aut
omat
i
cal
l
y
,
byusi
ngt
heexi
st
i
ngr
out
et
abl
ei
twon’
tbe
abl
et
oaccessi
nt
er
net
)
Sel
ectt
heexi
st
i
ngr
out
et
abl
e>namei
tas
pr
i
v
at
e>got
osubnet>sel
ect(
1bpr
i
v
at
e)>got
or
out
e
t
abl
eopt
i
on>edi
t>changet
ocust
om r
out
e
t
abl
e(
pr
i
v
at
e)>sav
e
Cr
eat
er
out
et
abl
e>namet
ag(
publ
i
c)>VPC
(
sel
ectcust
om VPC)>got
osubnet>sel
ectt
hecust
om
subnet(
1apubl
i
c)>got
or
out
et
abl
eopt
i
on>edi
t>
changet
ocust
om r
out
et
abl
e(
publ
i
c)>sav
e
(
not
e:
byusi
ngr
out
et
abl
ewecanmanagei
nt
er
nal
t
r
af
f
i
c)
5.I
nt
er
netGat
eway
(
not
e:
Ev
eni
fwecr
eat
eani
nt
er
netgat
ewayi
tdoesn’
t
gi
v
ey
ouanaccesst
oi
nt
er
net
,
ei
t
hery
ouneedt
o
el
ast
i
cl
oadbal
ancerorel
ast
i
ci
p)
Cr
eat
ei
nt
er
netgat
eway>namet
ag(
ni
r
mal
)>at
t
ach
t
oVPC>sel
ectt
heVPC>got
or
out
et
abl
e(
publ
i
c)>
sel
ectr
out
es>edi
t>sel
ectt
ar
get>sel
ectt
he
gat
eway>dest
i
nat
i
on0.
0.
0.
0/
0>sav
e
6.El
ast
i
cI
P
Cr
eat
eanel
ast
i
ci
p
7.Spi
nanewi
nst
ance
Cr
eat
eanewi
nst
ance>sel
ectt
hecust
om VPC>sel
ect
t
heav
ai
l
abi
l
i
t
yzone(
1a)>l
aunch
8.Associ
at
eel
ast
i
ci
p
Got
oel
ast
i
ci
p>associ
at
e>sel
ectt
hei
nst
ancei
n
publ
i
csubnet
(
1a)
.
9.Connectt
ot
hei
nst
ance
Logi
nt
oi
nst
ance
(
not
e:
her
ewhenwecheckt
hei
pi
ti
st
hepr
i
v
at
ei
nst
ance)
10. Logi
nt
opr
i
v
at
ei
nst
ance
Usi
ngwi
nscpcopyt
hepubl
i
ckeyt
opubl
i
ci
nst
ance>
f
r
om publ
i
ci
nst
anceuse>
#chmod600<pem f
i
l
e>
#sshec2user
@<pr
i
v
at
ei
p>I<pem f
i
l
e>
(
not
e:
i
>i
dent
i
t
yf
i
l
e)
11. Tr
yt
oi
nst
al
l
apackage
Tr
yt
oi
nst
al
l
apackagef
r
om t
hei
nst
ancet
ov
er
i
f
yi
ti
s
i
nst
al
l
i
ngornot
.
(
not
e:
her
epackagewon’
tbei
nst
al
l
ed,
nowwear
egoi
ng
t
ouse,
byusi
ngNATi
ti
spossi
bl
et
oaccessnet
wor
kf
r
om
pr
i
v
at
ei
nst
ancebutnotpossi
bl
et
oaccesst
hei
nst
ance
publ
i
cl
y
)
.
12. Cr
eat
i
ngNATgat
eway
Cr
eat
eNAT>sel
ectt
hepubl
i
csubnet(
1apubl
i
c)>
cr
eat
enewel
ast
i
ci
p>cr
eat
eNATgat
eway>got
o
subnet>sel
ectpubl
i
csubnet>got
or
out
et
abl
e>
edi
t>t
ar
get>gi
v
enati
d>dest
i
nat
i
on>0.
0.
0.
0/
0
13. Logi
nt
oi
nst
ance
Nowl
ogi
nt
ot
hei
nst
ancei
npr
i
v
at
esubnet>t
r
yt
oi
nst
al
l
anypackageort
r
yt
opi
ngt
ogoogl
e.
(
Not
e:
i
tshoul
dwor
k)
(
Not
e:
publ
i
csubnet>publ
i
cr
out
et
abl
e>i
gw,
pr
i
v
at
e
subnet>pr
i
v
at
er
out
et
abl
e>nat
,
wear
ecr
eat
i
ngNATi
n
publ
i
ci
nst
anceandat
t
achi
ngt
opr
i
v
at
ei
nst
ance)
.
14. VPCPeer
i
ng
Got
opeer
i
ngconnect
i
on>cr
eat
epeer
i
ngconnect
i
on>
peer
i
ngconnect
i
onname(
Checki
ng)>VPCREQ.
(
cust
om v
pc)>VPCACCEP.(
def
aul
tv
pc)>cr
eat
epeer
connect
i
on>got
opeer
i
ngconnect
i
onmenu>accept
t
henewr
equest>got
or
out
et
abl
eofcust
om v
pc(
publ
i
c)
>addt
hei
pv
4ci
drandt
ar
get(
172.
31.
0.
0/
16pcx3e6a9757connect
i
onname)ofdef
aul
tv
pc>got
or
out
e
t
abl
eofdef
aul
tv
pc>addt
hei
pv
4ci
drandt
ar
get
(
10.
0.
0.
