Cloud
computing is at the cuspof technological advancement. And when you talk about
cloudcomputing it cannot shy away without mentioningAmazon web services (AWS),
which is one of the leadingcloud service providers in the market. If you are
looking for a careerin this domain you have landed at the right place
Edurekabrings you a complete course on Amazon web services, which not only
touchesupon the fundamental but also die. It's deeper ata conceptual level. So
let us take a lookat the offerings of this session first. We would start with
thefundamentals of cloud computing and Amazon web servicesmoving on we will
talk about the core services that Amazon web serviceshas to offer to you. The
first domain isthe compute domain where we would be exploringservices like ec2.
Elastic Beanstalkand Lambda moving on. We'll talk aboutthis storage domain where we'll be exploringservices like S3 EFS and Next in line is the networking domain where we'll be talking aboutservices like VPC Route 53 Etc. Then could betalking about management and monitoring serviceslike Cloud watch cloudformation load balancesEtc moving on you take a look at Cloud security and take a look at services. Like I am Etc thenthe database part where we'll be exploringservices like Amazon redshift. Once we are donewith the core Services, we will be alsodiscussing develops on AWS where we will be talkingabout AWS services like aw score pipeline, aw score commit Etc. Now that the devops part and the core partof AWS is over. We can also switchto the career part where we'd bediscussing some numbers like jobs friends salaries Etc and would also takea look at the roles and responsibilities. And what are the kind of thingsthat you should know when you talk about making acareer in this particular Dome?
Firstly let's understandwhy Cloud to understand this we need to understandthe situation that existed before Cloud cameinto existence. So what happened back then and firstly in orderto host a website you have to buy a stackof servers and we all know that servers are very costly. So that meant we ended up paying a lot of money next wasthe issue of traffic now as we all know if you are hosting a websitewe are dealing with traffic that is not constantthroughout the day and that meant more painwe would understand that as we move further. And the otherthing was monitoring and maintaining your servers. Yes. This is a very big problemnow all these issues. They led tocertain disadvantages. What are those as I mentioned serversare very costly. Yes. The setup was again costly and thus you ended upbeing a lot of money and there were other factorscontributing to this point. Let's discuss those as well. One troubleshooting wasa big issue since you're dealing with a business your Prime Focusis on taking good decisions so that you haveBusiness does well, but if you end uptroubleshooting problems or you focus more oninfrastructure related issues, then you cannot focusmore on your business and that was a problem. So either you hadto do multitasking or you have to hiremore people to focus on those issues thus againyou ended up being more money as I've discussed the trafficon a website is never constant.
And since it varies you arenot certain about its patterns. Say, for example, I need to host a websiteand for that what I decided is I am reserving. To petabytes of total memory formy usage based on the traffic but as the trafficwhere is there would be times when the traffic is high and my whole to petabytesof data is consumed or space is consumed Roger, but what if the traffic is very low for certainhours of the day. I'm actually notutilizing these servers. So I end up payingmore money for the servers than I should be. So yes upscaling was an issue. So all these thingswere an issue because we werepaying more money. We do not have sufficient timeto Take our decisions properly. There was ambiguity. There was more troublemonitoring and maintaining all these resources and apartfrom that one important point which we need to consideris the amount of data that is being generated now and that was being generatedthen then it was okay, but nowadays if you take a lookat it the amount of data that is generated is huge and this is another reason whyCloud became so important as of mentioned the data now, we all know that everythingis going online these days and what that meansis we shop online. And we buy food online. We do almost everything that is required asan whatever information we need.
We get everything onlinebookings and reservations. Everything can be taken care ofthat means we have a lot of data that is being generatedthese days and this is Digital Data backin those times. We were communicatingthrough verbal discussions and all those things so through paperwork and that wasa different data to maintain since everything is moving on cloud or movingonline the amount of data that we have is used these days. Days, and then when you havethis huge amount of data, you need a space where you can actually go aheadand maintain this data. So yes again, there was a need of this pieceand all these issues that is your cost. You're monitoringyour maintenance providing sufficient space. Everything was takencare by Cloud. So let us try to understandwhat this cloud is exactly.
Well think of it as a huge space that is availableonline for your usage. Now. This is a very genericdefinition to give you to be more specific. I would be seeing that. Think of it as a collection of data centers nowdata centers again at a place where you store your data or youhost applications basically, so when you talkabout these data centers, they were already existing. So what didCloud do differently? Well, what clouddid was it made sure that you are able to orchestrate your variousfunctionings applications managing your resources properly by combining allthese data centers together through a network and then providingyou the the control to use this resources and to manage them properlyto make it even more simpler. I would say there was a groupof people or organizations. Basically that went aheadand what these servers these compute capacitiesstorage places compute services and all those things and they have their ownchannel or Network. All you have to do was go ahead and rent those resources onlyto the amount you need it and also for the timethat you needed. So yes, this is what clouddid It let you rent the services that you need and useonly those services that you need. So you ended up payingfor the services that you rented and you endedup saving a lot of money.
The other thing isthese service providers. They take care of all the issues like your securityyour underlying infrastructures and all those things. So you can freely focuson your business and stop worryingabout all these issues. So this is what cloud isin simple words. It's a huge space which hasall these services available and you can just go aheadand pick and read. And those servicesthat you want to use so what is cloud computing? Well, I've already discussed that just to summarize it I would say it isnothing but an ability or it is a place where youcan actually store your data. You can process it and you can access itfrom anywhere in the world. Now. This is an important Pointsay for example, you decide to choosea reason for infrastructure somewhere in u.s. You can certain maybe Chinaor maybe in India and you can still have accessto all your resources that is there in u.s. All you need is a goodAnd a connection so that is what cloud does it makes the worldaccessible it lets you have your applicationswherever you want to and manage them the way you wantto next we would be discussing different service models.
Now you need to understandone thing you are being offered cloud services the platformto use your services or your applications basically, but then different peoplehave different requirements. There are certain peoplewho just want to consume a particular resourceor there's certain people who actually wantto to go ahead and create their own applicationsgreat the own infrastructure and all those things. So based on these needs wehave particular service models that is your Cloudproviders provide you with a particular modelwhich suits your needs. So let us try to understand these models one by one wehave these three models that is your iaasyour paas and your saas. I would be discussing themin the reverse order. That is I would be talkingabout saas first and then I would go upwards so let us start.
Saas, or SAS SAS is nothingbut a software-as-a-service. Now what happens here is basically you're justconsuming a service which is alreadybeing maintained and handled by someone else to giveyou a valid example. We have a Gmail. All you do is you send mail topeople and you receive mails and whatever functionality youdo is you just use the service that is there. You do not have to maintain it. You do not have to worryabout up scaling down scalings security issuesand all those things. Everything is taken careby Google say for example, you are Gmail is what I'm talking about Googlemanages everything here. So all you have to worryabout is consuming that service now this model is knownas software as a service that is saas. Next we have passed that is platform as a servicenow here you are provided with a platform where you can actually go aheadand build your own applications to give you an example. We have our Google app engine. Now when you talkabout Google app engine, what you can do isyou can go ahead.
You can createyour own applications and you can put iton Google app engine so that others can use it as well. So in short you're usingthe app platform to create your own applications, and lastly we have iaas that is infrastructureas a service. Now. What do I mean by this? Well, the whole infrastructureis provided to you so that you can go ahead andcreate your own applications. That is an underlying structureis given to you based on that. You can go ahead and chooseyour operating systems the kind of Technology on to use on that platformthe applications you want to build an All those things so that is what an iaasis infrastructure-as-a-service basically, so these werethe different models that I wanted to talk about. Now. This is the architecture that gives you a clear depictionas in what happens as far as the servicemodels are concerned. Now, you have somethingcalled as your sass now here as you see all you're doingis you're consuming your data, that's it or using it. Everything else is managedby your vendor. That is your applicationsruntime middleware OS virtualization servers Network. Everything as far as your pastis concerned your data and applications aretaken care by you. That is you can go ahead youcan build your own applications. You can usethe existing platform that is provided to you. And finally you have your iaas.
Now what happens hereis only the basic part that is yournetworking storage servers and virtualization is managedby your vendor deciding what middleware OS runtimeapplications and data that resides on your end. You have to manageall these things that is you are justgiven a box of car. For example people or maybe parts of car yougo ahead and you fix it. And you use it for your own sakethat is what iaas is to give you another example thinkof it as eating a pizza. Now there are various waysof doing that one you order it online you sit at home you order the pizza. It comes to your placeyou consume it that is more of your saas. That is software as a service. You just consume the service. Next is a platform as a service. Now when I say platformas a service you can think of it as going to a hoteland eating a pizza. Say, for example, I go They havethe infrastructure as in I have tables chairs. I have to go sitjust order the pizza. It is given to me. I consume it and I comeback home and iaas. Now. This is where you go aheadand make your own pizza. You have the infrastructureyou buy it from somewhere or whatever it is. You use your pizza. You put it in our new put spicesall those things. Can you eat it now? This is the differencebetween these three services. So let us move furtherand discuss the next topic. That is the differentdeployment models that are there now when you talk aboutdeployment models you can also call All them asdifferent types of clouds that are there in the marketwe have these three types. That is your public Cloudyour private cloud and your hybrid Cloud. Let us try to understandthese one by one now as the name suggeststhe public Cloud it's available to everyone you havea service provider who makes these servicesor these resources available to people worldwidethrough the internet. It is an easy and very inexpensive way of dealingwith the situation because all you have to dois you have to go ahead and rent this cloudand you're good to you. And it is available publicly. Next we have the private Cloud. Now. This is a little different here. You are providedwith this service and you can actuallygo ahead and create your own applications. And since it's a private Cloudyou are protected by a firewall and you do not have to worryabout various other issues that are there at hand and next. We have our hybrid Cloud now, it is a combinationof your private cloud and your public Cloud say, for example, you can go aheadand build your applications privately you can use them. You can consume them youcan use them efficiently.
When you sense that peakin your traffic. You can actuallymove it to public that is you can move itto the public cloud and even others can have accessto it and they can use it. So these are the threebasic deployment models that are therefor your exposure or your usage rather and you cango ahead and use those as well. I hope this was clearto all of you. So let us move further and tryto understand the next topic that is different Cloudproviders that are there in the market now as I've mentionedwhat happened was since Cloud came into existence. Quite a few people went ahead and they bought their owninfrastructure and now they rent the services to other people and when you talk about this infrastructurethe quite a few people out there who are actually providingthese cloud services to different peopleacross the globe. Now, when you talkabout these Cloud providers, the first thing that should come to your mindis Amazon web services because it is highly popular and it leaves otherCloud providers way behind. The reason I'm sayingthis is the numbers that talk about Amazon webservices to You an example if you talk aboutits compute capacity. It is six times larger than allthe other service providers that are there in the marketsay for example, if you talk about the otherservice providers in the market, if the compute capacity combined was X Amazon web services alonegives you a capacity of 6 x which is huge apart from that. It's flexible pricingand various other reasons. That is the services it providesand all those things. It is rightly a globalleader and the fact that it had a head start. It started way before many other servicesthat are there in the market. It actually gained popularity. And now we see quitea few organizations going ahead and using Amazon web servicesapart from that. We have Microsoft Azure, which is a Microsoft productand we all know that when Microsoft decidesto do something they expect that they killall the competition that is there in the market.
It is still not in termswith Amazon web services or few other service providers that are then the marketbut not very neck to neck but it is probablythe second best when you talk about Amazon web. Services or the cloud serviceproviders in the market? So yep. It has a lotof catching up to do when you compare itwith Amazon web services, but it is still a verygood cloud service provider that is there in the market. Then we have something calledas Google Cloud platform again a very good cloud providerin the market. Now, why am I saying this? We all know the infrastructure that Google has to offerto you it has one of the best search engine that is then the market and the amount of data they dealwith every day is huge. So they are the Pioneerswhen you talk about Data and all those thingsand they know how to actually handlethis amount of data and how to have an infrastructurethat is very good. That is why they have a verygood facility and that leads to it being one of the cheapestservice providers in the market. Yes.
There are certain featuresthat DCB offers which are better. Even than Amazon web serviceswhen you talk about its pricing and the reason for it isit has various other services that are there water does is ithelps you optimize various costs how it uses analyticsand various other ways by which it can optimizethe amount of power you use and that leadsto less usage of power. And since you arepaying less for power that is provided as a paying less for power you end up payingless for your services as well. So that is why it isso cost efficient. Then the other service providersthat is we have digital ocean. We have to remark we have IBMwhich is again very popular, but that is a discussionfor some other time. As far as theseservice providers go. These are the major ones that as we have Amazon web serviceswe Microsoft Azure, we have DCP which aretalked about a lot. This was about the basic Cloudproviders and the basic intro which I wanted you all to have. I hope you all are clear with whatever Conceptswe've discussed in time.
Let's try to understanda little more about AWS. Well, it is a complete software suit ora cloud service provider, which is highly secure. It provides you with variouscompute storage database and a number of other services,which we would be discussing. Discussing in furtherslides as well. And when you talkabout the market it is the best and it has variousreasons to be the best in the market one beingits flexibility its scalability and its pricing other reasonsbeing its compute capacity now, why is it so importantto compute capacity? Well, if you talkabout the compute capacity, you need to understand one thing if you take all the othercloud service providers in the market and youcombine the compute capacity that is your layoutAWS and you take all others into consideration this Is would besomewhere equal to say x and if you compare itwith AWS, it is 6X. So AWS hasmore compute capacity, which is six times more than allthe other service providers that are there in the market. So that is a huge amount.
So these are the reasonsthat make a database one of the best in the marketand let's try to find out what are the other reasonsabout aw that make it so good. What are the services featuresand its uses basically, so I would be discussingsome use cases now. Now if you are talking about amanufacturing organization now, the main focus isto manufacture Goods, but most of the businessesthey focus so much on various other services are practices that needto be taken care of that. They cannot focus on themanufacturing goal of this is where aw steps--and it takes care of all the itinfrastructure and management. That means businesses are freeto focus on manufacturing and they can actually go ahead and expand a lotarchitecture Consulting now, the main concern is prototypingand During a dove is takes care of both the issues itlets you have automated or speed up rendering asfar as prototyping is concerned and that is why architecturalbusiness benefit a lot when you talk about using AWSor any cloud provider but AWS being the bestin the market again, the services are the best media company nowas far as a media company goes the main concernis generating content and the place to dump itout to store it again, aw takes careof all these situations or both these situations.
Large Enterprises when you talk about large Enterprisestheir reach is worldwide, so they have toreach the customers and the employees globallyor across different places. So AWS gives you that option because it hasa global architecture and your researchcan be very wide as far as these points areconcerned the advantages of AWS as I mentioned. I won't say advantages exactly. I would say featuresas well flexibility. Now as far as AWS is concerned it is highly flexible nowthe The reasons to support it and one of the major reasonsis it's very cost-effective. Let us try to understand thesetwo points together other now when you talk about flexibility, the first concern youshould have is you are dealing with big organizations. They have a lot of data that needs to be manageddeployed and taken care of now when you talkabout a cloud provider if it is flexible, all these things are taken care of the second thing is it ishighly cost-effective now when I say cost-effectiveAWS takes care of almost every aspect. Aspect if you area beginner or a learner, they have somethingcalled as a free tier. That means you have sufficientresources to use for free and that too for one long yearstood have sufficient Hands-On without paying anything plusit has something called as pay-as-you-go model now when I say pay as you go model what it does is it chargesyou only for the services which are using and only for the time beingyou're using them again that lets you scale up nicely and hence you endup paying very less since you are being very less. And since you haveso many options when you are actuallybuying it Services what that does is that gives you a lot offlexibility scalability again, the first two pointsare related to this point. Now, how is thatwhen I say scalability what happens is as I mentioned itis very affordable.
So you're paying on a daily basis if you're usinga particular service for one hour you'll be payingit only for one hour. That is how flexible it is. And what that does is that gives you a freedomto scale up and even scale down since it Is easy to scale up? It is always advisable that you start with lessand then scale as for your needs plus they'requite a few services that are there which canbe automatically schedule. Now what that means is youwould be using them only when there is an up timeand in down time you can miss thoseget automatically shut down so you do not have to worryabout that as well. So when you talkabout scalability scaling up and down is very easy asfar as AWS course security again are now securityhas been a topic of debate when you talk aboutWhat cloud services especially but AWS puts allthose questions to rest. It has great security mechanism. Plus it provides youwith various compliance programs that again help you take care of security and when you talkabout real-time Security even that is taken careof you can take care of all the suspicious activities that are there and not uaw'stakes care of all those things and you're let free to focuson your business rather. So these are the advantageswhich I feel that AWS adds value to and apart from thatthe quite a few other points like we haveautomatic scheduling which I just mentioned you havevarious integrated apis.
Now these apis that are available indifferent programming languages and that makes it architecturereally very strong to switch from one programming languageto another so these are some of the features I feel that make AWS a wonderfulwonderful service provider in the market. So let's move further and tryto understand other things as far as database is concerned. It's Global architecture when you talkabout a double usage of mentioned it is the bestservice provider in the market. So what X ews this popular. One of the reasons is its architecture now when I talkabout its architecture, it is very widely spreadand it covers almost every area that needs to be covered. So let's try to understandhow it works. Exactly. Well if you talkabout AWS architecture now, the architecture is dividedinto two major parts that is Regionsand availability zones. Now when you talkabout the regions and availability zones reasons are nothing but differentlocations across the world where they have there. Various data centers put up now. As far as one region goes it might havemore than one Data Center and these data centersare known as availability Zone.
You being a consumer or an individual youcan actually access or access these Services by sitting anywhere in the worldto give you an example. If I'm sitting in some partof the world say, for example, I amin Japan right now. I can actually have accessto the services or data centers that are there in u.s. Right now. So that is how it works. You can choose your region. Accordingly you can pick youravailability zones and use those so you do not have to worryabout anything to throw some more light on it. You can take a lookat this small map which is the global map and itshows the different places which has its regionsand availability zones. Now as far as this map goes, I believe it's fairly old and it has been upgradedin recent times because AWS is putting a lot of effort to havemore data centers or more availability zonesas far as there. Wide reach is concerned and we can expect somein China as well. So yes, they are actuallyreaching for and white. So when you talkabout these regions and availability zones, if you take a look at this map what you can see isyou have your reason which is an orange color. And the number that is inside. It is the numberof availability zones that they has to be nowto give you an example. We have São Paulo, which says that it hasthree availability zones, so that is how it is and the ones that arein the green Are the ones which are comingsoon are the regions that are in progress and someof these have actually gone. I hadn't already started or have been madeavailable to people. So yes, this ishow the architecture works and this is how the databasearchitecture looks like. Okay, so let's move further and take a look at the nextconcept domains of AWS. When you talk about its domains.
The first domain that we are goingto discuss is compute. And when you talkabout compute the first thing that should come to your mindis easy to have a nice easy to it is elastic Cloud compute and what it doesis it lets you have a resizable compute capacity. It's more of a raw server where you can host a websiteand it is a clean slate. Now. What do I mean by this? Say for example,you go ahead and buy a laptop. It is a clean device where you can haveyour own OS you can choose which OS you want and allthose things accordingly. Your ec2 is again a clean slate and you can do somany things with it. Now next you haveelastic Beanstalk with lets you deploy your variousapplications on AWS. And the only thing you needto know about this thing is you do not have to worry aboutthe underlying architecture now, it is very similar to your ec2. And the only differencebetween the two is as far as your elastic Beanstalkis Concern you can think of it as something that has predefined libraries. Whereas your ec2 is a clean slate when I saypredefined libraries say, for example, you want to useJava as far as easy to goes. Now. This is just an example. Don't take it literallywill have to say for example, install everything fromthe beginning and start fresh. But as far as your elasticBeanstalk is concerned it has this predefined libraries and you can just goahead and use those because there's an underlyingSighing architecture, which is defined. Let me say it again. I just give you an exampledon't take these sentences literally so next we have migrationwhen you talk about migration, you need to understand one thingAWS has a global architecture and there would bea requirement for migration. And what aw does is it lets youhave physical migration as well.
That means you canphysically move your data to the data center. Which you desire now,why do we need to do that? Say, for example,I am sending an email. Somebody I can dothat through internet, but imagine if I haveto give somebody a movie. So instead of sending it online. I can actually go aheadand give it to someone if that person is meansreachable for me and that way it would bemore better for me. My data remains secure and so many other things so sameis with data migration as well. And when you talk about AWS, it has somethingcalled as snowball which actually lets you movethis data physically now, it's a storage service and it actually helps youin migration a lot security. And compliance nowwhen you talk about security, we have various services. Like I have I am we have KMS nowwhen I say I am it is nothing but your identification andauthentication management tool. We have KMS which letsyou actually go ahead and create your own publicand private keys and that helps you keep your system secure the quitea few other services as well, but I would be mentioning oneor two services from each domain because as we move furtherin future sessions, we would be discussingeach of these services in detail and that is when I would be throwing a lotmore Done these topics for now.
I would be giving youone or two examples and because I want youall to understand these to some extent getting into details of allthese things would be too heavy for you people because the quite a few domainsand quite a few services that we need to cover andas we move further definitely we would be covering allthose services in detail. Then we have storage nowwhen I talk about storage again AWS has quite a fewservices to offer to you. We have something calledas your S3 now s38 works as a bucket object kind of a thing. Your storage place is calledas a bucket and your object which you store in nothing, but your files nowthese objects have to be stored in their food files which act as the bucketsbasically and then we have something calledas your cloudfront which is nothing butyour content delivery Network. We have somethingcalled as Glacier. Now when you talk about Glacieryou can think of it as a place where you can store archives because it ishighly affordable next. We have networkingwhen you talk about networking. We have services like VPC.
Direct Connect Route 53, which is a DNS a when I say VPC it isa virtual Network which actually lets you moveor launcher resources. That is your AWS resources. Basically when you talkabout Direct Connect, you can think of it asa least internet connection which can be usedwith an AWS next on this list. We have somethingcalled as messaging. Yes AWS Usher'ssecured messaging and the quite a few applicationsto take care of that as well. We have something called asCloud trial we have opsworks all these things there. Help you in messaging or communicating withother parties basically databases now storageand databases are similar, but you have to understandone difference when you talk about your storage that is where you storeyour executable files. So that is the differencebetween the two and when you talk about databases, we have somethingcalled as your Aurora, which is something which is very sql-likeand it lets you perform various SQL optionsat a very faster rate and what Amazon claims hasit is five times faster than What aeschylus? So yes, when you talk about Aurora again a greatservice to have we also have something called as Dynamo DBwhich is a non relational dbms.
When you talk aboutnon relational dbms, I won't be discussing thatbut this helps you in dealing with various unstructureddata sources as well. Next on this list. We have the last domainthat is the management tools. Now when you talkabout management tools, we have somethingcalled as cloudwatch, which is a monitoring tooland it lets you set alarms and all those Thosethings hopefully today when we are done withthe demo part you'd be having at least one partof your cloudwatch code because we would be creatingalarms using Cloud was today. So stay tuned for that as well. So this is about AWS and it's Basics asin the points, which we just discussed that as what it is its use hasits advantages its domain its Global architecture. So you guys what I've doneis I've gone ahead and I've switchedinto my AWS account. The first thing youneed to understand is what AWS does is it offersyou a free tier now while I was talking about these things Ijust rush through it because I know that I was going to giveyou a demo on these things. So and I wanted to discussthis thing in detail. Now when you talk about AWS, if you are a beginner,this is where you start now, what aw does is it provides youwith its free tier which is accessible to you for Twelve monthsand the quite a few Services which we just discussed which are availableto you for free. And when I say freethe certain limitations on it as in these many hours is what you can use it forand this is the amount of memory or storage you can use in total and all those thingsand its capacity and everything based on that youhave different instances, which you can createan all those things. Now.
What aw is does is it givesyou these services for free? And as long as youstay in the limits that AWS has set youwon't be charged anything. And trust me when it isfor learning purposes that is more than enough andlet's quickly go ahead and take a look at these Services first and then there arefew other points, which I would liketo discuss as well. But firstly the freetier services and say this is what it has to offerto you 12 months of free and always free products when you talk abouteasy to which is one of its most popular computeServices 750 ours and that is per month. Next you have Amazon quick site, which gives you 1 GBof spice capacity. Now I won't get into the detailsof these things as an what spice capacity isand all those things when you have time, I would suggest that you go aheadand explore these things as in what do these things do today?
We are going to focus moreon the easy to part. So for now, let's quickly takea look at these one by one first Amazon RDS, which is again, which gives you send50 hours of your T, 2 micro instance Amazon S3, which is a storagewhich again gives you 5 GB of standard storage and it w is Lambda1 million free request. So there's someof the videos here actually which would introduceyou to these things that would help you get startedwith how to creating an account and all those things and thisis the other important point which I would like to mention. When you do createan AWS account. The first thing youneed to consider as they would be asking youfor your credit card details. So how does the login processwork firstly you go there you doing your email IDand your basic details as in why do you want to use itand all those things next? What it would do is justto verify your account. And it would ask youfor your credit card details, even the debitcard details work.
I've actually tried thoseso you can go ahead and give you a credit cardor debit card details. And when you do thatwhat it does is it subtracts a very small amountfrom your account. I did this in India, and I know that Iwas charged to rupees which is fairly less and that was againrefunded back to me in two to three working days. The only reason they cutthose two rupees was just for the verification purpose that my account is up and running and I ama legitimate user. Now as long as youstay in the limits, you won't be charged anything. But if you docross those limits, you'll be charged. Are you might beworried as an what? If I do cross the limitwould I be charged? Yes, you would bebut the fact is you actually won't go beyond it. And even if you doyou'll be notified seeing that you are goingabout the limit or about the limit. Even when your freesubscription ends. You are notified saying that do you want to enteryour billing details? And do you want to start billing and if you say yes onlythen would be charged for the subsequent. Months and that isa very stringent process.
You don't haveto worry about it. That is you won't be losing out on any money as long as youfollow these rules. So if you do not have an account my suggestionwould be you go ahead. You would log into AWS andcreate your free tier account which has a very easyand two to three step process. So guys, I would startthis session by talking about what is an instancewould understand. What is AWS ec2 servicewhich is core for us. Standing instances in AWS. Then we'll talkabout different types of ec2 instances would understand how instance pricing models work and we'll take a lookat a use case which would be followedby a demo that walks you through all the stuffthat we have talked about. So it is a fairly good content and a lot of stuffto study today. So as let us justquickly move further and take a lookat these things one by one. So first and foremost guys, we would be talkingabout an instance. So when you talkabout an instance, we have this definition here.
Let's try and understand what does this definitionhas to say first and then probably I would throwin some light on that. So as far as this definition goes it says and instance isnothing but a virtual server for running applicationson Amazon ec2. It can also be understoodlike a tiny part of a larger computera tiny part which has its own Hardware networkconnection operating system. Cetera, but it isactually virtual in nature. So there are a lot of words here and a lotof stuff has been said, let me try and simplifythis particular definition for you people. So guys when I saya virtual server running on your application not onyour application virtual server that basically hostsour application is what I should say. So what do I mean by this? What do I mean by a virtualinstance a virtual presence of a particular device? Well guys when you talk about software development elopementapplication development. What you do is you are supposedto build an applications and run those on servers right? But at times there are a lotof constraints like the space that you use the resources that you want to usesay for example, certain applications runon Windows certain run on Mac OS and certain runon your Ubuntu OS right? So in that case, I cannot always go aheadand have different systems and different operating systemson them and then run my applicationson top of that right because it is time consuming. Stu and also consumesa lot of money that you invest into it. So what isthe solution for that?
What if I could havea single device and on top of which I couldcreate virtual compartments in which I could storemy data differently store my applications runmy applications differently. Wouldn't that be nice? Well, when you talkabout an instance, that is what it exactlydoes you can think of it as a tiny part of a computer. Well, that is whatit is time to symbolize. I mean you have a systemon top of which. You can run differentapplications and how it works is if you are runningan application a in part 1 and running an application B in Part B of your server theseapplications have a feeling that they are runningindividually on that system and there is no other systemrunning on top of it. So this is whatvirtualization is. It creates a virtual environmentfor your application to run and one such instance of this virtual environmentis called as an instance. So when you talkabout virtualization, it is not somethingthat is very complicated. As you can seein the first image.
You can see a man surrounded by various virtual imagessomething that you see in an Iron Man movie. When you talkabout virtualization, it is very simple. It can be a simple computer which is shared by differentpeople and those people are working quiteindependently on that server. That is whatvirtualization is that is what an instances in this imagethe second image each All of this individual would beusing a different instance. So this is what an instance is when you talkabout virtualization. So guys, let us move further and take a lookat some other pointers. Now we understoodwhat an instances what virtualization isto some extent at least guys. As far as the session goes. I believe thisinformation is enough. If you wish to knowmore about virtualization, you can visit our YouTubechannel and take a look at VMware tutorial. It talks about this particularTopic in a More detail. So let's let us move furtherand try to understand easy to now now easy to as an Amazonweb services compute service. It stands forelastic compute Cloud. Now, what do I mean by this? When you sayan elastic Cloud compute? That means basically it isa service with lets you actually go ahead and CarryOut computation practice and when I say elastic it means that it is fairly resizableand fairly reusable.
Once we get into the demo part probably you'd geta better picture. What do I mean by elasticity? Because it is highlyflexible highly scalable. It is very cost efficientand it serves a lot of purposes. Now. These are some of the featuresthat I just mentioned right? Let me throw in some more lighton these pointers as well. What do I mean by scalable now when you talk abouta cloud platform one of its best features is it givesyou high amount of scalability? That means your applicationscan scale up. Down depending upon the data that you want to useon top of it. So if the traffic increasesmore you need more performance. So your applicationshould be able to scale to those needs, right? So that is what cloud computingprovides you with and that is what ec2 also providesyou with when I say an instance.
Basically, what you're doingis you're launching a virtual machine. It is called as instancein terms of AWS. So this virtual machineshould be scalable. That means it should scale up and scale down bothin terms of memory. A storage and even in termsof the computation that it is providing. So when you talk about easyto it is highly scalable. Once we get into the demo partyou would see this now it being scalable and it being cost-efficientmakes it highly flexible. So that is the third Point. Let us try and understandthe second Point as well. What makes easy to costefficient when you talk about cost optimization. What easy to does isit lets you scale up and down I just mention that right so instead of buying Number of instancesor instead of buying a number of services youcan actually go ahead and scale this instance up anddown with minimal cost changes. So you're saving money because apart from that thereare burstable instances. There are various pricing modelsthat ec2 boasts of using which you can actuallysave a lot of money as we move further. We'd be talkingabout those models as well. So meanwhile, just bear with meso easy to well it is a service which is a computation serviceand it takes care of Of following pointers.
I mean it is easily resizable. It is cost efficient. It is highly scalable and all these features makeit highly flexible as well. So guys, let us movefurther and take a look at some other pointers as well. So what are the typesof instances now when you talk abouteasy to it is one of the oldest AWS services. So if you talk aboutthe type of instances that are there in the market. Well, there arequite a few types of instances that you can deal with and these are someof the popular ones Once I move into the demo part, I would maybe talkabout other instances but to keep it simple basically these instancesthey have different families. I mean, you have the T Series you havethe M series The cseries. Well, basically these series consists of differentkind of instances that serve different purposesto simplify this process. What AWS has doneis it has gone ahead and categorized these instancesinto following types. The first one isyour general purpose instance. Now it is basicallysuited for applications that require a balanceof performance and cost that means places where yourequire quick responses, but it is still cost-effective.
I mean say for example the example shown hereemail response systems. Now you require a quick response and there will be nnumber of responses or n number of emails that would pop inbut you do not want to pay a lot of moneyfor this kind of service. So in this case you needcost optimization as well and you need Quickresponse as well. So this is where your generalpurpose instances come into picture next on this list. You have yard compute instance. Now what a computeinstances these are for applications that requirea lot of processing. Now when you say computation they havebetter computation power. That means if there isa lot of data that need quicker computation power youcan use these kind of instances. What is an example. You have your analyzingstreaming data now if you know, what stream Datais it is the data that continuously flowsin and flows out.
That means youare streaming the data say for example this session itis being streamed, right? I mean the information or whatever is happeninghere it is going live. So in order to processthis kind of data, you need systems that giveyou good computation power which are very activeand very good in nature. So when you talkabout compute instances, they provide you with these kindof services and that is why if you are dealingwith streaming data if you wish to analyzethis kind of data, Definitely go forcompute instances. So next on this list. We have memory instances. Now, what arethese instances for? Now? These are the instances thatare required for applications that require more memoryor in better terms more RAM, right random access memory. So these are for applications that require goodcomputation power again, like the previous one, but when you talk about Ram, it is something that residesin your local system, right? So you need instances. Which have good memory capacity and what kindof application it serves? Well, you canthink of applications that need multitasking multiprocessing say for example,
Elastic Beanstalkand Lambda moving on. We'll talk aboutthis storage domain where we'll be exploringservices like S3 EFS and Next in line is the networking domain where we'll be talking aboutservices like VPC Route 53 Etc. Then could betalking about management and monitoring serviceslike Cloud watch cloudformation load balancesEtc moving on you take a look at Cloud security and take a look at services. Like I am Etc thenthe database part where we'll be exploringservices like Amazon redshift. Once we are donewith the core Services, we will be alsodiscussing develops on AWS where we will be talkingabout AWS services like aw score pipeline, aw score commit Etc. Now that the devops part and the core partof AWS is over. We can also switchto the career part where we'd bediscussing some numbers like jobs friends salaries Etc and would also takea look at the roles and responsibilities. And what are the kind of thingsthat you should know when you talk about making acareer in this particular Dome?
Firstly let's understandwhy Cloud to understand this we need to understandthe situation that existed before Cloud cameinto existence. So what happened back then and firstly in orderto host a website you have to buy a stackof servers and we all know that servers are very costly. So that meant we ended up paying a lot of money next wasthe issue of traffic now as we all know if you are hosting a websitewe are dealing with traffic that is not constantthroughout the day and that meant more painwe would understand that as we move further. And the otherthing was monitoring and maintaining your servers. Yes. This is a very big problemnow all these issues. They led tocertain disadvantages. What are those as I mentioned serversare very costly. Yes. The setup was again costly and thus you ended upbeing a lot of money and there were other factorscontributing to this point. Let's discuss those as well. One troubleshooting wasa big issue since you're dealing with a business your Prime Focusis on taking good decisions so that you haveBusiness does well, but if you end uptroubleshooting problems or you focus more oninfrastructure related issues, then you cannot focusmore on your business and that was a problem. So either you hadto do multitasking or you have to hiremore people to focus on those issues thus againyou ended up being more money as I've discussed the trafficon a website is never constant.
And since it varies you arenot certain about its patterns. Say, for example, I need to host a websiteand for that what I decided is I am reserving. To petabytes of total memory formy usage based on the traffic but as the trafficwhere is there would be times when the traffic is high and my whole to petabytesof data is consumed or space is consumed Roger, but what if the traffic is very low for certainhours of the day. I'm actually notutilizing these servers. So I end up payingmore money for the servers than I should be. So yes upscaling was an issue. So all these thingswere an issue because we werepaying more money. We do not have sufficient timeto Take our decisions properly. There was ambiguity. There was more troublemonitoring and maintaining all these resources and apartfrom that one important point which we need to consideris the amount of data that is being generated now and that was being generatedthen then it was okay, but nowadays if you take a lookat it the amount of data that is generated is huge and this is another reason whyCloud became so important as of mentioned the data now, we all know that everythingis going online these days and what that meansis we shop online. And we buy food online. We do almost everything that is required asan whatever information we need.
We get everything onlinebookings and reservations. Everything can be taken care ofthat means we have a lot of data that is being generatedthese days and this is Digital Data backin those times. We were communicatingthrough verbal discussions and all those things so through paperwork and that wasa different data to maintain since everything is moving on cloud or movingonline the amount of data that we have is used these days. Days, and then when you havethis huge amount of data, you need a space where you can actually go aheadand maintain this data. So yes again, there was a need of this pieceand all these issues that is your cost. You're monitoringyour maintenance providing sufficient space. Everything was takencare by Cloud. So let us try to understandwhat this cloud is exactly.
