Back to all videos

AWS Explained: The Most Important AWS Services To Know

By Be A Better Dev

Cloud Computing ServicesServerless ComputingData Storage and ManagementAPI Management
Share:

Key Concepts

  • DNS (Domain Name System): Translates human-readable domain names into IP addresses.
  • Blob Storage: A cloud storage service for unstructured data like images, videos, and documents.
  • CDN (Content Delivery Network): A distributed network of servers that deliver web content to users based on their geographic location.
  • Load Balancer: Distributes incoming network traffic across multiple servers to ensure no single server is overwhelmed.
  • API (Application Programming Interface): A set of rules and protocols that allows different software applications to communicate with each other.
  • WAF (Web Application Firewall): Protects web applications from common web exploits.
  • DDoS (Distributed Denial of Service): An attack that aims to disrupt normal traffic of a targeted server, service, or network by overwhelming it with a flood of internet traffic.
  • SSL/TLS Certificate: Provides encryption for data transmitted between a client and a server, ensuring secure communication.
  • Authentication: Verifying the identity of a user or system.
  • Authorization: Determining what actions an authenticated user or system is allowed to perform.
  • Compute Services: Services that provide processing power and run applications.
  • Serverless: A cloud computing execution model where the cloud provider manages the infrastructure, allowing developers to focus on writing code.
  • Containers: A lightweight, standalone, executable package of software that includes everything needed to run it.
  • Kubernetes: An open-source system for automating deployment, scaling, and management of containerized applications.
  • Functions as a Service (FaaS): A category of cloud computing services that provides a platform allowing customers to develop, run, and manage application functionalities without the complexity of building and maintaining the infrastructure typically associated with developing and launching an app.
  • File System: A method and data structure that an operating system uses to control how data is stored and retrieved.
  • Block Storage: A storage service that provides raw, unformatted block devices that can be attached to compute instances.
  • Secrets Management: A system for securely storing and managing sensitive information like API keys, passwords, and certificates.
  • Feature Flags: A software development technique that allows you to turn certain functionalities on or off remotely.
  • Relational Databases: Databases that store data in tables with predefined schemas and relationships.
  • NoSQL Databases: Databases that do not use the traditional table-based relational model.
  • Graph Databases: Databases that use graph structures with nodes, edges, and properties to represent and store data.
  • Caching: Storing frequently accessed data in a temporary storage location for faster retrieval.
  • Foundational Models (FMs): Large, pre-trained AI models that can be adapted for a wide range of downstream tasks.
  • Pub/Sub (Publish/Subscribe): A messaging pattern where publishers send messages to topics, and subscribers receive messages from topics they are interested in.
  • Message Queue: A temporary storage service for messages that are waiting to be processed.
  • CI/CD (Continuous Integration/Continuous Deployment): A set of practices that automates the building, testing, and deployment of software.
  • Infrastructure as Code (IaC): Managing and provisioning infrastructure through machine-readable definition files, rather than physical hardware configuration or interactive configuration tools.
  • IDE (Integrated Development Environment): A software application that provides comprehensive facilities to computer programmers for software development.
  • LLM (Large Language Model): A type of AI model that can understand and generate human-like text.
  • IAM (Identity and Access Management): A service that helps you securely control access to AWS resources.
  • VPC (Virtual Private Cloud): A logically isolated section of the AWS Cloud where you can launch AWS resources in a virtual network that you define.

AWS Services for an E-commerce Application

This video outlines essential AWS services for building and running an internet application, using an e-commerce platform similar to Amazon.com as a practical example. The presenter emphasizes that while AWS offers over 300 services, a core set of around 50 is sufficient for most practitioners, with even fewer requiring deep expertise.

