Amazon Web Services (AWS) - Complete Beginner's Guide
Amazon Web Services (AWS) - Complete Beginner's Guide
Table of Contents
- What is AWS?
- Why Use AWS?
- Core Concepts
- AWS Global Infrastructure
- Essential AWS Services
- Getting Started with AWS
- AWS Pricing
- Security Best Practices
- Common Architecture Patterns
- Glossary
What is AWS?
Amazon Web Services (AWS) is like renting a supercomputer over the internet. Instead of buying expensive hardware and setting up your own data center, you can use Amazon's computers, storage, and other services on-demand.
Real-World Analogy
Think of AWS like a utility company:
- Electricity Company: You don't build your own power plant. You plug into the grid and pay for what you use.
- AWS: You don't build your own data center. You "plug in" to Amazon's infrastructure and pay for what you use.
Why Use AWS?
Benefits Explained Simply
| Benefit | Traditional Way | AWS Way |
|---|---|---|
| Cost | Buy expensive servers upfront ($10,000+) | Pay only for what you use (can start free) |
| Scaling | Takes weeks to buy and set up new servers | Add more power in minutes with a few clicks |
| Reliability | If your server dies, your site goes down | AWS automatically handles failures |
| Global Reach | Need physical servers in each country | Deploy worldwide in minutes |
| Maintenance | You fix hardware, update software, etc. | Amazon handles all the physical stuff |
Who Uses AWS?
- Netflix - Streams all their movies using AWS
- Airbnb - Runs their entire platform on AWS
- NASA - Processes space data using AWS
- Your favorite startups - Most start on AWS because it's cost-effective
Core Concepts
1. The Cloud
The "cloud" simply means computers owned by someone else that you access over the internet.
2. On-Demand
On-demand means you can start using resources immediately without:
- Signing long contracts
- Waiting for hardware to arrive
- Making upfront payments
It's like turning on a light switch - instant access.
3. Pay-As-You-Go
You only pay for exactly what you use:
- Use a server for 1 hour? Pay for 1 hour.
- Store 5 GB of files? Pay for 5 GB.
- No usage? No charge.
4. Regions and Availability Zones
AWS has data centers all around the world:
- Region: A geographic area (e.g., US East, Europe, Asia)
- Availability Zone (AZ): A separate data center within a region
Why does this matter?
- Put your app close to your users = faster loading
- Spread across multiple AZs = if one data center fails, your app keeps running
AWS Global Infrastructure
How AWS is Organized
Choosing a Region
Consider these factors:
- Latency (Speed): Choose regions close to your users
- Compliance: Some data must stay in certain countries
- Cost: Prices vary by region
- Services: Not all services are available in all regions
Essential AWS Services
AWS has 200+ services, but here are the most important ones for beginners:
1. EC2 (Elastic Compute Cloud) - Virtual Servers
What it is: A virtual computer in the cloud that you can use to run applications.
Real-world analogy: Renting a computer instead of buying one.
Common Use Cases:
- Running a website
- Running background jobs
- Hosting an application
Instance Types Explained:
| Type | Best For | Analogy |
|---|---|---|
| t2.micro | Learning, small sites | Bicycle |
| t2.small | Small apps | Scooter |
| t2.medium | Medium apps | Car |
| m5.large | Production workloads | Truck |
| c5.xlarge | Heavy computing | Sports car |
2. S3 (Simple Storage Service) - File Storage
What it is: Unlimited storage for files in the cloud.
Real-world analogy: A giant, unlimited hard drive in the cloud.
Key Concepts:
- Bucket: A container for files (like a folder)
- Object: A file stored in a bucket
- Key: The file's unique name/path
Storage Classes (different prices for different needs):
| Class | Use Case | Cost | Retrieval |
|---|---|---|---|
| Standard | Frequently accessed | $$$ | Instant |
| Intelligent-Tiering | Unknown access patterns | $$ | Instant |
| Glacier | Archives, rarely accessed | $ | Minutes to hours |
| Glacier Deep Archive | Long-term archives | ¢ | 12-48 hours |
3. RDS (Relational Database Service) - Managed Databases
What it is: A database that AWS manages for you.
Real-world analogy: Instead of building and maintaining your own filing cabinet, you rent one that someone else maintains.
Supported Databases:
- MySQL
- PostgreSQL
- MariaDB
- Oracle
- SQL Server
- Amazon Aurora (AWS's own, faster version)
4. Lambda - Serverless Computing
What it is: Run code without managing servers. Just upload your code and AWS runs it.
Real-world analogy: Instead of renting a whole kitchen to make one dish, you just tell the chef what to cook and pay per dish.
Benefits:
- No server management
- Automatic scaling
- Pay only when code runs
- First 1 million requests/month are FREE
5. VPC (Virtual Private Cloud) - Your Private Network
What it is: Your own private, isolated section of AWS.
Real-world analogy: Your own gated community within a city.
Key Concepts:
- Subnet: A smaller network within your VPC
- Public Subnet: Can be accessed from the internet
- Private Subnet: Only accessible from within the VPC
- Internet Gateway: The "door" connecting your VPC to the internet
6. IAM (Identity and Access Management) - Security
What it is: Controls who can do what in your AWS account.