Well think of it as a huge space that is availableonline for your usage. Now. This is a very genericdefinition to give you to be more specific. I would be seeing that. Think of it as a collection of data centers nowdata centers again at a place where you store your data or youhost applications basically, so when you talkabout these data centers, they were already existing. So what didCloud do differently? Well, what clouddid was it made sure that you are able to orchestrate your variousfunctionings applications managing your resources properly by combining allthese data centers together through a network and then providingyou the the control to use this resources and to manage them properlyto make it even more simpler. I would say there was a groupof people or organizations. Basically that went aheadand what these servers these compute capacitiesstorage places compute services and all those things and they have their ownchannel or Network. All you have to do was go ahead and rent those resources onlyto the amount you need it and also for the timethat you needed. So yes, this is what clouddid It let you rent the services that you need and useonly those services that you need. So you ended up payingfor the services that you rented and you endedup saving a lot of money.
The other thing isthese service providers. They take care of all the issues like your securityyour underlying infrastructures and all those things. So you can freely focuson your business and stop worryingabout all these issues. So this is what cloud isin simple words. It's a huge space which hasall these services available and you can just go aheadand pick and read. And those servicesthat you want to use so what is cloud computing? Well, I've already discussed that just to summarize it I would say it isnothing but an ability or it is a place where youcan actually store your data. You can process it and you can access itfrom anywhere in the world. Now. This is an important Pointsay for example, you decide to choosea reason for infrastructure somewhere in u.s. You can certain maybe Chinaor maybe in India and you can still have accessto all your resources that is there in u.s. All you need is a goodAnd a connection so that is what cloud does it makes the worldaccessible it lets you have your applicationswherever you want to and manage them the way you wantto next we would be discussing different service models.
Now you need to understandone thing you are being offered cloud services the platformto use your services or your applications basically, but then different peoplehave different requirements. There are certain peoplewho just want to consume a particular resourceor there's certain people who actually wantto to go ahead and create their own applicationsgreat the own infrastructure and all those things. So based on these needs wehave particular service models that is your Cloudproviders provide you with a particular modelwhich suits your needs. So let us try to understand these models one by one wehave these three models that is your iaasyour paas and your saas. I would be discussing themin the reverse order. That is I would be talkingabout saas first and then I would go upwards so let us start.
Saas, or SAS SAS is nothingbut a software-as-a-service. Now what happens here is basically you're justconsuming a service which is alreadybeing maintained and handled by someone else to giveyou a valid example. We have a Gmail. All you do is you send mail topeople and you receive mails and whatever functionality youdo is you just use the service that is there. You do not have to maintain it. You do not have to worryabout up scaling down scalings security issuesand all those things. Everything is taken careby Google say for example, you are Gmail is what I'm talking about Googlemanages everything here. So all you have to worryabout is consuming that service now this model is knownas software as a service that is saas. Next we have passed that is platform as a servicenow here you are provided with a platform where you can actually go aheadand build your own applications to give you an example. We have our Google app engine. Now when you talkabout Google app engine, what you can do isyou can go ahead.
You can createyour own applications and you can put iton Google app engine so that others can use it as well. So in short you're usingthe app platform to create your own applications, and lastly we have iaas that is infrastructureas a service. Now. What do I mean by this? Well, the whole infrastructureis provided to you so that you can go ahead andcreate your own applications. That is an underlying structureis given to you based on that. You can go ahead and chooseyour operating systems the kind of Technology on to use on that platformthe applications you want to build an All those things so that is what an iaasis infrastructure-as-a-service basically, so these werethe different models that I wanted to talk about. Now. This is the architecture that gives you a clear depictionas in what happens as far as the servicemodels are concerned. Now, you have somethingcalled as your sass now here as you see all you're doingis you're consuming your data, that's it or using it. Everything else is managedby your vendor. That is your applicationsruntime middleware OS virtualization servers Network. Everything as far as your pastis concerned your data and applications aretaken care by you. That is you can go ahead youcan build your own applications. You can usethe existing platform that is provided to you. And finally you have your iaas.
Now what happens hereis only the basic part that is yournetworking storage servers and virtualization is managedby your vendor deciding what middleware OS runtimeapplications and data that resides on your end. You have to manageall these things that is you are justgiven a box of car. For example people or maybe parts of car yougo ahead and you fix it. And you use it for your own sakethat is what iaas is to give you another example thinkof it as eating a pizza. Now there are various waysof doing that one you order it online you sit at home you order the pizza. It comes to your placeyou consume it that is more of your saas. That is software as a service. You just consume the service. Next is a platform as a service. Now when I say platformas a service you can think of it as going to a hoteland eating a pizza. Say, for example, I go They havethe infrastructure as in I have tables chairs. I have to go sitjust order the pizza. It is given to me. I consume it and I comeback home and iaas. Now. This is where you go aheadand make your own pizza. You have the infrastructureyou buy it from somewhere or whatever it is. You use your pizza. You put it in our new put spicesall those things. Can you eat it now? This is the differencebetween these three services. So let us move furtherand discuss the next topic. That is the differentdeployment models that are there now when you talk aboutdeployment models you can also call All them asdifferent types of clouds that are there in the marketwe have these three types. That is your public Cloudyour private cloud and your hybrid Cloud. Let us try to understandthese one by one now as the name suggeststhe public Cloud it's available to everyone you havea service provider who makes these servicesor these resources available to people worldwidethrough the internet. It is an easy and very inexpensive way of dealingwith the situation because all you have to dois you have to go ahead and rent this cloudand you're good to you. And it is available publicly. Next we have the private Cloud. Now. This is a little different here. You are providedwith this service and you can actuallygo ahead and create your own applications. And since it's a private Cloudyou are protected by a firewall and you do not have to worryabout various other issues that are there at hand and next. We have our hybrid Cloud now, it is a combinationof your private cloud and your public Cloud say, for example, you can go aheadand build your applications privately you can use them. You can consume them youcan use them efficiently.
When you sense that peakin your traffic. You can actuallymove it to public that is you can move itto the public cloud and even others can have accessto it and they can use it. So these are the threebasic deployment models that are therefor your exposure or your usage rather and you cango ahead and use those as well. I hope this was clearto all of you. So let us move further and tryto understand the next topic that is different Cloudproviders that are there in the market now as I've mentionedwhat happened was since Cloud came into existence. Quite a few people went ahead and they bought their owninfrastructure and now they rent the services to other people and when you talk about this infrastructurethe quite a few people out there who are actually providingthese cloud services to different peopleacross the globe. Now, when you talkabout these Cloud providers, the first thing that should come to your mindis Amazon web services because it is highly popular and it leaves otherCloud providers way behind. The reason I'm sayingthis is the numbers that talk about Amazon webservices to You an example if you talk aboutits compute capacity. It is six times larger than allthe other service providers that are there in the marketsay for example, if you talk about the otherservice providers in the market, if the compute capacity combined was X Amazon web services alonegives you a capacity of 6 x which is huge apart from that. It's flexible pricingand various other reasons. That is the services it providesand all those things. It is rightly a globalleader and the fact that it had a head start. It started way before many other servicesthat are there in the market. It actually gained popularity. And now we see quitea few organizations going ahead and using Amazon web servicesapart from that. We have Microsoft Azure, which is a Microsoft productand we all know that when Microsoft decidesto do something they expect that they killall the competition that is there in the market.
It is still not in termswith Amazon web services or few other service providers that are then the marketbut not very neck to neck but it is probablythe second best when you talk about Amazon web. Services or the cloud serviceproviders in the market? So yep. It has a lotof catching up to do when you compare itwith Amazon web services, but it is still a verygood cloud service provider that is there in the market. Then we have something calledas Google Cloud platform again a very good cloud providerin the market. Now, why am I saying this? We all know the infrastructure that Google has to offerto you it has one of the best search engine that is then the market and the amount of data they dealwith every day is huge. So they are the Pioneerswhen you talk about Data and all those thingsand they know how to actually handlethis amount of data and how to have an infrastructurethat is very good. That is why they have a verygood facility and that leads to it being one of the cheapestservice providers in the market. Yes.
There are certain featuresthat DCB offers which are better. Even than Amazon web serviceswhen you talk about its pricing and the reason for it isit has various other services that are there water does is ithelps you optimize various costs how it uses analyticsand various other ways by which it can optimizethe amount of power you use and that leadsto less usage of power. And since you arepaying less for power that is provided as a paying less for power you end up payingless for your services as well. So that is why it isso cost efficient. Then the other service providersthat is we have digital ocean. We have to remark we have IBMwhich is again very popular, but that is a discussionfor some other time. As far as theseservice providers go. These are the major ones that as we have Amazon web serviceswe Microsoft Azure, we have DCP which aretalked about a lot. This was about the basic Cloudproviders and the basic intro which I wanted you all to have. I hope you all are clear with whatever Conceptswe've discussed in time.
Let's try to understanda little more about AWS. Well, it is a complete software suit ora cloud service provider, which is highly secure. It provides you with variouscompute storage database and a number of other services,which we would be discussing. Discussing in furtherslides as well. And when you talkabout the market it is the best and it has variousreasons to be the best in the market one beingits flexibility its scalability and its pricing other reasonsbeing its compute capacity now, why is it so importantto compute capacity? Well, if you talkabout the compute capacity, you need to understand one thing if you take all the othercloud service providers in the market and youcombine the compute capacity that is your layoutAWS and you take all others into consideration this Is would besomewhere equal to say x and if you compare itwith AWS, it is 6X. So AWS hasmore compute capacity, which is six times more than allthe other service providers that are there in the market. So that is a huge amount.
So these are the reasonsthat make a database one of the best in the marketand let's try to find out what are the other reasonsabout aw that make it so good. What are the services featuresand its uses basically, so I would be discussingsome use cases now. Now if you are talking about amanufacturing organization now, the main focus isto manufacture Goods, but most of the businessesthey focus so much on various other services are practices that needto be taken care of that. They cannot focus on themanufacturing goal of this is where aw steps--and it takes care of all the itinfrastructure and management. That means businesses are freeto focus on manufacturing and they can actually go ahead and expand a lotarchitecture Consulting now, the main concern is prototypingand During a dove is takes care of both the issues itlets you have automated or speed up rendering asfar as prototyping is concerned and that is why architecturalbusiness benefit a lot when you talk about using AWSor any cloud provider but AWS being the bestin the market again, the services are the best media company nowas far as a media company goes the main concernis generating content and the place to dump itout to store it again, aw takes careof all these situations or both these situations.
Large Enterprises when you talk about large Enterprisestheir reach is worldwide, so they have toreach the customers and the employees globallyor across different places. So AWS gives you that option because it hasa global architecture and your researchcan be very wide as far as these points areconcerned the advantages of AWS as I mentioned. I won't say advantages exactly. I would say featuresas well flexibility. Now as far as AWS is concerned it is highly flexible nowthe The reasons to support it and one of the major reasonsis it's very cost-effective. Let us try to understand thesetwo points together other now when you talk about flexibility, the first concern youshould have is you are dealing with big organizations. They have a lot of data that needs to be manageddeployed and taken care of now when you talkabout a cloud provider if it is flexible, all these things are taken care of the second thing is it ishighly cost-effective now when I say cost-effectiveAWS takes care of almost every aspect. Aspect if you area beginner or a learner, they have somethingcalled as a free tier. That means you have sufficientresources to use for free and that too for one long yearstood have sufficient Hands-On without paying anything plusit has something called as pay-as-you-go model now when I say pay as you go model what it does is it chargesyou only for the services which are using and only for the time beingyou're using them again that lets you scale up nicely and hence you endup paying very less since you are being very less. And since you haveso many options when you are actuallybuying it Services what that does is that gives you a lot offlexibility scalability again, the first two pointsare related to this point. Now, how is thatwhen I say scalability what happens is as I mentioned itis very affordable.
So you're paying on a daily basis if you're usinga particular service for one hour you'll be payingit only for one hour. That is how flexible it is. And what that does is that gives you a freedomto scale up and even scale down since it Is easy to scale up? It is always advisable that you start with lessand then scale as for your needs plus they'requite a few services that are there which canbe automatically schedule. Now what that means is youwould be using them only when there is an up timeand in down time you can miss thoseget automatically shut down so you do not have to worryabout that as well. So when you talkabout scalability scaling up and down is very easy asfar as AWS course security again are now securityhas been a topic of debate when you talk aboutWhat cloud services especially but AWS puts allthose questions to rest. It has great security mechanism. Plus it provides youwith various compliance programs that again help you take care of security and when you talkabout real-time Security even that is taken careof you can take care of all the suspicious activities that are there and not uaw'stakes care of all those things and you're let free to focuson your business rather. So these are the advantageswhich I feel that AWS adds value to and apart from thatthe quite a few other points like we haveautomatic scheduling which I just mentioned you havevarious integrated apis.
Now these apis that are available indifferent programming languages and that makes it architecturereally very strong to switch from one programming languageto another so these are some of the features I feel that make AWS a wonderfulwonderful service provider in the market. So let's move further and tryto understand other things as far as database is concerned. It's Global architecture when you talkabout a double usage of mentioned it is the bestservice provider in the market. So what X ews this popular. One of the reasons is its architecture now when I talkabout its architecture, it is very widely spreadand it covers almost every area that needs to be covered. So let's try to understandhow it works. Exactly. Well if you talkabout AWS architecture now, the architecture is dividedinto two major parts that is Regionsand availability zones. Now when you talkabout the regions and availability zones reasons are nothing but differentlocations across the world where they have there. Various data centers put up now. As far as one region goes it might havemore than one Data Center and these data centersare known as availability Zone.
You being a consumer or an individual youcan actually access or access these Services by sitting anywhere in the worldto give you an example. If I'm sitting in some partof the world say, for example, I amin Japan right now. I can actually have accessto the services or data centers that are there in u.s. Right now. So that is how it works. You can choose your region. Accordingly you can pick youravailability zones and use those so you do not have to worryabout anything to throw some more light on it. You can take a lookat this small map which is the global map and itshows the different places which has its regionsand availability zones. Now as far as this map goes, I believe it's fairly old and it has been upgradedin recent times because AWS is putting a lot of effort to havemore data centers or more availability zonesas far as there. Wide reach is concerned and we can expect somein China as well. So yes, they are actuallyreaching for and white. So when you talkabout these regions and availability zones, if you take a look at this map what you can see isyou have your reason which is an orange color. And the number that is inside. It is the numberof availability zones that they has to be nowto give you an example. We have São Paulo, which says that it hasthree availability zones, so that is how it is and the ones that arein the green Are the ones which are comingsoon are the regions that are in progress and someof these have actually gone. I hadn't already started or have been madeavailable to people. So yes, this ishow the architecture works and this is how the databasearchitecture looks like. Okay, so let's move further and take a look at the nextconcept domains of AWS. When you talk about its domains.
The first domain that we are goingto discuss is compute. And when you talkabout compute the first thing that should come to your mindis easy to have a nice easy to it is elastic Cloud compute and what it doesis it lets you have a resizable compute capacity. It's more of a raw server where you can host a websiteand it is a clean slate. Now. What do I mean by this? Say for example,you go ahead and buy a laptop. It is a clean device where you can haveyour own OS you can choose which OS you want and allthose things accordingly. Your ec2 is again a clean slate and you can do somany things with it. Now next you haveelastic Beanstalk with lets you deploy your variousapplications on AWS. And the only thing you needto know about this thing is you do not have to worry aboutthe underlying architecture now, it is very similar to your ec2. And the only differencebetween the two is as far as your elastic Beanstalkis Concern you can think of it as something that has predefined libraries. Whereas your ec2 is a clean slate when I saypredefined libraries say, for example, you want to useJava as far as easy to goes. Now. This is just an example. Don't take it literallywill have to say for example, install everything fromthe beginning and start fresh. But as far as your elasticBeanstalk is concerned it has this predefined libraries and you can just goahead and use those because there's an underlyingSighing architecture, which is defined. Let me say it again. I just give you an exampledon't take these sentences literally so next we have migrationwhen you talk about migration, you need to understand one thingAWS has a global architecture and there would bea requirement for migration. And what aw does is it lets youhave physical migration as well.
That means you canphysically move your data to the data center. Which you desire now,why do we need to do that? Say, for example,I am sending an email. Somebody I can dothat through internet, but imagine if I haveto give somebody a movie. So instead of sending it online. I can actually go aheadand give it to someone if that person is meansreachable for me and that way it would bemore better for me. My data remains secure and so many other things so sameis with data migration as well. And when you talk about AWS, it has somethingcalled as snowball which actually lets you movethis data physically now, it's a storage service and it actually helps youin migration a lot security. And compliance nowwhen you talk about security, we have various services. Like I have I am we have KMS nowwhen I say I am it is nothing but your identification andauthentication management tool. We have KMS which letsyou actually go ahead and create your own publicand private keys and that helps you keep your system secure the quitea few other services as well, but I would be mentioning oneor two services from each domain because as we move furtherin future sessions, we would be discussingeach of these services in detail and that is when I would be throwing a lotmore Done these topics for now.
I would be giving youone or two examples and because I want youall to understand these to some extent getting into details of allthese things would be too heavy for you people because the quite a few domainsand quite a few services that we need to cover andas we move further definitely we would be covering allthose services in detail. Then we have storage nowwhen I talk about storage again AWS has quite a fewservices to offer to you. We have something calledas your S3 now s38 works as a bucket object kind of a thing. Your storage place is calledas a bucket and your object which you store in nothing, but your files nowthese objects have to be stored in their food files which act as the bucketsbasically and then we have something calledas your cloudfront which is nothing butyour content delivery Network. We have somethingcalled as Glacier. Now when you talk about Glacieryou can think of it as a place where you can store archives because it ishighly affordable next. We have networkingwhen you talk about networking. We have services like VPC.
Direct Connect Route 53, which is a DNS a when I say VPC it isa virtual Network which actually lets you moveor launcher resources. That is your AWS resources. Basically when you talkabout Direct Connect, you can think of it asa least internet connection which can be usedwith an AWS next on this list. We have somethingcalled as messaging. Yes AWS Usher'ssecured messaging and the quite a few applicationsto take care of that as well. We have something called asCloud trial we have opsworks all these things there. Help you in messaging or communicating withother parties basically databases now storageand databases are similar, but you have to understandone difference when you talk about your storage that is where you storeyour executable files. So that is the differencebetween the two and when you talk about databases, we have somethingcalled as your Aurora, which is something which is very sql-likeand it lets you perform various SQL optionsat a very faster rate and what Amazon claims hasit is five times faster than What aeschylus? So yes, when you talk about Aurora again a greatservice to have we also have something called as Dynamo DBwhich is a non relational dbms.
When you talk aboutnon relational dbms, I won't be discussing thatbut this helps you in dealing with various unstructureddata sources as well. Next on this list. We have the last domainthat is the management tools. Now when you talkabout management tools, we have somethingcalled as cloudwatch, which is a monitoring tooland it lets you set alarms and all those Thosethings hopefully today when we are done withthe demo part you'd be having at least one partof your cloudwatch code because we would be creatingalarms using Cloud was today. So stay tuned for that as well. So this is about AWS and it's Basics asin the points, which we just discussed that as what it is its use hasits advantages its domain its Global architecture. So you guys what I've doneis I've gone ahead and I've switchedinto my AWS account. The first thing youneed to understand is what AWS does is it offersyou a free tier now while I was talking about these things Ijust rush through it because I know that I was going to giveyou a demo on these things. So and I wanted to discussthis thing in detail. Now when you talk about AWS, if you are a beginner,this is where you start now, what aw does is it provides youwith its free tier which is accessible to you for Twelve monthsand the quite a few Services which we just discussed which are availableto you for free. And when I say freethe certain limitations on it as in these many hours is what you can use it forand this is the amount of memory or storage you can use in total and all those thingsand its capacity and everything based on that youhave different instances, which you can createan all those things. Now.
What aw is does is it givesyou these services for free? And as long as youstay in the limits that AWS has set youwon't be charged anything. And trust me when it isfor learning purposes that is more than enough andlet's quickly go ahead and take a look at these Services first and then there arefew other points, which I would liketo discuss as well. But firstly the freetier services and say this is what it has to offerto you 12 months of free and always free products when you talk abouteasy to which is one of its most popular computeServices 750 ours and that is per month. Next you have Amazon quick site, which gives you 1 GBof spice capacity. Now I won't get into the detailsof these things as an what spice capacity isand all those things when you have time, I would suggest that you go aheadand explore these things as in what do these things do today?
We are going to focus moreon the easy to part. So for now, let's quickly takea look at these one by one first Amazon RDS, which is again, which gives you send50 hours of your T, 2 micro instance Amazon S3, which is a storagewhich again gives you 5 GB of standard storage and it w is Lambda1 million free request. So there's someof the videos here actually which would introduceyou to these things that would help you get startedwith how to creating an account and all those things and thisis the other important point which I would like to mention. When you do createan AWS account. The first thing youneed to consider as they would be asking youfor your credit card details. So how does the login processwork firstly you go there you doing your email IDand your basic details as in why do you want to use itand all those things next? What it would do is justto verify your account. And it would ask youfor your credit card details, even the debitcard details work.
I've actually tried thoseso you can go ahead and give you a credit cardor debit card details. And when you do thatwhat it does is it subtracts a very small amountfrom your account. I did this in India, and I know that Iwas charged to rupees which is fairly less and that was againrefunded back to me in two to three working days. The only reason they cutthose two rupees was just for the verification purpose that my account is up and running and I ama legitimate user. Now as long as youstay in the limits, you won't be charged anything. But if you docross those limits, you'll be charged. Are you might beworried as an what? If I do cross the limitwould I be charged? Yes, you would bebut the fact is you actually won't go beyond it. And even if you doyou'll be notified seeing that you are goingabout the limit or about the limit. Even when your freesubscription ends. You are notified saying that do you want to enteryour billing details? And do you want to start billing and if you say yes onlythen would be charged for the subsequent. Months and that isa very stringent process.
You don't haveto worry about it. That is you won't be losing out on any money as long as youfollow these rules. So if you do not have an account my suggestionwould be you go ahead. You would log into AWS andcreate your free tier account which has a very easyand two to three step process. So guys, I would startthis session by talking about what is an instancewould understand. What is AWS ec2 servicewhich is core for us. Standing instances in AWS. Then we'll talkabout different types of ec2 instances would understand how instance pricing models work and we'll take a lookat a use case which would be followedby a demo that walks you through all the stuffthat we have talked about. So it is a fairly good content and a lot of stuffto study today. So as let us justquickly move further and take a lookat these things one by one. So first and foremost guys, we would be talkingabout an instance. So when you talkabout an instance, we have this definition here.
Let's try and understand what does this definitionhas to say first and then probably I would throwin some light on that. So as far as this definition goes it says and instance isnothing but a virtual server for running applicationson Amazon ec2. It can also be understoodlike a tiny part of a larger computera tiny part which has its own Hardware networkconnection operating system. Cetera, but it isactually virtual in nature. So there are a lot of words here and a lotof stuff has been said, let me try and simplifythis particular definition for you people. So guys when I saya virtual server running on your application not onyour application virtual server that basically hostsour application is what I should say. So what do I mean by this? What do I mean by a virtualinstance a virtual presence of a particular device? Well guys when you talk about software development elopementapplication development. What you do is you are supposedto build an applications and run those on servers right? But at times there are a lotof constraints like the space that you use the resources that you want to usesay for example, certain applications runon Windows certain run on Mac OS and certain runon your Ubuntu OS right? So in that case, I cannot always go aheadand have different systems and different operating systemson them and then run my applicationson top of that right because it is time consuming. Stu and also consumesa lot of money that you invest into it. So what isthe solution for that?
What if I could havea single device and on top of which I couldcreate virtual compartments in which I could storemy data differently store my applications runmy applications differently. Wouldn't that be nice? Well, when you talkabout an instance, that is what it exactlydoes you can think of it as a tiny part of a computer. Well, that is whatit is time to symbolize. I mean you have a systemon top of which. You can run differentapplications and how it works is if you are runningan application a in part 1 and running an application B in Part B of your server theseapplications have a feeling that they are runningindividually on that system and there is no other systemrunning on top of it. So this is whatvirtualization is. It creates a virtual environmentfor your application to run and one such instance of this virtual environmentis called as an instance. So when you talkabout virtualization, it is not somethingthat is very complicated. As you can seein the first image.
You can see a man surrounded by various virtual imagessomething that you see in an Iron Man movie. When you talkabout virtualization, it is very simple. It can be a simple computer which is shared by differentpeople and those people are working quiteindependently on that server. That is whatvirtualization is that is what an instances in this imagethe second image each All of this individual would beusing a different instance. So this is what an instance is when you talkabout virtualization. So guys, let us move further and take a lookat some other pointers. Now we understoodwhat an instances what virtualization isto some extent at least guys. As far as the session goes. I believe thisinformation is enough. If you wish to knowmore about virtualization, you can visit our YouTubechannel and take a look at VMware tutorial. It talks about this particularTopic in a More detail. So let's let us move furtherand try to understand easy to now now easy to as an Amazonweb services compute service. It stands forelastic compute Cloud. Now, what do I mean by this? When you sayan elastic Cloud compute? That means basically it isa service with lets you actually go ahead and CarryOut computation practice and when I say elastic it means that it is fairly resizableand fairly reusable.
Once we get into the demo part probably you'd geta better picture. What do I mean by elasticity? Because it is highlyflexible highly scalable. It is very cost efficientand it serves a lot of purposes. Now. These are some of the featuresthat I just mentioned right? Let me throw in some more lighton these pointers as well. What do I mean by scalable now when you talk abouta cloud platform one of its best features is it givesyou high amount of scalability? That means your applicationscan scale up. Down depending upon the data that you want to useon top of it. So if the traffic increasesmore you need more performance. So your applicationshould be able to scale to those needs, right? So that is what cloud computingprovides you with and that is what ec2 also providesyou with when I say an instance.
Basically, what you're doingis you're launching a virtual machine. It is called as instancein terms of AWS. So this virtual machineshould be scalable. That means it should scale up and scale down bothin terms of memory. A storage and even in termsof the computation that it is providing. So when you talk about easyto it is highly scalable. Once we get into the demo partyou would see this now it being scalable and it being cost-efficientmakes it highly flexible. So that is the third Point. Let us try and understandthe second Point as well. What makes easy to costefficient when you talk about cost optimization. What easy to does isit lets you scale up and down I just mention that right so instead of buying Number of instancesor instead of buying a number of services youcan actually go ahead and scale this instance up anddown with minimal cost changes. So you're saving money because apart from that thereare burstable instances. There are various pricing modelsthat ec2 boasts of using which you can actuallysave a lot of money as we move further. We'd be talkingabout those models as well. So meanwhile, just bear with meso easy to well it is a service which is a computation serviceand it takes care of Of following pointers.
I mean it is easily resizable. It is cost efficient. It is highly scalable and all these features makeit highly flexible as well. So guys, let us movefurther and take a look at some other pointers as well. So what are the typesof instances now when you talk abouteasy to it is one of the oldest AWS services. So if you talk aboutthe type of instances that are there in the market. Well, there arequite a few types of instances that you can deal with and these are someof the popular ones Once I move into the demo part, I would maybe talkabout other instances but to keep it simple basically these instancesthey have different families. I mean, you have the T Series you havethe M series The cseries. Well, basically these series consists of differentkind of instances that serve different purposesto simplify this process. What AWS has doneis it has gone ahead and categorized these instancesinto following types. The first one isyour general purpose instance. Now it is basicallysuited for applications that require a balanceof performance and cost that means places where yourequire quick responses, but it is still cost-effective.
I mean say for example the example shown hereemail response systems. Now you require a quick response and there will be nnumber of responses or n number of emails that would pop inbut you do not want to pay a lot of moneyfor this kind of service. So in this case you needcost optimization as well and you need Quickresponse as well. So this is where your generalpurpose instances come into picture next on this list. You have yard compute instance. Now what a computeinstances these are for applications that requirea lot of processing. Now when you say computation they havebetter computation power. That means if there isa lot of data that need quicker computation power youcan use these kind of instances. What is an example. You have your analyzingstreaming data now if you know, what stream Datais it is the data that continuously flowsin and flows out.
That means youare streaming the data say for example this session itis being streamed, right? I mean the information or whatever is happeninghere it is going live. So in order to processthis kind of data, you need systems that giveyou good computation power which are very activeand very good in nature. So when you talkabout compute instances, they provide you with these kindof services and that is why if you are dealingwith streaming data if you wish to analyzethis kind of data, Definitely go forcompute instances. So next on this list. We have memory instances. Now, what arethese instances for? Now? These are the instances thatare required for applications that require more memoryor in better terms more RAM, right random access memory. So these are for applications that require goodcomputation power again, like the previous one, but when you talk about Ram, it is something that residesin your local system, right? So you need instances. Which have good memory capacity and what kindof application it serves? Well, you canthink of applications that need multitasking multiprocessing say for example,
I
need a single system that does fetching data forme as well process it for me as
well dashboardit for me as well and then gives it tothe End customer as well.
So these kind of applications require memory instancesmoving further guys. We
have the storage instancesas the name suggests. These applications are or these
instances arefor applications that require. You to store hugeamounts of data. Say
for example, you have large size applicationslike your big data applications
where the amountof data is used number. So you would be requiring morestorage
more storage flexibility in that case. You can opt for instancesthat are
specifically optimized for storagekind of requirements. And then you haveyour
GPU instances. If you know what GPU isyou would understand what it serves that
means if you are interestedin graphical kind of work where you have basicallyA
heavy Graphics rendering in that case you can optfor GPU kind of instances
which basically help yousir purposes like 3D modeling and stuff like that. So
guys, this was aboutthe different kind of instances. Now, let us try and
understand what are the differentinstance pricing models that are out there. So
guys when you talkabout pricing ec2 or a SS in general, it ensures that youcan
save a lot of money, but normally what people dois they are under the And that
if we just go ahead and take in Cloud probablyyou would go ahead and save a lot
of money.
Yes Cloud does supportapplications in such a way that you would spend very less amount but it involvesa lot of planning guys. So each time you usea particular service. It is veryimportant to understand. How does thatparticular service work? And if you actually planin the services in that manner you would actually endup saving a lot of money. So let us try and understand how the pricing models workwhen you talk about it. See two in particular. So Guys. These are someof the pricing models that easy to hasto offer to you. You have your on demanddedicated on the spot and reserved instances. Now, let me try and simplifywhat these instances are. And what do I mean by these now when you say an on-demandinstance as the name suggests, it is an instancethat you demand and you get it. Now these instancesare made available to you for a limited time framesay for example, I need a particular instancefor an hourly basis. So I would be wantingto use that instance for only that Eurasian. So to use that instancefor that particular duration. What I do is I actually go aheadand demand this instance. So a tub - would give me that instancebut it would work for an are only so my prices for that instancewould be fixed on that manner.
I mean the fact that I would be usingit for one instance or for an one are basically so I would be charged onlyfor that one hour. And once that are is complete that instanceit gets Terminated on its own it's similar to renting a flatfor one month suppose if I move to a new city and I'm lookingsomething temporary say, for example, I'mlooking for a hostel or a paying guest kindof a living system. Right? So in that case, what I would do is I wouldupfront go and tell the owner that I would be stayinghere for a month. You can charge mefor a month only if it is 1000 morethan normal charge. It is fine. But once the month is over, I would like to leaveright so that kind of service or that kind of instance. Demand is called as on-demand instancesbasically dedicated now Guys. These instances arekind of given to a particular organization so that their securityis defined better than other say for example, if I need to protect my data, I need my data to be privatizedNow understand this thing AWS or the other Cloud platformsare highly secure. Your data is secure no matter whether they areon dedicated instance or not. But what happens is younormally share your Space with someone elsedata remains private but there are companies that deal with highlyconfidential data. And in that case they wantthat extra Assurance as an okay. I am using a spacewhich is not shared by anyone. So in that case youhave dedicated instances, which basically serve your needslike high security and basically an isolationfrom the other vendors as well. So that is what dedicatedinstances do they are costlier. But yeah, they give youthat isolation on spot. Now guys, when I sayA non spot instance, it is like biddingsay for example, I am buying a particular share.
So I havea particular budget right so I might havea budget of $300. So what I do is I goahead and buy the chair and I sat in a capas an okay to the max I can bid for $300for the share. So if the price goesabove 300 dollars, I'm not taking that share right? So if there is a particularinstance you can bid for that instance as an okay. This is the maximum pricethat I pay for this. Ernst so if that instanceis available at that price it is given to you and if after a particularduration the price of this instance can change so it is available to youfor a limited period of time. So if you are dealingwith data that is volatile and you want to workon the data in real-time, so you cannot for this instance because after a while the priceof this instance might change and this instancemight be terminated and you might not be ableto use it for a longer while but the thing it doesis it is available to you at a cheaper price? And at the pricing bitthat you put on it, so that is why itis more affordable. But again, it is good for volatile data only finallyyou have the reserved instance. It is like rentingan apartment on a lease for a longer period right? I mean suppose if I am getting a flaton an agreement will basis where I signan agreement for a year. That means Iam reserving this flat for one complete year, right? So nobody elsein comments say that okay, you have to vacate this. A flat right sothat is one benefit. And the other thing isyou have a fixed set of rent.
So if you're taking somethingfor a longer duration, there is a chance that you might end up payinglesser money for that as well. Now what happens here is when you talk about it from theinstance perspective suppose, you know that youwould be needing this much configurationfor this duration. You can rent that particularinstance for that duration, and probably you end upsaving a lot of money now when you talk about AWSit gives you Latif where you can actually go ahead and upscale downscaleyour instances to your needs. You can kinda terminate stuffand move to the next up. But if you are certainabout certain things as an okay, I have to use this no matter what happens for a longerduration in that case. You can offer reserved kind of instances and those aremore affordable to you. So Guys, these weredifferent types of instances based on the pricingthat is there. Now. We have talked about Generalcluster ization of instances, like the general-purpose the GPU that was basedon They're functioning, right then we learned aboutthe pricing models as well. Now. There is one more type that we need to understandor one more classification that we need to understand. Let us try and take a lookat those as well. So we are classifying instances based onthat General functioning. Now, what do I mean by this? Well, these are the types. Let us take a lookat those one by one first. So when I sayburstable instance, we've talked about generalpurpose instances, right? So what happens is there isa category of General. But was instances with start with a base utilization poweravailable to you. That means if you wantto utilize your CPU for a certain amount burstableinstances are good here. Let me throw in some more lightas in what am I talking about? Exactly suppose. I need a CPU utilizationof 20% And I know that so I can gofor burstable instances. What they do is they start with the functioningof 20% but in case if I'm dealing with data that It is not constant that might changewith time say for example, if my websiteexperiences more traffic, so I might needmore performance.
Right? So in that case what burstable instancesdo is they burst out of their current performance200% CPU utilization so that you can getmore performance. Now what happens here is youare charged a particular amount for these instances and you have certain creditsfor which you can use the burst people performance andif you do not use the bustable. Performance those creditscan be used later as well. So you are gettingoptimize performance as well. And you are savingsome money as well in case if there is an urgent traffic that you experience youhave something called as EBS optimized now when you talk aboutEBS optimized now, these are the applications where basically youare processing data at a higher speed. Say for example,there is some application where the data isflowing in continuously. So I need quick response, right? So EBS backed upor EBS optimized instances. What they do is they give youhigh input output processing and that is why these aregood instances to art for these situationscluster networking. Basically, they form clusters of instances nowa particular cluster what it does is it servesone kind of purpose say for example in my application. What I want is I havedifferent sections and in different sectionsmy first section requires To be processing dataat a faster rate.
The other one. I wanted to be storage optimized so I canDefine different clusters of instances that servedifferent purposes here. And then I havethe dedicated one. We've already talkedabout dedicated one. It is more relatedto the data security part. So Guys, these were thedifferent types of instances. I know I've talkedabout a lot of stuff once we get into the demo part probably this would ease upa little more for you people. I believe you people are with me and you arefollowing this session. So guys now let us move furtherand take a look at the use case so that we can just move further and take a look at the demo partas well for this use case. I've considereda derecho itself. Let us try and understand what could bethe possible problems that can be solved byusing these instances. Now imagine that if it is Erica used AWSas their Cloud partner and they used the ec2 service. So what kind of problems couldbe solved by these instances that we just talked about suppose we havethe first problem where you have To analyzethe data of the customer.