0/
16connect
i
onname)ofcust
om v
pc>sav
e
Nowl
aunchani
nst
ancei
ndef
aul
tVPCandt
r
yt
oconnect
t
ocust
om v
pcwebser
v
eri
nst
ance(
i
nt
hi
sexampl
e)usi
ng
pr
i
v
at
ei
p,
i
twi
l
l
bepossi
bl
e,
t
hent
r
yt
oconnectt
oDBS(
i
n
t
hi
sexampl
e)i
twon’
tbepossi
bl
et
oconnect
,
becausewe
hav
eaddedt
heent
r
yonl
yi
npubl
i
cr
out
et
abl
enoti
n
pr
i
v
at
er
out
et
abl
e.
15. Net
wor
kACLs
(
not
e:
Net
wor
kACLi
spr
i
mar
yf
or
m ofsecur
i
t
y
.I
tdoes
t
hesameact
i
v
i
t
yofSG,
butmul
t
i
pl
eSGcanbeunder
ACL)
Sel
ectt
hecust
om acl
>checkt
hesubnet
swhi
ch
ar
eassoci
at
ed(
her
ei
ti
s2,
bydef
aul
twhat
ev
er
changeswedowi
l
l
beaf
f
ect
edonbot
h)>i
nbound>
edi
t>addanot
herr
ul
e>95>t
y
peSSH>sour
ce
(
gi
v
et
hei
py
ouwantt
oal
l
ow)>al
l
ow>sav
e
(
not
e:
Denywi
l
l
ov
er
r
i
deal
l
ow)
16. Endpoi
nt
a.Cr
eat
eanI
AM userwi
t
hS3f
ul
l
access
b.Launchanamazoni
nst
ancei
ncust
om v
pcandpr
i
v
at
e
subnet
c.Logi
nandi
nt
egr
at
et
heuserbyper
f
or
mi
ng
#awsconf
i
gur
e(
speci
f
yt
hel
ocat
i
onasapsout
h1)
d.#awss3l
s(
nowwewi
l
l
beabl
et
osees3bucket
)
e.Got
opr
i
v
at
er
out
et
abl
eandr
emov
enat
.
f
.Check#awss3l
s(
wewon’
tbeabl
et
oaccess)
g.Cl
i
ckonendpoi
ntandassoci
at
et
opr
i
v
at
er
out
et
abl
e
h.Gobackt
oi
nst
anceandper
f
or
m #awss3l
s(
nowwe
wi
l
l
beabl
et
osees3bucket
)
RDS
Adat
abasei
sacol
l
ect
i
onofi
nf
or
mat
i
ont
hati
sor
gani
zedsot
hati
t
canbeeasi
l
yaccessed,
managedandupdat
ed.
Ther
ear
edi
f
f
er
entki
ndsofdat
abase
1.Re
l
at
i
onal
DB
Ar
el
at
i
onal
dat
abasei
sacol
l
ect
i
onofdat
ai
t
emsor
gani
zed
asasetoff
or
mal
l
y
descr
i
bedt
abl
esf
r
om whi
chdat
acanbe
accessedorr
eassembl
edi
nmanydi
f
f
er
entway
swi
t
hout
hav
i
ngt
or
eor
gani
zet
hedat
abaset
abl
es.
Amazonhav
easer
v
i
cecal
l
edRDS(
r
el
at
i
onal
dat
abase
ser
v
i
ce)i
ncl
udi
ng6di
f
f
er
entdbMy
SQL,
Mar
i
aDB,
Mi
cr
osof
t
SQL,
Post
gr
es,
or
acl
e,
Aur
or
a
2.No
nr
el
at
i
onal
DB
Anonr
el
at
i
onal
dat
abasei
sanydat
abaset
hatdoesnot
f
ol
l
owt
her
el
at
i
onal
model
pr
ov
i
dedbyt
r
adi
t
i
onal
r
el
at
i
onal
dat
abasemanagementsy
st
ems.
Dy
namoDBi
sanexampl
e
3.Da
t
awar
ehousi
ngDB
Adat
awar
ehouseexi
st
sasal
ay
eront
opof
anot
herdat
abaseordat
abases.
RedShi
f
ti
sanexampl
e.
El
ast
i
Cache
El
ast
i
Cachei
sawebser
v
i
cet
hatmakesi
teasyt
osetup,
manage,
andscal
eadi
st
r
i
but
edi
nmemor
ycacheenv
i
r
onmenti
nt
hecl
oud.
Theser
v
i
cei
mpr
ov
est
heper
f
or
manceofwebappl
i
cat
i
onsby
al
l
owi
ngy
out
or
et
r
i
ev
ei
nf
or
mat
i
onf
r
om f
ast
,
managed,
I
nmemor
y
caches,
i
nst
eadofr
el
y
i
ngent
i
r
el
yondi
skbasedDB.
El
ast
i
Cachesuppor
t
st
woopensour
cei
nmemor
ycachi
ngengi
nes
1.Redi
s-af
ast
,
opensour
ce,
i
nmemor
ydat
ast
or
eandcache.
2.Memcached-awi
del
yadopt
edmemor
yobj
ectcachi
ngsy
st
em.
AmazonRDSDBI
nst
ance
ADBi
nst
ancei
sani
sol
at
eddat
abaseenv
i
r
onmentr
unni
ngi
nt
he
cl
oud.
ADBi
nst
ancecancont
ai
nmul
t
i
pl
euser
cr
eat
eddat
abases.
Wecanhav
eupt
o40AmazonRDSDBi
nst
ances.
Pr
oduct
i
onenv
i
r
onmentmai
nl
yusesmul
t
i
AZdepl
oy
ment
,
i
tpr
ov
i
des
enhancedav
ai
l
abi
l
i
t
yanddat
adur
abi
l
i
t
yf
ori
nst
ance.