1. Domain and Traffic Management: Route 53

  • Functionality: Route 53 is a highly available and scalable Domain Name System (DNS) web service. It's used for domain registration, DNS routing, and health checks.
  • Key Features:
    • Domain Registration: Registering website domains.
    • Health Checks: Monitors the health of resources behind endpoints. If a server fails, traffic is automatically routed to healthy instances.
    • Traffic Management:
      • Geographic-based Routing: Directs users to the closest AWS region for optimized performance.
      • Latency-based Routing: Routes traffic to the AWS region with the lowest latency for the user.
      • Failover: Automatically redirects traffic to alternative healthy resources if the primary endpoint fails, ensuring system stability.

2. Static Content Hosting: Amazon S3 and CloudFront

  • Amazon S3 (Simple Storage Service):
    • Functionality: A general-purpose, highly scalable, and durable object storage service. It's ideal for storing static assets like images, HTML files, CSS, and JavaScript.
    • Key Features:
      • Stores various file types.
      • Cost-effective and versatile.
      • Supports integrations with other AWS services for event processing (e.g., triggering a Lambda function when a file is uploaded).
  • AWS CloudFront:
    • Functionality: A Content Delivery Network (CDN) service that caches S3 content at edge locations worldwide.
    • Purpose: To reduce latency for global users by serving content from a location geographically closer to them.
    • Integration: Seamlessly integrates with S3 to replicate data across multiple regions.
    • Routing: Routes user requests to the nearest CloudFront edge location.

3. API Layer and Compute Services

  • Elastic Load Balancing (ELB) / Application Load Balancer (ALB):
    • Functionality: Distributes incoming API requests across multiple compute instances.
    • Purpose: Enables horizontal scaling of applications and improves availability.
    • Features:
      • Auto Scaling Groups: Automatically adjusts the number of compute instances based on traffic demand.
      • Sticky Sessions: Maintains session state for users across multiple requests, useful for applications like WebSockets.
  • AWS API Gateway:
    • Functionality: A fully managed service that makes it easy for developers to create, publish, maintain, monitor, and secure APIs at any scale. Often described as the "front door" to AWS services.
    • Key Features:
      • Direct Integration: Can route requests directly to various AWS services without requiring a compute layer in between.
      • Rate Limiting & Throttling: Controls the number of requests a user or application can make within a given time frame.
      • User Permissions: Manages access control for API endpoints.
      • WebSocket Support: Offers a variant for real-time, bidirectional communication.
    • Preference: The presenter often prefers API Gateway over traditional load balancers due to its flexibility.

4. Security Services

  • AWS WAF (Web Application Firewall):
    • Functionality: Protects web applications from common web exploits that could affect application availability, compromise security, or consume excessive resources.
    • Protections: Guards against bot attacks, SQL injection, and other application-layer attacks.
    • IP Blocking: Allows blocking traffic from specific IP addresses.
  • AWS Shield:
    • Functionality: A managed Distributed Denial of Service (DDoS) protection service.
    • Tiers:
      • Free Tier: Provides basic DDoS protection.
      • Advanced Tier ($3,000/month): Offers enhanced protection, 24/7 monitoring, dedicated support, and cost protection against DDoS attacks. Primarily for mission-critical applications.
  • AWS Certificate Manager (ACM):
    • Functionality: Provisions, manages, and deploys public and private SSL/TLS certificates for use with AWS services and your public websites.
    • Purpose: Ensures end-to-end encryption of traffic between users and APIs, preventing man-in-the-middle attacks.
  • Amazon Cognito:
    • Functionality: Provides user identity and access management for your web and mobile applications.
    • Key Features:
      • Authentication: Manages user sign-up, sign-in, and token generation.
      • Authorization: Allows defining user roles and permissions (e.g., administrator, student) to control access to resources.
      • User Pools: A managed directory of users.