So what kind of applicationwould you use? Can you guess that for me? I won't be lookingat your answers. Let me just quickly go aheadand give you other examples as well so that we can discussthese one by one suppose. You also have an autoresponsible system now compare these two and letme know which one would you believewould be served better by these instances thatwe've just talked about. So when you talkabout the performance here guys when you talk about analysisof data for the customers data, it is never Went right at times the data is usedat times it is less. So in this case,I would need burstable performs. So my general purposeburstable performance instances would serve me better rightauto response email system. I need quick response, but I do not wantto invest a lot of money EBS optimized instances with iops would help me bettersearch engine and browsing. I believe it is fairly clear. I'm talking about browsingand search engine to different things I wantto do I would be opting for Stud Network instances, right and confidential data. Well, I would be opting forthe dedicated instances here.
So guys, this wasa very simple use case. So let us move intothe demo part and try and understand ec2 a little more shall we so guys whatI've done is I've gone ahead and I've signedinto my AWS Management console. Please forgive me guys. I have a lot of gold today and that is why my voice islittle Jiggly and echoing. So I hope you peopleare not offended by that moving further. The guys this isthe AWS Management console. You can sign in to AWSfree tier account and probably Availthese Services you can practice a lot of stuff by signinginto your free tier account. How do you do that? Just go ahead and look for a SS free tier and sign inwith your credit card or debit card. You won't be chargedyou have these services for free for one complete year and you can practice mostof the services that are there. There is some free tier limiton these services. So check the upper cap asin what those limits are so that you Get charged. So guys this ishow the console looks like. We are going to go aheadand learn about easy to hear. That is the instantservice in AWS. So let's search for ec2. And you would be redirectedto this page guys. Now when you talk about ec2, there are a lot of thingsthat you can do. You have Amazon Marketplace where you have am eyes,I will tell you. What am I is our do not worryyou can just go ahead and launch our instances. You can attach volume to it. You can detach volume storagefrom these instances. And when I say am I is those areAmazon machine image has that means once youcreate an instance, you can create an imageof that instance as well. That means a templateof that instance as Suppose you havecertain applications running on top of that instancecertain specific settings that you've donefor those instance and you do not want to dothose settings again. And again, you can create imagesof that instances as well. So let us see what all we can dowith these instances. So let us firstlaunch an instance. So guys, once you clickon that launch instance button, you would be given a number of options to choosefrom you can launch Linux instances Ubuntuinstances Windows instances. And you can choose the EBSbacked up non-abs backed up.
So there are a lot of choices when you actually go aheadand launch these instances. You can see this UbuntuRed Hat Microsoft Windows and there are specificinstances specialized in deep learning someof our service specification. You can see that there arequite a few instances, but ensure thatif you are practicing choose the free tiereligible one for now, I'm going to go ahead and launcha simple Windows instance. Let's not getinto the Ubuntu one because Request a petitionto sign for that. So let us not do that. So guys once you clickon launch an instance, you can see that youare redirected to this page. Now if you take a lookat the information here, it talks a lot. Now. This instance isgeneral purpose. We've discussed theother families, right? This is one. This one is T 2 micro there are t 2 T 3 micro and mediumand bigger instances as well. The size is very guys the Titomicro one is free tier eligible. You have t to Nanoyou have small right? So you have me doAnother large instances as well. So when you say a microphone, it has 1 V CPU and one gigabyteof memory instant storage. It is EBS backed upand what kind of network performance itgives you low to moderate. So I would sayconfigure further. These are some configurationdetails what network it is following what subnet ID. It is falling that means it fallsunder the cloud Network guys. That means your Cloudwould have a network and under that Networklies are instance so that it's accessible. SS policies security policiescan be managed.
So let it be basic for now. Let us move further. Storage now guys, this is the storage itis your route storage and 30 GB of space. You can change it if you want say a hundredbut let us take 2 34 now and guys you can seethese are the types. You have a general purpose. You have yourprovisioned magnetic now, there is one more typeof instance guys. That is HDD kind of an instance, but guys when you talkabout root storage, you cannot attach HDD to it, right because routestorage is something that is constantly Constant, if you wish to have HDD kind of storage it hasto be attached secondary. So if I add new volume here, you can see and if Isearch for this now, it gives me an optionof cold HDD, right? So that is what guys I meanin order to have this kind of HD kind of a volume you needto use secondary storage for it. So let us cancel this for nowand just go ahead and say next you can add in tags guysfor the Simplicity of namesake say for examplesample today and let's just say next Security Groupguys Security Group. What do I mean by this? Well, basically you have set of policies as inwho gets to access. What kind of traffic do youwant to your instance? What kind of traffic do you wantto flow out of your instance so you can create a security group and youcan use customized as well when you create onethis type is RDP.
That means it can allowtraffic from a desktop or a remote desktop appand through which I can log. To my system I can addother rules as well. I can add PCP HTTPkind of rules. And these are the port rangesyou can specify those for now. I'm allowing trafficfrom everywhere through our DP and I can say review and launch improveyour security it says but this is a basic one guys, you can add in more rulesas I've already mentioned. So let's not do that. Let's say launch generate a keypair now a key pair is something that lets you loginto your instance. It is a double securityfor your Instance you do not want your instanceto be left insecure. Right? So in that case,you need to generate a key pair. You can use an existing one or you can createa new one as well. So let's just say that I want to createa new key pair. So I say create and let us sayVishal 3 4 1 2 1 and let's just say download. So guys once youdownload this instance, what you do is and protects cut it from hereand I'm going to go ahead and paste this instance to the desktop guys andlet's just say paste.
Here it is. So the reason I'm doing this is because basically wewould be needing this thing is if you lose this key thereis no other way to explain. Is your instant somake sure you keep it safe and I say lunch. So guys now this processit takes a minute or two to go aheadand launch our instance. So meanwhile you'd haveto bear with me. So what happens is once you do actually go aheadand launch this instance. It involves a couple of steps like basically it doessome Security checks some status checks andwhile these statistics happen, it takes a minute or two and once the instances upand ready we can actually go ahead and take a lookat this instance. So meanwhile guys what I'm goingto do is I'm going to go ahead and take to the ec2 part Nowthere are three instances that are running guys. Now, this issomebody else's account. So there are quitea few other instances that are running you can see that there must besome instance here which basically is initializing. So this is the onethat we are going to use. This is the ID. Let's not remember that we know that thisis getting initialized. So as these are the otherinstances this one is start. Let us take a lookat this instance as well to understandas an what happens. So Guys, these are the optionsthat I have right? You can actually goahead and get the password. You can create a templatefor your instance. What you can also dois you can start stop. Now.
This instanceis already stopped. So you do not have these optionsthat has stops. He Burnett and reboot youcan start this instance and probably you can goahead and do that. Now when you stop an instance if you want to actually make a snapshot youwant to take snapshots you want to create Amazonmachine image is out of it. What you do is youstop that instance so that you preventany activity from happening. In that instance so that you can takean exact snap of it. So that is why youstopped an instance when you wish to dothese kind of operations. Once you start it again, you can make it functionnormally at it was functioning. If you are doneusing an instance, you can terminate it there and there guys, so these arethe options instance setting. Okay. So as these are the optionsyou can add tags to it. You can attach replace. I am rules that isaccess management policies guys. So you have a useraccess management. Here you can attachroles to it as well. You can change the instancetype guys you can click on it and you can go aheadand do that. You can change itto higher versions as well. Now, why do you needto do this suppose? I am experiencinga particular traffic and my instancesupports that need but if I move further and future,
I need to cater more traffic. What do I do in that casein that case guys? I can actually goahead and update it to a larger versionunlike your other applications. You areon-premise infrastructure. Where you haveto actually go ahead and have new servers you dataon top of it here. What you do is you just clickon this thing and it happens in a couple of seconds. You are instance gets optimizedor upscale to a better lever. And that is whyit is highly scalable because what you can alsodo is you can change termination protection of thisis for data security suppose. If I am usinga particular instance, and in that case, I accidentally deletedmy data would be lost. Right? So what this Does is it changes or turns my terminationprotection on that means if I have todelete this instance? I have to get into the instance. I have to change the policyand then delete it. I mean I cannot deleteit unknowingly, right? So that is why this servicehelps now while talking about these things guys areinstance is up and ready. Let us just launch it. I say connect. And it says downloadremote desktop file the RDP path that Italked about right and I need to get in my passwordas well guys to login. How do I do that? I click here. I choose the file for that. I'm gonna go to the desktop. I'm going to scroll down. There is a filecalled as Vishal. I open it and I decrypt itand there you go guys. My password is here. I can just copy it. So if this is copiedI can launch this. Remote desktop file. It would ask mefor the password.
I would say take this and okay. Do you want tologin and securely? Yes. And guys a Windows instancewould be launched. It is just like yourWindows operating system, but it is runningon my existing system guys. They can seepersonalized settings. It is setting uppersonalized setting for me and in half a minutemaybe in 10 seconds. My Windows app would beup and running. So just like my Windows device. I have one more Windows device so I can do somethingin this device and something else in my normalWindows device as well guys. So this is what you are. Instance does it basicallycreates an instance of word Sewell machine for you to work on I Believeby Navi one understood. What a virtual machine is. So guys we are donewith this part. So let us just use it for now. Let us see if there is anything elsethat we need to talk about now, if I come backhere I've mentioned that you can takesnapshots, right? So these are am is what am I is it is an image basically so I can actually go aheadand launch an Emi for an instancethat I already have.
I can create an image of it. There is a volume here. So my instances areEBS backed up right? So there is a block storageattached to it. Can I add another storage to it? Yes, I can remove the previous storage and attacha different storage to it. Say for example, this is the store isthat I have with me if I click on it and Iwill go into actions. I can createa A short out of it. Once I createa snapshot out of it. I can attach itto the existing instance. So we just launchedan instance, right? So if I want toreplace the volume that is already attached to it. What I do is I actually go aheadand detach the volume that is already attached. So I would be stoppingmy instance First Once I stopped the instance. I can come to the volume assume that this volume is attachedto some instance. So I need to detach itfrom here and the snapshot that I've already created. Or if I have created one, I can selectthat and I can attach that to the existing instance. All I have to do isI have to go ahead and create an image here. Once I create an imageit would ask me. What can I do with it? I would ask meto actually go ahead and given the region in whichthe instance was created. Now my instance that I just used was createdin a particular region. I'm working inOhio reason for now. What do I mean by these regions? Well, basically what SaysAWS has different data centers in different regionsof the world. So you can choose the reason that is convenient to you thatsuits your business needs right so I can create instancesin those particular regions. So if my instance wasin particular region, I need to createa snapshot in that region and then attach that snapshotor that volume to my instance. So guys I Believe by now, you've understood a lot of things you've understoodwhat instances are how to launch those how to create thoseand how to make those work. So as far as thisis Ian goes guys. I wanted to talk about these pointersone more important point that I would liketo mention here is make sure that you terminateyour instances so that to avoid any charges if there are any now thisbeing a free tier account. I don't think therewould be a lot of charges but still I would requestyou to actually go ahead and terminate the instances even if they don't charge you a lotbecause that is a good practice because there are certainservices that might charge you a lot more guys. So I'm going to terminatemy instances the ones that I have created today. So let's just wait a minuteand in a minute or two guys, these instances wouldbe terminated from end to end. Today's session is goingto be all about AWS Lambda. So without makingany further Ado, let's move on to today'sagenda to understand what all will be covered today. So we'll start off today'ssession by discussing the main services in the AWScompute domain after that. We're going to seewhy AWS Lambda is as a separate service. We're going to discusswhat aw is Lambda actually is and then we'll move onto the part where we'll see how you can use a double sLambda using the AWS sdks once we're done with thatI'll teach You guys how you can integrate your SDKwith the Eclipse IDE? And in the endwe'll be doing a demo. So let me quickly show you guys how we will be using AWS Lambdain today's demonstration.
So guys, this is a website that I created which is hostedon the Local Host. Now what this websitedoes is it applauds a file onto the H3 file system nowonce the file is uploaded. It sends me a mailregarding that now that meal is generated by a SS. I'm not now let mequickly show you how that mail actually looks like so let me uploada file over here. So let file be this I click onopen and before uploading image. I will show you my inbox. So as of now, I don't have anyAs you can see, right. So what I'll do is I'll clickon upload image now. It is S3 upload complete. Now. What is this website doesis it will upload my file? It will rename the fileaccording to the system time so that there is no conflictin the name of the object. Right? So whatever file that I've uploaded rightnow will be uploaded on in this bucket. So if I refresh this you can see that there's a fileover here, right? So this file has nowbeen renamed, right? Right, and I also havean email over here, which says awacs test, right? So if I click on this email, I can see that I have got a mailfrom this address saying that an object has been uploadedthe name of the object. Is this the size of the object? Is this the bucket name? Is this and it will slashmodified on 12/31 UTC right? So let me quickly compare whether this filename is the same. So it's seven four eight and it's a sinfor it here as well. Awesome. Now, the next cool thing that you can do over hereis you can move this file to some other folder. So all you have to do isyou will reply to this mail by saying move you clickon send now when I send move to this email address that I have configuredin my code what it does is it will basically movethis file from this bucket to some other bucket. So let me quickly. Press it and seewhether my file has been moved.
So as you can seemy bucket is now empty now. Let me go back. So basically my file wasthere in Erica demo now, it will be therein quarantine demo bucket. So as you can see seven foureight file has now been moved to the quarantine demo by simplywriting a male over here. It says move so we'll be creatingthis demo today. Let's move on to the first topicof today's discussion. That is the AWS compute domain. So the main services areunder this domain are easy to elastic Beanstalkand AWS Lambda. Now among these three the mostimportant service is easy to so easy to is basically justlike a raw server. It is like a personal computerthat you're working on remotely, right? So it can install any kindof improv operating system of your choice, which is supported bythe AWS infrastructure and then you can use itin any manner as you want. You can configure it to become. A web server. You can configure itto become a worker to your environment anything. Uh, next serviceis elastic Beanstalk, which is an automatedversion of ec2. So with the elastic Beanstalk, you don't get the accessto the operating system, but you still have a controlover the configuration of your system so you can choose what kind of instance you wantto launch, right? So elastic Beanstalk is usedto deploy an application. So basically you just uploadyour code and your application is deployed on theAWS infrastructure, right. So this is what elasticBeanstalk is all about. Then we havethe AWS Lambda service. So the Lambda service isagain an automated version of ec2 wherein youdon't get the access to the operating systemwith the errors Lambda. You don't even havethe choice to choose what kind of configuration you wantwith your server, right? So with either plus Lambda youjust have to upload your code and it executes. It's that simplebut then why do we have? Have an AWS Lambda servicewhen we have elastic Beanstalk. So let's understand that. So either plus Lambdalike a told you guys. It is an automated version of easy to justlike elastic Beanstalk, but then with AWS Lambda, you can only executebackground tasks, right?
You cannot deployan application. So either plus Lambda is notused to deploy an application. It is used to executebackground tasks. Other than that like I toldyou guys you don't have to choose the Integration and a double s Lambda youdon't have to choose what kind of servers you want ondepending on your workload. Thus kind of configuration. The server configurationis assigned to you, right? So this is whywe use AWS Lambda, but then let's go on to the definition part and seewhat AWS Lambda actually is. So according to its definition. It's a survivalistcompute service because you're not choosingthe server's right. You're not choosing what kindof Aggression you want in your server? It's a serverlesscompute service you just upload your code. And the code is executed. It's that simple right and also like it's mentionedin the definition and I told you guysagain again it is used to execute background tasks. It is not used to deployan application guys. This is the maindifference between elastic Beanstalk news12. So as an architect, you should knowwhat the use case is and with servicewill suit it better. So Moving on now, you've understood whatAWS Lambda actually is and why do we use it? Right? So let's move ahead to seehow you can use this service. So you can use the service usingthe software development kits which are provided by AWS. So before moving aheadand understanding how you can use the skills. Let's understand whatthese kids are all about. So the software development kitsare basically apis which are used by developers to connect to the desiredservice at the wound. So it makes the lifeof the developer easy because he can now concentrateon the logical part of his application rather thanwasting time on understanding how you can connecthis code to the service which is there on AWS, right? The other part is that these sdksare used with ID. He's right. So currently wehave only two IDs which are supported that is eclipseand visual studio.
So today in this session. I'm going to teach you guys. Is how you can connect your SDkeys with the Eclipse IDE? So let's do that. So before that weare going to configure or we going to code ra SSand of function in Java, right? And that is the reasonwe're using Eclipse. Now. First of all, you have to installeclipse on a system. Once you do that. This is the eclipse green guys. This is how your Eclipsedashboard will look like. So for installing ews SDKon your Eclipse, you have to click on Help and then you'll goto install new software. Once you have reached here. You will enter the website name. That is aws.amazon.com/ Eclipse. Once you have enteredthat just hit enter and it will list youguys all the SDK is which are availableall the tools which are availableselect all the tools and click on finish and then it will takesome time to download the SDK, but then it will integrateeverything into your And then you'll have a buttonlike this over here. Right? So with this button youcan actually deploy a new server which is configuredaccording to AWS. So guys, this ishow you install sdks with IDE. Alright guys, so it's time forthe demo now enough of theory. So what we'll be doing is where our aim isto create an application which will be uploading ourfiles onto the S3 file system. And what a Lambda functionhere Willy We'll be doing is so like I told you guys Lambda function basicallyexecutes your background task, right so that wedon't want to burden server on which the websiteis hosted in this task. We want some other serverto execute this task. What is this task?
We basically want to get an email with allthe details of the file, which has just been uploadedon the S3 file system. So that email will be sentby the Lambda server now once we get that emailif you reply to that email that the file has to be moved Lambda will Pick up that emailit will read that email and it will performthe necessary operation. So if we specify move, what will basically do is itwill pick that file move it to some other bucketand store it over there. So this is the project that will be doing rightnow sounds simple right? But let me showyou the architecture. Let me explain you whatthe architecture tells you. So basically thisis our website. So what our websitewe'll be doing is it will be uploading a fileonto the S3 file system. At the same time it will alsobe making an entry into the sqs, which is nothingbut a simple queue service which use your data, right? So as soon as your fileis uploaded on to S 3 S 3 is bucket is configured in a way to invokethe Lambda function. Now as soon as the Lambdafunction is invoked now Lambda functions are stateless. They don't know anything aboutwhat file you have uploaded or what you have done. You have to feedthem information. And that is the reason wehave updated the entry in s us or the file which Recentlybeen uploaded right? So what ew is Lambda will dois it will read this queue and we'll get the file name and we'll actuallyretrieve all the properties from that file name from S3. Now once it has retrieved all the file names allthe properties of that file. It'll actually mailed me with using the SES service inAWS the details of that file now once I receive the detailsof that file, I have an option to replyto that email, right?
Now how will I replyto that email is like this. So I will open the email client on my computer and Iwill reply to that email that email will actuallygo to that address which is actually pointedto my DNS server and that DNS server will actuallyredirect that email to SES. Now SES on receiving that email has been configuredto invoke the Lambda function that Lambda functionwill be invoked again. The file will be readfrom the SQL. That file will be movedto a new bucket and in the end that messagewill be deleted by ask U s-- now my Sus has been configured like this that in case I don't reply to that email withintwo or three minutes that message will automaticallybe deleted from the queue. And in that caseif you try to move that file, you will not be allowed to do so because that file isno longer available in the cube, hence. You cannot move it, right? So this is what our project. It is going to be all about now. I have already showed youhow the project works. So let me quickly deletethe project and again show you how it can be configuredfrom scratch right? So give me a moment. All right. So everything is set. Now the first thing that I'll be doing is I'llbe configuring my S3 to interact with my Lambda function, right? So what I have not done is I'mnot deleted the Lambda function because there's no point. You just have to click next and your functionwill be created. What matters is the code, so I have uploadedthe code in your LMS with the proper documentation. If you have any doubts, you can actually email meregarding the doubt and I'll clear it. You so as an architect, your job will be to acttake this architecture. Not the coding.
The coding part has to be doneby the AWS developer, but it is a goodto know knowledge, right? So that is the reason Ihave uploaded the code for the websiteand AWS Lambda to your LMS. Okay. So like I said, I have to configure my is 3so that it can interact with AWS number. Now. My website's code is like this that it will uploadthe file to a bucket in S3 called either a car. A demo, right? So what we'll be doingis we will be going to the Elder a car demo bucket. Which is here, I clickon the dareka demo bucket. I click on properties. I'll click on events and letme delete this event right now. Right? So I will be adding a notification now now letme call this notification as AWS - Lambda right. Now. What I want it to do is wheneverthe event is a put event that is and upload event. I want it. Send a notification tomy Lambda function. So I have to selectthe Lambda function. So my functionshould be this one and I will click on Save. Let me checkif everything has been filled. Yes. It has let's click on save. All right, so I haveone active notifications now now you might getan error over here saying that you don't havesufficient permissions. So if you get that erroron the right hand side, you'll have a buttoncalled add permissions. Mission just clickon that button and everything will open upan automatically basically those permissions arefor your Lambda function. Your Lambda functionmay not have permissions to get notifications from S3. But once you clickon that button, you will get the propernotifications automatic. Right? So this is how youwill configure your S3 bucket. Now, let's go backto our slide to see what other things we have to do. So we have configured RS3to invoke a Lambda function once a file is Loaded to S3.
Now. A Lambda has alreadybeen configured to interact with ses through the code, which is so through the code should be callingthe SES service and we'll be livingin a meal now the next function or the next thing isto configure SES or before that lets configureour sqs, right? So our sqs is basicallya simple queue service. So we have to create a queuein a COS in which our website. It will be uploading of files,right so let's do that. Let's just go backto our dashboard. So this is our dashboard guysand we'll go to the sqs service. Well, click on createnew Q fifo queue and that Q has to be namedas hello - Lambda. And since it's a fifo queue, you have to givethe extension as dot fifo. All is done. Let's click onquick create Cube. Okay, so my Q has now been created and now Ihave to configure this Q so that wheneverthe message comes in, it gets automaticallydeleted after 2 minutes. All right, so letus configure it so Will click on configure qand we set this to two minutes. All right. All is done. Let's click on Save changes. All right. So my Q hasalso been configured. Let me go back to my slide. Alright, so my sqshas been configured now, so let me configure my SES now now thismight be a little tricky. So hang on with me. We'll go back to the dashboard. We'll go to the ACs service. Now first of allin the SES service, you actually have to addthe email addresses. Now. How will youadd email addresses? You will actually haveto verify a new email address. Now you have to verifythe recipient as well. So since I want to receivethe email from the SES service,
I'll have to typein my email address, which is he meant at the rateof the rate during car.com. And we have to verifythis email address. Now I'll receivea verification email on him and the other a cannot go. So, let me quickly goback click on inbox now. I have gota verification request right? So I'll clickon this verification link. Okay. So my email address has now been configuredhas now been verified. So it sayscongratulations awesome. So let me go back to my ACSsays pending verification. Let me quickly refresh it. All right. So it says verified nownow let's go back to our slide. All right, so guys we haveconfigured the recipient of SES. But what about the sender right? So we have to configurethe sender as well because and why do we haveto configure the sender? And the sender hasto be a domain name that you own right? Can you have to ownthat domain name so that you can send emailsvia that domain name now what I mean by that is you may say that okay, why not use the recipientaddress only why not use payment Authority diwaker dotcofor sending the email but our applicationalso receives email if you would have noticed rightso for receiving the emails through a CSU have to actuallyown the domain name now since I'm an employee, I don't own any record or go, right? So what I've done is Ihave actually created a domain name I can geta free domain name. This website it ismy dot dot dot TK. You can go in this website and create a domainfor yourself for free. So basically you will be gettingthis domain name free for three months.
All right. I am almost fromthe expiry date. So I might have to renew it. Okay, but since this is a demo,let me quickly show you. All right, so I have actuallycreated this domain name and I can use this domain. Name to send or receive emails. Now what I'll have to do or how do I configure thisin my CSS is like this. So you will go to your SES. You see this tab? It says email receiving right? So we will click on rule sets and you'll have to createa new rule said before that. You have to actuallyverify a domain you basically have to verify that the domain is actuallyowned by you now how you will do that will clickon verify a new domain and you You will giveyour domain name here, which is any record or TK. Click on verify this domain and you will getthese two records over here. Now. Where will you enterthese two records is actually in the DNS server. So the domain nameEddie record or TK has to point to a DNS server, right? And in that DNS server, you will be puttingin these two records. Now. How will you point any recordor TK to a DNS server? So DNS server isbasically Route 53 8 so we'll be configuring Route53 with any record or TJ. Let me show you quicklyhow you can do that. Let me open my Route 53 service. So this is my Route 53 service. I don't have any hostof drones as of now. So let's click on get startednow click on create hosted zone. So my domain name isanyway card or DK right? Click on create.
All right, so I have createda hosted zone now in my Route 53. Now what I have to do isI'll have to connect this domain to my Route 53 now. How will you do that? You will click on manage domain. And you will clickon management tools and you'll clickon name servers, right? So these name servershave to be updated with the name serversprovided you over here, right? So let me quickly show you so you will copythis paste it here. Remember guys don't includethe dot in the end. Otherwise, it willgive you an error. So without the dotcopy the name server. Right, so I firstsave to and see if it's working clickon change name server. All right sayschanges saved successfully. All right, so it's savingthe server's now. So, let me copythe rest to as well. All right. So I've copied my name serversI click on change name servers and fingers crossed. Okay, so it sayschanges saved successfully. All right. So my domain name is nowpointing to Route 53 awesome. So now in Route 53, I have to includethese records now. How will I do that? Let me quickly show you so you go to Route53 and you will click on create record set now youdon't have Prototype anything here just in the type click on MX and in the value. So as you can see, there's a value for m xover here just copy this value and paste it here, right? This is it guys nothing hasto be done here. Click on create. Awesome, so I have an MX record now now let's we haveto create one more record, sir. And that name has to belike this right? So I'll copythis part paste it here as you can see now. The name is underscoreAmazon SES dot Ed u-- a card or TK. And as you can see the nameover here is to seem right. So this name has to be the sameand the type of value is txt. Select EXT from here and thenyou have to enter the value. So the value is this enterthis value over here and click on create. Awesome. So my Route 53 is nowconfigured to actually Sue actor receive the emailsfrom the Ed Eureka dot t-- k domain cool. So we'll go back to our SES now close it it sayspending verification refresh it. Alright, so as you can seemy domain name is now verified. All right, so let's just goto the rule sets now. So email receiving we haveto configure so I click on view active ruleset. There is no rule setswhile create a rule. Now I have tospecify a recipient. So let me specifyhello at the rate and Eureka door TK, right? I'll click on ADD recipient. So my verificationstatus is verified because my domain nameis verified now will click on next step. Now. What action do youwant it to do right. So if you receive emailon this email-id, what do you want to do? So what we want to do is we wantto invoke a Lambda function. Now what Lambda functiondo you want to invoke? I want to invoke my functionto and will click on next step. So everything seems finewill click on Next Step again. So it is ask me the rule name. Let me give the rule nameas Lambda - demo. click on next stepand click on create rule. Okay, so my rule set has nowbeen enabled awesome. So I have configuredmy SES as well. So let me go back to my slide. Alright, so I'veconfigured my CS I have configured my Route 53. I've configured my ews Lambda. I have configured my sqs. I have configured my S3. And my website is alsoconfigured right so we created a rescue SQ. So we may have to change the url in our code to Let'squickly do that. We'll go back here. Go to the dashboard. click on SQL s Alright, so this is our qand this is a URL. So basically I have namedthe queue seems so so if you do that sometimesa URL don't change. So let me see if I have to uploadthe code or not. So I'll go to my Lambda functionHandler go to the part where my cue is saved. All right, let meanyway space to Q over here. I think it is the same. Yes. It is the same. Anyways, let us save it. This is my function one. So let me upload the code now. So it's my functionand click on finish. Right, so it is uploadingthe function right now. So meanwhile, let me go to my function to and configurein the queue address, which is this. Paste it here control s save it. And once thisprocess is complete. I will upload this code as well. So while this is uploading, let me change the addressin my index file as well. This is my websites index file. So I'll go to the queue URLwhich is this. I will change it saveit and close it. Alright, so my website'saddress has also been done. Alright, so my code is uploadedfor this function. Let me upload the codefor function to as well because we are may changeupload function to AWS. So it is my functionto that is my function to in Lambda click on next. And click on finish. All right, so my codeis being uploaded Let's Wait Awhile so thatmy code gets uploaded and then we can proceedwith our demonstration. Alright, so my codehas now been uploaded to both my Lambda functions. Now. What I'll do is I will go to my local host websiteclick on refresh. And I will upload a file. So let me go back and see what is therein my bucket right now so that it becomes easier for us to verifythat a file has been uploaded. So as of now my bucket is empty. I there's nothing in my editor a car demo bucket and my otherbucket is quarantine demo. This is the place where my other filewill go right? Let me empty this as well sothat we are clear that some Checkedhas been added. All right, so this buckethas also been cleared. So we'll go to a local hostwill choose a file. So let's upload some image. So let it be this image, right I click on openand click on upload image. All right, so it saysS3 upload complete. All right. So let me check if a file has been addedin My riruka Demo bucket. I'll click on refresh. Awesome. So one file has been addedand it's called one four. Nine two, five foursix zero nine seven. Let me check in my emailto let me check if I got an email. So yes, I've got an email. Let me click on it. All right. So this is the nameof the file that I got, which is the same right? So, let me see if there is somethingin my Quarantine demo bucket, so there's nothing there. I'll come back now. I'll reply tothis email as move. So this basically means movemy file to some of the bucket and I'm replying it to hello either a TeddyRicardo TK, right? So now we'll hit on send. So my message hasbeen sent to Route 53, which will be sent to ACS which will invoke the Lambdafunction which will move. My file to the other bucket. So let us check if that is done. So first let us check if I enter a car demo buckethas been emptied so will click on refresh. Alright, so my I do takea bucket has now been emptied. Let's go back and check if something has an adin my core and tine Emma bucket. Alright guys, so my filehas successfully moved to this bucket LetUs verify the name. So this is one phone nine tofive four six zero nine seven. Let us check that in the email. So the email that we replied to had thenthe object name as one phone nine to five four sixeight or 7 so this is the same file you guys. All right guys, so we have completedour demonstration successfully. Welcome to the sessionon elastic Beanstalk a web application hostingplatform offered by Amazon. So without any delay, let me give youa brief overview of what we will bediscussing today firstly. We will see what elasticBeanstalk exactly is, and then we'll discuss certain. In Salient featuresof elastic Beanstalk moving on. We'll try to understand elasticBeanstalk a Little Deeper by taking a lookat its components and then atits architecture in finally, we'll try to deploy anapplication on elastic Beanstalk for practical understandingof the concept. So let's get started. What is elastic Beanstalk? If I have goingto find elastic Beanstalk and Amazon terminology, then it is a platformas a service where you can deploy your application, which you might have developed with programming languageslike Java dotnet PHP node.js and many others on familiar servers such asApache nginx passenger and Tomcat the definition, which I just mentionedseems to have a lot of technical terms as ended. Well, let's try to figureout what elastic Beanstalk is and simple terms. All right, let's say you Needto build a computer tonight. Well, you have two waysto go at it first. You can go to a computerWarehouse Computer Warehouse is a place where you have differentcomponents of computer laid out in front of you like you have CPU motherboardsrouter disk drive models and many other componentsyou can choose which have a component you needand assemble them and form a brand new computer. This is similar to situation when you try todeploy an application without using elastic Beanstalk when you try to developApplication by yourself you will have a list of taskswhich you need to do. Like you might have to decide on how powerful you wantyour ec2 instance to be then you have to choosea suitable storage and infrastructure stackfor your application. You might have to installsubstrate surface for monitoring and security purposes aswell moving on to option b, you can always visitan electronic retail store which has pre-configuredcomputers laid out in front of you. Let's say you area graphic designer and you want a computer which has a modern graphicaluser interface installed in it. All you have to dois specify this requirement to a salesperson and walk outwith a computer of your choice. Well, I personallyprefer this option. This is similar to the situationwhere you're trying to deploy an applicationusing elastic Beanstalk when you use elastic Beanstalkto develop your application. All you haveto do is concentrate on your code list of the tasks like installing ec2 instances auto-scaling groupsmaintaining security and monitoring. Etc is done byelastic Beanstalk. That is the beautyof elastic Beanstalk. So let's go back and take a lookat the definition again and see if he'll understandit this time. Well elastic Beanstalk asa platform as a service where developers just haveto upload their application load balancing auto-scalingan application Health monitoring or all and it automaticallyby elastic Beanstalk. Now, let's try to understand how elastic Beanstalkas a platform as a service is beneficial. Vishal to app developer. I'm sure most of you know, what platform as a servicehas but let's try to refresh what we know platform as a service asa cloud computing service which provides you a platform where you can deployand host your application elastic Beanstalkmakes the process of app development much more fun and less complex and Ihave five points to prove that to you firstly itoffers quicker deployment suppose you're developingan app by yourself. Then you'll have to do a lotof tasks by yourself like you might After decideon ec2 instance choose a suitable storage and infrastructure stock as well as installauto-scaling groups as well. And then you might haveto install substrate surface for monitoring andsecurity purposes. Well, this will takequite a lot of time but if you have usedplatform-as-a-service to develop your app then all you haveto do is develop a proper court for your application rest will be handled byplatform as a service or elastic Beanstalkin this case, which makes the entire process of app developmentmuch more faster. now secondly elastic Beanstalk simplifies entire appdevelopment process like the set or developers haveto do is concentrate on developing a codefor their application rest, like monitoring serversstorage networking Etc and managing virtualizationoperating system databases is done by elastic Beanstalk, which simplifiesthe entire process for a developer usingplatform as a service to deploy our application makeCenter app development process more cost-effective if you're tryingto dip By yourself, then you might have to installseparate surface for monitoring and security purposesand I'm sure for that you'll have to paya lot of money extra money. But if you're usingan elastic Beanstalk to deploy your application it will provide you allthis additional software such as a package and you can avoid payingunnecessary operating costs also elastic Beanstalk offers multi-tenantarchitecture by that. I mean, it makes it easy for the users to sharetheir application on different devices. And that too with high security when I say highsecurity platform as a service will provideyou a detailed report regarding your application usagedifferent people or users who are trying to accessyour application as well. But this informationyou can be sure that your application isnot under any cyber threat and finally platform as a service provides youan option where you can know if the user who is usingyour application is getting a better experience out of it ornot with platform-as-a-service. You can collect feedback at Seven stagesof your app development like during development stage like testing Stageproduction stage design stage by doing so you will havea report regarding how your applicationis performing at every level and you can makeimprovements if needed. So this is how platform as a service like a are an elasticBeanstalk makes it easy for developers to developan all-around perfect up guys will be ableto relate to this point when we try to deployan application using elastic Beanstalk in the laterpart of this session. You'll understand. How will a StickBeanstalk is beneficial to app developer in Marquette. There are quite a lotof application hosting platforms which are providingplatform as a service. Let's have a lookat few of that. First. We have somethingcalled openshift. It is a web hosting platformoffered by Red Hat. Then you have Google app engine which we all know ask a lingoat is a platform as a service where you can deploy yourapplication and just do minutes apparently will provide youa production ready environment where all you have to dois deploy your application code. Then you have python anywhere. It doesn't onlineintegrated development platform and web hosting service as well. But based on Python language, then you have elastic Beanstalkoffered by Amazon moving on. We have a sure app Servicesby Microsoft and many others. But today our main focus will beon elastic Beanstalk, which is a web hosting platformoffered by Amazon now that you have basicunderstanding of elastic. Stop, let's go ahead and take a look at fewof its features. Mostly all the featuresare similar to the ones which we discussed earlier, like elastic Beanstalk makesan app development process more faster and simplerfor developer moreover. All developer hasto do is concentrate on developing code listof the configuration details and managing and monitoring details will be handledby elastic Beanstalk. Also elastic Beanstalkautomatically scales up your abs resources, which have beenassigned to your uh, Occasion by elastic Beanstalkbased on your application specific needs butthere is one feature which is specificto elastic Beanstalk suppose. You have deployed an applicationusing elastic Beanstalk, but now you want to make changesto the configurations which have been already assigned to your application byelastic Beanstalk though. Bienstock is a platformas a service. It provides you with an option where you can changethe pre-assigned configurations like you do and infrastructureas a service. Well if you remember Memberwhen if you're trying to use infrastructure-as-a-service todeploy an application, you will have full controlover AWS resources. Similarly Beanstalk alsoprovides you with full control over your AWS resources and you can have accessto the underlying resources at any time. Now, let's try to understand elastic Beanstalka little deeper first. We'll be discussing fewcomponents of elastic Beanstalk, then we'll have a lookat its architecture. What we have your first wehave something called application suppose youhave decided to do a project. So what you do you go ahead and create a separate folderon your personal computer, which is dedicatedto your project. Let's say your project needsApache server SQL database and a platformingsoftware like Eclipse. So you installall the software's and stole them in the folder which is dedicatedto your project. So that will be easy for you to accesswhenever you need all the software's similarly when you try to dodeploy an application on elastic Beanstalk Beanstalkwill create a separate folder which is dedicatedto your application and an aw storms. This folder iswhat we call an application if I have to Define folder orapplication in technical terms, then it is a collectionof different