RDSaut
omat
i
cal
l
ypr
ov
i
si
onandmai
nt
ai
nasy
nchr
onous“
st
andby
”
r
epl
i
cai
ndi
f
f
er
entAZ.
RDSaut
omat
i
cal
l
yf
ai
l
sov
ert
ot
heupt
odat
est
andbydat
abase
ensur
i
ngt
hatdat
abaseoper
at
i
onsr
esumequi
ckl
ywi
t
hout
admi
ni
st
r
at
ori
nt
er
v
ent
i
on,
i
nt
heev
entofpl
anneddat
abase
mai
nt
enanceorunpl
annedser
v
i
cedi
sr
upt
i
on.
ReadRepl
i
ca
I
tmakesi
teasyf
orscal
i
ngi
tbey
ondt
hecapaci
t
yconst
r
ai
nt
sofa
si
ngl
eDBi
nst
ancef
orr
eadheav
ydat
abasewor
kl
oads.
Theycanbeusedf
orser
v
i
ngr
eadt
r
af
f
i
cwhent
hepr
i
mar
ydat
abase
i
sunav
ai
l
abl
e
DBSnapshotandAut
omat
edBackup
RDSpr
ov
i
des2way
sofbacki
ngandr
est
or
i
ngy
ouri
nst
ance
1.Snapshot
s
2.Aut
omat
edBackup
Snapshot
sar
eusert
r
i
gger
ed(
canbeaut
omat
edv
i
ascr
i
ptor
appl
i
cat
i
on)
Aut
omat
edbackupar
eaut
omat
i
candgi
v
et
heabi
l
i
t
yt
or
est
or
epoi
nt
i
nt
i
me.
Bot
har
ebi
l
l
abl
ei
nt
er
msofst
or
age.
RDSI
nst
ancesTy
pe
RDSDBi
nst
ancescomei
n2t
y
pe
1.Reser
v
edDBi
nst
ance
2.OnDemandi
nst
ance
2i
nst
ancet
y
pear
esameexceptbi
l
l
i
ng.
Ondemandi
shour
l
ybasi
s.
Re
ser
v
edr
equi
r
el
owupf
r
ont
,
onet
i
mef
eeandi
nt
ur
n
pr
ov
i
desasi
gni
f
i
cantdi
scountont
hehour
l
yusagechar
ge
f
ort
hei
nst
ance.
RDSv
sDBonEC2(
checksl
i
de)
Pr
act
i
cal
1.Launchi
ngani
nst
ance
Wecanl
auncht
heDBusi
ngEC2ORRDS
1.EC2
Got
oec2>l
aunchi
nst
ance>r
hel
>l
aunch>
l
ogi
n
#y
um i
nst
al
l
ymar
i
adb*
#y
um updat
ey
#sy
st
emct
l
r
est
ar
tmar
i
adb
#sy
st
emct
l
enabl
emar
i
adb
2.RDS
Cr
eat
easecur
i
t
ygr
oup>SGname
(
RDSSecur
i
t
y
)>Descr
i
pt
i
on(
RDSSecur
i
t
y
)>VPC
(
def
aul
t
)>addr
ul
e>my
sql
/
aur
or
a(
3306)>add
sour
ce(
copyt
heSGi
dofec2i
nst
anceandpast
ei
t
t
osour
ce,
becausewear
egoi
ngt
oal
l
owonl
yt
he
connect
i
onf
r
om ec2)>Got
oRDS>sel
ect
Mar
i
aDB>dev
/
t
est>DBi
nst
ancecl
ass(
t
2.
mi
cr
o)
>mul
t
i
AZdepl
oy
ment(
no)>st
or
aget
y
pe(
ssd)>
al
l
ocat
edst
or
age(
5G,
max6TB)>DBi
nst
ance
i
dent
i
f
i
er(
ni
r
mal
,
gi
v
eauni
quenamet
oi
dent
i
f
yDB)
>mast
eruser
name(
ni
r
mal
)>mast
erpasswor
d
(
pr
agat
hi
,
gi
v
eany8char
act
er
)>conf
i
r
m passwor
d
>VPC(
def
aul
t
)>subnet(
def
aul
t
)>publ
i
cl
y
accessi
bl
e(
no,
i
fsett
oy
est
heRDSwi
l
l
hav
ea
publ
i
ci
psoany
onecanaccessf
r
om out
si
de>VPC
SG(
RDSSecur
i
t
y
,
onet
haty
oucr
eat
ed)>DBName
(
Mar
i
aDB)>backupr
et
ent
i
onper
i
od(
7day
s,
max
35day
s,
maxi
mum no.
ofday
st
hesnapshotshoul
d
ber
et
ai
ned)>Backupwi
ndow(
def
aul
t
,
speci
f
y
i
ng
atwott
i
met
hebackupshoul
dbedone)>Aut
o
mi
norv
er
si
onupgr
ade(
y
es)>LaunchDBi
nst
ance.
3.
Logi
nt
oEC2andconnectt
oRDS
Checkmar
i
adbi
swor
ki
ngf
i
neornot
>
#my
sql
ur
ootp
I
fwor
ki
ng
#my
sql
h(
endpoi
nt
,
wi
t
houtpor
tno)P3306u
(
user
name)p
(
checkwhet
herconnect
i
oni
shappeni
ngt
o
RDSornot
,
t
henshowsomebasi
cMar
i
aDBcmd)
4.
Rest
or
i
ngDB
i
fwer
est
or
ei
t
sgoi
ngt
or
ecr
eat
eanewi
nst
ance
wi
t
hanewendpoi
nt
.
Sel
ectact
i
on>got
opoi
nti
nt
i
me>use
l
at
estr
est
or
abl
et
i
me(
l
at
est
)orcust
om r
est
or
e
t
i
me>l
aunch.