5. Compute Services

  • Amazon EC2 (Elastic Compute Cloud):
    • Functionality: Provides resizable compute capacity in the cloud. Users rent virtual servers (instances).
    • Key Features:
      • Flexibility: Choice of operating systems (Linux, Windows), instance types, and configurations.
      • Customization: Users manage patching, availability, and instance lifecycle.
    • Considerations: Requires significant administration and maintenance.
  • AWS Lightsail:
    • Functionality: An easy-to-use cloud platform for simple applications and websites. Described as "EC2 for dummies."
    • Key Features:
      • Predefined Templates: Simplifies setup for common applications like WordPress.
      • Guided Interface: User-friendly console for beginners.
      • Cost-Effective for Simplicity: Offers a premium over EC2 but reduces management overhead.
    • Use Case: Ideal for personal websites, small applications, and new AWS users.
  • Amazon ECS (Elastic Container Service) & AWS Fargate:
    • ECS Functionality: A highly scalable, high-performance container orchestration service that supports Docker containers.
    • Fargate: A serverless compute engine for containers that works with ECS and EKS. It removes the need to provision and manage servers. Users specify the desired number of tasks, and Fargate handles the underlying infrastructure.
  • Amazon EKS (Elastic Kubernetes Service):
    • Functionality: A managed Kubernetes service that makes it easy to run Kubernetes on AWS without needing to install, operate, and maintain your own Kubernetes control plane or nodes.
    • Use Case: For organizations already invested in the Kubernetes ecosystem.
  • AWS Lambda:
    • Functionality: A serverless, event-driven compute service that lets you run code without provisioning or managing servers.
    • Key Features:
      • Event-Driven: Triggers functions based on events from other AWS services (e.g., S3 uploads, API Gateway requests).
      • Scalability: Automatically scales compute resources up and down based on demand.
      • Low Maintenance: Highly managed and easy to use.
      • Integrations: Tightly integrated with many AWS services like S3, Cognito, API Gateway, and SQS.
    • Use Cases: API-based services, event processing, backend logic.

6. Storage Services

  • Amazon EFS (Elastic File System):
    • Functionality: A scalable, elastic file storage system for use with AWS Cloud services and on-premises resources.
    • Purpose: Allows multiple EC2 instances or other compute resources to access the same shared file system simultaneously.
    • Use Case: Storing shared static content or data that needs to be accessed by multiple compute instances.
  • Amazon EBS (Elastic Block Store):
    • Functionality: Provides persistent block storage volumes for use with EC2 instances.
    • Characteristics: Acts like a physical hard drive attached to an instance.
    • Use Case: Ideal for databases, transactional applications, or scenarios requiring high I/O throughput and consistency.

7. Configuration and Secret Storage

  • AWS Secrets Manager:
    • Functionality: Helps you protect secrets needed to access your applications, services, and IT resources.
    • Features: Securely stores, manages, and rotates secrets (e.g., API keys, database credentials).
    • Access Control: Granular permissions control who can access the raw secrets.
  • AWS AppConfig:
    • Functionality: A service that enables you to develop, deploy, and manage application configurations.
    • Purpose: Used for implementing feature flags, allowing developers to enable or disable features dynamically without redeploying code.
    • Integration: Can be called directly or via agents that poll for configuration updates.

