Before knowing about AWS we should about Cloud Computing , so us first understand about cloud computing.

Imagine that u have a small business by the name “Bharat industries” and u want to run your business website on your computer and store all customer data and finance data for this u will do

1-Hire one IT team to main and create a website.

2- Buy a separate building to store your products.

3-Pay electricity bills and rent.

4-Buy a physical server.

5-Maintain that physical server with specific degree.

6 many more money you will spend some times money becomes useful sometimes not.

( This is like a owning a restaurant ) - to reduce all your expenses we use cloud computing.

Cloud computing is the ON-DEMAND DELIVARY of computing services like storage , Database , Networking , servers etc.., over the cloud(internet) instead of buying and managing with PAY-AS-YOU-GO.

Pay-as-You-Go – No upfront cost; pay for usage.
Scalable – Increase or decrease resources as needed.
Accessible Anywhere – Use services from any device, anytime.

🚫NOTE- “ You are renting instead of owning all cloud resources with pay-as-you-go pricing. “

These type of cloud resources are providing by many companies like

»»»Amazon-Amazon wed services«««

»»»Microsoft-Azure«««

»»»Google-GCP«««

Real-World Example:

Using Google Drive is like choosing a modern, efficient way to store your files. Instead of relying on a USB drive, Google keeps your files in the cloud, allowing you to access them from any device without the need for physical storage.

Now, shall we dive into AWS? Let's explore its services, benefits, and drawbacks with a real-world example.

AWS (Amazon Web Services) is widely used as a cloud computing platform provided by Amazon. It offers a variety of on-demand services like storage, networking, database, monitoring, messaging, and many more, which are delivered over the internet.

Why AWS means

On-demand and pay-as-you-go pricing model so that employees or customers spend money only on what they need.
Scalable - AWS can handle anything from a small blog to a big app like Netflix.
High availability and faster deployment - AWS has data centers worldwide and can launch servers in a minute.

Drawbacks are:

AWS has lots of services, making it complex for beginners.
Without monitoring, saving costs is difficult.

AWS has lots of services, as I already mentioned, but we will learn the basic services that everyone must know. THEY ARE—

IN COMPUTE - EC2, Lambda, ECS, EKS, Lightsail.
STORAGE - S3, EBS, EFS.
NETWORKING - VPC, Route 53, CloudFront, ALB, NLB.
DATABASE - DynamoDB, RDS.
SECURITY - IAM, KMS.
MONITORING - CloudWatch, CloudTrail.
MESSAGING - SQS, SNS.

▶️COMPUTE-AWS Provides virtual machines and serverless computing to run applications.

🌟Ec2-Elastic compute cloud is a virtual server for running applications over the cloud and host websites.

0key features -

Customizable - You can modify your cloud resources according to your requirements, like how many CPUs are needed and memory size, etc.
Scalable - You can expand or shrink your resources, and you only have to pay for the extra resources when needed.
Secure - AWS provides security features like encryption and firewalls, which prevent hacking and data loss.

Example-Netflix uses ec2 to stream videos worldwide.

🌟lambda-it is a serverless compute service which lets you run your code without servers, and it is also scalable and supports multiple languages.

🌟ECS- ECS is a fully managed container orchestration service by AWS to run ans scale docker containers, it is easy to use for quicker deployment.

🌟EKS-EKS is a managed Kubernetes service that allows you to run Kubernetes clusters on AWS without managing the Kubernetes control plane.

🌟Lightsail-AWS Lightsail is a simplified cloud platform designed for small businesses, developers, and beginners who want to quickly launch websites, applications, and databases without managing complex AWS infrastructure.

▶️STORAGE-Offers variety of storage solutions based on sped and cost.

🌟S3 - Simple Storage Service used to store and organize files like images, folders, videos, or backups. It is also customizable, durable, and scalable.

✅ Bucket versioning -tracks and stores multiple versions of an object.

\***storage classes*****

S3 Standard - For frequently accessed data with low latency and high throughput.
S3 Intelligent-Tiering - Automatically moves data between storage tiers to save costs.
S3 One Zone - For infrequently accessed data stored in a single availability zone.
S3 Glacier - For long-term, low-cost, archival storage.
S3 Glacier Deep Archive - For lowest-cost, archival storage with rare access.

🌟EBS- Elastic block storage is like a virtual hard drive which stores data in the form of volumes.
Data remains even after EC2 is stopped.
Can be resized, attached, or detached from EC2 instances.
We can mount (connect a storage device) volume.
We can take backups (snapshots).

