Amazon Web Services (AWS)

Contents

AWS Fundamentals

Core Concepts

  • Regions and Availability Zones
  • AWS Global Infrastructure
  • AWS Shared Responsibility Model
  • AWS Free Tier
  • Resource Tags
# AWS CLI Configuration aws configure AWS Access Key ID: YOUR_ACCESS_KEY AWS Secret Access Key: YOUR_SECRET_KEY Default region name: us-west-2 Default output format: json # List AWS Regions aws ec2 describe-regions # List Availability Zones aws ec2 describe-availability-zones --region us-west-2

Compute Services

EC2 (Elastic Compute Cloud)

# Launch EC2 Instance aws ec2 run-instances \ --image-id ami-0c55b159cbfafe1f0 \ --instance-type t2.micro \ --key-name MyKeyPair \ --security-group-ids sg-903004f8 \ --subnet-id subnet-6e7f829e # Instance Management aws ec2 start-instances --instance-ids i-1234567890abcdef0 aws ec2 stop-instances --instance-ids i-1234567890abcdef0 aws ec2 terminate-instances --instance-ids i-1234567890abcdef0

Lambda (Serverless)

# Example Lambda Function exports.handler = async (event) => { console.log('Event:', JSON.stringify(event, null, 2)); return { statusCode: 200, body: JSON.stringify('Hello from Lambda!') }; }; # Deploy Lambda Function aws lambda create-function \ --function-name my-function \ --runtime nodejs14.x \ --role arn:aws:iam::123456789012:role/lambda-role \ --handler index.handler \ --zip-file fileb://function.zip

Storage Solutions

S3 (Simple Storage Service)

# Create S3 Bucket aws s3 mb s3://my-bucket-name # Upload Files aws s3 cp local-file.txt s3://my-bucket-name/ aws s3 sync local-directory s3://my-bucket-name/ # Bucket Policy { "Version": "2012-10-17", "Statement": [ { "Sid": "PublicReadGetObject", "Effect": "Allow", "Principal": "*", "Action": "s3:GetObject", "Resource": "arn:aws:s3:::my-bucket-name/*" } ] }

EBS (Elastic Block Store)

# Create EBS Volume aws ec2 create-volume \ --volume-type gp2 \ --size 100 \ --availability-zone us-west-2a # Attach Volume aws ec2 attach-volume \ --volume-id vol-1234567890abcdef0 \ --instance-id i-1234567890abcdef0 \ --device /dev/sdf

Networking

VPC Configuration

# Create VPC aws ec2 create-vpc --cidr-block 10.0.0.0/16 # Create Subnet aws ec2 create-subnet \ --vpc-id vpc-1234567890abcdef0 \ --cidr-block 10.0.1.0/24 # Internet Gateway aws ec2 create-internet-gateway aws ec2 attach-internet-gateway \ --vpc-id vpc-1234567890abcdef0 \ --internet-gateway-id igw-1234567890abcdef0

Route 53 (DNS)

# Create Hosted Zone aws route53 create-hosted-zone \ --name example.com \ --caller-reference 2021-01-01 # Add Record Set aws route53 change-resource-record-sets \ --hosted-zone-id ZXXXXXXXXXXXXX \ --change-batch '{ "Changes": [{ "Action": "CREATE", "ResourceRecordSet": { "Name": "www.example.com", "Type": "A", "TTL": 300, "ResourceRecords": [{"Value": "203.0.113.25"}] } }] }'

Database Services

RDS (Relational Database Service)

# Create RDS Instance aws rds create-db-instance \ --db-instance-identifier mydb \ --db-instance-class db.t3.micro \ --engine mysql \ --master-username admin \ --master-user-password secret123 \ --allocated-storage 20 # Create Snapshot aws rds create-db-snapshot \ --db-instance-identifier mydb \ --db-snapshot-identifier mydb-snapshot

DynamoDB (NoSQL)

# Create Table aws dynamodb create-table \ --table-name Users \ --attribute-definitions \ AttributeName=UserId,AttributeType=S \ --key-schema \ AttributeName=UserId,KeyType=HASH \ --provisioned-throughput \ ReadCapacityUnits=5,WriteCapacityUnits=5 # Put Item aws dynamodb put-item \ --table-name Users \ --item '{ "UserId": {"S": "user123"}, "Name": {"S": "John Doe"}, "Email": {"S": "john@example.com"} }'

Security and IAM

IAM (Identity and Access Management)

# Create IAM User aws iam create-user --user-name newuser # Create Access Key aws iam create-access-key --user-name newuser # Attach Policy aws iam attach-user-policy \ --user-name newuser \ --policy-arn arn:aws:iam::aws:policy/AmazonS3ReadOnlyAccess # IAM Policy Example { "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Action": [ "s3:GetObject", "s3:ListBucket" ], "Resource": [ "arn:aws:s3:::my-bucket", "arn:aws:s3:::my-bucket/*" ] } ] }

Monitoring and Management

CloudWatch

# Get Metrics aws cloudwatch get-metric-statistics \ --namespace AWS/EC2 \ --metric-name CPUUtilization \ --dimensions Name=InstanceId,Value=i-1234567890abcdef0 \ --start-time 2025-01-01T00:00:00 \ --end-time 2025-01-02T00:00:00 \ --period 3600 \ --statistics Average # Create Alarm aws cloudwatch put-metric-alarm \ --alarm-name cpu-mon \ --alarm-description "CPU utilization" \ --metric-name CPUUtilization \ --namespace AWS/EC2 \ --statistic Average \ --period 300 \ --threshold 70 \ --comparison-operator GreaterThanThreshold \ --evaluation-periods 2 \ --alarm-actions arn:aws:sns:region:account-id:topic

Architecture Patterns

Best Practices

  • High Availability Design
  • Scalability Patterns
  • Cost Optimization
  • Security Best Practices
  • Disaster Recovery Strategies

Architecture Principles:

  • Design for failure
  • Implement elasticity
  • Decouple components
  • Security at every layer
  • Think parallel