AmazonAur
or
a
AmazonAur
or
ai
saf
ul
l
ymanaged,
My
SQLcompat
i
bl
e,
r
el
at
i
onal
dat
abaseengi
net
hatcombi
nest
hespeedand
r
el
i
abi
l
i
t
yofhi
ghendcommer
ci
al
dat
abaseswi
t
ht
hesi
mpl
i
ci
t
y
andcost
ef
f
ect
i
v
enessofopensour
cedat
abases
AmazonAur
or
apr
ov
i
des5t
i
mesbet
t
erper
f
or
mancet
han
My
SQL,
atapr
i
cepoi
ntonet
ent
hofacommer
ci
al
DBwhi
l
e
del
i
v
er
i
ngsi
mi
l
arper
f
or
manceandav
ai
l
abi
l
i
t
y
.
AmazonAur
or
adef
aul
tsi
zei
s10GBmaxi
tcanscal
eupt
o
64TB.
Comput
er
esour
cecanscal
eupt
o32v
CPUsand244GBof
memor
y
.
Dy
namoDB
AmazonDy
namoDBi
saf
ul
l
ymanagedNoSQL
dat
abaseser
v
i
cet
hatpr
ov
i
desf
astandpr
edi
ct
abl
e
per
f
or
mancewi
t
hseaml
essscal
abi
l
i
t
y
.
WecanuseAmazonDy
namoDBt
ocr
eat
eadat
abaset
abl
et
hat
canst
or
eandr
et
r
i
ev
eanyamountofdat
a,
andser
v
eanyl
ev
el
ofr
equestt
r
af
f
i
c.
AmazonDy
namoDBaut
omat
i
cal
l
yspr
eadst
hedat
aandt
r
af
f
i
c
f
ort
het
abl
eov
erasuf
f
i
ci
entnumberofser
v
er
st
ohandl
et
he
r
equestcapaci
t
yspeci
f
i
edbyt
hecust
omerandt
heamountof
dat
ast
or
ed,
whi
l
emai
nt
ai
ni
ngconsi
st
entandf
astper
f
or
mance.
I
t
sf
l
exi
bl
edat
amodel
andr
el
i
abl
eper
f
or
mancemakei
tagr
eat
f
i
tf
ort
hemobi
l
e,
web,
gami
ngandmanyot
herappl
i
cat
i
ons.
I
tal
way
sst
or
esonSSDst
or
aget
her
ei
snomagnet
i
cst
or
age.
Spr
eadsdat
at
omul
t
i
pl
eAZ.
PRACTI
CAL
1.Cr
eat
et
abl
e
Got
oDy
namoDB>cr
eat
et
abl
e>t
abl
ename(
Musi
c)>
pr
i
mar
ykey(
Ar
t
i
st
)>addsor
tkey(
Songt
i
t
l
e)>sel
ectt
he
t
abl
ename>got
oi
t
em >cr
eat
ei
t
em >addar
t
i
stst
r
i
ng
(
Emi
nem)>songt
i
t
l
e(
notaf
r
ai
d)>addnewi
t
emsby
cl
i
cki
ngon+sy
mbol
>append>st
r
i
ng(
Al
bum t
i
t
l
e)>
st
r
i
ng(
r
ecov
er
y
)>addnewi
t
em >y
ear(
2010)>sav
e
(
si
mi
l
ar
l
ycr
eat
e2mor
e)
.
(
not
e:
st
r
i
ngi
sanyf
i
ni
t
esequenceofchar
act
er
s)
2.Edi
tt
abl
e
Got
oi
t
em >act
i
on>edi
t>gi
v
et
heappr
opr
i
at
ev
al
ue
3.Quer
yt
hedat
a
Sel
ectt
het
abl
e>i
t
em >cl
i
ckt
hedr
opdownl
abel
ed
scan>ont
hedr
opdownchanget
hescant
oquer
y>i
n
ar
t
i
stent
ert
henameofar
t
i
st>andscan.
Redshi
f
t
AmazonRedshi
f
ti
saf
astandpower
f
ul
,
f
ul
l
ymanaged,
pet
aby
t
escal
edat
awar
ehouseser
v
i
cei
nt
hecl
oud.
I
tpr
ov
i
desasi
mpl
eandcost
ef
f
ect
i
v
ewayt
oanal
y
zeal
l
y
our
dat
ausi
ngexi
st
i
ngBusi
nessI
nt
el
l
i
gence(
BI
)t
ool
andSQL
cl
i
ent
s,
r
egar
dl
essoft
hesi
zeofdat
a.
I
ti
sdesi
gnedt
ohandl
edat
aset
sf
r
om f
ewhundr
edgi
gaby
t
et
o
apet
aby
t
eormor
e
Cust
omer
scanst
ar
tsmal
l
f
orj
ust$0.
25perhourwi
t
hno
commi
t
ment
sorupf
r
ontcostandscal
et
oapet
aby
t
eormor
e
t
h
f
or$1000ormor
et
er
aby
t
epery
ear
,
l
esst
hana10 ofmost
ot
herdat
abasesol
ut
i
on.
AmazonRedshi
f
thandl
esal
l
t
hedat
awar
ehousemanagement
act
i
v
i
t
i
esf
ory
ou,
f
r
om pr
ov
i
si
oni
ngt
hei
nf
r
ast
r
uct
ur
et
o
aut
omat
i
ngongoi
ngadmi
ni
st
r
at
i
v
et
askssuchasbackupand
pat
chi
ng.
AmazonRedshi
f
ti
s10t
i
mesf
ast
ert
hant
r
adi
t
i
onal
war
ehousi
ngsol
ut
i
on,
becausei
tst
or
est
hedat
ai
ncol
umnar
f
or
m(
col
umnardat
ast
or
age)
.i
.
e.i
nst
eadofst
or
i
ngdat
aasa
ser
i
esofr
ows,
amazonr
edshi
f
tor
gani
zedat
abycol
umn.