8. Databases

  • Amazon RDS (Relational Database Service):
    • Functionality: Makes it easy to set up, operate, and scale a relational database in the cloud.
    • Supported Engines: MySQL, PostgreSQL, MariaDB, Oracle, SQL Server.
    • Key Features:
      • Managed Service: Handles patching, backups, and scaling.
      • Multi-AZ Deployments: Provides high availability by replicating data across multiple Availability Zones.
      • Auto Scaling: Scales database storage and compute resources.
      • Monitoring Tools: Offers sophisticated monitoring capabilities.
  • AWS Aurora:
    • Functionality: A MySQL and PostgreSQL-compatible relational database built for the cloud.
    • Key Features:
      • Performance: Offers higher throughput than standard MySQL and PostgreSQL.
      • Serverless Variant: Scales down to zero when not in use, significantly reducing costs. Allows configurable scaling limits.
  • Amazon DynamoDB:
    • Functionality: A fast, flexible, and scalable NoSQL database service.
    • Type: Key-value and document data store.
    • Key Features:
      • Fully Managed: No servers to manage.
      • Predictable Performance: Optimized for key-value lookups.
      • Scalability: Handles massive amounts of data and traffic.
    • Usage: Powers many internal Amazon applications and other AWS services.
  • Amazon DocumentDB:
    • Functionality: A fully managed document database service that supports MongoDB workloads.
    • Purpose: For developers who prefer MongoDB's document model and want a managed service.
  • Amazon Keyspaces:
    • Functionality: A scalable, highly available, and managed Apache Cassandra-compatible database service.
    • Purpose: For developers who need a managed Cassandra solution.
  • Amazon Neptune:
    • Functionality: A fast, reliable, fully managed graph database service.
    • Use Case: Representing and querying complex relationships, such as social networks (friends of friends).
    • Query Types: Supports analytical and transactional queries.
  • Amazon OpenSearch Service:
    • Functionality: A managed service that makes it easy to deploy, operate, and scale OpenSearch clusters. It's a rebranded version of Elasticsearch.
    • Use Case: Log aggregation, log analysis, search engines, and fuzzy searches (e.g., autocomplete).
  • AWS DMS (Database Migration Service):
    • Functionality: Helps you migrate databases to AWS easily and securely.
    • Purpose: Can be used to move data from on-premises data centers to AWS databases like RDS.

9. Caching Services

  • Amazon ElastiCache:
    • Functionality: A managed in-memory caching service that supports Redis and Memcached.
    • Purpose: To speed up data retrieval by storing frequently accessed data in memory.
    • Considerations: Cache state is lost if nodes go down. Requires managing node types and sizes.
  • Amazon MemoryDB for Redis:
    • Functionality: A Redis-compatible, durable in-memory database service.
    • Key Distinction from ElastiCache: Data is persisted to a replication log, ensuring state is maintained even if nodes go down. Can be used like a database.
    • Performance: Provides microsecond latency for data retrieval.

10. AI and Machine Learning Services

  • Amazon Bedrock:
    • Functionality: A fully managed service that offers a choice of high-performing foundational models (FMs) from leading AI companies via a single API.
    • Purpose: For application developers to build and scale AI-powered applications (e.g., chatbots, image generation).
  • AWS SageMaker:
    • Functionality: A fully managed service that provides every developer and data scientist with the ability to build, train, and deploy machine learning models quickly.
    • Target Audience: Data scientists and ML engineers.
  • Amazon Rekognition:
    • Functionality: An image and video analysis service that can detect objects, scenes, activities, text, and faces.
  • Amazon Polly:
    • Functionality: A service that turns text into lifelike speech.
  • AWS Transcribe:
    • Functionality: Automatically converts speech to text. Can also identify different speakers.

11. Application Coordination and Messaging

  • Amazon SNS (Simple Notification Service):
    • Functionality: A fully managed messaging service for both application-to-application (A2A) and application-to-person (A2P) communication.
    • Pattern: Pub/Sub (Publish/Subscribe). Publishers send messages to an SNS topic, and subscribers (other applications) receive copies of those messages.
    • Use Cases: Decoupling microservices, sending notifications, triggering workflows.
  • Amazon SQS (Simple Queue Service):
    • Functionality: A fully managed message queuing service that enables you to decouple and scale microservices, distributed systems, and serverless applications.
    • Pattern: Message Queue. Messages are placed in a queue and processed by consumers at their own pace.
    • Types:
      • FIFO Queues: Ensure messages are processed in the exact order they are sent.
      • Standard Queues: Offer best-effort ordering.
    • Benefit: Prevents back pressure on APIs when consumers are slower than producers.
  • Amazon EventBridge:
    • Functionality: A serverless event bus service that makes it easy to connect applications together using data from your own applications, integrated SaaS applications, and AWS services.
    • Key Features:
      • Event Bus: Central hub for routing events.
      • AWS Event Integration: Can capture events from various AWS services (e.g., EC2 instance state changes).
      • Schema Discovery: Helps consumers understand the structure of messages.
      • Rules: For scheduling recurring events (cron-like functionality).
      • Scheduler: For scheduling events at specific times in the future.
  • AWS Step Functions:
    • Functionality: A serverless function orchestrator that makes it easy to sequence AWS Lambda functions and multiple AWS services into business-critical applications.
    • Purpose: To build complex workflows with parallel tasks, conditionals, error handling, and state management.
    • Visual Workflow: Provides a visual representation of the workflow.
  • AWS MWAA (Managed Workflows for Apache Airflow):
    • Functionality: A managed service for Apache Airflow, an open-source platform to programmatically author, schedule, and monitor workflows.
    • Use Case: For organizations that prefer an open-source solution for workflow orchestration and want to avoid vendor lock-in with Step Functions.