components like environmentsyour application versions and environment configuration. Let's try to understand eachof these components one by one. We have something calledapplication version suppose you have written a code stored. In the file and deployedthis coat on elastic Beanstalk and your applicationhas been successfully launched but now you want to makecertain changes to the code. So what you do you go ahead and open the file makechanges to it save it and then again deployed on elastic Beanstalkelastic Beanstalk again, successfully launchesyour application. So you have two versionsof your application now, it's just a copyof your application code, but with different changes and elastic Beanstalkwill provide you with an option where you can uploaddifferent versions. As of your application without even deletingthe previous ones then we have something called environmentenvironment is a place where you actuallyrun your application when you try to launch and elastic Beanstalkenvironment Beanstalk starts as ining various AWS resources, like ec2 instancesauto-scaling groups load balancer security groupsto your application the point which you have to rememberis at a single point of time environment can runonly a single version of your application. Elastic Beanstalk will provideyou with an option where you can create multiple environments foryour single application suppose. I want and different environmentfor different stages of my app. Like I want an environmentfor development stage one for production stage and onefor testing stage. I can go ahead and do that create a differentenvironment for different stages of my application and suppose you have sameversion or different version of your application installedon all these environments. It's possible to run allthis application versions at same time. I hope that was clear. Well, you'll understandthem practically when we try to deploy an application inthe later part of the session. Then we have somethingcalled environment Tire when you try to launchan elastic Beanstalk environment elastic Beanstalk asksyou to choose amount to environment tires, which are webserver environment. And then you haveworker environment. If you want your applicationto handle HTTP request, then you chooseweb server environment. And if you want your applicationto handle background task that is where a work environmentcomes into picture. Sure, which to chooseeither web server or work environmentand how to work with them when we'll try to deployan application in later part. And lastly we havesomething called environment Health based on how your application is runningBeanstalk reports the health of your web server environment and it uses differentcolors to do. So first gay indicates that your environmentis currently being updated. Let's say youhave installed one version and now you're tryingto upload different version. Well, it's taking a lot of time so that timeit shows gray color. It means your environment isstill under updating process. Then you have green which means that your environment has passedthe recent health check. Then you have a low which means that your environment has failedone or more checks and red failed three or morechecks moving on. Let's try to understand the architecture ofelastic Beanstalk. Like I said early onwhen you try to launch an elastic Beanstalk environmentBeanstalk ask you to choose Was among two different environmenttires firstly we have web server environmentweb server environment usually handles HTTPrequests from clients and it has different componentsfirstly we have something called environment. You know, what environmentis it's a place where we actually run your application and Beanstalk provideyou with an option where you can createmultiple environments and the main point isat a point of time this particular environmentcan run only one version of your application movingon we have Something called elastic load balancer. Let's say your applicationis receiving a lot of requests. So what elastic load balancerdoes is it distributes all this requestamong different ec2 instances so that all the requestsare handled and no request is being delayed. What actually happens is when you launch an environmentor URL is created and this URL in the formof C name is made to point elastic load balancersenior is nothing but alternate name for your url. So when your applicationreceives requests all these requests are forwardedto elastic load balancer and this loadbalancer distributes. These requests among ec2instances of Auto scaling group. Then we have Autoscaling Group Well, if your web server is tryingto handle a lot of traffic and it's having a scarcityof ec2 instances, then Auto scaling group automatically installsfew easy to instances. Similarly. If traffic is very low, then it automatically terminatesunder use ec2 instances then we Have ec2 instance. So whenever you tryto launch an elastic Beanstalk environment Beanstalkwill assign your application with a suitable ec2 instance, but the software stack likethe operating system the servers and different software's which are supposedto be installed on your instance are decided bya device called container type. For example, let's say my environmentas Apache Tomcat container. So what it does it installs Amazon Linux operatingsystem Apache web server and Tomcat software. Do you see two instancesimilarly depending on your application requirementsit installs different software stack on your ec2 instances. Then we have a softwarecomponent called host manager which runs on everyeasy to instance that has been assignedto your application. There is host managersresponsible for various tasks firstly it will provideyour detailed report regarding performanceof your application. Then it providesinstant level events. It monitors your applicationlog files as well and it monitorsyour Datian server, you can view allthese metrics log files and create various alarms oncloudwatch monitoring dashboard. Then you have securitygroups Security Group is like a firewallto your instance. Not anybody canaccess your instance. It's just for security purposes. So elastic Beanstalk hasa default Security Group, which allows client to accessyour application using Port 80. You can Definemore security groups if you need and then elastic Beanstalk alsoprovides you with an option where you can definea security group. All your databasefor security purposes moving on. We have somethingcalled Walker environment. First question that comesto our mind is what is worker. Well suppose your web server hasreceived a request from client. But on the way while it's trying to process therequest it has come across tasks which are consuminga lot of resources. I'm taking a lot of time because of whichit's quite possible that your web servermight deny other request. So what it does it forwardsthese requests to something called Welcome these workerhandles all this stuff. Us on behalf of web server. So basically worker is a processthat handles background tasks which are time intensiveand resource intensive. And in addition. If you want you can use walker to send email notificationsto generate metric reports and clean up databases when needed let's try to understand why we need Walkerwith the help of you skis, so I have a client he has madea request to a web server and the web serverhas accepted the request and it startsprocessing the request but While it's processingthe request it comes across the switchare taking a lot of time. Meanwhile, this client has requested or sendanother request to a web server since web server is stillprocessing the first request it denies second request. So what is the resultof this as the performance and the number of requests accepted bya web server will drastically decrease alternatively let's saya client has made a request and your web servers accepted it and it starts processingthe request and again, it comes across Stars which are doing a lotof time this time. What it does it transfers or it passes all this taskto walk our environment and this work environmentwill handle all these stars and request oneis successfully completed. Meanwhile, if itreceives a second request since it has completedprocessing request one, it will accept requests to Ihope the scenario was clear. We'll all we are doingby installing work environment is we are avoiding spending lotof time on single request here. Now, you know whatweb server environment is and work environment is and whydo we need work environment? But there has to be some way sothat this web server environment can pass on this taskto work environment. Let's see how so you haveyour web server environment. It has received a request and while processingit as encounter tasks which are taking a lot of time. So what it does it creates andsqs message sqs is a simple to service offered by Amazon and this message is then putinto es que es que and the differentrequests are arranged based on priority in this qsq. Meanwhile when you're tryingto install Walker. Environment elasticBeanstalk has installed something called demon. What is demon does it pullssqs message from Askew and then it sends the Starsto web application, which is running on vodka environment asa result or as a response to spin start applicationhandles all the stars and responds withan HTTP response option. So this ishow the entire process of handling tasks transferringand then handling does goes on so you have a client he has madea request to a web server, but the web serversencounter with tasks which are I'm consumingand resource consuming. So it passes thisrequest rescue is Cube. And when you tryto install walking environment, there's a demon which pullsout all this messages art us from your rescue. And then this demonsends all the stars to our application applicationresults all the stars and then it respondswith a HTTP response option. So this is how your toapplication communicate I can read was lot of 30. Don't worry. We have arrivedat the fun part of session where we'll be tryingto deploy an application using elastic Beanstalk hear you by doing or by creating an application onelastic Beanstalk practically, you'll understand differentconcepts its architecture and different environment tiresand all this. So let's go ahead. So this is my areaplus Management console. And if you want to take a lookat all the services, then you have all the services here, but were mainlyconcerned with elastic. Up, which have recently used. So it shows that all recentlyused resources or Services here. So I'm going to choosethat elastic Beanstalk and this is my Beanstalk console. If you're trying to deployan application for first time, this is the page where you landwhen we scroll down it says that I can deploy an applicationand three easy steps. All you have to do is selecta platform of my choice then upload our application code if I have one or usea sample application code and then run it. Let's see if it'sas Easy as it says here, so go ahead and click on createnew application option here. It will ask you for applicationname and description. I'm going to name my applicationas Tomcat app then description as my new web app. And then I'm going to clickon this create option C. When I try tocreate an application. It has created a separate folder which is dedicatedto my application. And in that folder, we have different componentsas you can see here. I have my environment then Ihave application versions and if I've saved any configuration, it will show allthe saved configurations here. Now. Let's go ahead and create an environmenton the right side. You see an actions optionand you click on that you get different choices. You can just selectthe create environment here. So again, it's asking you to choose among two differentweb environment tires. You have web server environment and work environmentin web server environment. Your application handlesHTTP requests from clients. Then you have work environment where your applicationwill process background tasks like time intensive and resource consumingtask in this demo. I'm going to work onlywith Observer environment. You can go ahead exploreand create work environment. Once you understand how to deploy an applicationon elastic Beanstalk. So I'm going to clickon the select option here. It will take me to a It's badenough to give a domain name or in technical terms are URLto my application. You can give any URLof your choice and see if it's available. So let's say my Tom appand it see if it's available. It says the domain name isavailable then description. I'm going to giveit a same as before. So my new web app then when I scroll down it asked mefor a platform of my choice. There are different options. You have go then you have dotnet Java Ruby PHPnode.js python Tomcat. At and if you're tryingto deploy an application on the platform, which is not here, you can configureyour own platform and deploy turnelastic Beanstalk. It provides an option here. You can see there'sin custom platform here. So I'm going to choose Tomcatplatform for my application. And since I'm notany kind of developer, I'm just going to go aheadand use the sample application provided by Amazon. But if you haveany application code if you have created or developsome code you can store that in a file and uploadyour it says you can upload your code then you have a zip. You need to convertyour file to zip our war file and then upload it here. So I'm going to justselect sample application and then click on createan environment here. So it's going to take awhilefor elastic Beanstalk to launch my environment though. It's not as much time as it would havetaken me to develop entire application by myself while elastic Beanstalkis trying to launch environment. Let's discuss some points or inthe earlier part of the session with discuss some benefits ofelastic Beanstalk firstly I said that it fast ins your process. Of developing an entire. So it's true. Doesn't it? All I did wasselect the platform of my choice dress is doneby elastic Beanstalk itself. So thereby saving a lotof time similarly it simplifies the processof app development again. All I did was selecta platform of my choice like installing easyto instances security groups Auto scaling groups and assigning IP addresses restis done by elastic Beanstalk. I even mentioneda point where I said that it will provide elastic Beanstalk provides youwith an opportunity. And now you can changethe present configuration. We'll explore that. Once the environment is created. Let's go ahead and seewhat elastic Beanstalk is doing. It says that it has createda storage for my environment. Well S3 bucketsolar all my files where I have my application codeare stored there then test created a security group as well and elastic IP address then it saysit's launching an ec2 instance. So you see it's as easy as that. All you have to do is selecta platform of your choice rest is Founded by elasticBeanstalk and later on if you're not satisfied. If you want to changesome configuration, you can go aheadand do that here. Look at this. This is the IP addresswhich are domain name which are assigned to my up. It says new instance has been added and in additionit showing each task while it's doingIsn't that cool? You'll know what yourenvironment is currently doing. So it's still taking a while. So it says it has installed and added instanceto my application and my environment has been We launched it is finishedalmost all the tasks. It should have takento environment page now. So this is my environment page or you can seeour dashboard first. You have environment healthier. It says green. It means that my environmenthas successfully passed the health check thenit shows the sample version of your application since I've used the sampleapplication and saying sample application here since I've chosenTomcat as my platform. It has installedsuitable infrastructure stacked like Amazon Linux and you have Java8 aiming language. Let's go aheadand explore this page first. We have somethingcalled configuration here. Like I said, though,it is a platform as a service. It provides you with an optionvalue can change configuration. So you will have full controlof your resources first. We have somethingcalled instances here. When I click on modify option, you can see that elastic Beanstalkhas assigned micro instance to our application if I want I can goahead and change it to different instance based on my applicationrequirement scrolling down. I have cloudwatch monitoring. If I want detailed monitoring,then I can go for one minute if I want basicmonitoring or not. So detailed monitoring then Ican choose five minutes here. Then I have an optionof resigning storage to my application aswell at says we have magnetic storage general purpose and provision. Iops as well. When we scroll down again. We see differentsecurity groups. I can just click on that and the security groupwill be added to my application. So once you've madethe changes you can click on apply option or do Ihaven't made any changes. I'm just going to click here. So now elastic Beanstalk istrying to update my environment. So it's showing gray color here. If you recollect a mentionedduring the earlier part that grey indicates. My environment is being updated. Okay, let's go backto configurations. We did have a look at instances. Then you have somethingcalled capacity apparently elastic Beanstalk is design a single instanceto my application. If I want I can go ahead andchange to auto-scaling groups. You have an optioncalled load balance so you can click on that hereand you can set the minimum and maximum number of instancesthat your auto scaling. Group can install as well then if you have chosena load balancer option earlier than a load balancewould have been enabled here. Then we have monitoring details which provides you withtwo options enhanced monitoring and basic monitoring and when we scroll downyou can see a streaming to cloudwatch logs option here. So if you want your log files, you can view themon cloudwatch dashboard as well. You can set the retention periodaccording to your choice and suppose you want your application forsome private purpose. Then you can create a generatea private VPC for you. Your application similarly, you can add or decreasethe amount of storage as well. So by explaining all this what I want to say is your handsare not tied you can make changes to configurations. If you want. Then we have logs option. If you want to have a lookat the last 10 lines of your log files,then you have an option. It says last hundred line. Sorry lost a hundred lines thenif you want full log files, then you click on thatdo provide you a file and download format. You can just download it. Then we have health option herewhere it provides health. You are a cc sources basicallyshows ec2 instance here. It says it's been7 minutes or six minutes since my ec2 instancehas been installed. Then you have monitoring where it showsdifferent monitoring details like CPU utilization Networkin network out. If you want you can go aheadand create an alarm with alarm option here suppose you want notificationsto be sent to you when the CPU utilizationor when the number of ec2 instances are scarcein your auto scaling group. Then you have events here events basically are nothingbut it's a list of things which has happened since you started launchingan environment when I go down it says we have seen earlier on the black screenthe same things are applied your so it says createan environment starting then we saw that AC to instance has been installed securitygroups elastic IP address. So basically itshows all the events that has happened from the timeelastic Beanstalk has started to launch our environment and till the time youterminated the environment. So that's it. Then you have tag files. You can assign differentkey values as well. Let's go back. This is a sample application, which I've tried to use not letme try to upload and deploy a new application version here. Okay, I'm gonna goto documentation here. I'm interested withelastic Beanstalk. I'm going to select on that and then develop a guide clickon getting started on when you scroll down on deploy a new application Virginia basedon your sample application. You have different versionsof your application since I've selecteda tomcat is my platform. I have a tomcat zip file. You're a boy. Already downloaded that so I'm gonna just goingto upload the file then so let's go backand it says upload and deploy but let's goback to our folder. Then there's an applicationversions option here. So it gives you deploy andupload option separately here. I'm just going to uploadfirst then we'll deployed version label new versionand upload the file. I have it here zip file. I'm just going to attachthe file and then click on upload optional. The new version ofmy application has been uploaded but it's not been deployed yet. So when I go Can you can see that I can still seethe same version which was there before now? Let's go back and deploy it. Okay. I'm going to select thisand then I'm going to click on deploy optionand select employer. Let's go backto environment and check so my environmentis being updated. So again the gray color here once it's updated as and showthe new version name here. It is uploaded. So as you can see it showing the version name of my newversion application version. Like I said all your bothmy application versions. Are there have beendeleted any you don't. Have to deleteyour application versions when you createa new one similarly, you can upload multiple versionsof your application going back actions option. Then you haveload configuration, which will definitelyload your configuration. Then you have saved we can savethis configuration suppose. You want to createan application with the same configurations again, you don't have to startfrom the beginning from creating applicationenvironment all that. You can just savethe configuration and use for the other application or other environmentof your application. Then you can cloneyour environment as well rebuild and I environmentand terminate as well. So here I havesaved configuration. If you have saved thisconfiguration the configuration of been listed hereand like that conversation. I can use when I'm creatinga new environment. Okay, just let's see if have explored allthe options environment how well I forgot to showyou one most important thing when I click on this URL. It takes me to a pagewhere it shows but my applicationhas been successfully installed. Well, that's it. So now you know how to deploy an applicationusing elastic Beanstalk. Do I have usedthe sample application? Are you can go aheadand upload a code of yours if you have any and try it out. Well, all the options hereseems to be user-friendly so you will know what to do. It seems to be easier process. You'll understand it betterwhen you try to reply an application by yourself. So first and foremost, I would start by talking aboutwhat cloud storage exactly is. Then we would move furtherand understand some of the myths that surround cloud storage but also discuss certaincloud storage practices and would understand how different cloud storageservice providers work. Finally, I would finishthings off with the demo part where I would be talking abouthow cloud storage Services work on Amazon web services. So I hope this agendais clear to you guys. So let's not waste any timeand quickly get started then. So what exactly is cloud storagenow first and foremost, let me tell you what promptedme to actually go ahead and take this session. Well recently. I had been interviewingand where I asked people what do what did the knowabout cloud computing and they told me that cloud computing is a place or it is a place onlinewhere you actually store data. I went to some extent I agree. Yes cloud computinghelps you store data, but that is not the definitionon the longer run. So that is why I thoughtthat we should actually go ahead and have this session so that we can discusssome of the myths that surround cloud computingand tout store is in particular. So guys, let's startwith a basic definition first. Storage. Well, it is something that is made availablein the form of service. Which is connectedover a network. So guys this isa very basic definition and the throw some more light. I would like to actually goahead and given certain examples as well to specifywhat does this definition mean? But to some pointthis definition is correct. It says that it isnothing but a storage which is available as a service which is connectedover a network now again, you might wonder asin this is what people told me in the interview, right? I mean it is a placewhere you store data. So yes cloud storageto some extent. Yes. This is what it is. But when you talk aboutcloud storage it is lot more than this basic definition. Let's try to understandwhat all this cloud storage exactly has to offerto you people. Well first and foremost as I've already mentionedit is storage it can let you store emails media. Now when I saymedia you can store in a different kind of media whether it's your images whether it's your videosor maybe other kind of files. It also lets you holdServices as well. Yes. We are living in the worldof internet right now and there are various Services websites that are online and this data can be storedby using Cloud platform. and finally I'm sorry guys finally it is nothingbut the backup now when I say back up guys, we are talkingabout large Enterprises that let you back up the data and the using Cloudplatform to do that. But again, it's to stillholds the same point right? I mean when I sayemails Media Services backup for large organizations, I mean it is stilla simple storage know now, let me tell you what it does when I say backupfor large organizations. We are referring to a lotof pointers here data coming in from different sources. The weight is processed. The weight is integrated andstored into a particular storage how it is handledand what all can you do with it. Now when you talkabout a cloud storage, it actually takes careof all these things. That means it's not redundantor a dead storage where you just takeyour data and put in your data you can thinkof it as smart data storage. So to understand that let's talk aboutcloud computing a little so what cloud computing doesis it lets you have this data on the platformand it is a platform where it hasa number of services that lets you compute or process this data to suityour business needs now, it can be using machinelearning Big Data finding out certain patternsusing power bi tools or not power bi tools bi tools. And also do a lotof other things like maybe use a cloud platform where the data can be usedfor marketing purposes, Maybe. I think I owe to Botsand stuff like that. So this is whata cloud computing platform. Does it basically lets you usedifferent sources and use this particular data to domultiple or different kinds of things. So when I say a cloud storage it basically ensuresthere is a mechanism that in first place it storesdata and lets you perform some of the actions that you can actuallyperform on this data. So as we move further, I would be discussingquite a few pointers that support this claim or this. Definition of mine. So let's just movefurther and try to understand a little more pointersor some other pointers that talk about cloud storagebut to keep it simple. It is a storage that lets you do a lot of thingswith the data primary reason being storing the data and the other reasonsbeing processing it or managing it also so let'smove further and take a look at the next pointer. So what are the mythsthat surround a cloud storage? Well when you talkabout the myths, this is what some peopleThe same that cloud computing is suitable only for large scale organizationsknow this is not true. Let me give youan example recently. What happened was oneof my friends. He actually happento format his mobile phone and he lost all the imagesand other data that was there on that phone. So the problem was henever backed that data on any Drive neitheron Google Drive or anywhere so he lost the data so he came to us and he told usthat this is what happened. So we told him that Youshould have backed it up. Maybe on Google Drive. So next time he didthat and again, he being usedto losing his data. He lost his data again. So he again comes up and he's like I've lost the dataso we reminded him that he had his data storedon Google Drive. So when you talkabout Google drive, it is nothing but an onlinestorage where you actually make a copy of a data, so he made a copy of his data and he could actuallyget that data back. So when I say cloud storage itgives you a simple application or a simple. That you can actually go aheadand just put in your data just like Google River you can putin your data as well. So it is not limited tolarge-scale organizations only if even you area single individual where you just needto store your data, you can use cloud storage. Now, there are there arevarious cloud service providers that actually meet or cater different cloudcomputing needs So based on that the cloud storageis might get complicated and might give youmore functionality. But even if you need isas basic as storing data, don't worry cloudcomputing or cloud. Storage is for you as well. Now if you talkabout small scale businesses, yes these daysthe amount of data that is generated is huge. And that is why what happens is evenfor small scale organizations. You need a place where you can store your dataand somebody can manage the data for you so you can focuson your business goals. So this iswhere cloud storage comes into picture for even smallscale businesses as well. So if you ask me, yes last scaleorganizations are suitable for cloud computing or onlylarge-scale organizations. A suitable for cloud storage. This is a myth. Complexity with cloud guys. Now. What does this term symbolizepeople normally assume that having that privateinfrastructure makes it easier for them to actually goahead and put in your data that is not true. The fact that people are usedto certain methods or methodologies. They feel comfortable with it. Whether cloud is complex or not. I would say it is not why because if you get usedto certain Services, you would realize that storing or moving a data to cloud isactually lot more easier than Normal infrastructures are your previous or traditionalinfrastructures is what I would say, so whether cloud is complex, I would say no as we move into the demo partprobably we would be talking about this pointer or once I give the demo probably you would havea clearer picture how easy it is to actuallymove your data to Cloud. Not eco-friendly. Now this might soundout of the blue. I mean you might wonder this isnot a sociology session. So where did thispoint coming from? I mean not eco-friendly. Yes what peopleassume is the fact that a large amountof data is being stored on these platforms. So we have use amountsor use numbers of data centers which are big in size and they consumea lot of electricity. So there is powerwastage electricity wastage. Well, that is a myth again firstand foremost the fact that Getting a centralizedstorage somewhere. That means most of the datawould be stored there. So yes, you areautomatically saving out on your power consumption when you talk about it froma global or an Eco perspective. The other thing is Iwould not want to point out a particularcloud service provider. But when you talk about GCBthat is Google Cloud platform, then Amelie provide their cloud servicesat a very affordable price now, why is that? The reason for thatis they've actually put in a lot of effortinto the research part. Where the researched a lot on how they can actuallyminimize the cost and how did they do it? They basically ensurethat the amount of power that is consumedby the resources. They tried and optimizethat amount to a minimum amount so that they are charged less and in a way youare charged less. So if they're optimizingthat particular process, obviously you're consumingless amount of electricity. So whether it's eco-friendly definitely it iseco friendly friendly. Zero down time again. There's no such thingas zero downtime. Now the fact that I'm talking aboutcloud storage does not mean that I tell you that it has zero downtime and you're completely securedknow there is a possibility that there might bea downtime the fact that cloud ensuresthat this downtime is very less. Now. That is a plus Point what loud alsodoes is it ensures that there is disaster recovery and there is always a backupof your data or your resources. So even if something goes downfor a very little time and we normally it happensfor a very less time if it does happenand it happens very rarely, but even if ithappens care is taken that nothing harmsyour resources or your data. So zero downtime. No that is not true. But definitely downtimeis taken care of when you talk about Cloud storages. There is no needof cloud storage. Okay, this is oneof the biggest myths whether people agree or not. If you go back like 10 yearsfrom now probably people did not know a lotabout cloud computing. But with time peopleare actually moving to cloud and if you take a lookat recent statistics, they would agree as well. I mean people would be wantingto switch to cloud in near future. And the reason for thatis the quite a few service is quite a few facilitiesthat cloud gives you and that is why peopleare moving to And if you do move to Cloud, you'll be usingcloud storage inevitably. So yes that is going to happen. And if you think that there is no needfor cloud storage definitely near future. I would assure you that even you wouldbe moving to Cloud. So Guys, these are someof the major myths there are some other myths as well as wemove further not worried. We would be discussing that aswell in some other pointers. So let's just go ahead and talkabout some of the benefits of using a cloud storagefor data storage or basically using Cloudfor data storage. So what are the benefitsof the signal I purposely kept this pointer for the later halfand I first discussed the myth because these pointerswould definitely help you understand someof those myths better. Not a cloud platformis customer-friendly. What do I mean by this? Well, first and foremost when you talkabout cloud storage, what you're able to dois you're able to scale up your storage scaledown your storage keep it secure monitor it and you can ensure that there is constantbackup taken of your data. So when you talk about itfrom a security perspective, it is secure as well pluswhat cloud service providers do is they've had so many services that In the market you talk about any popular cloudservice provider they have lot of servicesthat are made available. What do these servicesdo is they ensure that you're functioningon cloud platform is very smooth and same isfor cloud storage as well. You can utilize variousServices which ensure that you're functioning or you're workingon cloud becomes easy again, which I have beenreiterating for a while. Now that I would be talkingabout these in future slides. Don't worry as we getinto the demo part you would and how user-friendlythese Cloud platforms are Security now again, this is an important point when you talk aboutCloud platforms Cloud storages are they secure or not? Definitely they are very secure and there was a timewhen people believed that these platforms when not secureto a greater extent and that out was understandable. I mean if there is something that is new in the marketyou tend to doubt that but if you talkabout Cloud platforms these platforms are actuallymore secure than your on-premise or your traditional. Says which people are usedto using the reason for this is if you talk aboutcloud service providers, let's talk about AWS. That is Amazon web servicesin this case. What it does is it gives youa shared security model now, what do I mean by this youhave service level agreements where you and your customer or maybe the customerand the AWS providers. They basically come to a term where the decide asin what kind of security or what kind of principlesare to be implemented on the architecture and youcan take control as a new. You can decide what accesses doyou want to give to the vendor? And what are the axis isyou want to keep to yourself? So when you docombine this approach? It ensures that security is isat the optimum and you get to be or you get to take controlof your security as well. So yes, if you talk about cloud storagebeing secure or not. Yes. It is very secure to namesome we have S3 and AWS. It is highly durableand it is highly reliable. So when you talkabout disaster recovery and T it is almost up to there and as I've alreadymentioned not everything is hundred percent when I talked aboutthe downtime or yeah the downtime part so yes, not everything ishundred percent. But when you talkabout security and durability when you talk about S3 in particular it is99 point something six or seven times nine that is99.999999 times durable. So that does makea system very secure. Another benefit guys. It is pocket-friendly. Now, if you talkabout cloud service providers, whether it's storage, whether it's compute servicedatabase Services all these Services you can actuallygo ahead and use these services for rental basis. It's just likepaying for electricity. I mean, if you're using a particular service youwould be paying for that service for the durationyou use that service and you would be payingonly for the resources that you've used. So it is pay-as-you-gokind of a model where The only for the resources you use and only forthe time duration you use so whether it'spocket friendly or not. Yes. It is pocket friendly. And as you move further, I mean if you are usingmore storage the cost again, it comes downto a greater extent. So it is already cheaper andif you decide to scale up, it would be more cheaperor it would be cheaper is what I should say. So yeah, these are someof the benefits now if you talk about cloudcomputing and storage again, there are other benefitslike as I've already mentioned durability. Scalability and variousother benefits but these are some core ones. I would not want to getinto the details because I wish to keep everyoneon the same page for people who have been attending this session for the firsttime and for people who probably know a bit aboutcloud computing again guys, if some of the termsthat I'm talking about in this session you feel that these terms arefairly new for you and I'm probably goingat a faster Pace, I would suggestthat you actually do go ahead and check into the The sessions that we haveon our YouTube channel because we've talkedabout a lot of stuff there. I mean other cloud services what cloud computing iswhat cloud service providers are what are differentservice models and quite a few other videosand sessions to be honest. So I would suggest that you go throughthose sessions as well. And I'm sure that by now many of youmight have been wondering as in whether this sessionwould be recorded and a copy of itwould be available to you. People are not not verymost of us sessions. They go on you. Boop so probably a copyof it would be there on YouTube. And if not, you can actually shareyour email IDs as well. If it does not go on YouTube. Somebody would share a copyof the session with you people. So guys if I'm if I'm happening to goa little faster than what you're expecting do not worry you'd be havinga copy of this as well. But for now just try to keep upwith the pace that I am going with and I'm sure that by the end of the sessionwe all would be good. So guys what are someof the cloud storage practices that you should takecare of now? These are the practicesthat should concern somebody who is planning to moveto Cloud again. If you are a newbie and you're just here to practicewe are not talking about you in particular but these pointers are important for you asan individual as well. But I'm talking about it from morebusiness business perspective or more industrial perspective. So if your organizationis planning to move to Cloud Definitely. These are someof the practices or pointers that you should take care of. So first andforemost scrutinize SLA, so as I've alreadymentioned you have SLS where your service providers orvendors basically come to a term where you actuallygo ahead and decide on particular rules as a nugget. These are the terms and theseare the services as a vendor. I would be providingyou people and you as a customer you agreeto certain terms as an okay. This is what youwould be giving us. And this is what wewould be paying you. So there are certain pointersthat you should consider while you are actuallysigning your essays. That you need to understandis when they say that you would be this is thebase charge try to understand how the charges would be when you decide to scale upand stuff like that other thing that you need to consideras I've talked about downtime. Right? So normally you have SLS where people talkabout the stuff that there won't be an outagewhich is more than 10 minutes. So yes, I mean thissounds fairly good right? So in an hour's time, this is a hypotheticalexample do not consider that there would bea downtime of 10. Minutes, this isfor your understanding. Let's assume that there'sa downtime of maybe 10 minutes in an hour's time, which is too high for now,but let's assume that so what serviceprovider would claim is if there is a downtime once probably this iswhat the charge would be. But if it goes downafter that probably you get some more consistent discountand those kind of things. So if there is an SLAwhere you say that it is 10 minutes, What if they were to down timesof nine minutes in an hour and that is fairly close, right? So you've been robbedof your right? So that iswhat I'm trying to say. I mean if you do actually go ahead and haveparticular SLS make sure that you considerin right points that suit in your business as well. Follow your businessneeds again guys storage as we move further, we will be discussingwhat are the different kinds of storage is so when you talkabout cloud service providers, they provide UN number of storages or In typesof storage is what I should say. So depending upon the businessyou're dealing with the kind of data that is generated. You should be able to choose a proper storagefor your requirements. I mean, whether you're dealingwith a real time data, whether it's stationarydata archival data based on that you should be able to actually go ahead and setup your cloud storage. Also, you need tounderstand as an okay. Um, this is the dateI would be putting in and these are the IntegrationsI would be needing because I'm usingthese kinds of tools. So are those Withmy cloud platform, so probably you need to considerthese pointers as well. And if you follow these rules probably a business would endup saving a lot of money. Now there have been used cases where businesses haveactually gone ahead and saved lakhs of dollarsthousands of dollars. So yes consideringthese pointers understanding your business alsobecomes important. You need to ensure that the securitywhich you are actually managing or monitoringis defined properly. I've already mentioned that if you talkabout cloud service providers, they let you have an SLA where you both cometo a similar agreement. So understand the securitywhat are the accesses that you have? What are the accesses? You want to give? What kind of data are youdealing with and based on that? Probably you can come to terms when you're actuallymoving to Cloud. Plan your storage future what we are trying tryingto say here is plan the future of your storage again. Do you need to scaleup in your future? What are the peak timesthat we can expect and stuff like that. So when you initially actuallyset your storage up probably you would be in a muchbetter position to scale up. I'm not refraining from the fact that cloud providersare already scalable, but just to be secure you can do that when you talkabout Cloud providers mostly the give you an optionof scaling, right? V or instantly but stillhaving an understanding of how much storage you need where you going to movein like two years three years time probablyhaving an understanding of all those thingswould definitely hold you in a much better position. Be aware of hidden costsagain guys have talked about the first SLA, right? So it is similar to that understandwhat you're paying for. How much are you paying for? It is a pay-as-you-go model but having an understandingof which Services would cost you how much would help youin performing proper essays or having proper policiesfor your storage. So these are someof the do's and don'ts of cloud storage guys. Again, if you need more insightson different Services as well. We have a video or a sessionon YouTube which is called as Interviews best practices youcan take a look at that as well where we talkabout different services and how can you actually performcertain tasks which would ensure that you are in thebest possible position. So guys we've talkedabout quite a few things. We wonder stoodwhat cloud storage is. We were understoodwhat are the benefits what are some of the myths and what are someof the practices that you should takecare of now, let's take a look at some of the differentcloud service providers that provide youwith the services and once we are done with it, then probably we would moveinto the demo part. So guys the quitea few cloud service providers, which also provide youwith storage Services. We have Google cloud platform, which is one of the leading ones digitaloceanprobably it's everywhere whether you searchfor Internet ads companies. It's there. Tara Mark again, this is a popular cloudservice provider IBM. Is there in storage or in Cloudfor a very long time guys now if you go way backI happen to did like I happenedto attend a session where I believe it was AWSand some reinvent session where I do not rememberthe name of the speaker, but that wasn't madea very valid point. He's at that in 1980s. He remembered or he happento visit a facility. I believe it. As IBM's I'm not surewho's I think it was IBM's so he said that they had this huge machinewhich was for storage. I mean, it looked very coolin 1980s use machine and it was very costly it was like somewherearound thousands of dollars and the storage space was 4mb. Yes for 4mb, the costwas thousands of dollars. So you can understandhow far storage has come how far cloud has comeand And yes, IBM, it has been there. I mean it has beenthere since then. So if you talk about IBM you talkabout Google's Cloud platform. These are principalcloud service providers. Then you have MicrosoftAzure knife you talk about current market. I mean if you go by the statsalone Microsoft Azure and AWS. These are the leadingcloud service providers AWS is way ahead of all the othercloud service providers. I'm so sorry, but if you talk about Mike Soft as your it isactually catching up that Amazon web servicesand greeson starts show that Microsoft Azureis doing fairly fairly. Well, so yes, these are some of the popularcloud service providers and more or less all of them havegood storage Services as well. But as I've already mentionedAmazon web services is one of the best in the marketand in today's session, we would be understanding some of the popularcloud service services that Amazon web serviceshas to offer to you and when I say popular Services, I would be focusing onstorage Services specifically. So guys, let me switch into theconsole and we can discuss some of these Services there and directly moveinto the demo part. So yes guys, I hope this screen isvisible to you people. This is how the AWSManagement console looks like. So again for people who are completely newto Cloud platform. Let me tell you that what Amazon web services are most of the othercloud service providers do is they give youa free tier account? What they're trying to say hereis you come you use our services for free for a shortduration of period And if you like then goahead and buy our services so These services are actuallymade available to you for free for one complete Year. Yes. There are certain limitsor bounds on these services. So if you exceed those limitsyou would be charged. But if you stayin the bounds or limits, you won't be charged and if you talkabout exploring these Services, these limits are free tierservices are more than enough. So again guys, if you are completely newyou should come here. That is Amazon web servicesManagement console create a free tier account. It is a very simple process. Put in certain detailswhere you work. Why do you want to usethese services are basic details and then probably you would haveto enter your debit card or credit card details. Don't worry. They won't charge you but thisis for the verification purpose. And again, if you're worried aboutwhether you would be charged or an amount would be - from your credit amount thator your