Dat
at
r
ansf
er
r
edi
nr
edshi
f
ti
sencr
y
pt
edwi
t
hSSL,
dat
ast
or
edi
s
encr
y
pt
edbyAES256.
(
not
e:
weuseBIorsomewebi
nt
er
f
acet
ouser
edshi
f
t
)
Rout
e53
DNSi
sahi
er
ar
chi
cal
di
st
r
i
but
ednami
ngsy
st
em f
ormachi
nes
connect
edt
oanet
wor
k,
i
tenabl
est
omapahumanr
eadabl
e
namet
oamachi
nesi
paddr
ess.
Rout
e53i
sDNSser
v
i
ceofAWS.
AmazonRout
e53i
shi
ghl
yav
ai
l
abl
eandscal
abl
ecl
ouddomai
n
namesy
st
em (
DNS)webser
v
i
ce,
namedaf
t
erpor
t53whi
chi
s
t
heDNSpor
t
.
I
tpr
ov
i
dessecur
er
out
i
ngconnect
i
ont
oawsser
v
i
cesuchas
EC2,
ELB,
S3.
Rout
e53i
snotl
i
mi
t
edt
oAWSi
nf
r
ast
r
uct
ur
ey
oucanmanage
ourDNSr
ecor
dt
hr
oughRout
e53.
Rout
e53i
sgl
obal
ser
v
i
ce.
Benef
i
t
s
1.Fast
,
Rel
i
abl
eandcostef
f
ect
i
v
esi
ncei
tusesedge
l
ocat
i
on.
2.I
ti
s100%av
ai
l
abl
e.
3.I
t
’
sapayperuse.
Pr
act
i
cal
1.Cr
eat
eaWor
dPr
ess
Cr
eat
eanec2i
nst
ancewi
t
hWor
dPr
ess>at
t
achan
el
ast
i
ci
p>l
ogi
nt
owebsi
t
e>addaf
i
l
ef
r
om s3>check
whet
hert
hewebsi
t
ei
swor
ki
ngornot
.
2.Logi
nt
of
r
eenom
Got
of
r
eenom >checkwhet
hert
henamei
sav
ai
l
abl
eor
not>checkt
heav
ai
l
abl
ename>sel
ect>cont
i
nue>
l
ogi
nusi
nggoogl
e,
f
acebookorl
i
v
e>compet
et
hef
or
m.
3.Rout
e53
Got
oRout
e53>DNSmanagement>cr
eat
ehost
edzone
>domai
nname(
ni
r
mal
.
ga,
gi
v
et
hedomai
nnamef
r
om
f
r
eenom t
haty
ouhav
ecr
eat
ed)>t
y
pe(
publ
i
chost
ed
zone)>cr
eat
e.
Ahost
edzonei
sacol
l
ect
i
onofr
esour
cer
ecor
d
set
sf
oraspeci
f
i
eddomai
n.
Ar
esour
cer
ecor
di
sanent
r
yi
nDNSzonet
hat
speci
f
i
esi
nf
or
mat
i
onaboutapar
t
i
cul
arnameor
obj
ecti
nt
hezone.
4.Got
of
r
eenom
Got
of
r
eenom >ser
v
i
ce>mydomai
n>managedomai
n
>managementt
ool
s>nameser
v
er>usecust
om name
ser
v
er>copyt
hev
al
uesf
r
om host
edzone>past
ei
tt
o
nameser
v
er>changenameser
v
er
.
(
not
e:
i
tmayt
akeawhi
l
et
of
ort
hedomai
nnamepr
ov
i
der
t
omapt
heAWS nameser
v
erwi
t
ht
hedomai
nname.
)
5.Conf
i
gur
i
ngdomai
nRecor
dSet
Sel
ectt
hehost
edzone>cr
eat
er
ecor
dset>name
(
www)>v
al
ue(
el
ast
i
ci
pori
poft
hei
nst
ance)>cr
eat
e.
Resour
cesett
el
l
t
heDNShowt
ohowy
ouwant
t
r
af
f
i
ct
ober
out
edf
ort
hatdomai
n.
(
not
e:
her
ei
fy
oucl
i
ckonal
i
as>y
es,
wecansee
al
i
ast
ar
gett
her
ewecanspeci
f
yS3,
ELB,
Cl
oudFr
ontet
c.
)
Rout
i
ngPol
i
cydet
er
mi
neshowAmazonRout
e53
r
espondst
oquer
i
es.
1.Si
mpl
eRout
i
ngPol
i
cy
:
i
ti
susedwhenwe
hav
easi
ngl
er
esour
cet
hatper
f
or
msagi
v
en
f
unct
i
onf
ory
ourdomai
n
2.We
i
ght
edRout
i
ngPol
i
cy
:
i
ti
susedwheny
ou
hav
emul
t
i
pl
er
esour
cest
hatper
f
or
mt
he
samef
unct
i
on.
3.L
at
encyRout
i
ngPol
i
cy
:
i
ti
susedwhenwe
hav
er
esour
cesi
nmul
t
i
pl
eAmazonEC2dat
a
cent
er
st
hatper
f
or
mt
hesamef
unct
i
onand
y
ouwantAmazonRout
e53t
or
espondt
oDNS
quer
i
eswi
t
ht
her
esour
cest
hatpr
ov
i
det
he
bestl
at
ency
.
4.F
ai
l
ov
erRout
i
ngPol
i
cy
:
i
ti
susedwhenwe
wantt
oconf
i
gur
eact
i
v
epassi
v
ef
ai
l
ov
er
,
i
n
whi
choner
esour
cet
akesal
l
t
r
af
f
i
cwheni
t
'
s
av
ai
l
abl
eandt
heot
herr
esour
cet
akesal
l
t
r
af
f
i
cwhent
hef
i
r
str
esour
cei
sn'
tav
ai
l
abl
e.