🌟EFS - Elastic File System can store files for multiple EC2 instances using the NFS (Network File System) protocol.

▶️MESSAGING- Messaging in cloud computing allows applications, microservices, or distributed systems to communicate asynchronously (without waiting for an immediate response).

🌟SQS - Simple Queue Service where we can send bulk messages to different users at a time with multiple availability zones. The queue is used to store and manage items in a specific order (FIFO - first in, first out), and you can also send and read messages simultaneously.

▶️Monitoring and Logging- Monitoring in AWS means tracking and analyzing the performance, health, and security of your cloud resources. It helps detect issues early, optimize performance, and improve security.

🌟CloudWatch - It is a monitoring and observing service that collects and analyzes data with the help of metrics, also by setting alarms (if thresholds are exceeded, it sends a message to our email) and by triggering actions like scaling resources (if thresholds are exceeded, it automatically takes a backup to reduce cost).

🌟CloudTrail - It helps in logging and auditing service that records API (application programming interface) calls and user activities, and also helps to track who did it, when it was done, and where in AWS it happened.

▶️Networking - Networking allows you to create isolated networks within AWS.

✅KEY FEATURES- [vpc, subnet, route table, internet gateway, nat gateway, vpc peering, transit gateway, cloudfront, route 53, application load balancer, network load balancer, virtual private network (vpn), security group, access control list (ACL)].

🌟VPC - Virtual Private Cloud is a private or isolated network that helps you secure your data in the cloud. You can also define IP ranges using CIDR blocks (e.g., 0.0.0.0/16, /24, /25). It is customizable and secure.

✅IP-internet protocol address(IPv4 has 32 bits , IPv6 has 128 bits)

✅CIDR-Classless-inter-domain-routing specifies the range of IP address within a network.

↘️↘️↘️↘️↘️↘️↘️

CIDR Block	Total IPs	Usable IPs	Notes

/32

Single IP address

/30

Smallest subnet for point-to-point

/29

Small networks

/28

Common for small VPC subnets

/24

256

251

Standard subnet size

/16

65,536

65,531

Large network, used in AWS VPC

🌟SUBNET-subnet is a range of IP address in your VPC. It has two types public and private subnet.

✅public subnet has direct access to internet via igw.

✅private subnet does not have internet access. Using NAT gateway you will get access.

🌟INTERNET GATEWAY- Allows instances in a public subnet to access the internet and it also acts as a bridge between VPC and subnet. It must be Bi-Directional , must be attached to VPC.

🌟NAT GATEWAY- Network address translation provide route to the private subnet to get internet access without exposing them to the incoming traffic.

🌟ROUTE TABLE- It defines how traffic should flow within the VPC and each subnet is associated with the route table. eg.. It acts as GPS.

🚫Note: If you still don't understand VPC, no worries, I am going to explain it to you with a simple story of a kingdom called VPC.

A SECURE KINGDOM IN AWS LAND:

Once upon a time, there was a kingdom called Virtual Private Cloud (VPC). It was a place where all the data and applications were stored or kept with protected security groups, and most importantly, its boundaries were very strong. The VPC kingdom was well planned with strong walls (CIDR BLOCKS) to ensure unauthorized persons could not enter the kingdom. The VPC kingdom's king was a DevOps engineer who wanted his kingdom to be a secure, scalable, and effective network for his empire of applications. To make the applications more secure, the king divided the kingdom into two districts called public subnet and private subnet. In the public subnet, visitors (users) could enter where web servers were located. But to ensure only trusted visitors could enter, there were security groups and route tables at every entrance. To connect the visitors (users) to the outside world, there was an internet gateway that allowed communication with anyone across your land. On the other side, there was a private subnet where visitors (users) were not allowed to access the outside world because the king didn't want visitors to interfere with sensitive data. Instead, they needed a secret tunnel (NAT gateway) to safely access outside updates. In the depths of the kingdom, there was a database subnet where all the kingdom's important records were stored. Only the private subnet could communicate with it. One day, an evil hacker tried to breach the kingdom and access the data in the VPC, but the firewall and security group (boundaries) blocked the attack, and CloudWatch, an observer, alerted the king. The king quickly used AWS Shield and WAF to add extra security to the kingdom so that the hacker would fail permanently.

❗Moral of the Story:

Building a VPC is like designing a secure kingdom. With proper subnets, security, and routing, you can ensure a well-guarded and scalable cloud infrastructure.

🌟VPC PEERING- It connects 2 VPC for private communication used when two diff team or diff application have separate VPC.