Real-world analogy: A security system with keycards - different people have access to different rooms.
Key Concepts:
- User: A person or application that interacts with AWS
- Group: A collection of users with the same permissions
- Role: Permissions that can be assumed by services or users
- Policy: A document that defines what actions are allowed
7. CloudWatch - Monitoring
What it is: Watches your AWS resources and applications, sending alerts when something goes wrong.
Real-world analogy: Security cameras and alarms for your infrastructure.
Getting Started with AWS
Step 1: Create an AWS Account
- Go to aws.amazon.com
- Click "Create an AWS Account"
- Enter your email and create a password
- Provide payment information (you won't be charged for free tier)
- Verify your phone number
- Choose the "Basic Support - Free" plan
Step 2: Secure Your Account
Important Security Steps:
-
Enable MFA (Multi-Factor Authentication) on your root account
- Go to IAM → Dashboard → Activate MFA on your root account
- Use an authenticator app like Google Authenticator
-
Create an Admin User
- Never use the root account for daily work
- Create a user with "AdministratorAccess" policy
-
Enable Billing Alerts
- Go to Billing → Preferences → Receive Free Tier Usage Alerts
Step 3: Explore the Free Tier
AWS offers a generous free tier for 12 months:
| Service | Free Amount |
|---|---|
| EC2 | 750 hours/month of t2.micro |
| S3 | 5 GB storage |
| RDS | 750 hours/month of db.t2.micro |
| Lambda | 1 million requests/month |
| CloudWatch | 10 custom metrics |
Step 4: Launch Your First EC2 Instance
Quick Launch Guide:
- Go to EC2 in the AWS Console
- Click "Launch Instance"
- Name your instance (e.g., "my-first-server")
- Choose "Amazon Linux 2" (free tier eligible)
- Choose "t2.micro" (free tier eligible)
- Create a new key pair and download it
- Allow SSH traffic in security group
- Click "Launch Instance"
AWS Pricing
How Pricing Works
Pricing Models
| Model | Best For | Savings |
|---|---|---|
| On-Demand | Short-term, unpredictable workloads | 0% (baseline) |
| Reserved Instances | Steady, predictable workloads (1-3 year commitment) | Up to 72% |
| Spot Instances | Flexible workloads that can be interrupted | Up to 90% |
| Savings Plans | Flexible commitment across services | Up to 72% |
Cost Management Tips
- Use the AWS Free Tier - Know what's free
- Set Up Billing Alerts - Get notified before you're charged
- Use Cost Explorer - See where your money goes
- Right-size resources - Don't pay for more than you need
- Turn off unused resources - Stop instances when not needed
- Use Reserved Instances - For predictable workloads
Checking Your Bill
Security Best Practices
The Shared Responsibility Model
Security Checklist
- Enable MFA on root account (CRITICAL!)
- Don't use root account for daily tasks
- Create individual IAM users for each person
- Use groups to assign permissions
- Follow least privilege - give minimum necessary permissions
- Rotate access keys regularly
- Enable CloudTrail to log all API calls
- Use Security Groups as firewalls
- Encrypt data at rest and in transit
- Enable AWS Config to track configuration changes
Security Groups (Virtual Firewalls)
Common Architecture Patterns
1. Simple Web Application
2. Serverless Architecture
3. Microservices with Containers
Glossary
| Term | Definition |
|---|---|
| AMI | Amazon Machine Image - A template for creating EC2 instances |
| ARN | Amazon Resource Name - A unique identifier for AWS resources |
| Availability Zone | A separate data center within a region |
| Bucket | A container for objects in S3 |
| CIDR | A notation for specifying IP address ranges (e.g., 10.0.0.0/16) |
| CloudFormation | AWS service for infrastructure as code |
| EBS | Elastic Block Store - Hard drive storage for EC2 |
| Elastic | Ability to automatically scale up or down based on demand |
| Instance | A virtual server in EC2 |
| MFA | Multi-Factor Authentication - Extra security layer |
| NAT Gateway | Allows private subnet instances to access the internet |
| Region | A geographic area containing multiple availability zones |
| Security Group | A virtual firewall for your EC2 instances |
| Subnet | A subdivision of a VPC's IP address range |
| VPC | Virtual Private Cloud - Your isolated network in AWS |
Quick Reference: AWS CLI Commands
# Configure AWS CLI with your credentials
aws configure
# List all S3 buckets
aws s3 ls
# Copy file to S3
aws s3 cp myfile.txt s3://my-bucket/
# List EC2 instances
aws ec2 describe-instances
# Start an EC2 instance
aws ec2 start-instances --instance-ids i-1234567890abcdef0
# Stop an EC2 instance
aws ec2 stop-instances --instance-ids i-1234567890abcdef0
Next Steps
- Practice: Use the AWS Free Tier to experiment
- Learn More: AWS Training and Certification
- Get Certified: Start with AWS Cloud Practitioner certification
- Build Projects: Create a simple web app on AWS
- Learn Terraform: See Terraform.md to manage AWS with code
Remember: AWS can seem overwhelming at first, but start small. Launch one EC2 instance, create one S3 bucket, and build from there. The best way to learn is by doing!