5.Ge
ol
ocat
i
onRout
i
ngPol
i
cy
:
i
ti
susedwhen
wewantAmazonRout
e53t
or
espondt
oDNS
quer
i
esbasedont
hel
ocat
i
onofy
ouruser
s.
6.Ver
i
f
yt
hewebpage
Openat
ab>www.
ni
r
mal
.
ga.
7.Heal
t
hCheck
Rout
e53heal
t
hchecksmoni
t
ort
heheal
t
hand
per
f
or
manceofy
ourappl
i
cat
i
on'
sser
v
er
s,
or
endpoi
nt
s,
f
r
om anet
wor
kofheal
t
hchecker
si
n
l
ocat
i
onsar
oundt
hewor
l
d.
wecanspeci
f
yei
t
heradomai
nnameoranI
P
addr
essandapor
tt
ocr
eat
eHTTP,
HTTPS,
andTCP
heal
t
hcheckst
hatcheckt
heheal
t
hoft
heendpoi
nt
.
wecanuseRout
e53heal
t
hchecksf
ormoni
t
or
i
ng
andal
er
t
s.Eachheal
t
hcheckpr
ov
i
desCl
oudWat
ch
met
r
i
cst
haty
oucanv
i
ewandsetal
ar
mson.
Wecanal
souseRout
e53heal
t
hchecksf
orDNS
f
ai
l
ov
erbyassoci
at
i
ngheal
t
hcheckswi
t
hanyRout
e
53DNSr
esour
cer
ecor
dset
.Thi
sl
et
sy
our
out
e
r
equest
sbasedont
heheal
t
hofy
ourendpoi
nt
s.
(
not
e:
her
ewear
egoi
ngt
ocr
eat
eheal
t
hcheckwi
t
h
r
out
i
ngpol
i
cyf
ai
l
ov
er
)
.
1.Cr
eat
ei
nst
ance
Cr
eat
e2i
nst
ancewi
t
hht
t
pdwebser
v
er
>onei
nMumbai
(
Heal
t
hCheck1,
cont
ent
)andot
heri
ndi
f
f
er
entr
egi
on
(
Si
ngapor
e,
Heal
t
hCheck2,
cont
ent
)
.
2.Cr
eat
eheal
t
hcheck
Got
oheal
t
hcheck>cr
eat
eheal
t
h
check>name
(
r
egi
onal
heal
t
hcheck)>speci
f
i
cendpoi
nt
(
i
p)>pr
ot
ocol
(
ht
t
p)>i
paddr
s(
i
poft
he1st
i
nst
ance,
mumbai
)>host
name(
webpr
i
mar
y
)
>por
t(
80)>pat
h(
i
ndex
.
ht
ml
)>next>
cl
oudwat
ch(
y
es)>cr
eat
eat
opi
c>cr
eat
e.
3.Cr
eat
eapr
i
mar
yr
ecor
dset
Got
ohost
edzone>cr
eat
ear
ecor
dset
>name(
www2)>TTL(
1m)>v
al
ue(
i
pof1st
i
nst
ance)>r
out
i
ngpol
i
cy(
Fai
l
ov
er
)>
Fai
l
ov
err
ecor
dt
y
pe(
pr
i
mar
y
)>setI
D(
www2
pr
i
mar
y
,
cr
eat
edbydef
aul
t
)>Associ
at
ewi
t
h
heal
t
hcheck(
y
es)>Heal
t
hcheckt
o
associ
at
e(
r
egi
onal
heal
t
hcheck,
onewhi
chwe
cr
eat
epr
ev
i
ousl
y
)>sav
er
ecor
dset
.
(
not
e:
af
t
er5mi
nut
e’
scheck
www2.
ni
r
mal
.
ga,
i
twi
l
l
di
spl
ay“
Heal
t
hCheck
1”
)
.
Got
ohost
edzone>cr
eat
ear
ecor
dset
>name(
www2)>TTL(
1m)>v
al
ue(
i
pof2nd
i
nst
ance)>r
out
i
ngpol
i
cy(
Fai
l
ov
er
)>
Fai
l
ov
err
ecor
dt
y
pe(
secondar
y
)>setI
D
(
www2Secondar
y
,
cr
eat
edbydef
aul
t
)>
Associ
at
ewi
t
hheal
t
hcheck(
no)>sav
e
r
ecor
dset
.
(
not
e:
st
opt
he1sti
nst
anceaf
t
er5
mi
nut
e’
scheckswww2.
ni
r
mal
.
ga,
i
twi
l
l
di
spl
ay“
Heal
t
hCheck2”
)
.
Cl
oudFor
mat
i
on
AWSCl
oudFor
mat
i
onal
l
owsy
out
oqui
ckl
yandeasi
l
ydepl
oyy
our
i
nf
r
ast
r
uct
ur
er
esour
cesandappl
i
cat
i
onsonAWS.
I
tsi
mpl
i
f
i
espr
ov
i
si
oni
ngandmanagi
ngr
esour
cesonaws.
Wecancr
eat
et
empl
at
ef
ort
heser
v
i
cesandappl
i
cat
i
onsy
ouwantt
o
bui
l
donaws.
AWSCl
oudFor
mat
i
onusest
hoset
empl
at
est
oqui
ckl
yandr
el
i
abl
y
pr
ov
i
si
ont
hoseser
v
i
cesorappl
i
cat
i
ons,
cal
l
edst
acks.