12. Data Processing and Analytics

  • Amazon EMR (Elastic MapReduce):
    • Functionality: A managed cluster platform that simplifies running big data frameworks, such as Apache Hadoop, Apache Spark, and Apache Hive, on AWS.
    • Use Case: Processing large datasets for analytics and insights.
  • Amazon Athena:
    • Functionality: An interactive query service that makes it easy to analyze data directly in Amazon S3 using standard SQL.
    • Benefit: Serverless, pay-per-query model, eliminating the need to manage clusters.
  • AWS Glue:
    • Functionality: A fully managed extract, transform, and load (ETL) service that makes it easy to prepare and move data for analytics.
    • Key Features: Serverless, data catalog, data manipulation.
  • Amazon Redshift:
    • Functionality: A fully managed, petabyte-scale data warehouse service.
    • Characteristics: Columnar database, designed for large-scale analytical workloads.
    • Considerations: Can be very expensive; suitable for large organizations with many users and massive datasets.
  • Amazon QuickSight:
    • Functionality: A scalable, serverless, embeddable, machine learning-powered business intelligence (BI) service built for the cloud.
    • Purpose: Creating interactive dashboards, visualizations, and performing business intelligence analysis.
  • Amazon Kinesis:
    • Functionality: A platform for streaming data on AWS.
    • Components:
      • Kinesis Data Streams: For real-time data ingestion and processing.
      • Kinesis Data Firehose: For loading streaming data into data stores and analytics tools.
      • Kinesis Data Analytics: For running real-time analytics on streaming data.

13. Monitoring and Logging

  • Amazon CloudWatch:
    • Functionality: A monitoring and observability service built for DevOps engineers, developers, site reliability engineers (SREs), and IT managers.
    • Key Features:
      • Logs: Collects and analyzes logs from various AWS services. CloudWatch Logs Insights allows querying logs with a SQL-like syntax.
      • Dashboards: Customizable dashboards with widgets to visualize metrics.
      • Metrics: Time-series data representing performance and operational data.
      • Alarms: Triggers notifications or actions when metrics cross predefined thresholds.
  • AWS CloudTrail:
    • Functionality: Records API calls for your AWS account and delivers log files to you.
    • Purpose: Provides audit logs of user activity and resource changes for governance and compliance.
  • AWS Config:
    • Functionality: Assesses, audits, and evaluates the configurations of your AWS resources.
    • Purpose: Ensures compliance with organizational policies (e.g., disabling public access on S3 buckets).
  • AWS X-Ray:
    • Functionality: Helps developers analyze and debug distributed applications, such as those built using microservices.
    • Key Feature: Traces requests as they travel through your application, providing end-to-end visibility into request paths, service dependencies, and performance bottlenecks.

14. CI/CD and Infrastructure as Code

  • AWS CodeBuild:
    • Functionality: A fully managed continuous integration service that compiles source code, runs tests, and produces software packages that are ready to deploy.
  • AWS CodeDeploy:
    • Functionality: Automates code deployments to various compute services, including EC2 instances, AWS Lambda, and on-premises servers.
  • AWS CodePipeline:
    • Functionality: A fully managed continuous delivery service that helps you automate your release pipelines for fast and reliable application and infrastructure updates.
  • AWS CloudFormation:
    • Functionality: A service that helps you model and set up your AWS resources so that you can spend less time managing infrastructure and more time innovating.
    • Methodology: Uses JSON or YAML template files to define infrastructure resources.
  • AWS CDK (Cloud Development Kit):
    • Functionality: An open-source software development framework for defining cloud infrastructure in code and provisioning it through AWS CloudFormation.
    • Advantage: Allows using familiar programming languages (Python, Java, TypeScript, etc.) and provides constructs for reusability and abstraction, making it more user-friendly than CloudFormation.

