Shulou(Shulou.com)06/03 Report--

Cloud Computing Basic Concepts

An Internet-based computing model that delivers customer scalability and IT resiliency as a service

flexibility

AWS enables organizations to use programming models, operating systems, databases, and architectures they are familiar with. At the same time, this flexibility helps enterprises mix and match architectures to serve diverse business needs. cost-effective

With AWS, businesses pay only for the services they use, with no upfront payments or long-term commitments. Scalability and elasticity

Enterprises can quickly add or reduce AWS resources in their applications to meet customer needs and cost management considerations. safety

To provide end-to-end security and privacy, AWS sets up security services in accordance with security best practices, providing security features and documentation on how to use them. Experience in physical security, certification and authentication, security services, data privacy

With AWS, organizations can safely and reliably access Amazon's massive, globally distributed infrastructure built on more than 15 years of experience. Benefits CapEx becomes Flexible Benefit from economies of scale No need to guess Capacity requirements Increased speed and agility No need to operate and maintain heavy data centers Rapid global deployment Cloud Computing Classification IaaS -Compute, Storage, Networking PaaS -Platform for running applications directly SaaS -Product for direct use AWS Profile Services Overview AWS Core Services

AWS Platform Services

AWS Development and Operations Services

AWS Data Centers and Availability Zones (AZ) Regions Worldwide There are multiple Availability Zones in each Region Interconnected between Regions Data replication between Regions must be initiated and performed by the user Four special Regions: Osaka Local Region is a new type of local region with only one Availability Zone and complete isolation from other Regions. Other special areas include Beijing, China, Ningxia, China and Western USA Availability ZonesEach Availability Zone has multiple data centersAll live data centersN +1 disaster recovery between data centersFree network devices and network protocolsDirect high-speed, low-latency connections between Availability ZonesSelect an Availability Zone and cannot specify which physical data centerAWS can replicate data across multiple Availability Zones to enhance resiliency Edge network nodesEach Region and Availability Zone has many Edge sites CloudFront is used to provide more convenient local access to edge network nodes deployed around the world and provide CDN service area names.

AWS Cloud Adaptation Framework (AWSCAF) Overview Business: Alignment of technology delivery with business requirements Platform: Delivery models, tools, and guidance for AWS technology services Maturity: Alignment of target state of architecture with technology delivery People: Roles, responsibilities, and skills Processes: Managing product portfolios, programs, and projects, controlled risk levels Security: Security levels, regulatory risks, compliance risks Operations: Operational frameworks, processes, guidance, and tools AWS Managed Types Unmanaged Services: AWS only provides resources, fault tolerance, availability, scaling, patching, etc. Managed services are managed by users themselves: AWS automatically provides fault tolerance, availability, and scaling in addition to resources, simplifying user management AWS security and compliance AWS and its partners provide hundreds of tools and capabilities to achieve security goals of visibility, auditability, controllability, and agility. Redundancy and layered controls, continuous validation and testing, and extensive automation ensure that the underlying infrastructure is monitored and protected 24/7. Users have full control and all rights to data and can be physically positioned to meet regional compliance requirements. SOC1\2\3, ISAE, FISMA, PCIDSS, DIACAP, FedRAMP, ISO9001, ISO27001, ISO27018 shared responsibility models

AWS responsibility

Data Center: Unmarked, 24/7 Security, Two-Factor Authentication, Access Log Censorship, Video Surveillance, Disk and Data Consumption Hardware Foundation: Servers, Storage, etc. Software Foundation: Operating Systems, Virtualization Software and Service Applications Network Foundation: Routers, Switches, Load Balancer, Firewall, Cabling, External Access Points, etc.

user responsibility

System: Operating System Maintenance Software: Self-installed Operational Software Access Rights: Account Password Management, User Rights Settings Security: Host Firewall, etc. Network: VPC Settings From Traditional Architecture to AWS Cloud Architecture Solution Example Traditional Architecture

cloud architecture

AWS Official Technical Support AWS Support Solutions Foundation Support Developer Support Business Support Enterprise Support SLA Impact Matrix

Technical Support Approach AWS Expert Technical Support Technical Account Managers Proactive guidance and analysis to determine how to optimize AWS through business and performance assessments Develop best practice recommendations Infrastructure practices Manage pre-event planning and preparation, agree on event goals and use cases Based on expected capacity, propose resource recommendations and deployment guidance Provide continuous attention during an event Reduce resources immediately after an event Business Support Key contacts to help manage AWS resources Personalize billing, taxes, service limits, reserved instances volume purchases, etc. Trusted Advisor identifies ways to get the most out of AWS spending Provides guidance on achieving optimal performance and availability Keep your environment secure Opportunities to deliver solutions that reduce costs and increase productivity Advice for AWS organizations and consolidate billing services AWS organizations (AWS Organization) An account management service that consolidates multiple AWS accounts into a centrally managed organization. AWS Organization includes Consolidated Billing and Account Management capabilities to create a master account and create different organizational units (OUs) within the AWS Organization. Each OU can represent a department or a system environment, and several different AWS accounts can be assigned under each OU, each with different access rights to AWS. Use access policies to control the permissions of each OU. Other OUs can be created below the OU. Up to 5 layers of nesting are supported. Service Control Policy (SCP) can be used to uniformly deploy policies to control the IAM permissions of each account or OU. The default policy is to allow all operations. The policy settings can only be in the form of a whitelist or a blacklist. Either must be displayed. An Organization can only manage 20 accounts by default. If you exceed this number, you need to find AWS Support.

Consolidated Billing Consolidates bills from multiple AWS accounts into one bill for payment. Consolidated billing master account is best to use multi-factor authentication (Multi-Factor Authentication) Consolidated Billing Master accounts are best used only to manage billing and do not have any access to AWS resources Single billing: there is no need to process bills separately for each account, all accounts are unified into one convenient tracking: you can easily track the specific cost of each account. Many of AWS 'services are cheaper the more you use them, so it's easier to get to the cheaper discount threshold if your bills are consolidated. No extra charge: consolidated bills are not charged separately.

Link: www.jianshu.com/p/858771718152

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.