credit card that does not happen guys, aw is gives you a notificationsaying that okay, you've been using these servicesand probably you might be over using some of your servicesalso you An setting alarms where if you reacha particular limit after that, you can actuallygo ahead and ensure that there is an alarm so that you do not exceedthe free tier limit. So yes, once you do have an account you can Avail allthe services that are here guys. So let's just go ahead and takea look at the console a little and just jump into the storageServices right away. So when you clickon this icon here storage guys or Services rather you getaccess to all these Services as I've already mentionedAWS provides you quite a few Services the sameroom hundred Services guys, and they coverdifferent domains. You can see the domain namesat the top computer Vortex analytics businessapplications storage. You have management and governance securityidentity management and all those Services guys. So the in number of serviceswhether it's migration whether its MediaServices you Services for almost everything so as we would be focusingon the storage Services before we go there. This is one thing probablyyou can select a region where you want to operatefrom that is you want to create your resourcesin this particular region. You can always havethis option of using it. So what is the reasonguys your data is based in a data center, right? I mean your datais copied somewhere. So if you areusing those resources, probably your data would be fetchedfrom that particular location. Asian so you can choosea region probably which is close to you if you like if your businessis located somewhere else probably you can choosethat region as well. So you need to gothrough the list of regions that are availableand accordingly make a decision. Now this beinga simple demo guys, I'm would be sticking upor sticking to Ohio basically. So let's just go ahead and jump into the cloudservices part and let's talk about storage in particular. So guys, if you take a lookat the storage services that are here you can see that These arethe storage services that AWS has to offer to you. We have S3. We have EFS you have FSXyou have S3 Glacier storage Gateway an AWS back up. Let me just try and throw some lighton some of these services and probably we would justgo ahead and get into the demo of one or twoof these services at least. So guys, I'mwhen you talk about S3, it is simple storage service. So that is s now this storage is basicallyObject bucket kind of a storage. I mean your containerwhere you put in your data where you store your datais called as bucket and your data or your filesare basically stored in the form of objects. Let's just go ahead and quicklycreate a small bucket. This would be a very smallintroduction to the service. Let's just go ahead and do that. So when you keep on clickon this icon guys, that is S3. It redirects youto the S3 console guys where you can actually go aheadand create a bucket. I've mentioned the pointer that there are Don't services that make your job very easywith cloud service providers and when you talkabout storage Services, it is no different. I mean there areServices which ensure that your job is fairly easy. So let's just go ahead and seehow easy it is to work with S3. If you wish to createa bucket guys, if you wish tocreate a container, it is very easy. Just go ahead and clickon create bucket and give it some name say Samplefor today, maybe guys. I'm very badat naming conventions. But please forgive me for that. Again. The names here should be unique. I mean if the name is takensomewhere else probably you cannot renamed. I mean you cannot usethat name again. So yes, and sothat your name is unique and probably guys you should try and name your bucketsin such a way that those are morerelatable say for example, if you have a bucket for maybe creatinga particular application, so maybe bucketfor that application. And or something like that so that you have a hierarchy and in that way youcan assign IM users or access to those bucketsin a particular order because you would not want all your users to haveaccess to that bucket. Right? So naming conventionbecomes very important. So just go ahead and say next. Keep all the virgin'sguys versioning becomes very important again. Let's not get into the details. But let me give you a small ideawhat happens here versions. That means each timeof buckets get updated. Probably I would wantto version or a copy of it and I would want the latest one. So when I was on it, it maintains those copies and if I need to go backI can actually go back to a particular levelor a benchmark, which I set the previoustime in this case. Let's stick to basic one and I'd not wantany logging details either. So just next. Again, guys, there arecertain Public Access has which have been given so permissions and accesswe would talk about that not worry for now just say next and Iwould say create a bucket. And guys the bucketis already ready. I'm in my containeris already ready so I can just go aheadand probably open this bucket and put in a file if I want and that wasvery easy guys. I say upload and if I'mconnected to my local system, I just say add files. Let's pick this random file, which uses this nameand I see upload. And there you go guysthe file is already there. I mean, we've created a bucketa container will put in a files. It's as simple as that permissionsas I've already mentioned now, let me talk about this point. I skip this point, right? So let's discuss this a littleso guys security something that you can handle. So you would decideor you need to decide what are the users that need to accessa particular bucket suppose. Your organization hasdifferent people working on different different teams. I mean you have somebodywho is a developer. There's somebody who's workingon maybe The administrative part on maybe on the designing part. So for particular bucket, you have particular data so you can decidewho gets to access what so settingin policies becomes important. You can create your own policiesas well initially. We saw that certainPublic Access is restricted to this bucket. I said, let's skip it skipthat for now. So when I say thatPublic Access is restricted, that means not any publicpolicy can come in and dictate terms are sayingthat use this policy why because There is a restriction. This is a private bucketand not anyone can use it. So guys when you talkabout S3 in particular, you can create bucketsyou can have backups. You can have your EBS backupsalso moved here. You can have your you can moveyour data from here to Glacier. We would be talkingabout they should not worry. You can have your elasticBeanstalk applications your past applications and the data can be storedin your S3 buckets. You can haveyour CI CD pipelines and the data can be movedagain to the S3 bucket. Now, this is highly durableand highly reliable. It's of storing data and it gives you fast retrievalof data as well. Let's go ahead and try to understand some otherservices as well guys. So when I come back here and I cefs elastic file storageor system browser. So here basically in this storage youcan store files. Yes. We are talking about datathat is in the form of files. And if you wishto connect it better with the network you can go for EFS as well because then you have somethingcalled as S3 Glacier. Yes. We talked about S3 rightwhere data is. Is durable and itcan be accessed very quickly S3 on the other hand letsyou store archival data. Let me tell you whatarchival data is first. So guys when you talkabout archival data, basically what happens with archival data isyou're dealing with data that you do not needto use every day. Let me give you an analogy. I'm not sure whether you'd be ableto relate to that. So guys, I'm yourbirth certificate now, I belong to India and we've been taking A lotbut we still have a lot of data that is in the form of papers. Even if you go to hospitalsattempt to request for a birth certificate. It might take days for you to getthat birth certificate. Why because there is some person who will be goingthrough all those documents and giving you that document. This is just an example. Do not relate itlike very seriously. But yeah, so it might takea couple of days, right so and the birthcertificate thing. I mean, I might not needbirth certificate every day. It might be once-in-a-decadethat I might go to a hospital and probably requestthat particular birth. Ticket, right? So this is a kindof data probably which had not needregularly or in real time. So I can compromisea little on the fact that if the person is givingme that data in two days time. It's okay becausethat does not cost me anything. I can wait for two days maybebut that's not the case at times you need the datato be retrieved very quickly. So if that is the case youshould store it where in S3, but if you're finewith this delay, probably you would wantto store it in Glacier. Why? These are normallytakes a longer while to retrieve your data, but the advantageof Glacier is it is profitable because it is very affordable compared to S 3 S 3 isalready affordable. You can check in for the prices. But if you have archival data, which you won't be usingeveryday, you can store it here and the factthat it takes a longer while it won't cost you. I mean, it won't cost in that perspective of accessingyour data in real time. Right? So if the data is something that is not needed regularly youcan Move to S3 Glacier, right? So what happens is S 3 you canactually move in all your data. And then if you realizethat there is certain data, which would not need every day. Just move it from S3 to S 3 Glacier where the data is storedin archival form and it is or it does not cost you a lot. So again guys, I won't be gettinginto the demo of S3 Glacier. We have a session on S3 Glacier or Amazon web servicesGlacier other and to do that. What you need is you needprobably a third party tool. That makes it easierfor you to retrieve the data. So I won't be gettinginto the stuff where I download that to landand show you how it works. It's very simple. We'll just likewe created buckets. Are you create volts thereand you probably move in your data and youcan retrieve that data. But again, it takes a long whileto retrieve that data. So it is similar to S3,but little different so yeah, that is S3 Glacier. We understood what EFS isand what S3 is then again guys, you have some otherservices as well here if I Scroll down you haveyour storage Gateway. You have your AWSbackup as well. So what are these things? And what do these thingsdo well storage Gateway an AWS back up basically back up as it says you can havebackup of your data and you can like save itfrom going down and stuff like that when you talk about storageget with these are services that let you move your datafrom on-premise atmosphere or your infrastructurerather to Cloud. So if you already have data thatis on your existing on-premise or infrastructure rather, you can actually movethat data to Cloud as well. So there are servicesto help you do that. And those services areyour storage Gateway services? So guys we've discussed some of these Servicesthere is something else which is called aselastic block storage. Elastic Block store is what it does is it letsyou create volumes snapshots and copies of the volume that is attachedto your instances. Let's go ahead and takea look at how this works. I mean there are a lotof pointers to talk about it. So as I move further, I would be discussingthose pointers while I also show you how to do it. So guys when I say EBSor elastic block storage what that does is it letsme attach some kind of volume to my instance now instances. Let me tell youwhat instances are first. Now when you talkabout cloud services, they give you compute Serviceswhere you can spawn instances or spawn temporaryservers or servers where you want to hosta data now each time. I won't be going out and buyinga new machine right instead. What cloud does is it? What happens? Yes, guys. Okay, guys, I'm not surewhether there was a lag while you were goingto this session. What happened is let me tell youwhat happened my connection the streaming connectionto my software, which I'm using to stream. This session did go downa minute back and it shows now that it is connected. So I would like to know whether I'm audibleto you people are not if yes, then we can continuewith this session guys. Okay, I'm guessing we're fine. So I'm just gonna go aheadand continue with the session. I was talking about instances. Let me talk a littlemore about it. So when I talkabout these servers that are ready to use basicallythese servers are something that you can use and you can havesome memory attached to it. So what we're goingto do is we're going to go ahead and launchone instance and understand how memory or hosestorage works with it. So to do that wewere going to go ahead and just launchedthat particular service. It is called as To whichis a compute service guys. So here I can actually go aheadand create servers or launch instancesin simple words. So let's just go ahead andlaunch a particular instance. Now, I have the freedomof launching both linux-based windows-based oneto based kind of instances. So you have the freedomof choosing what kind of instance do you wantthis being a simple demo guys. I'm going to stickwith the windows instance. I'm not going to show youhow to deal with that instance because I've donethat in previous sessions. You can take a look at some of those switchsessions as well guys. Let's just go ahead and launchthis particular session or this particular instancerather now guys, this is a Windowsinstance and okay, not this let me launchon basic one. This is also free tier guys. But yeah, I wouldwant this make sure that your instanceis EBS backed. So guys, you're backingup Works in two ways. You can back it up on S3. You can back it up on eBay as that is elastic block storagenow elastic block. Storage is important why it letsyou create images and volumes. What are thosewe'll talk about that once we create this instance. So ensure thatfor now it is EBS. So if I clickon this is the thing if I click on this icon, It would give medetails what kind of instance I'm launchingwhen I say T2 micro. It is a small instancewhich has one CPU and one gigabytes of memory for now and I can justgo ahead and say next. Okay, some of the other details whether you wantto be PC or not. Let's not discussthat and then you get into the storage part guys. This is the device with two which I am attachingmy root volume. So this is the path rather. So I need to focus on this. It is SDA one guys. That is slash Dev slash sd1. You need to remember thiswhen you create new volumes and the types of volumes that you can attachto your instance are these you have general-purpose SSDprovision tie offs and magnetic. It is take a something that is getting outdatedprobably might be replaced. So these are the few ones youalso have some other kind of volumes that youcan attach but the point that you need to remember is when you talk about havinga primary volume in that case you have only these options because these are bootable guys so there are certain othervolumes that you can attach if I attach a secondary volume, you see the options are more. I have SSD for trafficoptimization and then I have cold SSD as well. But this is a basic thing. We not going to getinto the details of that. You would skip that so guys all I'm tryingto say is this is the device this is the size and probably this is the typeof instance or volume. Sorry is that would be attachedto my instance. So let's just go ahead and saynext a tax for now. Let's not add anything and then let me sayconfigure the settings. So guys when I launchedan instance it says that security is not Optimum. It's okay. I mean you can assign the portyou want to when you use it for a higher security purpose. And then this is important guysfor your each instance. You need a key pair which is a secret wayof logging in or a secure way of loggingin not secret a secure way. So this is a secondplace authentication. Once you're loggedinto your account. You would be needing a key pair if you wish touse this instance, so make sure you create one and you store that oneas well if you have one which you can use probably. can do that as you can justcreate one say Nuki I said download guys. Once you download it. Keep it safe somewhere. It is stored in the formof that p.m. File. So do that and then Isay launch an instance. So guys once this happens if I just go backto the ec2 dashboard probably I can see that there is an instancewhich is running for now. It is 0 why because guys my instancesstill getting launched. It takes a couple of minutes or 1 and 1/2 or 1 minuteprobably to launch an instance. The reason for this is probablya lot of things happen in the background. I mean certainnetwork is associated. If you talk about an instance, it needs to communicatewith other instances, right? So in that case Probablyyou need to have a network that lets allthese instances connect. So a network is set herebasically and probably all the storage volume is attachedin a lot of things happen. That is why there arecertain statistics that your instance needsto go through and hence. It takes a minuteor so to launch this instance. So if you take a lookat this the status text it says that it is initializing. So if you refresh itprobably it happens at times. So let's just try our luck seewhether it's No, it's still initializing but guys we can see the volumethat would be attached to it. So, let me just come hereand rather go here if I click on volumes, there is there is a volumethat is attached to it. So there is a 30 GB volume. So there's a volume that probably hasa size of 30 GB. So it is here alreadyand it is in use so it would be attachedto my instance once it is up and running. So the point I'm trying to makehere is what elastic block. Storage does is it letsyou manage all these things now? There are two ways to managethese things either you create a copy of this volumedisable this volume and then attach the next one or probably you can directlyscale your existing volume or make changesto it right away. So what elastic Block store is does is it letsyou manage the storages? So again, let me tellyou how it works. So when I createan instance probably discredited in a particle particular region, right so in that A particularregion say for example now I'm based in India. So I have a datacenter in Mumbai. So my instance would be createdat that data center and probably the storagefor it would also be there. So there is no latencywhen I try to use that storage. So this is what EBS does it lets you managethat particular storage. So how it works is Ican create a copy of it. So what this copy does is itserves two purposes so next time if I wish to make In justto that storage I can do that if this particular storageor volume goes down. I have a backup copy again. I can create snapshots as well. Now what snapshots do isbasically they let me replicate my instance and the volumethat is attached with it. So instead of creatingan instance again, and again with if I've defined certainproperties for my instance and not have to worry aboutdefining those properties again, and again, I can just createa snapshot or I can rather create an Emi out of it, which I can storeand use it next time. If I want to spawna similar instance, so this is very BS helpsin it lets you have backups of all these storages it lets you create copies of it. So even if something goesdown you can work on the copy that you have so guys by now. Our instance would be created. Let's just go aheadand take a look at it. It says it is running guys, and we've already takena look at the volume. Let us create a copyof this volume to do that. I'm going to go to the actionsmy instances selected already. I can just go to modify and make changesto this volume right away, which is an easier way, but I'm going to show you how it can be donethe other way as well how it used to workpreviously so I can just say that create a snapshot. details Sample,and I say create. So guys are snapshot is created. If I come here I can take a lookat the snapshot again. It is spending mighttake half a minute for the snapshot to get created so I can just come hereand replace or refresh other. These things at timestake a little while. So guys we would be creatinga copy of it probably viewed by detaching the volume that we have created and itis attached to our instance and we would replacethat with the copy that we are creating now. So once this thing is doneand created we can do that. For some reason it's takinglonger while today. Let's hope that itgets done quicker. Look, it's still processing. Let's bear with meor just bear with me. Meanwhile this happens. Again guys if I was too fastand if I missed out on certain things Iwould like to tell you that you can go throughour other sessions on YouTube and probably you would be in amuch better state to understand what has happened here again, there was an outagewe're not out. It's my software did not workproperly the streaming software and probably there was a lackof a minute or two. So I'm hoping that you are did not miss outon anything that was happening. Meanwhile. Just hope that this Snapshotgets created quickly. It is still pendingand this is irritating at times when it takes a longwhile It's completed guys. A snapshot is ready. I can just go ahead and saycreate a volume out of it, which I wish to attach. So guys thereare certain details that we need to do. So for that laces go back first. Let's go back to the instancethat we have and let's see where the instanceis created guys. So as you can seeif you come here, it would give youthe details of the place where the instance is created. So it is u.s. East to see so when youcreate an volume a volume, it is necessary that you createdin the same region guys because as I've alreadymentioned the benefits of having it in samereason is region is that you can attach itto your existing instance and it saves youfrom various Layton sees so, yep, let's go back to the snapshot spot and saycreate a volume of it. I say create and then I probably let's sayI want more storage guys that's in 90. Okay, this is generalpurpose it is to way. So let's go to to seeif I'm not wrong. It was to see let's just go ahead and create it into see and say create volume. Clothes so guys are instances where our volume is createdsuccessfully again guys. Now you can take a look at it. From this perspective. I have my Snapshot here, right? So this snapshot says 30gbthat does not mean that the snapshotwhich I took its size is 30 GB. It says that it was created from an instanceor size is 30 GB. So there's a difference betweenthese two things guys understand that as well. So I have a volume which is based in availabilityZone to see I have an instance which is here and it again isit availability Zone to see so we can attach to it. Let's just again go backto the volume spot. So guys, I have two volumes. I created this one and thisis attached to my instance. Let me just tryand remove this first. detach volume Okay, it's giving me an errortry to understand why this error is there guys. My instance is already running. So I cannot directly removethis volume from here for that. I would have to selectthis instance go to instant State and say stopso it stops working for now. And once it does Ican attach the volume. So for now what you can seeis there are these volumes here it is in use right? So once the instantstops it would be available and won't been used so I can replace itwith this instance. So it has stopping ithasn't stopped yet. So as do not worry, we would be donewith the session very soon. And once we are done probablyyou all would be free to leave. I believe that this sessionhas taken longer than my normal sessions. But yeah, there wasa lot of stuff to talk about we talked aboutthe complete story services that you have reached hasto offer to you people hence. This session was so long. So let's just quickly go aheadand finish the stuff. It has stopped. So guys I can now go aheadand remove the volume or detach this volume and goahead and attach the other ones if I say detach it would detach. Yeah, see both are available. Now. Let's try to attachthis volume and say attach volume searchthis is the instance guys, which I have created and you need to givein the device details, which was / whatwith the details. Let's just go backand take a look at the details that we're supposedto enter in here. So as a you need to givein the path that we talked about which is the drivethat we've discussed, right? So that is the partthat you need to enter. And then you actually goahead and say SD a one. Slash and probably youwould be more than four to go. So this is the other thing Ido not remember the other part. So you need to go ahead and putin these details here. If you put inthese part details guys, you can just go ahead and attach your volumeright away and this volume would get attachedto your instance. So this is how it works and you can actually go backand do other things as well. So if I just come hereI have this instance. So what you have to do isyou have to actually go ahead and click on this thing for now. It's not working. But if you just come backhere or to the volume part. So if you just goto the volumes part with we were at in the previous. Slide you can actually go ahead and attach the volumes now hereyou go by just go to instances. Probably go backand I say ec2 again. Yeah, if I come backtwo volumes guys. You can attach the volumes that are there youcan delete those and you can do a numberof changes that you wish to do. So just go aheadand attach these volumes and you would be morethan good to actually go ahead and launch our instancesor manage the storages that are there. Again. The only thing that I missed outon is the path I told you to note the paththe device name, right? You just have to go ahead andenter in the device name here. And if you enterin the device name while creating your volume or attaching yourvolume your instance. Get attached to that or your volumewould get attached to that instance right away. So yes guys thus prettymuch sums up today's session. We've talked aboutquite a few things here guys. We've talked about S3 Serviceswe've talked about we've talked about EBS in particular. We've understood likehow to detach a volume how to attach on Ijust did not show you how to attach the volume, but you can do that. The reason I'm not showing you that is probably lost outon On the device name here, which normally comes in here. So before youdeactivate your device, make sure that you havethis name and when you do launch or attach your volumeto that particular thing, all you have to do is youjust go to the volume spot. And probably when you say attached to a particularinstance put in that device name there and you areinstance would be attached or your volume would be attachedto your instance and you can just goahead and say launch or just startthis so-called instance again, and you'll be good to go guys. So as far as this particularsession goes Guys, these are the pointersI wanted to talk about. I hope that I've talkedabout most of these pointers and I've cleared all your mintsor doubts that were there. So that's when youtalk about S3. Now. It has a simple storage service which is simple or easyto use in real sense. It lets you storeand retrieve data which can be in any amount which can be of any typeand you can move it from anywhere usingthe web or Internet. So it is called asstorage service of the internet. What are the featuresof this particular service? It is highly durable guys now. Now, why do I call it durable, it provides you durabilityof 99.999999 some 11:9 now when you talk aboutthat amount of durability, it is understandable how durable this Serviceswhat makes it this durable. It uses a methodof checksum wear. It constantly useschecksums to analyze whether your data was corruptedat a particular point and if yes that is rectified right away, and that is why this service isso durable, then it is. Be flexible as well as I'vealready mentioned S3 is a very simple service and the fact that you can storeany kind of data. You can store it in any reasonor any available reason is what I would meanby the sentence. It makes it highly flexibleto store the data in this particularservice and the fact that you can use so many pi as you can and of securethis data in so many ways and it is so affordable. It meets different kinds of needs thus making itso flexible available. Is it available? Yes, definitely it isIs very much available as we move into the demo part, I would be showingyou which regions basically let you createthese kind of storages and how can you move and store datain different regions as well. So if you talkabout availability, yes, it is available in differentregions and the fact that it is so affordable making it available becomes allthe more easy cost-efficient. Yes now to start with we normally do not getanything for free in life. But if you talk about S3 storageAWS has a free tier which lets you use. Public services for freefor one complete year but this happensin certain limits. Now when you talk about S3, you can store 5 GB of datafor free at least to get started or get used to the service. I believe that is morethan enough and what it also does is it lets you have somewherearound 20,000 get requests and somewhere around 2,000put requests as well. So these are somethingthat let you store and retrieve dataapart from that. You can move in 15 GBof data every month outside. Side of your S3 Service as well. So if you are gettingthis much for free, it is definitelyvery much affordable. Also, it charges you on payas you go model. Now. What do I mean by this? Well, when I say payas you go model what we do here is we pay onlyfor the time duration that we use the servicefor and only for the capacity that we use this service form. So that is whyas you move along if you need more services,you would be charged more. If you do not need more amount of the service youwon't be charged to that. Extent, so is it cost efficient? Definitely it is scalable. Yes. That is the best thingabout AWS Services. Most of them are scalable. I mean you can storehuge amount of data, you can processhuge amount of data. You can acquireuse amount of data if it is scalability that is your concern you donot have to worry about it here because even thisservice readily scales to the increasing data that youneed to store and the fact that it is pay as you go modeldid not have to worry about the cost Factor as well. Is it secure definitely? It is now you can encryptyour data you have various bucket policies as well that let you decidewho gets to access your data who gets to write dataor gets to read data. And when I said you can encrypt your datayou can actually go ahead and encrypted databoth on client side and on your server side as well. So is it secure I believe that answers the questionon its own. So Guys these were someof the features of Amazon S3. So guys now letus try to understand how does S3 storageactually work now it works with the Concept of objectsand buckets now bucket, you can thinkof it as a container where as an object is a file that you storein your container. These can be thought ofas AWS S3 resources. Now when I say an object basically object isyour data file. I've already mentioned that you can store any kindof data whether it's your image, whether it's your files blocks,whatever it is, these are nothing but your data and this datacomes with metadata when I say an object. It is combination of your dataplus some metadata or Or informationabout the data what kind of information basicallyyou have the key that is the name of the file that you use inversionID is something that tells youwhich version are you using as we discuss versioning? Probably I would talkabout Virgin ID a little more. But meanwhile, I believe this is morethan enough your objects are nothing but your fileswith the required metadata and the buckets as I've already mentioned. These are nothing but containersthat hold your data. So how does it work guys? Well, what happensis Sickly you go ahead and create pockets in regions and you store your datain those regions. How do you decide what bucketsto you is what reasons to use where to create the bucketand all those things. Well, it dependson quite a few factors when I say I haveto create a bucket. I need to decide what reasonwould be more accessible to my customers or to my users and how much costdoes that region charge me because depending uponthe region your cost might vary. So that is one factor that you need to considerand let and see as well. I mean if you put your dataIn an S3 bucket, that is far away from you fetching it might causehigh amount of latency as well. So once youconsider these factors, you can create a bucketand you just tore your objects when I said version ID key, actually a system automatically generatesthese features for you. So for you it is verysimple create a bucket pick up your object put it in it or just go ahead and retrieve the data fromthe bucket whenever you want. So I believe this givesyou some picture about what S 3 is now letme Weekly switch into the demo part and letme give you a quick idea or quick demo as to how S3 works so that it is not toomuch theory for you people. So guys what I've done isI've actually gone ahead and I've switched intomy Amazon Management console. Now as I've alreadymentioned AWS gives you a free tier for whichyou can use AWS services for free for one complete year. Mine is not a free tier account. But yeah, if you are a starter youcan create a fresh account. You just have to go aheadand given certain details all You do is you just go to yourweb browser search for AWS free tier and sign inwith the required details. They would ask youfor a credit card or your debit card details enter any one of thosefor the verification purpose and you can actually go ahead and set up alarms as wellwhich would tell you as in. Okay. This is the limit to whichyou have used the services and that way you won't becharged for Access of data usage or service usage having saidthat guys this is about creating an account. I believe it is fairly simple. You can create an accountonce you create an account. Is this is the consolethat would be available to you? What you have to do isyou have to go ahead and search for Amazon S3. If you search s3r, it would kind of redirect youto that service page. So guys as you can see, this is the company'saccount probably somebody uses it in the companyand they have the buckets that are already created. Let's not get the that is just go aheadand create our own bucket and just go ahead and putin some data into it. It is fairly simple guys. I've already mentioned. It is very simpleto use kind of service. All I have to do is clickon create bucket and enter in name for some bucket guys. Now this name is unique. It is globally unique once you enter a namefor the bucket you Not use the same namefor some other bucket. So make sure you putin valid name and the fact that I use the term Globalsomething reminded me to be explained of so guys as you can seeif I go back here. I want you to notice this part. So guys when you areinto the Management console or you open any service by default the regionis North Virginia? Okay. So if I create a resource,it would go to this region. But when I select the servicethat is S 3 you can see that this regionautomatically goes to Global that means it isa global Service. It does not meanthat you cannot create bucket in particular regionsyou can do that. But the service is global is what they're tryingto see so let us go ahead and create the bucketLet Us call it today. Demo, you cannot use caps guys. You cannot use some symbols. So you have to followthe naming Convention as well. Today is demo. Sorry. I'm very badat naming conventions guys. I hope it is. Okay, let it be in u.s. East you can chooseother regions as well guys, but for now,let it be whatever it is. So I'm going to stickto North Virginia. There are 76 bucketsthat are being used. Let us just say nextbucket name already exists. So this was already takenguys see So you cannot use it. Let's call it say. vamos bucket 1 3 1 1 3 Okay. Do you want to keep allthe versions of the object? We will talk aboutwhat versions are. Okay guys. Meanwhile, you justbear with me. I'm just going to go aheadand create a bucket create a bucket and there you go guys. I'm sure removes bucketshould be here somewhere. Here it is. If I open it I can just go aheadand create folders inside it or I can directly upload data. So I say upload select a file. Let's just randomlyselect this file. It is Van Dusenfounder of python. Basically, let's just say next. Next next and the datais uploaded guys. You can see the data being uploaded and my fileis here for usage. So guys, this is how objectand bucket kind of stuff works. You can see that this isthe data that I have if I click on it,I would get all the information. What is the key? What is the versionvalue for now? Let's not discuss version. But this is the key or the name of the filethat I've uploaded. So it is fairlyclear right guys. So let us justquickly switch back to the presentation and discusssome other stuff as well. Well now guysanother important topic that is to be discussedhere is S3 storage classes. Now, we've discussed how the data is storedor how buckets and objects work but apart from thatwe need to discuss some other pointers as well asin how does AWS charge me or what kindof options do I have when it comesto storing this data. So it provides youwith three options guys standard infrequent and Glacier. Let me quickly giveyou an explanation to what do these storage classesmean and what all this? Offer to us when I say standardit is the standard storage which gives you low latency. So in case if there is some data that needsto be refreshed right away, you can actually goahead and use standard storage say for example, I wish to go to a hospitalfor certain kind of checkup. So in that case my detailswould be entered in and the fact that I am gettingmyself checked in a hospital or diagnosed in the hospital. What happens is this data is important andif it is needed right away, it should be available. So this kind of data can bestored in your standard storage where the latency isvery less the next we have in frequent access. Now, what do I meanby that now in this case my latency period has to be low because I'm talkingabout data that I would actually need any time if I want to butwhen I store this data for a little longer duration, all I want is this datato be retrieved quickly say, for example, I geta particular report or a particular test done. So in that case IActually go ahead and submit my detailsor say for example, my blood samples, but I need this informationmaybe after three days. So what happens isin this scenario, I would want to store this datafor a longer term, but the retrieval should befaster here in the first case that was not the case if Ineeded that data right away, and if I wanted it to be storedfor a very short duration, I would use standard. But if I want to store itfor a longer duration, and I want a quickretrieval in that case, I would be usingin frequent access and finally I Glacier we havealready discussed this here. Your retrieval speed is low and the data needs to be put infor a longer duration. And that is whyit is more affordable. If you take a look at the stats that are there in the imageabove you can see that minimum storageduration is nothing for standard for infrequent. It is 30 days and forGlacier it is 90 days. If you take a look at latency, it is millisecondsmilliseconds and four hours. So that itself explainsa lot of stuff here. So what art This classesand what do they do? I believe some ideas clearto you people again as we move into the demo part, we would be discussingthis part as well. And we would also discussexpiration and transition that supports theseterms but let us move further and try to understand something else firstversioning and cross region replication now guys when I say virginie, I'm actually talking about keeping multiple copiesof my data now, why do I need versioning? And why do Ineed multiple copies? He's of my data. I've already mentioned that AWS S3 is highlydurable and secure. How is that because you can fixthe errors that are there and you can also havemultiple copies of your data. You can replicate your data. So in case if your data center goes downa copy of it is mentioned or maintained somewhereelse as well. How is this done by creating multiple versionsof your data say for example, an image, I store itin my S3 bucket. What happens here is there iskey the name is same image. And virgin is some 3 3 3 3 3right now take a look at the other image. If I actually go ahead and create a copy of the firstimage its name would remain same but it's versionwould be different. So suppose both of these images. They reside in one bucket. What these images are doingis they are having multiple copies are givingme multiple copies now in case of imagenot a lot would change but if I have doc filesor data files in that case versioningbecomes very important because if I make changesChanges to particular data if I delete a particular filea backup should always be there with me and this is where versioning becomesvery very important. What are the features ofversioning by default poisoning is disabled when you sayor when you talk about S3, you have to go aheadand enable this versioning it prevents over writingor accidental deletion. We've already discussed that you get non-concurrentversion by specifying version ID as well. What do I mean by this? That means if Iactually go ahead and create one more copyof the data and store it. So the latest copywould be available on top but I can go to the virgin'soption put in the ID that belong to the previousversion and I can fetch that version as well. So what is cross reasonreplication now guys, we've discussed versioning. Let us talk aboutanother important topic that is cross region replication. Now when you talk about S3, basically what happens is youcreate a bucket in a region and you store datain that region, but what if I want to movemy data from one region or from one bucket in The regionto other bucket in other region, can we do that? Yes cross reason replicationslet you do that. So what you do is youbasically go ahead and create a bucketin one region you create another bucket in another region and probably you give access to the first bucket to move datafrom itself to the other bucket. So this was about versioning. This was aboutcross region replication and I believe you've also talkedabout storage classes. Let me quickly switchinto the demo part and discuss these topicstoo little He did so guys moving back. What we have done iswe've actually gone ahead and createda bucket already right when you talk aboutwhat was the name of the pocket. It was removes if I'm not wrong. Yep. So if you clickon the bucket name removes what it does is it basicallyshows you these details guys. Now you can see that your versioningis disabled, right? So if I click on it, I can actually come to this pageand I can say enable virginie. That means a copy of the data. That I createis always maintained. So if I go to the most bucket, or I just move backget this interface can be a little irritatingat times you have to move back and forth every nowand then so guys there is a file which we have stored. You can just take a lookat this date first. It says that it is 235that was the time when the object was moved. Let me just saythat upload the same file. This was the filewill be uploaded as in next next next upload. So where is this fileis getting uploaded. You can see the nameof the file is still same. We have only one file here. Why because it was recentlymodified at 2:45 from to 25 to 35. It got changed to 245. So it is fairly clear guys. What is happening here? Your data is getting modified. And if you wonder as in what happened to the previousversion, don't worry. If you clickon this show option, you can see that both of your virgins arestill here guys. This was created to 30. And at 2:45. So this way data replication and data securityworks much better. So you can secure your data. You can replicate your data. So in caseif you lose your data, you always havethe previous versions to deal with how does the previousversion thing works so as what happens isif I delete this file what Amazon S3 would dois it would set a marker on top of this file. And once I delete it if I search for that IDthat ID won't be available. Why because the our carhas switched to the next ID now. So whatever I want to do Ican do with the next ID as well. So there is one more thing that you also needto understand here is what happens to the file. I mean, I've actually deleteda file but a virgin is there with me can I deleteall the versions? Yes, you can specify the ID and you can delete allthe versions that you want. You can also do one thing that is you can set a particularlife cycle for your files when I say life cycle youcan decide as an okay now. I have a file instead. That storage we've discussed. This storage is Right standardstorage infrequent and Glacier what you can dowith your life cycle management is you can decide as an okayfor a particular time duration. I want this file to stayin standard maybe after a while. I want to move it to infrequentand after a while. I want to moveto Glacier say for example, there is certain data, which was very important for mebut having used that data, I don't want to use itfor next few months. So in that case I can move to the substitutes or tothe other storage classes. We're probably I won'tbe needing to use that data for a long while and doing that. I won't be paying for this data as I used to payfor the standard because standard isthe costliest of the three. So let us quickly. See can we do that orhow does it work? At least if I just go back? This is my file. I can actually just go ahead andswitch to management in that. I have the option of life cycleif I click here. There is no life cycleadd a life cycle. You can adda lifecycle rule as well. This new let me call it newand let me say next it asks me. What do I want to do? You can add rulesin life cycle configuration to tell Amazon S3to transition objects to another storage class. There are three requests fees when using lifecycleto transition data to any other S3or sa Glacier storage. So which version do Iwish to use current? I can say yes a transition and I can selecttransition to this tear when after 30 days. Days, and if I say nextit would agree expiration. You can select otherpolicies as well. So guys when I saytransition first thing what it does is it tellsme what time to transition to which storageclass and expiration. It tells me when does thisexpire so I can decide when to clean up the objectsand when not to let's not do that for now. Let's just say next next so guys what will happen here isafter 30 days my data would move to a standard one a storage so you can actuallygo Then decide whether you want to moveto Glacier in that drop-down you had more options as well. I did not do that,but it is pretty understandable. You can move to Glacier as well. So this is aboutlife cycle guys. One more thing. You have something called as replication you can addreplication as well. If you wish to replicate yourdata cross reason replication. I believe guys, I do not have access to do that because I'm usingsomeone else's account for now, but let me just giveyou some idea as to what you can doto replicate your data. You can just go aheadand click on get started. Dated so replicationto remind you people it is nothing but a process of moving data from bucket in one region to add the bucketin some other region. So for that I needto select the source bucket. So let us just say that this is the bucket that Ihave next now guys in my case. I haven't createdthe second bucket. What you can do isyou can just go ahead and create one more bucket. Once you createthe bucket you can select the destination bucket for now. Let us just saythat this is a bucket that has been createdby someone else. I'm not gonna transfer dataare but let's just select this for the demo sick. This is the bucketthat I have see it says that bucket does nothave versioning enabled. This is veryimportant Point guys. I showed you how toenable versioning right? If you select the bucket there is an option on the rightside saying virginie, you can actually go aheadand enable versioning there. So once you enableversioning you would be able to use this bucket. Do you want to changethe storage class for the replicated objects if you say yes it Would giveyou the option of selecting. What storage class do youwant to select right? If