Wecanuser
esour
cesf
r
om ov
er20awsser
v
i
cessuchasEC2,
VPC,
RDS,
Redshi
f
tet
ci
nCl
oudFor
mat
i
on.
Pr
act
i
cal
Got
ocl
oudf
or
mat
i
on>cr
eat
est
ack>sel
ectasampl
est
ack
(
si
ngl
ei
nst
ancesampl
e–wor
dpr
essbl
og)>st
ackname(
sampl
e)>
DBPasswor
d(
pr
agat
hi
)>DBRoot
Passwor
d(
pr
agat
hi
)>DBUser
(
ni
r
mal
)>i
nst
ancet
y
pe(
t
2.mi
cr
o)>key
name(
sel
ectt
heexi
st
i
ng
key
)>cr
eat
e.
(
Her
ewear
egoi
ngt
or
epr
esenthowt
ocr
eat
eawebser
v
eri
nst
ance
bysi
mpl
est
ack)
AmazonEl
ast
i
cTr
anscoder
AmazonEl
ast
i
cTr
anscoderl
et
sy
ouconv
er
tmedi
af
i
l
est
haty
ouhav
e
st
or
edi
nS3i
nt
omedi
af
i
l
esi
nt
hef
or
mat
sr
equi
r
edbyconsumer
pl
ay
backdev
i
ces.
Paybasedont
hemi
nut
est
hatwet
r
anscodeandt
her
esol
ut
i
onat
whi
chwet
r
anscode.
(
not
e:
Forexampl
e,
y
oucanconv
er
tl
ar
ge,
hi
ghqual
i
t
ydi
gi
t
al
medi
a
f
i
l
esi
nt
of
or
mat
st
hatuser
scanpl
aybackonmobi
l
edev
i
ces,
t
abl
et
s,
webbr
owser
s,
andconnect
edt
el
ev
i
si
ons.
)
El
ast
i
cTr
anscoderhasf
ourcomponent
s:
1.Jobs:
Eachj
obconv
er
t
sonef
i
l
ei
nt
oupt
o30f
or
mat
s.
(
Forexampl
e,
i
fy
ouwantt
oconv
er
tamedi
af
i
l
ei
nt
osi
x
di
f
f
er
entf
or
mat
s,
y
oucancr
eat
ef
i
l
esi
nal
l
si
xf
or
mat
sby
cr
eat
i
ngasi
ngl
ej
ob.
Wheny
oucr
eat
eaj
ob,
y
ouspeci
f
yt
henameoft
hef
i
l
et
hat
y
ouwantt
ot
r
anscode,
t
henamest
haty
ouwantEl
ast
i
c
Tr
anscodert
ogi
v
et
ot
het
r
anscodedf
i
l
es,
andsev
er
al
ot
her
set
t
i
ngs)
2.Pi
pel
i
nesar
equeuest
hatmanagey
ourt
r
anscodi
ngj
obs.A
pi
pel
i
necanpr
ocessmor
et
hanonej
obsi
mul
t
aneousl
y
.We
cant
empor
ar
i
l
yst
oppr
ocessi
ngj
obsbypausi
ngi
t
(
Wheny
oucr
eat
eaj
ob,
y
ouspeci
f
ywhi
chpi
pel
i
ney
ouwantt
o
addt
hej
obt
o.El
ast
i
cTr
anscoderst
ar
t
spr
ocessi
ngt
hej
obsi
n
api
pel
i
nei
nt
heor
deri
nwhi
chy
ouaddedt
hem.I
fy
ou
conf
i
gur
eaj
obt
ot
r
anscodei
nt
omor
et
hanonef
or
mat
,
El
ast
i
c
Tr
anscodercr
eat
est
hef
i
l
esf
oreachf
or
mati
nt
heor
deri
n
whi
chy
ouspeci
f
yt
hef
or
mat
si
nt
hej
ob.
)
3.Pr
eset
sar
et
empl
at
est
hatcont
ai
nmostoft
heset
t
i
ngsf
or
t
r
anscodi
ngmedi
af
i
l
esf
r
om onef
or
matt
oanot
her
.
(
El
ast
i
cTr
anscoderi
ncl
udessomedef
aul
tpr
eset
sf
or
commonf
or
mat
s,
f
orexampl
e,
sev
er
al
i
Podandi
Phone
v
er
si
ons.
)
4.Not
i
f
i
cat
i
onsl
ety
ouopt
i
onal
l
yconf
i
gur
eEl
ast
i
cTr
anscoder
andAmazonSNSt
okeepy
ouappr
i
sedoft
hest
at
usofaj
ob
(
whenEl
ast
i
cTr
anscoderst
ar
t
spr
ocessi
ngt
hej
ob,
when
El
ast
i
cTr
anscoderf
i
ni
shest
hej
ob,
andwhet
herEl
ast
i
c
Tr
anscoderencount
er
swar
ni
ngorer
r
orcondi
t
i
onsdur
i
ng
pr
ocessi
ng.Not
i
f
i
cat
i
onsel
i
mi
nat
et
heneedf
orpol
l
i
ngt
o
det
er
mi
newhenaj
obhasf
i
ni
shed.Youconf
i
gur
enot
i
f
i
cat
i
ons
wheny
oucr
eat
eapi
pel
i
ne.