15. Developer Productivity and Tools

  • AWS Amplify:
    • Functionality: A set of tools and services that helps front-end web and mobile developers build scalable full-stack applications, powered by AWS.
    • CLI: Simplifies tasks like creating databases, compute instances, and authentication.
    • SDK: Provides UI components and libraries for easy integration.
    • Use Case: Prototyping and rapid development. Can be challenging to migrate away from later.
  • AWS AppSync:
    • Functionality: A fully managed GraphQL service that makes it easy to build data-driven applications.
    • Purpose: For GraphQL developers to manage resolvers and data sources without managing servers.
  • Amazon WorkSpaces:
    • Functionality: A fully managed, secure Desktop-as-a-Service (DaaS) solution that provides users with access to virtual desktops from any supported device.
    • Use Case: End-user computing, providing pre-configured software environments.
  • Amazon Q:
    • Functionality: An AI assistant that integrates with IDEs to provide code autocompletion and answer questions about code and AWS resources.
    • Benefit: Enhances developer efficiency.
  • AWS MCP (Model Context Protocol):
    • Functionality: A feature that allows interacting with AWS resources using natural language via an LLM.
    • Considerations: Potentially powerful but carries security risks due to its direct interaction with account resources.

16. Permissions and Identity Management

  • AWS IAM (Identity and Access Management):
    • Functionality: Controls access to AWS services and resources securely.
    • Key Concepts:
      • Users: Represent individuals or applications that need to access AWS.
      • Roles: Predefined sets of permissions that can be assumed by users, applications, or AWS services.
      • Policies: JSON documents that define permissions.
  • AWS Identity Center (formerly AWS SSO):
    • Functionality: Enables users to sign in to multiple AWS accounts and applications with a single set of credentials.
    • Integration: Connects with external identity providers (e.g., Google Workspace, Okta) and maps users to AWS roles and accounts.

17. Cloud Network Management

  • Amazon VPC (Virtual Private Cloud):
    • Functionality: Allows you to provision a logically isolated section of the AWS Cloud where you can launch AWS resources in a virtual network that you define.
    • Purpose: Enhances security by isolating resources and controlling network traffic.
  • AWS VPN:
    • Functionality: Establishes secure, encrypted connections between your on-premises network or client devices and your VPC.
    • Use Case: Securely accessing VPC resources from outside the AWS cloud.
  • AWS PrivateLink:
    • Functionality: Provides private connectivity between VPCs, AWS services, and on-premises applications, or between different AWS services.
    • Purpose: Enables secure communication between VPCs and with AWS services without exposing traffic to the public internet.

Conclusion

The video provides a comprehensive overview of essential AWS services, categorized by their function within an application architecture. It emphasizes a practical, example-driven approach, highlighting the core services needed for effective AWS practice. The presenter stresses that understanding a subset of these services is key to becoming an proficient AWS practitioner, rather than attempting to master all 300+. The discussion moves logically from foundational services like DNS and storage to compute, databases, security, messaging, analytics, monitoring, CI/CD, and finally, identity and networking. The presenter also shares personal preferences and recommendations, such as favoring API Gateway over traditional load balancers and Lambda for its serverless capabilities.

Chat with this Video

AI-Powered

Hi! I can answer questions about this video "AWS Explained: The Most Important AWS Services To Know". What would you like to know?

Chat is based on the transcript of this video and may not be 100% accurate.

Related Videos

Ready to summarize another video?

Summarize YouTube Video