you don't you don't haveto you can say next you have to enter an IM role. If you do not have any youjust say create a roll and then the rule namein this case. I do not have any details about this and Idon't want to create a role because this accountdoes not belong to me. Sorry for that inconvenience, but you can actually go aheadand select create a role in just say next and I'm sure that you can actually go aheadand your bucket starts. Audio our cross reasonreplication starts working. What happens after that is once you store your objectin a particular file, you can actually move that object not in a particularfile in a particular bucket. You can move the datafrom that bucket to the other bucket and a copyof your data is maintained in both the buckets that you use. So this is what crossregion replication is guys. I believe that we have discussed what our storage classeswe have discussed. What is cross region replicationand we've discussed versioning in general let Let'squickly move back to the presentation and discuss the remainingtopics as well. So guys have switchedinto the presentation part till time we've discussed how cross region replicationWorks we've discussed how versioning worksand we have seen how to carry out that process. The other important topic that we need to focuson is we've know like how to create versions how to move data from one placeto the other but the thing is what if I have to move datafrom a particular location to a location that isvery far away from me. And still ensure that there is not toomuch latency in it. Because if you're moving datafrom one location to location that is far away from you. It is understandable that it would takea longer while why because we are movingdata from internet. So the amount of data that you move and the furtheryou move it should take a longer while for that. So how do yousolve that problem? You have S3transfer acceleration. You can do that by usingother services as well. We discussed snowballand snowmobile as well, but they physically move. The data and at timesit takes a number of days to move your datawith S3 transfer acceleration that is not the issue because it moves at dataat a very fast pace. So that is a good thing. So, how can you move your dataat a faster Pace by using S3 transfer acceleration? Okay, let us first understandwhat it is exactly. So what it does isit enables fast easy and secure transfers of files or long distancesbetween your client and S3 bucket and to do that. It uses a service call. Cloudfront and the S locationsit provides you as I move further I would be talkingabout what cloudfront is do not worry about it first. Let us take a lookat this diagram. So normally if youare moving your data or directly uploading your datato a bucket that is located at a far away distance. I mean suppose I'm a customerand I wish to put my data into an S3 bucket, which is located maybea continent away from me. So using internet it might takea longer while instead. What I can do is Ican use transfer. Generation. So how is it different now guys, there is a service calledas AWS Cloud front what it does. Is it basically letsyou cash your data when I say cash or data that means you can storeyour data at a location that is in the interim or that is closeto your destination. Now this serviceis basically used to ensure that data retrievalis faster suppose. I'm searching fora particular URL. What happens is when I type that URL request is sent tothe server it fetches the data and sends it to me. So If it is locatedat a very far location, it might take longwhile for me to fetch the data. So what people do isthey analyzed as in how much requests are comingfrom a particular location and if there are frequentand a lot of requests what they do is they setup an age location close to that particular region. So you can put your datayou can cash a data on that is location and the data can be fetched from that is locationat a faster rate. So this is how is locations work what transfer accelerationdoes is it basically puts in your dataat the edge location so that it can be moved to your S3 bucketat a quicker pace. And that is why it is fast. So guys this wasabout S3 data acceleration. Let us quickly move into the console partand try to understand how S3 acceleration works. So guys have switchedinto the console S3 acceleration or data transfer accelerationis very easy thing to do. I do not rememberthe bucket name. I think it was Ram or something. Okay, if I select thisand open it I actually go to the Properties part less. There are other thingsthat you might want to consider. You can come here and takea look at those as well for now. I'm just going to saygo ahead and enable transfer acceleration. It is suspended. I can enable it it givesme the endpoint as well and I say save So guyswhat this means is if I'm putting my datainto this bucket, it would betransferred very quickly or I can use this bucketto transfer my bit data at a quicker Pace by usingdata transfer acceleration by S3 again guys. I missed out on oneimportant point the fact that we have been talking aboutbuckets and stuff like that. There is something important that I would like to showto you people first. Let us just go backand disable this part. I do not want it to havethe transfer acceleration. Going and I just wanted to showit to you people how it is done. I just say go back to suspendedand one more thing guys, if you once you actually unablethe transfer part and if you upload a file, you can see the differencein the speed. The problem is you needa third party tool to do that. So you can actually go ahead and download a third-party toolas well and using that you can actually goahead and see how it works. Having said that I was talkingabout buckets in general. So let us just go backand go to removes again. There you go. And I'm going to copy the a RN. I'll tell you whyI've copied the iron now when I open this bucket guys, we have quite a fewthings permissions. I talked about security, right so you can decidePublic Access as in who gets to access your bucket. So guys, you can actuallygo ahead and decide who gets to accesswhat kind of buckets say, for example herein your blog Public Access. You can decide who gets to accesswhat data publicly for that you have access controllists using these ACLS. You can actually decide who getsto How other thing you can do is you can just go ahead and createa bucket policy and decide who gets to access your bucketor who gets to put your data or delete your dataand do all these things. Let us just go aheadand create a policy. Now, you can writeyour own policy or you can just use a policy generator which again isa third party tool. So I want to createa bucket policy forum is 3 so, let's just say S3 bucket policyand what kind of effect I want. I mean do I want someoneto access my system or do I want to deny someonefrom accessing my system I can. Decide that so let'sfor now just say that I want to deny someonefrom doing something and what I wanted someone to dois to deny a particular thing for that personfor all the objects. I mean, I do not wantthat person to access any of the objects that is there. So what I say is star that means nobodyshould able to do anything to any of the objectsthat are there in this bucket. So it says star serviceAmazon S3 what action I want. I want to prevent someonefrom deleting an object they go and This is the ARn that is why I copied it. It should be followedby a forward slash and a star add a statementand Ice Age ended policy. So guys the policyhas been generated. I just have to copy it if I copy this thingand I go back to the console if I paste it here I can say save Itsaved I'll save it again just to be safe. So guys we have actually goneahead and let me just go ahead and again go to ramose. So there's not there isan object here. Let me just tryand delete this object. If I just goto the actions part here and I say delete seethe file is still here. Is it the other version? No, it's not deleted. See there's an error here. If I click on it. It says hundred percent fieldwhy access denied because I do not have the accessto delete the object right now. Why because I've createda bucket policy guys. So that is what bucket policiesan AC else do the Let you make your objectsor your data more secure. And as you saw in the option, there are quite a few optionsthat you have at your disposal, which you can choosefrom which you can mix and match and decideas an look at this is what I want to do. I want to probably give someonean access to delete a bucket. I want to give someonean access to do this or do that. So, where's this was aboutS3 data transfer acceleration, and we've also seen how you create a bucket policyhow you attach it to your bucket and stuff like that now, let me just go backand kind of Shove this session or finish this sessionup with a use case so that you can probablyunderstand the topics that we've discusseda little more first. Let us go backto the use case guys. So guys have switched intomy presentation console again, and we would be discussingIMDb media now for people who watch movies. They might know what IMDbis it is a website that gives youdetails about movies. They tell you what arethe movies that are nice if you probably selector type a particular He named they would give youdetails about it as a whole where the actorshow was the movie how was the review a shortsnippet explaining you what the movie is about its genreand stuff like that. Plus they have their ownratings to kind of gauge in the customers even betteras an IMDb being a popular site and when they say that this movie isthis person good or like by these many people peoplenormally believe it so they have that score as well. So if you talk about a websitethat basically deals with movies you understandthe number of movies that are released worldwide. And if most of themare present here on IMDb, that means that database is hugebut we are talking about data that is being processedin great numbers great amounts. I mean when you talkabout the data that is here. What is happening hereis you have n number of movies that are being released. So if someone searchesfor a particular movie, it has to go throughthe database and the data has to be fresh to him right away. So how do you dealwith the latency issue? Well, this would answera lot of questions or it would sum up lot of topicsthat we've discussed. Here let us go throughthis use case probably. So what happens hereis in order to get the lowest possible latencyall the possible results for a search our pre-calculated with a document for every combinationof letters in the search what this means is probablybased on the letters. You have a document that is created and itis traversed in such order that all the datais scanned letter wise when you actually goahead and put forth a query what happens is suppose if there is a 20 characterOr a word that you put in so there are somewherearound twenty three two, one zero three zero combinationsthat are possible. So your computer has to gothrough these many combinations. What S3 does is it basically lets you storethe data that I am DB has and once IMDb has told that datathey use cloudfront again, we have discussed. What cloudfront is they usecloudfront to store this data to the nearest possiblelocation so that when a user fetches this data, it is Fest from that location. So what happens is Basically, when these many possibilitiesare combinations are to be dealt with it becomes complicatedbut in practice what IMDb does is it basicallyuses analytics in such a way that these combinationsbecome lesser? So in order to search for a 20 character letterthey basically have to go through one fivezero zero zero zero documents and because of S3 and cloudfront you basically can distribute all the datato different Edge locations and two buckets with in asAnd since we're talking about huge amount of data, it is more than terabytes. It is like hundredsthousands of terabytes of data so we can understand how much data are we talkingabout and S3 actually features or serves a number ofsuch use cases or requirements. So as I Believe by now, you've understood what S3is let me give you a quick sum up or a quick walkthrough asto what we've studied because we've talked about a lot of topics guys first westarted with the basic. Six of differentstorage Services we were understood sorceresseslike EFS EBS storage Gateway. We've talked about Glacier. We've talked aboutsnowmobile snowball and then we move to S 3 S3 we talked about buckets. We talked about objects. We talked about versioning we understood whyversioning is needed so that we can basicallyreplicate our data prevent it from deletion preventit from corruption. We also talked aboutacross region replication where you can movedata from one region to the other we talked about how we can Movedata Faster by using S3 data transfer acceleration. And then we also took a look at the basics like whatare the storage classes? What are the bucket policies how to create bucket policies and we also discussedan important topic called as transition and expiration where if your dataexpires it is deleted if your data needsto be transferred to different stages youcan do that as well. So all these topics arediscussed and we also discussed some important features and finally We finishthis session up with a use case. So networking domainbasically offers three kind of services the VPCDirect Connect and out 53. Let's discuss each. One of them. So vbc isa virtual private Cloud. So it's a virtual network. If you include your allyour air pollution sources that have launchedinside one VPC then all these resourcesbecome visible to each other or can interact with each other. Mine said inside the VPCnow the other use for PPC is that when you havea private Data Center and you are usingAWS infrastructure as well and you want your AWS resourcesto be to be used as if they were on your ownnetwork in that case, you will establisha virtual private Network that is a VPN connectionto your virtual private cloud in which have includedall the services that you want inon your private Network. You will connecta private Network through the V PC using the VPN and then you You can accessall your AWS resources as if they wereon your own network. And that is what wesee is all about. It provides you securityit makes communication between the AWS Services easy and it also helps you connectyour private data center to the AWS infrastructure. So guys, this is whatVPC is all about. Let's go ahead onto our next service, which is Direct Connect soDirect Connect is a replacement to an internet connection. It is a leased line. A direct lineto the AWS infrastructure. So if you feel that the bandwidthof internet is not enough for your data requirementsor your networking requirements. You can take at least lineto the AWS infrastructure in the form of thedirect connect service. So instead of using the internet you would nowuse the direct connect service for your data stream to flow between your own data centerto the illness infrastructure. And that is whatDirect Connect is all about. Nothing much further to explain. Let's move on to a next servicewhich is is Route 53 be so Route 53 isa domain name system. So what is the domainname system, basically, whatever URL you enterhas to be directed to a domain name system which converts the URLto up IP address. The IP address is of the server on whichyour website is being hosted. The weight functions islike this you buy a domain name and the only setting that you can doin that domain name or the setting which is required in that domain name arethe name servers right. Now. These name serversare provided to you by Route 53 these name servers that areTo provide you are to be entered in the settingsof that domain name. So whenever userpoints to that URL, he will be pointed to Route 53 the work in thedomain name settings is done. You have to configurethe Route 53. Now another your requesthas reached out 53. It has to be pointed to the server on whichyour website is hosted. So on a Route 53 now youhave to enter the IP address or the Alias of the instance on of to which you wantyour traffic to be directed to so you peed in the IP addressor you feel in the Alias and It's done. You're the loop is now completeyour url will now get pointed to Route 53 and Route 53 in turnwill point to the instance on which your application or website is being hosted. So this is the rolewhich Route 53 plays. It's a domain name system. So it basically redirectsyour traffic from your url to the IP address of the serveron which an application or website is hosted. Alright guys, so we're donewith the networking domain. In today's session wewould be understanding what AWS Cloud front is but before we do goahead and understand what cloudfront exactly is. Let's start by taking a look at today's agenda firstfirst and foremost. I would be talking aboutwhat AWS exactly is good. Also understand. Why do we needit abuse cloudfront and what it is exactlythe never talked about how content gets deliveredusing Amazon cloudfront and what are its applications? Finally, I would finishthings off with the demo part where I would be talkingabout AWS Cloud turn distributions having said that let's not waste any time and jump into the firsttopic of discussion that has what is AWS. Will AWS standsfor Amazon web services, which is a leadingcloud service provider in the market and it hasthe highest market share when you talk aboutany cloud service provider. Now what Amazon web servicesdoes is it provides you with 70-plus services and these servicesare Growing the name some of these Services wehave something called as your computationServices your storage Services your database services and all these services are madeavailable to you through Cloud. That means you can rent all these services and payonly for the services that you use and onlyfor the time duration you use these services for if you want to know more abouthow a database works exactly. I would suggest that you go through the videosthat we have on YouTube. We have quite a few videoson YouTube with talk about AWS in particular all youhave To do is you have to go to our YouTube channel and type a direct iaws andyou'd be having all the videos that are related to AWS. But that is not thediscussion for today. We are here to discusswhat cloudfront is and I would liketo stick to that. So coming back to cloudfront when you talk about AWSyou have some Services now, what aw does is it offers you variousinfrastructure as services and even platform as Servicesnow these services are made available to you in the formof infrastructures or platforms where you can actuallygo ahead and host. Applications or websites. So when you do go ahead and hostthese applications online what your cloud providerhas to worry about is the way data is fetched because if you havea website online now that website would be visitedby quite a few people and they would be requestingparticular content or data, right? So in that case that data has to be madeavailable to your customers. So how does it happen? Exactly and how does AWSmake it happen to understand that consider the scenariosuppose you You are a particular user in your trying to visita particular website and imagine that that websiteis based somewhere at a very far location suppose. You are based somewhere in USA. And that websiteits server actually hosts or is based in Australia. Now in that case when you make a requestfor a particular object or particular image or maybecontent now your request is sent to the server that is in Australia and thenit gets delivered to you. In this process to there are quite afew interrelated networks that deal which you arenot aware about the content directly gets delivered to youand you have a feeling where you feel that you typein a particular URL and the content is directlymade available to you, but that is not how it worksquite a few other things happen in the interim and due to that. What happens is the datathat gets delivered to you. It does not get deliveredto you very quickly. Why is that becauseyou'd be sending in a request it would goto the original server. And from there. The content is delivered. To you now,if you are based in USA, the situation would beconvenient if the data is delivered to youfrom somewhere close by now when you talk abouta traditional system where you are sending a requestto somewhere in Australia, this is what happens your data or your request is sent tothe server based in Australia and then it processesthat request and that data is made available to youwhich gets delivered to you. But if you havesomething like cloudfront what it does is it setsin an intermediate point where? Data actually gets cached first and this cache datais made available to you on your request. That means the deliveryhappens faster and you save a lot of time. So how does AWS Cloudfront exactly do it? Let's try to understandthat but when you talk about aw, cloudfront what itdoes is first and foremost, it speeds upthe distribution process and you can havea any kind of content whether it's static or dynamic and it is madeavailable to you quickly. What cloudfront does is it? It focuses on these three pointsone is your outing to is your Edge locations and three is the way the contentis made available to you. Let's try to understandthese one by one when you talk about routing. I just mentioned that the datagets delivered to you through a series of networks. So what cloudfrontdoes is it ensures that there are quitea few Edge locations that are located close to you and the data that you wantto access it gets cached so that it can be deliveredto you quickly. And that is why the data that is being deliveredto you is more available than in any other possible case. So what happens exactly and how does this contentgets delivered to you? Let's try to understandthis with the help of this diagram suppose. You are a user. So basically what you would dois you would send in a request that needs to reacha particular server. Now in this case what happens is firstyour request it goes to an edge location and from there to your serverto understand this to you have to understandtwo scenarios first and foremost supposeyou're based in USA and you want to fetcha particular day. That is based in Australia. You would be sendingin a request. But what AWS does is instead of sending the requestdirectly to your server, which is based in Australia. Maybe it has theseinterim as locations which are closer to you. So the request it goes to the edge locationfirst and it checks whether the data that you are requestingis already cashed their or not. If it is not cached then the request is sent toyour original server. And from there the data isdelivered to the edge location and From there it comes to you. Now, you might wonder as an this is a verycomplex process and if it is takingthese many steps. How is it getting delivered to me quicker thanin normal situation. We'll think of itfrom this perspective. If you do send inthis request directly to the main server again, the data would flowthrough some Network and then it would be deliveredto you instead. What happens here is at your age locationthe data gets cached. So if you requested again, it would be deliveredto you quicker if it is requested by anyone. It would be deliveredto them quicker plus how as locations work is when you do send in this request and when there's location Fitch's this data fromyour so-called original server in that case 2 whenthe first bite it arrives at your age location, it directly gets deliveredto you and how does this content exactly get stored here? Well, first and foremostwhat happens is what your age location has is ithas some Regional cash as well. Now this cash would basicallyhold all the content that is requested more. More frequently inyour region suppose a website has summon numberof content and out of it. Some content is kind of requested a lotin a particular region. So surrounding that region. The closest is locationwould have a regional cash which would hold all the content that is more relevantfor those users so that it can be frequentlydelivered to these users and can be made availableto them quickly in case if this data gets outdatedand it is no longer being requested then this datacan be replaced with Guys that is requestedmore frequently. So this is how cloudfront work. What it does is itcreates a distribution and you have some Edge locations through which you can actuallyrequest the data faster. So what are the applications that cloudfront hasto offer to you now, I won't sayapplications instead. I would say some of the benefitsof using cloudfront. Let's try to understand thoseone by one first and foremost what it does is it accelerates your static websitecontent delivery. We just discussedthat that means if you are requestinga particular image or something like that, it gets deliveredto you quicker. Why because it is cashedat your age location and you do not have to worryabout any latency issues. Next. What it does is it providesyou various static and even Dynamic contentsuppose you need some video or a live sessionor something like that even that gets deliveredto you quickly. I just mentioned that when you requesta particular thing When the first bite it arrivesat your age location your cloudfront starts streaming that to you our start deliveringthat to you same happens with the live streamingvideos as well. You would be gettingthat streams instantly without any Latin seewhat server encryption now when you do access this content what AWS Cloud Trenddoes is it lets you have this so-called domainwhere you put in HTTP and you get secured data. So you already haveone layer of security, but it also letsyou add another. Layer of security by giving yousomething called as encryption by encrypting your data or byusing your key value pairs, which is the same. You're actually ensuringthat your data is more secured and it can be accessedprivately as well customization at the age. Now. What do I mean by this now? There is some content that needs to be deliveredto the user or to the end user if the customization it happensat the server again, it might be time consuming and there are quitea few drawbacks of it. Say for example, I need a particular contentand it needs to be processed or Customized atthe very last moment. So these things can be doneat the age location as well. Thus helping you save time money and various otherfactors as well. And finally what it doesis it uses something called as Lambda H which again lets you dealwith various customizations and lets you serveyour content privately. So these are someof the applications or uses of cloudfront. What I'm going to do nowis I'm going to switch into my AWS console and I'm going to talk aboutAWS Cloud Trend distributions. And how can you go aheadand create one? So stay tuned and letme quickly switch into the console first. So yes guys, what I've done is I've goneahead and I've logged into my AWS console. Now for people who arecompletely new to AWS. What you can do is youcan actually go ahead and create a free tier account. You have to visit AWS website and search for free tieryou would get this option. Just create an account. They would ask youfor your credit or debit card details probably but And charge youa minimal amount is charged and that is revertedback to your account that is forverification purposes. And after that what awis does is it offers you certain Services which are made available to youfor free for one complete year that is as long as youstay in the limits or the specified limitswitch AWS has set so those limits are morethan enough to practice or to learn AWS. So if you want to do goahead and get a proper hands on on various database Services, I would suggest that you do visit their websiteand create this free Terror. Count once you do have that account you haveall these services that are made available to youas I just mentioned. There are 70 plus servicesand these are the services that are there which are can actuallygo ahead and use for different purposesour Focus today. However is creatinga cloudfront distribution which we just discussedin the so-called theory part. I would be repeatingfew topics here to while we do go ahead and createour cloudfront distribution. Now as I've already mentionedwe want to fetch data or fetch a particular object and if that is placedA particular Edge location that would be madeavailable to me. So what we are doinghere is imagine that our data is placed at a particular originalserver in our case. Let's consider itas an S3 bucket. Now S3 is nothingbut a storage service with AWS that is simplestorage service rather. That is SS and that iswhy we call it S 3 so what we are going to dois we're going to go ahead and create an S3 bucket in that we would be puttingin certain objects, and we'd Be accessing that by usingour Cloud Trend distribution. So let's just go aheadand create a bucket first you can see we have S3in my recently Used Services. You can just type S three-year and that would madeavailable to you. You can click on it and your simplestorage service opens. You would be required to goahead and create a bucket. This is how you do it. You click on Createand you give it some name say maybe bucket use smallletters bucket for AWS demo, maybe and I would givensome number 0 0 0 I see next next nextI need a basic bucket. So I won't be puttingin any details. Do we have a bucket here? There you go. We have a bucket here. And in this bucket, what I'm going to do isI'm going to put in some content that we can actually requestfor so let's just go ahead and create an HTML file and putin maybe an image or something. So I have a folderhere in that folder. I have a logo of ADA Rekha,I would be using that logo and I would want to goahead and create. Create an HTML filewhich I can refer. So I would open my Notepad and I would writea simple HTML code. I won't get into the detailsof how to write an HTML code. I assume that you all know it. If not, you can use this code. So let's create a head filebasically or a head tag rather. Let's see a demo tag, maybe and I closethis head tag. I need somebody in here, right? So let's say Didthe body we say? Welcome to Eureka and I and the body hereand I save this file and save as where do I want to save it? and see if it hereand I would save it as a maybe index dot HTML. I save it probablygot saved somewhere else. Let me just copy itand paste it here. I've done that. This is the file now. We have these files. Let's upload itto our S3 bucket. Come here. I say upload I wantto add files. So add files. Where do I go? I go to the folder I go to demoand I select these two files and I say upload. There you go. My files are here and I say upload small filesso should not take a long time fifty percent successfulhundred percent successful. There you go. You have these Two files now, we have our S3 bucketand we have two files. This is our origin server. Now. I need to create a distributionand use it to do that. I would click on services and come here and Iwould search for cloudfront. There you go. And I say create a distribution. So I click on this icon. Now you have two options. First one is something that lets you haveyour static data moved in or moved out or if you want to live stream your data youshould go for this option. But that is not the case. We would be stickingwith this thing. I say get started. I need to enterin a domain name. So it gives me suggestionsand this is the first one which I just createdoriginal path is something that you can give in father. A folders from where youwant to access the data, but mind directlyresides in the bucket. There are no extra folder. So I don't need to enteranything original ID. This is what I have here. Basically I can use this or I can just go aheadand change the name if I want to but I would let it stay the waitersrestrict bucket access. Yes. I want to keep it private. So I say restrictand I create a new identity and the you I have a new usercreated here apart from that Grant readpermissions on bucket. Update my bucketpolicy according this what I would say then I wouldscroll down customer headers and on I don't need to putin these details. How do I want my data tobe accessed the protocol policy? I would say redirectis TTP to https, so that it is secured if I scroll down I havesome other options as well cast STP methodsand all those things. Do I need to changethese object caching? Can I customize it? Yes, I can. But again, I would be usingthe by default one if you want to you canIs it smooth streaming? No, these are some of the things that you need to focus onif you have some streaming data, you can put indetails accordingly, but we are not doing that. What is the price classthat you want to choose? You have some options herewhich you can pick from I would be going for the defaultone and then I just scroll down and I say create a distribution. So your distributionis getting created now and this processmight take a long while if you click on this thingyou realize that. It is in progress and it takes somewherearound 10 to 12 minutes for this distributionto get created. So meanwhile, I'm goingto pause this session and I would come backwith the remaining part. Once this distributionis completed. So bear with me for that whileso there you go. The distributionhas been deployed. The status is deployed here so we can actually goahead and use this thing. Now, we have a domain name here, which I can use and Ican just enter it here and we would be redirectedto the page. And what happens here isyou would be actually given access to this pagethrough the age location. That means you're not goingto the server instead. The data has been cast awayfrom your distribution or your eyes location other so you enter this websiteand you hit the enter button. As an error itshouldn't have been. Oh, I know what just happened. When you do go ahead and createyour so-called distribution in that you actually have an optionof selecting a by default file, which I did not so I will have to give an extensionhere saying slash index dot HTML and if I hitthe enter button now, it should redirect you to the demo tag with sayswelcome to edu Rica, right? So this was the HTML file that we created and wealso had a PNG file which we wanted. Access the namewas logo dot PNG. Okay, this is funny. This should not happen. Why is this happening? Let's take a look at it. Whether we have that file there because if it was there weshould be able to access it. And what was my bucketthis was the one oh, this has happened when I uploadedthat file it got saved with this extensiondot PNG dot PNG. So if I come hereand I type dot PNG here, there you go. You have that object delivered to you through your Or so-calleddistribution in this session. We will be discussingabout Amazon cloudwatch. So without any delay, I'll walk youthrough the topics which we will bediscussing today firstly. We will see what Amazon cloudwatch hasand why do we need it? Then? We'll discuss certain Amazoncloudwatch Concepts moving on. We'll take a lookat two most important segments of Amazon cloudwatch. What chart Amazon cloudwatch? Events and Amazon cloudwatch locks and finallyto make the soil more fun and interesting for youof included Adam as well. So let's get started first. Let us try to understand whywe need cloud based monitoring with couple of scenariosin our first scenario consider that you have hosteda messenger app on cloud and your app hasgained a lot of Fame but clearly the number of people using an applicationhas gone down tremendously and you have no ideawhat the issue is. Well, it could be dueto two reasons firstly since your application hascomplex multi-tier architecture monitoring the functionality of every layer by yourselfwill be a difficult task. Don't you think and secondly, since you're not using any kindof monitoring tool here, you wouldn't know how your applicationis performing on cloud. Well one solution for that is to employ a monitoring toolthis monitoring tool will provide you insightsregarding have your application is performing on cloud and with the state. You can makenecessary improvements and you can also make sure that your application is in partwith today's customer needs and definitely aftera while you'll notice that the number of people usingyour application has increased moving on to our next scenario. Let's say your manageras assigned you with a project and he wants youto make this project as cost effective as possible. So as you can see in this project you usingfive virtual servers which perform highlycomplex computations and all these Servers arehighly active during data. That is the and mosttraffic during data. But during nighttime, the servers are idle by thatI mean the CPU utilization of these servers during night time isless than 15% and yet as you notice here in both the cases youare paying same amount of money. You have to noticetwo points here firstly all your virtual serversare underused during night time and secondly you're payingfor the resources which are not using and this definitelyIs not cost-effective. So one solution isto employ a monitoring tool this monitoring toolwill send you a notification when they serve as our Idol and you could scheduleto stop the servers on time. So guys, this is one way to makeyour project most cost-effective and avoid payingunnecessary operating costs. Let's consider another scenariofor better understanding. So let's say I have o stoodan e-commerce website on cloud and during sale seasonmany customers are trying to access my website which Which isdefinitely a good thing, but for some unfortunatereason application downtime has occurred and youguys have to remember that I'm not using any kindof monitoring tool here. So little bit difficult for me to identifythe error and troubleshoot that in reasonable amountof time and it's quite possible that in this periodmy customer might have moved on to different website. So you see that I've losta potential customer here. So if I have hada monitoring tool in this situation, it would have identifiedthe error in all yours. Just itself andrectify the problem. Well at could have easilyavoided losing my customer. So I hope guys with helpof these use cases you were able to understand as to why weneed cloud-based monitoring. So let me just summarizewhat we have learnt till now. We need monitoring firstly because it provides a detailedreport regarding performance of your applicationson cloud and secondly, it helps us to reduceunnecessary operating costs, which we are payingto the cloud provider moreover it did. Ex problems at all your stage itself so that youcan prevent disasters later and finally it monitorsthe users experience and provides us inside so that wecan make improvements. So while guys in this session, we will be discussing about one such versatilemonitoring tool called Amazon cloudwatch Amazon cloudwatch basicallyis a powerful monitoring tool which offers your most reliable scalable and flexibleway to monitor your resources or applications whichare currently active. One Cloud it'susually offers you with two levels of monitoring which are basic monitoringand detailed monitoring if you want to resources to beeligible for basic monitoring. All you have to do is to sign up for 80-plus feet herein basic monitoring. Your resources aremonitored less frequently, like say every five minutes and you're providedwith a limited choice of metrics to choose from whereas in detailmonitoring all your resources are monitor more frequentlylike say every five minutes. And you're providedwith a wide range of metrics to choose from but if you want your resources to beeligible for detail monitoring, you'll have to paya certain amount of money accordingto a SS pricing details. Now, let's have a look at few monitoring services offered by Amazon cloudwatchAmazon cloudwatch firstly it provides a catalogof standard reports, which you can useto analyze Trends and monitor system performance and then it monitors storesand provide access to system. And applicationlog files moreover. It enables you to setup high-resolution alarms and send notifications if needed and Amazon cloudwatchalso send system events from AWS resources to AWSLambda functions SNS topics Etc. So if you have notunderstood any terms, which I've usedhere, don't worry, we'll get to know moreabout this terms as we progress through the courseof this session earlier. I mentioned that Amazoncloudwatch allows administrators to monitor multiple. Sources and applicationsfrom single console these resources include virtualinstances hosted in Amazon ec2. Database is locatedon Amazon RDS data stored in Amazon S3elastic load balancers and many other resources like auto-scaling groupsAmazon Cloud 12 Etc. So guys now let's tryto understand Amazon cloudwatch a little deeper firstlywe'll have a look at few Amazoncloudwatch Concepts and then I'll explain you how Amazon cloudwatchactually operate So it's metric or metric representsat time audit set of data points that are published a cloud. So what I mean by thatis suppose let's say you have three variables XY and zand you have created a table which has values of Xwith respect to Y over a period of timein this scenario the variable X, which have beenmonitoring till now is a metric so you can thinkof metric as a variable which needs monitoring next. We have Dimensions. Let's consider same variablesXY & Z Basically, you had created a table which has values of Xwith respect to Y now, let's create another table which has values of Xwith respect to Z. So basically we have two tableswhich describes same variable X, but from twodifferent perspectives. These are nothingbut Dimensions. So basically our Dimensionis a name value pair that uniquely identifies a metric and Amazon cloudwatchallows you to assign up to ten Dimensions to a metric then youhave statistics previously. We had created two tables which are values of Xwith respect to Y and as well as that you cancombine data from these tables like to create a chart or maybe plot a graphfor analytical purposes. This combination ofdata is nothing but statistics statisticsare metric data aggregations over specific period of time, then you have alarm. Let's say you havebeen monitoring this variable X for some time now and you wanta notification to be sent to you when the valueof x reaches certain. Short all you have to do is set an alarm to sendyou a notification. So basically alarm can be used to automatically initiateactions on your behalf. Now that you haveclear understanding of concepts of Amazon cloudwatch. Let's see how Amazon cloudwatchoperates Amazon cloudwatch has complete visibility into yourAWS resources and applications which are currentlyrunning on cloud. So firstly it collects metrics and locks from allthese AWS resources and applications. And then by using this metricsit helps you visualize your applications oncloudwatch dashboard moreover. If there is some sortof operational change in a SS environmentAmazon cloudwatch becomes aware of these changes and response to them by taking some sortof corrective action, like maybe it sendsyou a notification or it might activatea Lambda function Etc. And finally it providesyour real-time analysis by using cloudwatch metric map. So if you're wonderingWhat cloudwatch metric Mathis it is a service which integrates multiplecloudwatch metrics and creates a new time series and you can viewthis time series on cloudwatch dashboard as well. So working this wayAmazon cloudwatch provides you with system by disability it even providesyou actionable Insight so that you can monitor your applicationperformance moreover. It allows you to optimizeresource utilization if needed and finallyit provides a unified. I'd view of operational healthof your AWS environment. So I hope that by now if you know what Amazon cloudwatch has sonow let's try to understand how Amazon cloudwatch workswith help of a demo. So guys, this is my AWS console. Let's say AWS Management console and the serviceswhich you can see on the screen are the servicesoffered by Amazon AWS. But in this demo we are goingto use only few Services. Let's say cloudwatch,and then you have easy to and a service calledSimple notification. Service and when I click on ec2it takes me to ec2 dashboard where you can see that I have four instanceswhich are currently active, you know that here in this demo. I'm supposed to geta notification saying that CPU utilization ofmy instances less than or if a person for me to receivea notification first, I'll have to create a topic And subscribe to itwith my email ID. So let's explorea service called Simple notification service where you can createa topic And subscribe. To it. Once you reach SNS dashboard click on topicsoptional navigation Pane and click 'create new topicgive you a topic a name. Let's say CW topic andif the display name as well, let's give the same name and click on createtopic option here. You can see that I've successfully createda topic now click on the topic, which you have createdand select actions and subscribe to topic option. Well, I want notificationsto be sent to me in form of email youOf different options as well and form of Lambda functionor Jason Etc. But I'm going to choose itas email and give my email ID which is her and then clickon create subscription option. So now whenever AWS consolewants to send me a message. It will send to the email ID which are used tosubscribe the topic now, let's go backto cloudwatch dashboard. So guys this is my cloudwatch dashboard and youcan see different options or navigation pane firstly. I have dashboard where I can view allmy metrics at same place. Then you have alarmswhich shows the list of alarms which you have configured and then you haveevents and locks which will be exploring later. Our topic of interestis the last one which has metrics selectthe metrics option here and then choose ec2and then / instant metrics when you do that or listof metrics will be shown to you like Network out. Soup utilization Network packetin network packets out and various other metricsfor various resources, which are currentlyactive on your Cloud. So but we are interested onlywith CPU utilization. So I'm going to type that here. Well, it showsthe list of instances which are active on my cloud and I'm going to choose Windowsto instance and then click on graph metrics option here. Okay, let's select Windows toonly and then on the right side, you can see you havea alarm button when you click on that a dialog box will be open where you can configureyour alarm firstly. Let's give alarm a name. Let's say low CPU utilization. And a brief description as well. Let's say lowerthan 25 percent lower than 25 percent CPU utilization. Now I'm going to setthe threshold Which is less than 25% in this caseand on the light side, you can see of period option if you resources are eligiblefor basic monitoring the speed optionby default as five minutes. And if your resources are eligible fordetailed monitoring, it's usually one minute and when you scroll down youcan see a send notification to option here soselect the topic which you have previouslycreated that will be C Topic in my case and thenclick on create Allah. But there is some error. Okay. It says there's an alarmalready with this name. So let's give it another nameof my instance. Now, let's try againand when you click on this alarm button And clickon refresh option here. It says that I've successfullycreated a alarm here. You can see that lowCPU utilization of my instance. And when you click on that itshows you all the details like description threshold and what action itis supposed to take when alarm is configuredand all the details. So guys try it out. It'll be easy for you to understandcloudwatch console much better. Okay guys. Now, you knowwhat Amazon cloudwatch has what it does and wait operates, but to understandthe capabilities. You have Amazon cloudwatchcompletely we should be aware of two important segmentsof Amazon cloudwatch, which are cloudwatch eventsand cloudwatch locks. So let's discuss them oneby one firstly we have Amazon cloudwatch eventsconsider the scenario. Let's say you've createdan auto scaling group and this Autoscaling group currently has terminated an instance so you can see this as some sort of operational changein area Bliss environment when this happens Amazon cloudwatch becomes awareof these changes. Changes and response to them by taking some sortof corrective actions, like in this case. It might send youa notification saying that your auto scaling grouphas terminated an instance or it might activateand Lambda function which updates the recordingAmazon Route 53 zone. So basically what Amazoncloudwatch Evans does is it delivers a real-time streamof system events that describe changein your AWS resources. Now, let's have a lookat few concepts related to Cloud watch events. First TV happy Venterand