)
Pr
act
i
cal
Cr
eat
e2bucketonef
orsour
ceandot
herdest
i
nat
i
on>add
av
i
deot
osour
cebucket>got
oel
ast
i
ct
r
anscoderconsol
e
>cr
eat
eanewpi
pel
i
ne>pi
pel
i
nename>i
nputbucket>
i
am r
ol
e(
bydef
aul
tar
ol
ewi
l
l
beat
t
ached)>dest
i
nat
i
on
bucket>cl
ass(
userwi
sh)>cr
eat
epi
pel
i
ne
Cr
eat
eaj
ob>sel
ectt
heexi
st
i
ngpi
pel
i
ne>i
nputkey
(
nameoft
hef
i
l
e)>pr
eset(
def
i
net
hev
i
deor
esol
ut
i
on)>
out
putkey(
namet
heout
putf
i
l
e,
butatt
heendweshoul
d
gi
v
e.
mp4ext
ensi
on)>cr
eat
ej
ob
Tocheckwhet
herj
obi
scompl
et
edornotcl
i
ckonj
obs>
sel
ectt
hepi
pel
i
ne>cl
i
ckonsear
ch.
Af
t
ert
hatgot
odest
i
nat
i
onbucketandcheckt
hev
i
deoi
s
t
r
anscodedornot
.
RESOURCEGROUPS
Resour
ceGr
oupshel
pst
ocr
eat
eacust
om consol
et
hator
gani
zes
andconsol
i
dat
esi
nf
or
mat
i
onbasedony
ourpr
oj
ectandt
he
r
esour
cest
hatweuse.
I
fwemanager
esour
cesi
nmul
t
i
pl
er
egi
ons,
wecancr
eat
ea
r
esour
cegr
oupt
ov
i
ewr
esour
cesf
r
om di
f
f
er
entr
egi
onsont
he
samepage.
Resour
ceGr
oupscandi
spl
aymet
r
i
cs,
al
ar
ms,
andconf
i
gur
at
i
on
det
ai
l
s.
Pr
act
i
cal
Cr
eat
e2i
nst
ancei
ndi
f
f
er
entr
egi
on>cr
eat
eat
agwi
t
hsame
keyanddi
f
f
er
entv
al
ue>r
esour
cegr
oup>gr
oupname(
sampl
e)
>t
ags(
sel
ectt
hekeyandcor
r
espondi
ngv
al
ues)>r
esour
cet
y
pe
>sav
e.
Lambda
AWSLambdai
sacomput
eser
v
i
cet
hatr
unsy
ourcodei
nr
esponset
o
ev
ent
sandaut
omat
i
cal
l
ymanagest
heunder
l
y
i
ngcomput
er
esour
ce
f
ory
ou.
I
tcanaut
omat
i
cal
l
yr
uncodei
nr
esponset
omodi
f
i
cat
i
onst
oobj
ect
s
i
nS3bucket
,
messagesar
r
i
v
i
ngi
nki
nesi
sst
r
eam,
ort
abl
eupdat
ei
n
dy
namoDB.
AWSLambdal
et
sy
our
uncodewi
t
houtpr
ov
i
si
oni
ngormanagi
ng
ser
v
er
s.
Youpayonl
yf
ort
hecomput
et
i
mey
ouconsume-t
her
ei
snochar
ge
wheny
ourcodei
snotr
unni
ng.
Justupl
oady
ourcodeandLambdat
akescar
eofev
er
y
t
hi
ngr
equi
r
ed
t
or
unandscal
ey
ourcodewi
t
hhi
ghav
ai
l
abi
l
i
t
y
.
Youcansetupyourcodet
oaut
omat
i
cal
l
yt
r
i
ggerf
r
om ot
herAWS
ser
v
i
cesorcal
l
i
tdi
r
ect
l
yf
r
om anywebormobi
l
eapp.
I
nshor
tl
ambdai
saser
v
i
cet
or
uny
ourcode,
al
l
y
ouneedi
st
osuppl
y
t
hecode.
Suppor
t
edpr
ogr
ammi
ngl
anguagei
sJav
aScr
i
pt
.
I
ti
sdesi
gnedt
opr
ov
i
de99.
99%av
ai
l
abi
l
i
t
y
.
Pr
i
ci
ng
Fi
r
st1stmi
l
l
i
onr
equest
si
sf
r
eet
her
eaf
t
er$0.
20.
Dur
at
i
oni
scal
cul
at
edf
r
om t
het
i
mey
ourcodebegi
ns
execut
i
ngunt
i
l
i
tr
et
ur
nsorot
her
wi
set
er
mi
nat
es,
r
oundedup
t
onear
est100ms.
Thepr
i
cedependsupont
heamountofmemor
yy
oual
l
ocat
e
t
oy
ourf
unct
i
on.Youar
echar
ged$0.
00001667f
orev
er
yGB
used.
Pr
act
i
cal
1.Runaser
v
er
l
ess“
Hel
l
oWor
l
d”
Got
ol
ambda>i
nf
i
l
t
ert
y
pe“
hel
l
owor
l
dpy
t
hon”>cr
eat
e>
name(
Youcannamey
ourl
ambdaf
unct
i
onher
e.Fort
hi
s
t
ut
or
i
al
,
ent
erhel
l
owor
l
dpy
t
hon)>Descr
i
pt
i
on(
Youcanent
er
ashor
tdescr
i
pt
i
onofy
ourf
unct
i
onher
e.Thi
si
spr
epopul
at
ed
wi
t
hAst
ar
t
erAWSLambdaFunct
i
on.
)>Runt
i
me(
Cur
r
ent
l
y
,
y
oucanaut
hory
ourLambdaf
unct
i
oncodei
nJav
a,
Node.
j
s,
or
Py
t
hon2.
7.Fort
hi
st
ut
or
i
al
,
l
eav
et
hi
sonPy
t
hon2.
7ast
he
r
unt
i
me.
)>L
ambdaf
unct
i
oncode(
y
oucanr
ev
i
ewt
heexampl
e
codeaut
hor
edi
nPy
t
hon.
)>Handl
er(
i
samet
hod/
f
unct
i
oni
n
y
ourcode,
wher
eAWSLambdacanbegi
nexecut
i
ngy
ourcode.
)
>Rol
e(