🌟TRANSIT GATEWAY- It can connects multiple VPC via central hub.

🌟CLOUDFRONT - It is a CDN (content delivery network) that delivers content like APIs, websites, etc., to users globally with low latency (quick).

✅EDGE LOCATION - It is a data center that caches or copies your content to improve delivery speed for quick access..

🌟ROUTE53-It is a highly available DNS (domain name system) which translates the domain name (www.joshi.com) into IP address and it also helps to manage domain name and route traffic and it is scalable and reliable.

🌟LB - Load balancer distributes the incoming traffic across multiple servers to ensure no single server is overloaded with too much traffic.

✅Types - ALB (application load balancer) [OSI layer 7, HTTP and HTTPS, URL path], NLB (network load balancer) [OSI layer 4, TCP and UDP, transport], GLB (gateway load balancer) [OSI layers 4 and 7, IP].

🌟SECURITY GROUP- Acts as a stateful(remember the previous interactions in traffic) firewall controlling inbound and out bound traffic.

🌟ACCES CONTROL LIST-Acts as a stateless(does not remember the previous interaction in traffic) firewall controlling traffic at the subnet level.

🚫NOTE - OSI layers open system interaction used to understand how traffic network protocol interact in a network.

▶️DATABASES- Used to store data of users etc…

TYPES - DynamoDB and RDS.

SQL vs NoSQL Databases

Databases are categorized into SQL (Structured Query Language) and NoSQL (Not Only SQL) based on how they store and retrieve data.

🌟DynamoDB (non-relational) - It is used for applications that need scalability and flexibility and supports millions of requests per second.

🌟RDS (relational) - Relational databases store structured data in rows and tables. Supports MySQL, MariaDB, Oracle, and Amazon Aurora. It handles backups and scaling.

🌟ELASTIC CACHE - Used for fast data retrieval with low latency, e.g., Redis.

▶️Security and Identity- AWS offers various security and identity services to help organizations protect their cloud setup, manage user access, and ensure compliance.

🌟IAM- Identity and access management controls who and what AWS resources he can access or control.

✅Key features-

User, group, and roles define who can access what.
Policies - JSON-based documents that define permissions.
MFA - Multi-factor authentication adds an extra layer to the security.
IAM Roles - Grants temporary access to AWS resources.

🌟KMS - Key Management Service is a managed service that allows you to create, manage, and control cryptographic keys for encryption across AWS services.

✅Encryption - It converts plain text into unreadable or scrambled text using mathematical algorithms.

✅Decryption - It converts scrambled text into readable text using a key.

🌟AWS Inspector - Automated assessment for AWS workloads. It detects vulnerabilities and provides security recommendations by continuous scanning.

☢️EXTRA SERVICES TO REMEMBER-

☑️AMI - Amazon Machine Image is a preconfigured template that contains OS applications to launch EC2 instances like Windows, Linux, and Ubuntu.

☑️KEY PAIR - Key pair is a security mechanism used for securely connecting to an EC2 instance.

☑️INBOUND RULES - Define what kind of incoming traffic should be allowed to reach our resources. Controls what comes in, like SSH port 22.

☑️OUTBOUND RULES - Define what kind of outgoing traffic should be allowed to leave our resources. Controls what goes out, like HTTP port 80 and HTTPS port 443.

☑️AUTOSCALING - Automates or adjusts the capacity of your resources to meet changing demand, ensuring cost efficiency and minimum/maximum desired capacity.

☑️ELASTIC IP - Elastic IP is a static public IP that remains constant even after stopping and starting the EC2 instance.

☑️REPLICATION - Copying and maintaining data across multiple locations to ensure data availability. It duplicates the data and distributes it into multiple locations.

☑️SAAS - Software as a Service - you use ready-made software without managing servers, like Gmail and Google Drive.

☑️PAAS - Platform as a Service - you get a platform to develop and deploy applications without managing the infrastructure, like AWS Elastic Beanstalk.

☑️IAAS - Infrastructure as a Service - you rent virtual machines, storage, and networking to build your own applications, like AWS and Azure.

♻️Recap the Main Points-

In this blog, we discussed AWS services and their applications in modern cloud computing. AWS offers a comprehensive ecosystem for networking, storage, security, and automation, supporting businesses and developers. Its scalability, reliability, and extensive services make AWS a crucial skill for tech professionals.

🔰THANKYOU-

I hope this post helped you understand AWS better. Keep exploring, trying new things, and creating great cloud solutions!

"A Beginner’s Journey into AWS Cloud Services".