even indicates change in a SS environment andAWS resources generate events, whenever the state changes. Let's say you have terminatedan active ec2 instance. So that state of this ec2 instance has changedfrom active to terminated and hence an event is generated. Then you have rules rules arenothing but constraints every incoming eventis evaluated to see if it has met the constraint. If so, the event is routedto Target Target is is where the events are handled Target can includeAmazon ec2 instances or a Lambda functionor an Amazon SNS topic Etc. Now let's try to understandAmazon cloudwatch events better with help of use casein this use case. We are going to create a system that closely mimicsthe behavior of Dynamic DNS. And for those who don't know what Dynamic DNS has Letme Give an example. Let's say you want to accessinternet at home then internet service providerassigned to an IP address, but Since internet serviceprovider users different kind of online systems. This IP address keeps changing because of which itmight be difficult for you to use this IP addresswith other services like webcam security camerathermostatic cetera. So this is where DynamicDNS comes into picture what Dynamic DNS does isit assigns a custom domain name to your home IP address and this domain nameis automatically updated when IP addresschanges so basically dynamic ANS is a service that automaticallyupdates a name server in domain name system and Amazon office you with a similar kind of servicecalled Amazon Route 53. So in this use case, we are going to updateAmazon dropped 50 3 whenever a Amazon ec2 instancechanges its state. Now. Let's see how the use caseactually works this use case precisely works this way. So whenever an ec2instance changes, it states Amazon cloudwatchevent becomes aware of these. Operational changes and ittriggers a Lambda function this Lambda functionuses different kind of information regardingthe instance like that's public and private IP address and it updates a record in appropriate Route53 hosted zone. So let's say you havean ec2 instance and you have terminated the instance. So Amazon cloudwatch eventsbecome aware of this and it triggersa Lambda function and this Lambda functiondeletes the record from Amazon Route 53 similarly if you have createda new instance, Once again Amazon cloudwatchevents become aware of this and it triggersa Lambda function in this Lambda functions createsa new record in Amazon Route 53. I hope you have understoodwhat Amazon cloudwatch even sees and what it does. Now, let's discuss how Amazon cloudwatch eventsworks with help of a demo. So in this demo, we will schedule to stopand start ec2 instances with help of Lambda functionand cloudwatch events. So let's go ahead with demo. So guys, you can seethat I have four instances which are currently Deaf first, I'm going to createa Lambda function which is going to stopmy windows to instance and you guys need to know thatfor Lambda function to do that. We need to assign permission. So Amazon provides youwith the service called I am which is identityand access management where you can assignpermissions when you search for I am in the tab, it shows you the service select that and on IM dashboardon the navigation pane. You can see a policies optionhere select that and click on create policy option. First it's asking youfor a service here. We should be easyto in our case click on easy to function and actions which will be to startand stop may see two instances. So let's searchfor start instance. Well, a predefined functionis already there. So you can choose that then you have stoppedinstance again select that And then I wanted to beeligible for all the resources. So I'm going to chooseall resources here and click on review policy option. Let's give our policy a name that is to startand stop ec2 instances and description aswell a brief description. Let's say to startand stop instances. And now clickon create policies. It's taking a while. So I've successfullycreated a policy here. Next we have to assignthis policy to Lambda function. So click on rolls here then click on create role chooseLambda function here and click on next permission. Search for the policywhich we have created earlier that is to start and stopthe found the policy select that and clickon next view option that's asking for a name. Let's give a namestart-stop instances and click on create role. I've successfullycreated a role. So what we have done here iswe have assigned permission for Lambda functionto control ec2 instances. Now, let's createa Lambda function. You can searchfor Lambda in the search that and there R click on create function give youa Lambda function a name. Let's say to stop instanceand select the role, which you have previouslycreated and click on create function. You can seethat I've successfully created and Lambda function and now I'm just goingto copy the code to stop ec2 instances here. I'm going to select thisand paste it over here and make sure to save it as you can see herein this function a task for instance regionand instance ID. So let's configure the details. Let's give it a stop instance and here you will have to insertinstance region and ID. and Stan's region an instanceID Novel have to copy the instance regionand ID of the instance, which I ever need. So let's goto ec2 dashboard here. Now let's say I want my windowsto instance to be stopped. But this is the instance ID, which I'm goingto paste it over there. similarly instanceregion now Well, in this case, I'm choosingWindows to instance. You can choose whicheverinstance you want to stop. Once you're donethat you click on create option here testthe configuration details. When you scroll down you can seethe execution results here. It says that my instancehas been successfully stopped. Let's go and check and easy to dashboard hereon the ec2 dashboard. I'm going to refreshit and you can see that my windows to instancehas successfully stopped now, we'll createanother Lambda function which will restart this functionagain the same search for Lambda functionin the search tab and click on create functionoption it ask for a name. So let's say start instance. And choose the role with your previouslycreated and click on create function again. You'll have to paste the code tostart the instances over here. And click on Save option. Let's try to configure this. Let's name it as start instance. and again a task for to our tributes which areinstance region and ID. Now what we have to do is copythe instance region and ID here like we did earlier. Let's go to easy todashboard and copy the instance ID and region. Well, you guyscan see that here. My windows to instant has beensuccessfully stock now. I'll copy thisand paste it over there. similarly instance region aswell and click on create option not test the configuration andwhen you scroll down you can see that my instancehas successfully restarted in the ec2 dashboard. I'm going to refresh this. Well, my windows to instance is on its wayto get restarted till now. I've used Lambda functionto start and stop my instances. But now I'm going to automatethis process with help of Amazon cloudwatch. So let's go tocloudwatch dashboard here. Well, it's taking a while toload then choose events option and click on create true. So here we are going to shareJewel to stop my instances every day at 6:30 p.m. And to restart this instancesevery day at 6:30 a.m. So click on schedule. If you want to know moreabout Grand Expressions, you can visitAmazon documentation. So let me show you it hassix Fields firstly it's minused. Then you have hours then dayof month day of the week and your your concern. Only with minutes and house because we wantour instances to be start and stop every day every month. So let's give the details. So if you're going to createa rule to stop the instance, let's say 6:30 in the evening30 minutes and 18, which is nothing but 6 p.m. And then rest all youdon't have to mention anything. When you give a propercron expression sample timings would be provided to you. You can see her the restof the sample timings and now let's addthe target function which is Lambda functionin our case and select on stop instance function and click on configure detailsgive you a rule a name. Let's say stop my ec2 instance and description to stopmy ec2 instance. At 6:30 p.m. Every day. And click on createvideo you can see that I've successfully createda rule to stop my instance every day at 6:30 p.m. Now. Let's create another ruleto restart this instance every day at 6 a.m. In the morning. Again. The scene shows the schedulehere and cron expression which will be 6 a.m. In the morning. Again, the sample timeis shown here. Then that's that Target functionagain Lambda function and select the function that is to start instanceand click on configure details. Let's name it as start my ec2 instanceand the scripture has to start my ec2 instanceevery day at 6 a.m. And click on create. So now we have successfullycreated two rules to start and stop the easy twoinstances at 6:30 p.m. And 6:30 a.m. Respectively. So what we have done is wehave saved our time here. We've automated theprocess of stopping and starting ec2 instances. So try it on yourself. It will be easierfor you to understand. So guys now let's discussour next topic which is Amazon cloudwatch locks. Have you guys heardof log files? Well log files are nothing but detailed recordof events that occur when you are usingyour AWS environment, you can view a log fileson your on-premise server as well search for an app calledEvent Viewer select the app and click on Windows locksand select systems or list of log fileswill be shown to you when you choose a particularlog file all the details regarding the clock files will be shown like the number ofkeywords the login time number. Of hours, the filehas been logged onto and various other details. Similarly. You have log files created when you use AWSenvironment as well. So you can consider this logfiles is a data repository. Most of the metrics aregenerated from these log data. So whenever a metricis generated a part of data is extractedfrom this log data. So you're designing metricsaccording to your like by choosing a part of datafrom this log data. So basically this log files are what we calla primary data store. Please and Amazon cloudwatchlocks is used to monitor store and access log filesfrom AWS resources, like ec2 instances cloudtrail Route 53 Etc. Let's try tounderstand cloudwatch locks better with help of some features firstly you can use Amazon cloudwatch locksto monitor your application and system log files. Let's say you have madea lot of errors, but trying to deployyour application on cloud in this scenario. You can use cloudwatch locksto keep track of your errors. And send a notification to you when the error rateincreases certain threshold so that you can makeavoiding errors again, then you have log retention by defaults logsare kept indefinitely but cloudwatch providesyou with an option where you can set the periodbetween 10 years to one day. Then you have locked storage. You can use cloudwatch logsto store your log data and highly durable storageand in case of system errors, you can access raw log datafrom this storage space and then you have DNS queriesyou can use Watch lugs to log informationabout the DNS queries that Route 53 DC's now let's have a lookat few Concepts regarding cloudwatch locks firstly we have somethingcalled log even so log even is just to record a factDVD that has occurred in AWS environment. It's straightforward. Then you have lockedstream a log stream as a sequence of log eventsthat have same Source. Then you have something calledLaw Group Law Group defines group of lock streams. That has same. And access controlsettings by default. You have to make sure that each log streambelongs to one or the other Law Group guysnot let's try to understand cloudwatch logs betterwith help of this use case in this use case. We are going to useAmazon cloudwatch looks to troubleshootthe system errors, you can see that I havethree instances here and a cloudwatch agent which is monitoring allthese three instances. So what cloudwatch agent does isit collects custom level metrics from all these easy to instancesand then This metrics and locks collected by the agentare processed and stored in this Amazon cloudwatchLots Amazon cloudwatch locks, then continuouslymonitors these metrics as you can see here by then. You can set an alarmwhich will send you notification when some sort of erroroccurs in the system. So whenever you receivea notification saying that some sort of error is there in the system you can accessthe original log data, which is stored in Cloudwatch locks to find the error. So this is how you can use Amazon cloudwatch locks totroubleshoot the system errors. So basically you are havinga look at original data so you can solve your problemsfaster and quicker. So this is it guys todayin this session. We are going to discuss aboutthe service AWS cloudformation. So without wastingany more time, let's move on to today's agenda. So we'll start today'ssession by discussing why cloud formationis actually needed in the first place. Once we're done with that,we'll move on to the what of what is cloud formation. Actually after that. We'll be discussing what thingsare needed to get started in the cloud formation service. Now among those things. You have a Json document. So we will be learninghow to create a Json document. So before that we'llbe seeing the structure of a Json document. Once we learnthe structure will see how a Json documentactually looks like so we'll see how a sample Json document looks and in the end we'll bedoing a demonstration. Ocean so in the demonstrationwill be doing two demos. The first one will bea really simple one and the other one will bea little Advanced. Let's move onto the first topic. That is why AWS cloudformation? So why do weneed cloud formation? So for example, you have an application now mostof you guys know that for and we have done thisin the previous sessions as well that we createdan application right. Now. The application isactually dependent on a lot of AWS resources. Now if we were to deploy and manage all these resourcesseparately it will take up a lot of time of yours, right? So to reduce that time or tomanage all these resources. What if I told youyou have a service? Yes. Yes, you got that, right. So you have a servicecalled AWS cloudformation. So using AWS cloudformation, you can manageand create and provision all these resourcesat a single place. Now, this iswhat cloud formation does. But now what iscloud formation exactly. So a cloud formationis basically a service which helps you model and setup your AWS resources so that you can spend more timeon your application rather than setting up and provisioningthese resources, right? So basically It's a tool using which you can createyour applications quickly. Also, you can create templatesin AWS cloudformation. Now, how do youcreate templates? Basically, you would be usingthe cloud formation designer you'd be putting inall the resources that are needed. You would be defining thedependencies of these resources and then you'll be saving thisdesign as a template right now. What will you dowith this template? This template can be usedto create as many copies as you want right? Say for example Exampleyou have a use case wherein you want your applicationin multiple regions for backup purposes. Right? So if you want that you won't be implementingor you won't be creating each and every resource one by onein each of the regions. What you can do is youwill create it at one place in cloud formation havethe template in your hand and deploy that templatein the other regions as well. Right? So what will this do? So first of all, your replication willbe very precise, right so they won't beAny changes in the copies that you have made second of allyou will be doing that quickly because you don't have to dothe process all over again. You just have to click a button and that templatewill be provisioned or will be launchedin that region. So this is whatAWS cloudformation is all about. It makes your life simpler by handling all the creation andthe provisioning part, right? So this is what isAWS cloudformation. Now, how do we get started in cloud formation saysit's a very useful. Is how can you as a user use the serviceso let's move on. So for usingthe cloud formation service. First of all,you need a Json script now. Why do you need a Json script because you would be creatinga template right in the cloud formation designer. You would be usingthe drag-and-drop option and filling in the AWSresources right now when you will be doingthat in the back end it will actuallybe creating a Json script. Now what you can do as a user isif you're good in Json, you can createyour own Json script. Otherwise you can useCloud formation designer to create a template nowfor creating a template. Like I said,you need a Json script. Now. What is the Json script then? So a Json script is basically aJavaScript object notation file, which is an open standard form. And that meansit is human readable so you can read it as wellas well as the computer. So if you don't need theprogramming knowledge for this, what you as a userwould be doing is you would be designing your templatein the cloud formation designer and that willautomatically create. Eight a Json scriptyou can do it. The other side is well. Like I said, you can create your ownJson script and feed it in the cloud formation designer. So this ishow cloud formation works. This is how you wouldbe using AWS cloudformation. But then how can youlearn the Json script? So it's very easy. So basically you haveto follow a structure in the Json document. What is this structure? So that structure is like this you would be creatingthe following Fields. So the first field will be theThis template format version. So this will basically containversion of your template. Next up is the description. So description is a text-onlyfile or is a text-only field wherein you will be describingyour template in words, right? So if I'm a userand I want to know what your Json does without reading your Json scriptfrom beginning to end. I can read the descriptionin simple English and understand what ages from triple to rightthen you have the metadata. So metadata will basicallyWhen the properties of your template thenyou have the parameters. So any values that you have to pass throughthe template will be included in the parametersnext comes mappings. So mappings would basicallyinclude the dependencies between your AWS resources. Then comes conditions. The conditions arebasically the conditions that you would be givingto your template when the Kristof will be createdor while the stack is upgraded. So if we are stackis being created or their stack is being updated. These conditions will be looked. One two, then comes output. So whatever outputsyour template will provide or your creation of Stackwill provide will come in the output header. Then you havethe resources field. So resources will basicallyinclude all the AWS resources that you want to include inyour infrastructure right now. If you look carefully youactually will be only dealing with the resources part, right because you will justbe populating in the resources and creating the dependencies. Right. So basically you'd be populatingthe resources part and that is what it was allabout the resources, but right now,this is Theory now, how does a Json documentactually look like right a Json document lookssomething like this. So like I said, you would be workingon the resources field, right? So you'd be includingthe resources field and in that say you so this Json documentis all about if you had noticedit's about S3, right? So you are basicallyincluding an S3 bucket. It and the type you'dbe specifying the type of service that will beincluding this bucket. Right? Like in this examplea Json document doesn't know what serviceyou're talking about. So you specify the nameof the bucket and inside the brace isyou'll be specifying which service over here. You'll be specifyingthe S3 service. Don't worry. I'll be showing you guysthis Json document in a moment. But before thatyou should understand how a Json documentis structured and this is what we're doing right now. Now guys, this isthe cloud formation dashboard. Now, you have to createa stack over here, right? And for the creation of a stackyou require a template so first we'll design a templateand then we'll create a stack. So this is my cloudformation designer. Let's go backto our slide and see what we actually have to do. So, this is our firstdemonstration here in will be creating a S3 Bucketfrom cloud formation. So we'll be designing a template around that for first and thenwe'll be deploying this code. Right? So let's do that. So let's go to our cloudformation window now so we have to createan S3 bucket. So we'll scroll downto the S3 service. So here is AC Service. We click on this we service. Click on bucketand drag it over here. Right. So this isthe recipe bucket guys. Now you can edit the nameof the template over here. You can name itas either a car CF that means and Eurekacloud formation, right? So you specify that now, this is your Json code now youcan compare the Json code guys. Let me make it a littlebigger for you guys. Yeah. So this is the Jsoncode guys now, I didn't codethis Json script, right? I just dragged and dropped this Bucketover here in cloud formation and Automatically generatedthis script comparing it with the code that we havein our presentation. Let's see so we have resources. Yes. We have resources. We have the nameof your bucket part. So basically this isthe name of your bucket and then it's a type. We're in you'll be specifyingthis you service. So you have type and specifyingthe SC service over here, right? So if you want to changethe name of the bucket, we can do that over here. Let's specify it asand Eureka CF. Alright, so we are done. This is it guys this isall you have to do. So now for running thisin cloud formation, all you have to do is clickon this icon create stuck. Now this will leadme to this page which is the create stack page. Now, it has automaticallyuploaded this template to the S3 bucket and it has specifiedthe URL here, right? We click on next you specifythe stack names. Let's specify it as a lyric RCF, right so you don't have tospecify anything are let's click on next click on create. So you'll be seeingthe events on this page. Let's refresh this. So it says createin progress, right? So my template is nowbeing created into a stack and that stack will havethe AWS resource in it, which is the S3 bucket. Right? So I think the time is enough. Let's refresh it and checkif our stack has been created. So it's stillin the creation phase. Let's wait. All right, so now it shows methat the Creator is complete. All right guys, so let's go to our S3 serviceand check whether we have Bucket that are AWS cloudformationcreated for us. So we go to the AC Service. And here it is guys. So this is the bucketthat we created right? I see you can see the time. It's March 28th. 2017. Today is March 28th, 2017. And the time is 7 5and the time is 7 7 here. Alright, so this buckethas just been created by cloud formation. So guys, like I said,it is very easy. It is easy to understandand to deploy as well. You basically just haveto create a template and that is it AWS cloudformationwill do the rest for you and the cool part is that you can replicatethe template as many times as you want. Right? So it will save you the time. Okay this demonstration is done. So we have created an S3 bucketusing cloud formation. Let's see what our seconddemonstration is all about. So now we'll be creatingan easy domain students in which we will bedeploying the lamp stack which means in thateasy to instance. You'll installing Linuxyou installing a patch a you'll be installing MySQL andwe'll be installing PHP as well. Right? So, let's see. How will we do that? So for our second demonstration, we will again go backto the cloud formation console. We will click on create stack and now we haveto launch a lamp stack. So a lamp stack is basicallya sample template in AWS, right so we can selectthe sample template and we'll click on viewor edit template in designer. So a lamp stack is basicallyan easy to instance with Linux Apache MySQL and PHPinstalled onto it, right you can see the designerthat you have only specified and easy to instance anywayto ask the security group to it. So you needthe security group obviously because you haveto connect to this. You do instance right now. A lamp stack is basicallya web server remember? Now, let's see the templatefor this lamp stack. So we discuss the structureof a Json document if you guys remember sothe first part was the AWS template format version. Then you have description. Then you haveparameters so parameters if you guys rememberit is basically the values that will be passingto the template right now. If you are creating a lamp stack you'd be needingthe database name you'd be needingthe database password. You'd be needing a lotof things, right? If you're installing MySQLyou be needing the username you'll be needing the password. So all of that you can feedin here in the parameters so you can specify the key name. So if you are connecting to the slough instancethrough SSH connection, you'd be needing a keeper right? She would be specifyingthe keep are here. Then you will bespecifying the DB name and the other detail now how will that lookwhen you'll be creating a stack? So let's do that. We will click on this iconwhich will now create a stack automatically sowill be prompted. It on this cage click on nextthen you will reach this page where in you are feelingthe entry right? So you would specifythe stack name. So this is by defaultso stack name, so we'll be specifyingthe stack name first. So I'll let us tagname be lamb demo, and then we move onto the parameters part. So whatever you specified in the Json parameters fieldwill be reflected over here. So we specifiedDB name over here. So it was asking mefor the DB name. So let's give it as a rake. And let's give the DB passwordas something candy. Be root password DB useras a Eureka instance type as Steven dot micro wideeven got micro because if you guys noticedin the template, we didn't specifya virtual private Cloud that is a VPC nowall the instances which are launched these daysof with all the new instances which are there in easy to haveto be by default launch the VPC. But since we are creatinga Json file and we didn't specify a VPC you haveto select T' an older version of your ec2 instance. So let it be T 1 so T1 is an older version. It runs without a V PC as well. And then you have to specifya key name the key name would basically be usedto create SSH connection to your instance. Right? So our key pair was arraycalendar score a will select that and will click on next now SSH location isbasically your IP address if you want to specify Idon't want to specify it. So we'll click on next you don'thave to enter anything over. Click on next confirmand click on create. Now is happening in the background as itis picking up that Json file and is creating a stack firstlaunch an ec2 instance. It will then install the nextonto that it will then install Apache MySQL and thenthe end a PHP installation. So what we will do theonce it says that the creation is completedwe will go and check if everything has been installed on our server by creatingan SSH connection, right? So let's wait until the stack. complete Alright guys, so as you can seein the events that the creationis now complete. So let's check that if our installationhas been correct will go to the ec2 instance. Now this is our instancewhich has just been created. We can check that. It's been createdon March 28, right? So today is 28. Alright, so now let's connectto this instance. So for that we will haveto copy the IP address. This is the police officer. For those of you who don't knowhow to connect to easy to you'll be pastingan IP address here. Right? And then you havethis private file, right? So this is of the pemex tension, but the party softwareneeds a PPK extension. So you have to convertthis pem file to PPK that can be done usingthe puttygen software. So this is the footageand software so I will be dragging this file here. Okay, it doesn't work. So well click on load goto downloads click on all files select my pem fileclick on Open click on OK and then clickon save Private key. So let's name it as a Eureka. Underscore a click on save so a filehas been saved will close it. Go back to our party softwarehere enter the IP address here. You will click on SSHclick on authentication. Click on browse goto your PPK file click on open and click on open here. So now you'll be connectedto your SSH through your SS has to your ec2 instance. So any Linux installationon Your AWS infrastructure. The login will beeasy to - user. I see you're in let's see if you can connectto a MySQL installation. So MySQL - Edgeso it is on localhost. - P port number which is your 6and then the user that we gave was a Eurekaand the password was this. Okay guys, so we are in so that means we successfullycreated the Eddie Rekha username which is specifiedin the Json script. That works. Well and then you specified. Okay. We also specifythat we need a database right? So, let's see if itis showing a databases or our databaseshave been created as well. Okay, so it has a data-basedcalled Ed, Eureka? Right. So the Json script worked. Well now the thinghere to notice. Is that how granularity youcan configure your Json file? Right? First of all, it launched an ec2 instancethen install Linux then install MySQL itconfigured it settings and inside MySQL it gaveyou a database, right? So this is awesome guys. So this gives youthe whole control of AWS just through Json script. Right and this is the powerof cloud formation. Now if you wantthis infrastructure or whatever you have createdright now to be replicated again to some other instance that can be donewith a single click of button, right and it isactually pretty awesome because if you wereto install this lamp stack on a server or on AWS again, if you launch ec2 instancewith the Linux OS installing Apache MySQL and PHPmay take time. It actually takes time. We can you haveto open the console. All you have to openthe terminal you have to enter the commands and depending onyour internet speed you will install all those packages. So this is neat. It does everything foryou automatically, right? So guys, this is what cloudformation was all about. So I'll close the session. Let me go back to my style. All right, so guys we are donewith the lamb stock demo. Today's session is going to beon auto scaling and load. And so so todayI'm going to tell you how you can orderscale your resources so that they becomehighly available and this is what we're going to do today. All right. So with that guys, let's start with today's sessionwith the agenda for today. So guys, this is what we are goingto do today first. We're going to see what are snapshotsand am I so these are basically the entities usingthis using which you will be or scaling your resources. So once you know, what are snapshotsin Amis will move on to why do we actually needor scaling and what? Is auto-scaling exactlyafter that we're going to see what is a load balancerand towards the end. We'll be doing a Hands-On which is going tobe very interesting because I don't thinkthere's a demo out there which can show you the kind of demo that I'm goingto show you today. All right, and if you thinkabout a guy's if you're if you're thinking about movingto the cloud industry order scaling our load balancingout the very important topics in this in this in this domain, right so you shouldknow about them. So if you have been so if you About them pleasepay attention today because you're going and going to go and gain a lotof knowledge today. All right moving on guys. Let's start with the first topicwhich is snapshots and am is so let us see what are those so I guessmost of you are aware of what an ec2 instancesof for those of you who are not an ec2 instanceis just like a row, so it's in freshpiece of computer that have just bought isjust like that, right? So on that computer, you can choose any operatingsystem that you want. Want so once you havethe operating system, you can install any kindof software on it. All right, so you haveto install every time you launch a new in an ec2 instance. You have to install allthe required software's on it. All right, butthere's a workaround what if you wanta specific configuration of ec2 instance a wantfive easy to servers which are exactly like thislike each other, right? So one way of doing that would be to launcha new instance every time install the required packages. Daytime and going about it, right the other way of doing it would beto actually create an image of once you will be configuringyour ec2 instance. And after that you'llbe creating an image of your ec2 instance. And that using that imageyou can actually deploy for more easy to do servers. All right, so this imageis basically what is and am I so am I which is an Amazonmachine image is nothing but an executable imageof your already existing. You do instance, right? But before an am I can be created there isa thing called snapshot now what a snapshotssnapshots are nothing but the copy of the datathe data the copy of the data that you haveon your hard drive. So basically if youhave your C drive, right and you wantto copy your C drive you copy a CD driveon to some external drive so that becomes a snapshot but if you can bootfrom that external drive, so that has to your wholeoperating system comes up. Some other machinethen it becomes an Ami. So this is basically the difference betweenthe two a snapshot is not a bootable copy and Ami isa bootable copy that you have. Alright, so I hopeyou got the difference between what is in am Iand what is the snapshot? So I'll repeat it again and you use an Ami to basicallyreplicate an easy two wins is easy to instance again, so that you don't haveto do the configurations all over again, right? So now you'd be Oh, we were we were to talkabout what is auto scaling. What is load balancing? Why do we need EMS but be patient youwould be clear with everything with the session. All right moving on guys,let's now discuss. Why do we need auto-scalingnow before the right. Now the way I will be going through the session is I'llbe explaining you each topic and then I'll show you itin the AWS console. All right, so we just discussedwhat are snapshots and what are a mere am Iso let me quickly show you How you can configure our how you can createan Ami of an already existing ec2 instancein the AWS console. So, let me give me a second. So give me a second. I'll just go to my browserand my AWS console. So guys, this is my AWS console. I hope it's visible to you. So the first thing that you'll be doingis you'll be going on to your ec2 consoleor all right. So in your easy to console youwill have all your servers that are runningright now, right? So for the for the Sakeof Simplicity I have deployed. I've already deployed to serverswhich are server 1 and server to now I have configuredthem both with a purchase so that they can have yourthey can host a website. Uh, let me quickly show you how the websiteactually looks like. So if I go to this particular IP addressof server 1 This is in part. So what one right so this is how the website lookslike right similarly for my server to if I go to gointo my server to this is how my server to be look like. Here it is. All right. So these are my two servers. Now. What I want is I will create an exact copyor the of these servers so that they can be replicated. All right. So when I say replicatedeverything from software's to this website willbe copied onto an image and that copy or that image when I will deploy it. It will be deployedinside one more. He should do server in whichI don't have to do anything. This website will be there. I just have to goto the IP address and I can see this website. All right. So now what I'll be doingis I'll be creating an Ami of both the server. So let's create an EMFor server one first. I'll select the server one. I'll go to actions. I'll go to image Iclick on create image and all I have to do isgive an image name for it. So let me give the nameas live server one, right? This is my image name. I click on create imageand that is it. It takes in your requestfor Eating an Ami and it does that rightpretty simple now similarly. I will be doing itfor server to as well. I'll select serverto I go to image. I'll create an image and I'll name the imagesay live server to So once I've done that you can see the imagesin your am I tab? So if you look at over here in the images sectionyou can look at Ami is if you go to your aim is youcan see there are two images which are just being created which are in the pending Stateas of now and they are live. So one and lives over to Now using these images youcan create any kind of server that you can createthe exact same server with just a click of a button. All right, you don't haveto configure anything much. Alright, so this ishow you create a new map pretty straightforward guys. Let's move on and discuss. Why do we need auto-scaling now? So you learned how to createan Ami, let's go ahead and stand auto-scaling and see how they are connectedto Ami is all right. So say you have an applicationyou have a website and every machine nowthis website is hosted on server guys, right and so was a nothing but machines now every machinehas Has its limitation right? For example say there'sthis machine is say around 8GB + C i5 processor. So say it can hoston hundred people. Right only a hundred peoplecan come to this website and easily and navigateinside the website. But if more than a hundredpeople comes in this computer or the server becomes slow. All right, so say there area hundred people as of now and they are tryingto access your website and they can easily access. Sit now your websitebecomes a hit overnight. All right, and now a lot of people are tryingto access your website which make sureserver overburdened now in this scenario youcan do only one thing that is deploy more servers and distribute the trafficequally among those servers so that the requestscan be handled. All right. Now this thing is a manual task and manual is a big No-Noin the IT world guys. So we invented a service call. Old Auto scalingand using order scaling what happens is it sees it it actually analyzesthe kind of load which is coming in right and it deploys the server'saccording to that. So say around 300 peopleare coming in and it sees there that you need three servers tohandle those kind of requests. It will dothat automatically, right? And that is where your amI comes in guys because the new servers that you will be launchingthose new servers have to be takenout of some template right so The first server has to bethe exact copy of the sorry. The second server hasto be the exact copy of server 1 the third server aswell has to be the exact copy of server one, right? And that iswhere the am I comes in. So what is what basicallyhappens is in the order scaling service youbasically attach your Ami which you created and using that Ami it deploysmost servers, right? This is why am I is significant or this is how am Iis related to Auto scaling and And this is whydo we need auto-scaling? Let's move ahead and justgive us a definition that what auto-scaling exactly is. So like I said, whenever you your loadincreases and you have to scale automatically upand down you use Auto scaling, so it's not onlyabout scaling up that is when you loadincreases a three or four so as you have deployed andnever when you load decreases Still Force, I was upthere to sitting I'd write so that is not the casewith auto-scaling you can So skilled down as per your needsyou can configure everything which you can imagineabout scaling up and scaling downin the auto scaling properties. All right. So this is whywe need auto-scaling. Now one more thing that you needwith auto scaling is if you would have noticed Isaid the number of servers it deployed gets deployedin the order scaling. So there are theythere are four servers which get with get deployed youduring order scaling right now. The traffic hasto be distributed. It equally right. So this trafficwhich has to be distributed has has nothing to dowith auto scaling. It has to be done bya separate entity. And that is what we are goingto discuss in the next section. But before that, let me show youhow you can configure or how you can configurethe auto scaling properties and attach the related am I so that the related serversare launched right? So let me go to my AWS console. So here am I and as you can see the aimis have already been created. They are lives over oneand live server to now what I'll be doing is I'llbe creating auto-scaling groups or I'll be configuringthe auto scaling properties so that these serverscan be Auto scaled as and when required right? So before that I actually have to createa launch configuration. Now, what isthe launch configuration? So if you look at the a my guysyou have only specified what kind of data should bethere in your server. What you have not specifiedis what kind of machine you should launch every timethere's a need right? So that is exactly what you doin launch configuration. So you have the data but you don't have the informationabout the kind of machine that you want to launch so that that that kind of stuff you will be specifyingin the launch configuration. So what I'll be doingis I'll click on create launch configuration and now it will give me a wizardas same as that of any issue. So right in the ECU server. I had to choosean operating system, right so sameit'll give me the wizard but I don't have to go here. I'll have to goto a separate tab, which is calledmy m is right, so I'll select my mice and now I'll selectthe newly created a match which is the Miwhich I just created which is say we are creatinga launch configuration for us over one right now. So I'll select the lives of A1. I'll click on select and now it will ask me the kindof the configuration that I want for my So rightso I need attitude or micro because we are doinga demo today, right so we don't need muchof of computing power. So we just have to select E2 dot micro and will namea launch configuration a thing. So let's name it as life. So one. Right and the I am roleis not required and I click on next now. It will ask me for addingthe storage so easy be is enough for anyone to machine. I'll go toconfigure security groups. Right? And in this regard to groups. I just have to add the HTTP rule because I have to connectto all the instances that I'm launching. Right? So I'll select the HTTPrule from here right and I click On review so that is it guys. Nothing else hasto be configured you. All right, and it is askingme to check everything that I've just configuredeverything seems fine. I click on createlaunch configuration. Now it last me for the keeper. Right? So every server which will be launchedit will be associated with the with a key pair whichwill be specifying here right? You can create a new one if you don't have already Ialready have a key pair. So let me choose my my keeper so that is a month underscoreto and I acknowledge that I have this keep your and I'll createthe launch configuration. It just takes a secondor two to do that and we are done. Alright, so now we have createda launch configuration. We have specified what kindof machine we want. We specified what kind of datashould go into that machine now, we'll be creatingthe auto scaling group in which will be specifyingin which cases we want to Auto scale. All right, so let's createan auto scaling group now. All right. So it has automatically pickedup the launch configuration that we have just createdthat it's life. So one right let's name thisgroup as live server one group. Right. And what is the initial size that you wantin your launch configuration? That is the minimum numberof servers that you want. So let it be 1and remember guys. This is the most important part when you are creatinga launch configuration in sure that you're doing itin your default VPC to be on the safe side because there area lot of settings that you have to do if you create a VPC on your ownand that becomes a hassle. All right, soif you accidentally delete your default VPC, which I did right so you haveto contact the AWS support team and they'll helpyou out with it. They'll basicallycreate one for you. You cannot createone on your own. All right. So always ensure that you are in a default VPCwhenever you're creating an auto scaling group. Alright, so now Iwill be specifying the subnets. So basically you haveto select a minimum number of to subnets right? I'll need not gettinginto what I said Nets because then it will belike a three-hour session. I will click on configure scalingproperties now over here. You can specify the propertiesthat I was talking about that. When do you wantyour server to scale? Right so over hereyou can specify the average CPU utilization. Now, what do you meanby average PT CPU utilization? So there are four serversrunning as of now, right? So it takes the averageof all the four servers. All right, and if the average goesbeyond whatever number you're specified heresay I specified. 70 over here, right? So in that case wheneverthe average pcpd utilization will go beyond 70 it will launchone more server similarly. If it goes I can configureone more property here, which says if it goes below 20%like scale down from one server. All right. So if there are five servers in there and see people izationhas gone less than 20 percent it will it will itwill scale down from one. Seven and come downto four servers. All right, and you can also set how many seconds should itpaid say the traffic is spiking down and uplike to frequently, right. So for that what you can dois you can set a time. So if the 20% Markhas been not cross still say like five minutes, then it will scale down a server or if the seventy percentMark of the CPU utilization has been crossedover five minutes. It will then scone. Scale up, it will not scale up with at only oncefor only one second. It becomes 71 person. All right, so you can specifyall of that over here. But since I cannot load testmy instance over here, I'll just keep it at its initial sizewith just means that it will even if I delete my instance that is I one instance hasto be there in any case if I delete the instance it willautomatically launch it again. Alright, so let's will selectthe keep this group at an edge at its initial size and we'll goto configure notifications. So I don't want to configure thenotifications neither the tags, I click on review and I'll click on createauto scaling group. Alright, so I've successfullycreated an auto scaling group for my life server one. All right. Similarly. I will do the same stepsfor my server to as well. I'll click on createauto scaling group and I'll selecta launch configuration which was there. For my so to so not donethat so let's create a launch configuration firstfor us over to will go to a mice and we'll selectthe server to part here. Alright, so I've selectedserver to I do the same steps that I did earlier. Right. So let me give it the nameas live server to group. I click on add storage configureSecurity Group over here. I'll add the HTTP rule. Click on review and launch configurationselect the key pair. Acknowledge it createlawn configuration doing the same steps Kuipernot doing any new thing here. I've tracedlaunch configuration. Now. I create the auto scaling Group, which is life'sover to group. Right and then the vpz as I said should be defaultsubnet minimum gruesomeness. You should select You'll clickon scaling properties. I keep it at initialsize configure review and create the auto scaling group. All right, nothing much guys. So same things that I didfor my server one. I've done formy server to as well. All right, so since I've createdor or an auto scaling group, if you go to your ec2 dashboard, you would noticethat two more servers are now being deployed, right? So you can actuallyidentify them over here. See these two serversare being initialized with Eva. These have just been createdby your auto scaling group because we specified that a minimum numberof one server should be there at all times right now. If you try to go to the IP addressof this server. Right, you will see that it will havethe exact same settings for my easy Tucson's instance. So this is my sober one. Right. So as you can see a new instance called created but withthe exact same settings, I hadn't had to doanything it automatically created an instancewith the same settings. All right, and same is the casewith server to as well guys, if I go to my serverto and try to access it. I'll see the same thingsover there as well. So I'll Show you a bit Yeah,so this is my server to alright, so my auto scaling groupis functioning fine. So let us come backto our slide now. So we are donewith auto-scaling now. Like I said, you need to have an entitywhich will equally divide the traffic between the serversthat have just deployed right so they say in I've createdto Auto scaling group Skies as of now write the and why I have createda second Auto scaling group. I will tell you in a bit, but for now understand thatthere is an auto scaling group. All right and inside that auto scaling group saythere are Five servers and if a person is comingin or a customer who has logged ontoyour website is coming in How would how wouldhis traffic be treated? How would he knowwhich server to go to right? So there comesin the third entity which is calledthe load balancer. So what load balancer does isa load balancer your customer will basically basicallybe coming to your load balancer and the load balancerwill decide based on the usage of yourself. Others that which server is more free and then we'll givethe connection to that server. All right. So this is basically the roleof a load balancer. So like I said a loadbalancer is a device that acts as a proxyand distribution Network or application across a numberof servers now, I've been saying it repeatedly that your your serversare actually sorry. Your traffic is actuallydistributed equally among the servers rightbut in a few moments, I'll tell. That there is one moreone more way of Distributing your traffic, right? So before that, let me again stresson the point that this was your autoscaling group guys. This is just the example that Itook in the beginning, right? So there are like these set of users and they're tryingto access your website and they are being routedto these server. So this routing is actually doneby a load balancer right now. Like I said the traffic which is distributedit is distributed in in two types, right? The first time would beto equally distribute them among the number of serverslike say there are five server. So it will distribute itamong the file servers. But if there are say thereare two kind of servers now and so your load balancer can identify what kind ofrequest is being made by a user for example in your website on in your applicationyou have you have a part where in you canprocess the Mitch right and you have a part where you can where you havethe your blogging section. All right. So if you wantto process the image, you want your traffic to goto a different set of servers which are order scaled at their own in their ownAuto scaling group. Right? And if you havethe blogging section, you have a differentorder scaling Group, which is auto scaled at a different weatherdifferent Auto scaling group, but you want everything to gofrom one single link. So the way to do that is usingan application load balancer. So let me just repeatwhat I just said. So the say the this set of servers they hostyour image processing part. They do allyour image processing and these set of servers that they host your blog's thatyou have on your application. All right, a user comes in. He just logs onto your websiteand he goes to a URL which says say Eddie recordor KO / image. All right. If you go / imageyour load balancer, we'll see. Okay, he's askingfor the image kind of content. So he should goto this set of servers because this this serviceof the image purpose and if you go to a Dirac array card or KO / blog yourload balancer identify. Okay, this user he is askingfor the blog content. So you should goto this set of servers. All right. So all of that is doneusing your load balance or if you compare itwith a classic load balancer it is it does not have that kindof Of intelligence, right? What it will do isbasically all the traffic that it has got in coming to it. It will equally distributedamong the number of servers that are under it. All right, but with application loadbalancer you have this option where in you can divide the traffic accordingto the needs of the customers? All right. Now when you have dividedthe traffic again the same thing will happen here as happensin classic load balancer that at this point itwill equally Traffic among the numberof image servers, right and similarly the people who want to accessthe blog it will equally distribute the trafficamong the number of people who want to accessthe blog server. All right. So this is what an applicationload balancer is all about. So classic loadbalancer was something which was invented earlier and these days nobody uses theclassic load balance anymore. People are using applicationload balancer, right? And that is what our demonstrationis going to be. All about today. All right, so enough of talks. Let's move on to the handson that is the demo part. So let me quickly show you what we are goingto accomplish today. So basically a userwill come in. He will have the addressof your load balancer. And if he asksfor the image path or say server one in our case, he will go to the autoscaling group of server 1 if he asks for server to he will go to server to but all of themwill have the same at Is that is using your addressof your load balancer? All right. So this is what we are goingto accomplish today. Now for those of youwho didn't understand that why did we createto order scaling groups is because we want these servers that is the image processingservice to be skated as well. And as as at the same time, we want the Blog showsto scale as well. Right? So that is the reason we want we createdto Auto scaling group. So I dated a server one, which you can imagine isfor your image processing and I created an autoscaling group for server to which you can imagine isfor your blogging section. Right having saidthat guys now, let's move on to my AWS consoleand go to our load balancers. All right. So what I've been doingnow is I'll be creating a new load balancer and that load balancer would be of the typeapplication load balancer. You can see I havetwo options here. I either I can createa classic load balancer or I can createan application load balancer. So I'll go on withapplication load balancer and I will name it as life load balancerand the scheme is internet-facing. So since mine is a website that I want youguys to access right so it could be internet-facing. Otherwise you if youare working in a company and that company wants. A load balancerfor their internal websites that the companies haveyou can actually opted for an internal internalload balancer as well. But since as we havea website and we want that to be used via wewill use the internet facing load balancer, right and the listeners, it's HTTP, that's fineand the availability zones. Like I said, you have to select a minimumof two availability zones and you clickon configure security settings. All right. So now you'll be specifyingthe security group, right? So in Security Group, you'll it's better to createa new Security Group. Remember guys don't includethe default Security Group for your load balancer. It's a good practice to alwayscreate a new security group so that you can customizecustomize your rules according to your needs. All right, so I'll createa new security group and specify the HTTP Ruleand I click on next. And now comes the part where in will bespecifying the targets. All right. Now what our targets now in application loadbalancer guys targets are basing basicallybut or scaling groups, right? So Target one would beyour or scaling group one your target to would beAuto scaling group to Target three Target for youcan have as many targets as you want. But in this wizard, you have to specifya minimum number one, right? So we'll create a newTarget group will call it as say Just killinga life or two one. All right, and the protocol is HTTP Port is80 will click on next and I'll review everything. I think everything is fine and I'll createthis load balancer, right so we have not doneall the settings guys. I'll show you how to doall the settings for now. We are just createda plane load balancer. All right, so I havecreated a load balancer which is pointingtoward Target group. Group one and that Target group is not pointing to my autoscaling group as of now. All right, we will dothat now in this part so we have created. I just created a Target groupcalled live Auto one. I'll create onemore Target Group which will be called live Auto to for my secondAuto scaling group. All right, so I willcreate this and done. So I now have to Target groups that is live Auto oneand live Auto to now these two. Get groups have to point to my auto scalingGroup C respectively. All right. Now the way to do that youcannot appoint them here. You have to go to your autoscaling groups, right? And in your auto scaling groups, you have to selectthe auto scaling group that have just launched. So it is live server one groupand lies over two groups. So you I will go to live soone group and go to details and over here you click on edit. All right, and inside edityou have this option for Target groups. You don't have to specifyanything in the load balances. This option is onlyfor classic load balancer, but we are creating an application loadbalancer, right? So we'll be specifyingeverything in the Target groups. So for live server one group will be specifyingthe demo server one. So demo server onehas already been sorry. Sorry, it will be live AutoOne the target group that I just created and live Auto One is connectedto your load balancer. So basically your load balancerwill point to your target group and your target groupis now pointing to your auto scaling groupone which are pointing to your instances. All right. So this is how itthe visibility comes in so I save it. The target group one islive server one group and the target group 2. I'll be specifying inthe second Auto scaling Group, which is here that is liveor two to write. I'll save it and letme quickly verify if I've done everything, right? So this is a lifesaver one groupand this is live Auto One Fine. This is lice over to groupand it is live or to to fine. So my load balancer can nowsee the auto scaling groups that I've just configured. So let me quickly goto my load balancer. Now comes the part guyswearing I'll be specifying when to go to auto scaling Group1 and when to go to auto scaling group to like Isaid will be specifying it using the using the kind of request that the that the userhas made, right? So the way to do that is using is by firstselecting your load balancer and going to listeners. So once you goto listeners guys, you will reach this particularpage now in this you have to click on view or edit rules. Alright. So once you clickon view or edit rules, you will reach this pagewhich is kind of an if else which is kind of FL structured. So now what will you do isso you can see that there isa default rule as of now that anything any requests which is made it will goto live Auto one. All right, which meansany requests at which is made it will straight away pointed tothe auto scaling group one now, we'll specify ifthe request is our is if the user is asking for sir. To he should be pointedto server to so let us do that the way we'll do it is like this will clickon ADD rules will click on insert Rule and now I'll specify so youhave two options here either. It could be the routingcould be based on your host. That is the address of your of your website or itcould be based on the path. Now. What is the difference sayEddie record or Co this is the host name right now if I try If I type inresources dot Ed u-- record or go it is stillpoint to my domain. But if I have specifiedresources dot ID record or go and if I write it over here and I specify it hasto go to server to it will go to serverto otherwise if you type in resources or Daily Recordor code nothing will happen because now if youhave not configured anything, right, so that is the host pathwith paths the difference. Is that say you rightEddie Ricardo Coast. - block right. So that's / blogbecomes the path. But with host the thingis the difference is resources dot edu record orko. So that becomesone host name, right? But with path you'rebasically putting a slash and you are goinginto a particular folder. All right, so you can specifythe path here, right? It doesn't matter if you have not specifiedin a server for different for different say you couldthe way you could have done. The image processingand block the other way round rather than having iton two servers was that you have you could haveconfigured it inside to servers in your root directory, right? It could be server onefor your image processing and server to for your blog'sbut I don't want that because you'reas distributed as a system. Is it becomesmore reliable, right? And that is the reason wehave two different servers for two different set of things. So the way you can routeyour traffic to body servers is by typing in the path. So say if I haveto go to server one. I'll type in server 1 /star so star basically means anything after serverone could can be accepted but it has to go to the request will be forwardedto live Auto one. All right, so if I have server one in my pathanywhere in my path, it will go to live Auto one. So I'll save this rule. Similarly, I say that if ithas a server to in its path and anything after that. It has to go to live Autoto write and save it. And that is it guys nowmy load balancer has now has saved its settings. Let's hope for the bestand try executing it. So this is the Ling guys, right if you justtype in this link, it will by defaultgo to server one. Right. So if I go to this link, you can see it is goingto server one as of now, but if I specify / server 1 it will goto my server 1 and if I specify / server, too. It will go to my second server. Now. You might be wondering that he meant you might havea different directory in your same server. So let me clear your doubtaccording to that. So what I'll do is I will goto my ec2 dashboard, right and so you have to server one. And I'll quickly show you. If what happensif I type in server to hear? All right, so this isthe IP address, right? So if I typein this IP address, I'm going to server one. If I type in / server to it will give me a photo forbecause there is no folder called server to writesame is the case here. So if I go to is IPL,you can see Server one. If I don't specify anything after my address it will stillgo to the same server that is here. That is this. IP address right but if I specify / over two over here Itwill not be able to do so because this isnot a load balancer. It is directly your IP address, but over hereif I specify server to. It will redirect meto the second server one second. Right, it will redirect meto the second server and that is all that I need. All right. So with one address you areactually pointing to two servers which be solvingyour to problems. Now the real life you skate. Like I told you it could befour different kind of task say you have a bloggingsection on our website and you have an image processingsection on our website. If you want to different servers to hostyour two different Services, you can do that easily usinga load balancer. Alright guys. So with this Iconclude my session for today today in this session. We'll be talkingabout Cloud security without making any further Ado. Let's move on to today'sagenda are to understand what all will be coveredin today's session. So we'll start of the sessionby discussing the why and what of cloud security after that. We'll be seeing how we can choosebetween a public or private and hybrid cloud. For that we'll see whether Cloud security isreally a concern among companies who are planning to makea move on the cloud. So once you have establisheda cloud security is really important. We'll see how secureshould you make your application after that? We'll be lookinginto the process of troubleshooting a threatin the cloud after that. We'll be implementingthat process in AWS. So guys, this isour agenda for today. Let's move on to the first topicof today's session that white cloudsecurity is important. So let's take an example here and talk of three verypopular companies linked in Sony and iCloud so LinkedIn in2012 experience the cyberattack. We're in 6.5 millionusernames and passwords for made public by the hackersafter that soon experience the most aggressiveCyber attack in history where in their highlyconfidential files like the financialstheir upcoming movie projects were made public bythe hackers, right? And this made a huge impacton the business front of Sony. ICloud which is a service from Apple alsoexperienced a Cyber attack where in personalor private photos of users were made publicby the hackers, right? So guys now in allthese three companies you can see there'sa breach in security which needs to be addressed. Right? So Cloud securityhas to be addressed. It needs to be therein the cloud computing world. So since now we've establishedthat cloud security is really important. Let's move on to understandwhat cloud security actually is. So what is cloud security? So it is a useof latest Technologies and techniques in programmingto secure application, which is hostedon the cloud or the data, which is hosted on the cloudand the infrastructure which is associatedwith the cloud computing. Right and the other part of this is thatwhatever security techniques or whatever techniquesor technology that Using to secureapplication should be updated as frequently as possible because every day new threats are comingup right everyday. There are new workaround two problems. Right and you should be ableto tackle these problems or these workarounds and hence. You should upgrade your security as frequently aspossible Right Moving ahead. Let's understand howwe can choose between a public a privateand a hybrid Cloud. So we have understood that what cloud security charityactually is now let's talk in termsof security and understand how we can choosebetween a public private and a hybrid Cloud. So if you were to choose betweenthese three infrastructures, what should be our basis of judging which Cloudwe should choose right? So you would offera private Cloud when you have highlyconfidential files that you want to storeon the cloud platform right now. There are two stories or there are two ways of thinkinga private infrastructure. You can eitheroffer private servers or private infrastructureon your own from Isis or you can look upfor servers dedicated servers by a cloud provider. Right? So that all comes underthe private infrastructure. Then we have the public Cloud infrastructurein public Cloud infrastructure. You would basically use websitesthat are public facing. So say if you havea products page where you have application which can be downloadedby the public so that can be hostedon the public Cloud because there is nothingthat has to be seen. Secret over there, right? So things like websitesthings like data that is not confidentialand you don't mind public seeing it can be hostedon your public Cloud. The third infrastructure is themost important infrastructure, which is thehybrid infrastructure. And this is the set of that most companiesgo for right? So what if there's a use casewherein you have private files of Highly confidential filesand a website as well, right? So if you have this kindof use case Might go for a hybrid infrastructure, which is kind of Bestof Both Worlds, you get the securityor the Comfort or the private infrastructure and the cost effectivenessof the public Cloud as well. Right? So you your hybridcloud is basically if you want your highlyconfidential be stored on your own from Isis and your website be hostedon your public Cloud. This infrastructure would bea hybrid Cloud infrastructure. So basically youwould choose a private Cloud if you have a highlyconfidential files, if you choose a public Cloud if you have files that arenot that important or files that you don't mind peopleseeing and you would choose a hybrid Cloud infrastructureif you want Best of Both Worlds, right? So this addresseshow we can choose between a public privateand hybrid Cloud moving on. Let's understand whether Cloudsecurity is really a concern. So we will discussed that white cloud securityis important we've discussed what is cloud security, right? Now let's talk aboutwhether this really makes sense. Right? So if we say that cloud security is reallyimportant in this is no one who is actuallythinking about it. There's no point, right? So let's see if companies were making a moveto the cloud actually think about Cloud security. So here's a gardenerresearch on companies who are making a planto move to the cloud or who has not movedto the Cloud yet, right. So what are their concerns? Why not they're doing so so the topmost First reason listedby these companies was security and privacy concerns, right? So as you cansee these companies who want to make a moveto the cloud are also worried about the securityon the cloud infrastructure. And this makes it clear that cloud security is actuallyvery important right now. We have understood that cloud securityis very important. We have understoodthat companies are looking for cloud securityare actually following. The practicesfor cloud security, but now how secure should youmake your application? Right? What is the extent to which you should makean application secure? So let us start with this line. So it is said that cloud security is a mixtureof Art and Science right why let's seethat so it's a science because obviously you haveto come up with new technologies and new techniques to protect your datato protect your application, right? So it's a science. Because you have to be preparedwith the technical part, but it is art as well. Why because you shouldcreate your techniques or you should createnew technologies in such a way that your user experienceis not hindered. Let me give you a guy'san example suppose you make an application right and for making itsecure you think okay after every 3 or 4 minutes, I'll ask the userfor a password right from the security point of view. It seems okay, but from the users pointof view it Actually hindering his user experience. Right? So you should havethat artist in you that you should understandwhen to stop or till where should we extendyour security techniques and also you should be creativeas to what security techniques can be implemented so that the user experienceis not ended. For example, there is a two-stepauthentication you get there when you're logginginto your Gmail account, right? So if you know your password that is not enough you shouldhave Have an OTP as well to log into your Gmail account, right? So this might be hinderingwith user experience to some extent but it is makingyour application secure as well. Right? You should have a balancebetween your science and the art part that you're applyingon cloud security moving on. Let's now discuss the processof troubleshooting a threat in the cloud. So let's take an example here. So like you'reusing Facebook right and you get a random messagefrom Person saying there is some kind of storieslike you usually get that by using Facebook right that such and such thinghappened and click here to know more right you getthe similar kind of message here and by mistake you actuallyclick on that link. You didn't know that it's a Spamand you click on that link. Now what happensis all the users that are there are allyour friends on the Facebook Chat gets that message, right and they get furious as to why this kindof spam messages. They're in their inbox, right and you get scared. Now you get angry as well and you have to bring yourfrustration out on Facebook. So you contact Facebookand it get to know that they alreadyknow the problem and they're already working onit and then near to this leash. Now. How did they come to know that there isthis kind of problem and needs to be solved. Right? So basically Cloud securityis done in three stages. So the identification process or the thread identificationprocess is done. Three stages the first stageis monitoring data. So you have ai algorithms, which know what a normalsystem behavior is and any deviation from this normal systemBehavior creates an alarm and this alarm is thenmonitored by the cloud experts or the cloud SecurityExperts sitting over there. And there's a thread theysee there's a thread they go to the next step which is gainingvisibility, right? So you should understandwhat caused that problem right? And Or who causedthat problem precisely. So your Cloud Security Expertslook for tools, which give them the abilityto look into the data and find or pinpoint that statementor pinpoint that event which caused this problem. Right, so that is done usinggaining visibility stage. And once we haveestablished, okay. So this is the problem then come stage 3which is managing access. So what this basically will dois it will give you a list of users in casewe are tracking the who will give you a listof users who have access and we will pinpointthe user who did that, right and that user can be wiped out of the fit system usingthe managing exist age. Eight. So these are the stages which are involvedin Cloud security Now if you were to implementthese stages in AWS, how would we do that? Let's see that so the first stagewas monitoring data, right? So if you have an applicationin AWS and you are experiencing this same kind of thing, what will you dofor monitoring data? So you have a service in AWScalled AWS Cloud watch now, what is AWS Cloud watch? So basically it'sa Monitoring tool so you can monitor your ec2 and your other AWSresources on cloudwatch how you can monitor them. You can monitor the networkin network out of your resource and you can alsomonitor the traffic which is coming onto your instance, right? You can also create alarmson your Cloud board. So if there's deviationfrom normal system Behavior, like I said, so it will createan alarm for you. It'll escalate the eventand alert you about that thing so that you can go onaround and see See what that problem actually is, right. So this is cloudthe monitoring tool, right? So this was aboutAWS Cloud watch. Let me give you a quick demoof how the AWS Cloud watch dashboard actuallylooks like Okay. I said this isyour ews dashboard. So now for accessing cloudwatch, you can go under the managementtools here is cloudwatch Will click on cloudwatch. Now over here youcan monitor anything right? We'll go to Matrix. And you can see there arethree Matrix over here. You can monitor your EBS. You can monitor your ec2. You can monitor your S3right now suppose. I want to monitor my ec2. So as you can see, so I have two instances runningin my easy to one is called for batch instance. And the other is calledWPS instance right now. These are all the metricswhich are there so I can check Matrixfor my WPS instance for network in I can checkthe disk read Ops. So let me selectthe network out metric and they'll be a graph overhere so I can see this graph and as you can seebetween six o'clock and 6:30, I experienced. Search in my traffic, right? So basically this is how you monitoryour instance in cloudwatch. And you have allthese default metrics to check how your instance is doingand you know AWS, right? So this is what cloud watches. You can also setalarms here, right? So if you go to alarmsclick on create alarm. You go too easy, too. And you can select your metric from over here nowselect a discrete bite. So we're now once I dothat will ask me if there's a Time range to which I want to monitorthat instance, right? Okay, let's not set. Any time Ray. Let's click on next. So when I click next youwill be prompted with this page so you can set your alarm name. You can set your alarmdescription here and then you can specify that forwhat read rights number. You should getthis alarm for right? So you'll be setting that. Over here after thatwe will go to actions. So once an alarm is triggered. We should that alarm go whoshould that alarm go to right? So you can seeas I said over here. Now whenever the stateis alarm, right? What should we do? So when the state is alarm you can send you a notificationto your SNS topic now, what is this nation SNS? So basically it'sa notification service will be discussing what SNS isin the next session. Don't worry if you don'tunderstand so basically for now what you can understand Isthat SNS is a protocol where a new set if you get a notification what to do with thatnotification or whom to send to that notification, right? So if there's a topiccalled notify mean SNS, so in notify me, I have configuredan email address. That is my email adress that whenever a notificationcomes to the SNS service or the notify metopic to be precise. It sends an email to me rightwith that message. So I will get a messagewith this alarm. Such and such thingthat has happened in cloudwatch. Now you do whatever is required. The other thing that you can do over here isin the same as soon as topic. You can also configure Lambda function tobe executed right now what that Lambda functionwill do so say suppose I configure the metricto be of CPU usage. Right and I say whenever 40-person metricis crushed create an alarm or like go to an alarm Stateand it notifies the SNS know Or if I mean topic about thisin the notify me topic, I can configurea Lambda function to clear all the background processesin that easy ruins, right? So if I do that the CPU usage willautomatically come down, right? So this becomes a use case that you want to launcha Lambda function, wherever your CPU uses goesbeyond 40 percent, right? And hence. This is the way you would do it. So this was about cloudwatch. There's nothing much to it. You create alarmsand you monitor metrics, right? Moving ahead and let's move onto the second process which is gaining visibility. So for gaining visibility, basically, you have to trackyour whatever activity is happening inyour AWS account. So this is service in AWS calledCloud trade, right? So the cloud rail service isbasically a logging service where in eachand every log to each and every API call is made now. How is it useful? Let's talk aboutthe security perspective. Right? So your hacker gotaccess to your system, so you should knowhow he got eggs. Your system. So if you have a timeframe sayhe got access to your system or you started to facethe problem say around four o'clock, right so you can set the timebetween two o'clock and whatever the damageright now and monitor what all has been goingaround and hence. You can identify the place where that hacker got accessto your system right now. This is the part where you will get to know whothat person actually is or you can isolatethe problems or which calls that so if you take Q fromour Facebook example over here. You can actually pinpoint who is responsiblefor those spam messages because you all have those logsright you will see the origin of those messages now, once you've done that the next step is managingthis guy out of the system or wiping this guyout of the system. But before that letme show you guys how cloud trail actually looks like so let's go backto our ews dashboard and go to Cloud tree service. So I again underthe management tools. You have the cloudforest service you click on the cloud resources and youwill reach this dashboard. All right. So here you have the logs. So as you can see youcan set the time range here, but I'm not doing that. I'm just showing you the logs. So even for logginginto my console it is showing me that I'm loggedinto my console at this time on this date, right? So every event is logged guys. Every event that is happening on your ews consoleis being blocked. So let's talkabout the S3 bucket. So somebody deleted a bucket and that has againbeen locked, right? So it happened at 7:30 8:00 p.m. On 28th of March 2017, right? So any activityany kind of activity, which happens in AWSwould be logged where? Okay guys, so this isabout Cloud Trails. Let's go back to our slideand move ahead and play session. So like I said, so now you have identifiedwho is responsible for your problem. Right? So now the next stepis managing access, right? So now you should be ableto throw that person or remove that personfrom the system. So most of the timeswhat happens is like if we takeour Facebook use case, so basically there was a userwho triggered that problem right so too Things that youhave to do is first of all, you have to removethat spam from a system. So you've got to knowwhere it originated. So now you startwiping it after that. You have to D by that userfrom doing it again, right? So from The Source, you'll get to know who that useris now using managing access. You will actually getaccess to do all that right? So if you talk about AWSthis service is called AWS. I am so what AWS I am does is It basically authenticatesthat particular service. Now, you are a root user. Right so you can do anything. But what if you have employees and obviously all employees willnot have all the rights right. Now. What if you want to givegranular permissions to your employees now forlike in our example, what if one specific employee is capable to track downthis problem right or track down what has to be done? So you can give that particularperson the rights how using I am right? So I M is used to providegranular permissions. It actually secures your access to the ec2 instancesby giving you a private file and also it is freeto use right. So, let's see how I am is used. So let me go backto my AWS console. Okay. I said this is my AWS dashboard. I will go to the securityidentity and compliance domain and then click on I am. Right now over here. I'll click on rolls. Now. I can see all the roles which are therein my I am right? So since I would have identified which roleis creating a problem, so I'll go to that role. So for example, I have a problem in save AWSelastic Beanstalk easy to roll, right I click on this now once I click I willbe getting this screen. So now I can see the The trustrelationship success advising the revoke sessions, right? So I'll go to revokesessions and I click on the book active sessions. And hence. I will be able to wipe outthat user from accessing my AWS resources, right? So this is how you use I amguys are now one more thing that you can do overhere is you'll go back to your dashboard go to Rose. Now I get told you guysyou can actually create a role for a person who would be able to accessrestricted things on. Your AWS account, right? So let me quickly show youhow you can do that. So you will clickon create new role and you will giveyou a roll some name. So let's give ithello over here. Right click on Next Step go toroll for energy provider access. Right, and now you can select how that user of yours willbe accessing your AWS account. Right? So allow users from Amazon CognitoAmazon Facebook Google ID. All right, so let'sselect this now. Let us select Facebook andlet's give it some random application ID, right? So anyways not goingto create this role. I'm just telling youguys how to do it. Right? So basically you getan application ID by Facebook over there. You'll be since youare using Facebook thoughts. Educate that guideto your AWS account. You'll get an application ID by going on tograph at facebook.com. You can do allof that over there. Okay, so that is not the concernyou'll enter the application ID and click on next step. Right? So you get the policy document. So whatever you configured in your text boxes has actuallybeen created in a Json file, right so you don't haveto edit anything over here. Click on next step. Now you have to attacha policy now, what are the policiesof policies basically what all permissions youwant to grant that user. Right? So if you want to Granthim the execution role for Lambda you can do that. You can grant themthe S3 execution roll, right? So whatever policy that you create you can actuallycreate a policy near I am right. I'm not going muchin details of this because all of this is coveredin your I am session, but I'm showing you guys because I just told youguys This can be done to let me show youhow it can be done. Right? So you'll selectwhatever policy want and click on next stepand review it and create that rule. This is it guys right so youcan actually select a policy whatever policy you wantthat role to have and hence. So policies basically a permission that youwant that role to have. So if you get the permissions itto just review your instances, he'll be only ableto review your instances. Okay, one more thing. I want to make Make clear is that you don't have to giveyour security credentials to that kind anymore because now you'll be specifying that user can will be ableto connect to Facebook. Okay. So also you have a parthere wherein you can specify what specific usercan access it right so I can type in my name here. And if I'm being logged in through Facebook ismy username is him and Shauna only then Iwill be able to connect to my AWS account right now. This is ID right I can alsoset the local parameter. Right so idea I think is fine wherein youwill be adding the ID of the guy whom you want this AWS accountbe accessed by right? So you all haveFacebook IDs, right? So you all have to justpunch in your Facebook IDs. We're here click on next step and then you'll be ableto access this AWS account. If I create this roleright now with the policies that I will be attachingto your role. Right? So this ishow you use I am guys. Let us go back to our session. Okay. So these arethe three services guys. So you have I amyou have cloud trail and you have cloudwatch usingwhich you can control or you can actually see what is going onin your AWS account. So let's go ahead and start with today's sessionwith the first topic which is why do weneed access management? All right, so todiscuss this topic, let's understand it using anexample say you have a company in which you have a server and the server haseverything in it. It has all the modulesin it and it gives you the it gives different usersthe permission to use the different serversright now in your company. First of all, you should have an administratorwhich will have all All the rights to to accessthe server, right? So nobody in the today's it World workson the root account, right? So there has to bean administrator account. So first we will createan administrator account with all the permissionsnow tomorrow say a UI developer comes into your company right nowA UI developer will only work on the graphical tools, right? So he should only be allowedthe graphical tools and not some other tools. Maybe he shall not be giventhe internet access. Or something like that, right? Maybe he's not givingthe PowerPoint access. Maybe he's not given some folders access some drivesaccess anything like that. So all of that can be defined inthe server by the administrator and specific rights will be given to a UI developerright similarly if to if after thata business analyst comes in so he should only be ableto access the analytics module which is therein your soul, right? He should not be able to getinto the UI development. In part, or he's not be ableto see the other aspects of what is there in your server? Right? So each and everyuser each every rule will have specific rightsassigned to them. Right? And this is done by policies which are in turngiven by administrators. Right? So this iswhat access management is that giving each rolethe specific rights that they deserve and this is what we are going to accomplishtoday in AWS, right? So this this is Weneed access management. Let's go ahead and understand. How can we accomplishthis in AWS? Right? So as to accomplish this in AWS, you need a service called I amyou have a service called I am which uses this conceptof access management and allows you to give itto your users who are going to use your account. All right. So what is I am so I am is basicallya service from AWS using which you can givepermissions to different users who are usingthe same AWS account that you have created, right? So in a company likein any company be it, you don't have to havetwo or three AWS accounts. You can have one AWS account on which a numberof people can work. Right? For example, you can Define that maybe a developerwould like to Work on your AWS account and he should onlyhave the ec2 instances or you should only workon the ec2 instances you decide that right? So you can only Define youcan define a policy like that that only the devel the developers will only be ableto access the ec2 instances on AWS account. Similarly if saydatabase administrator comes in so you should be able only ableto access DB instances on your AWS account and so on right so allof that is possible using I am but what I am is not only about creating usersand creating policies. It's more there is more to I am right and hencewill be discussing the different components of I am now so let's go on and see what arethe different components. So there are basicallyfour different components in I in the I am service. So the first service isuser then we are groups then we have Rose and then youhave policies right? So the way we are going to goabout these are first I'm going to explain youeach role on each service in I am each component and I am and then we're goingto see how Can execute them or create themand the AWS console, right? So let's start with the users. So the very first time youactually create a AWS account that is basicallythe root account that you have created, right? So there is no user inside it. So why do we basicallyneed a user you need a user because you are supposed to givepermissions to someone right? So say I first of all wantto give administrator Rights to a user right? So you understand you haveto have an entity first to which you can assignpermissions, right? So these entities are calledusers on E. Wa so any person who wants to accessyour AWS account has to be added as a user in I am and then you can attachdifferent policies on to that user. Right? So this is whatuser is all about. Let me go to my AWS Managementconsole and show you how you can createa user in I am. All right, so giveme a All right guys, so this is my AWSsign sign in page. All right. So this email ID when you log inthrough your email ID and your password that is basicallyyour root account. So what I'm going to doright now is I'm gonna log in using my root account and first createa admin account for myself. Alright guys, so you shouldnever work in your root account. You should always havean administrator account through work in the root accountshould only Used when there is an emergencysay you have been locked out of our administrator account only then you should be usingyour route accounts. The first thingthat you should do when you enter the rootaccount is go to I am which is just right here goto I am and then you will have this dashboard thingright over here. You can see there isa thing called users. You will click on usersand you will click on add user. All right, so now it will askyou for the The username so you can provide a username say I'll add my name first so that be hemanth,right and what what kind of access do I want to giveto this particular user? So there are basicallytwo kinds of access that I can give first isthe AWS Management console axis, and then we havethe programmatic access, right? So what is these two so if you want to sothere are basically two ways you can accessthe AWS resources right? You can either access. Using apis that is using your code say youhave created an application which is interactingwith your AWS resources. Right? So in that case if you're interactingwith the apis using the API is that is calledthe programmatic access, right secondly is the AWS Managementconsole access that is when you are using the AWS website to actuallydeploy resources or create or create or remove policiesor whatever, right? So that That is calledthe AWS Management console axis. So for my user I'd be givingit both the accesses that is programmatic axisand the Management console axis. Also, there is when you enable the programmaticaccess programmatic access, basically you get the access keyand the secret key as well. What are these I will beexplaining you in a bit. All right, so we have selectedboth of these options and then move aheadto choose the password. So do you want an autogenerated password? A custom password. I'll choose a custompart for password since I'm creating accountfor myself, right? So I'll choose a custom password and do I want to resetthe password on the first login? No, I don't want that. So I'll clickon next permissions, right? So what kind of permissions do I want my account to have Iwill become drink configuring that over here. So as of now thereare no groups, there is no existing userthat I can copy from. So I'll attachexisting policies. And since I want to attachthe administrator access that is the firstpolicy over here. I'll select that and click on next right so youcan review all the settings that you did over hereand click on create user. This will create a new userin your AWS account. So as you can see, I have got my access key ID anda secret access key now guys, the secret access key. You only get to see one time only one timewhen Created your account. So it is essential that is tore your access keyand secret access key once you get this page. All right, letme store it quickly. So this is my access key IDwhy we are copying it. You'll get to knowduring the session. Don't worry andmy secret access key, which is this let me copy thisand paste it in the notepad. All right, so don't worry. You might be thinking that I've exposedmy secret key to you. So I will be deletingthis account afterwards so you don't haveto worry about that. All right, so I've gotmy access key ID and my secret access key. So that is done. Now. What I'll be doing isI'll be logging out from my from my root accountand logging in this user account that I just created. All right. So one more thing that youhave to be very careful of that you will not be logging inthrough the same login page that is just saw rightso you'll have to log Through a differentlogin page now and the URL for that is this right? So you will be logging inthrough this link as a from now on so whatwhenever you create a user if you want them to loginto your account, you have to give themthis link to log into right? So let us copy this linkover here and log out from a root account. All right. So I've logged out I'll closethis and I'll come here and go to this particular link. All right. So once you reachthis particular link, it will be asking you the account name which willbe self filled by your link. Right? So you have to giveyour username now, which is hemant and then the password so I'll type inthe password that I've given it. and click on sign- in So now I have basically signed in two monthsto mature to the user that I've just createdon my route account. Right? So I no longer haveto use my root account. I can basically lockaway my root account for emergency purposes. I'll be using my administratoraccount from now on I can do everything from administratorson that could be done from a root account as well. But there are cases where in you get locked outfrom your administrator account in that cases you will beNotable success rate so moving on guys, so I'll go to I am not so as you can see wehave created a user and we have loggedin to that user. And if I go to Iam now you can see that it will showthat one user has been created. That is here. All right, so let's getback to our slide and discuss the next component. All right, so we've discussed what our users let's moveon to the second component which are groups. All right. So whenever you createusers they can also be combined into groups. Now, why do we need groups? We need groups because saylet's take an example. So say you have five users and these five users haveto be given identical axis. Right say these five usersbelong to the development. And the developing team hasto have some common access that they all will have right. Now one way of doingthis would be that I would go to each and every userand attach a policy that they need rightthe smart way to do this would be to to includethem inside one group and to that group. I will once only once I will attach the policyand it will apply to all these five users, right? So these are why groups arevery important now how we can create groups. Let me shed a light on. On that so you will go to you can see you can clickon groups over here. And what you'll do isbasically is you'll click on create new group, right? So, let me givethe group name as live demo. All right, and Iclick on next step. Now lastly the policy that I want to attachto this particular group. All right, so say for example, I just want this groupto be able to access the S3 service from AWS. So what I'll do is Iwill select the policy which says Amazon S3 full accessand I'll click on next step. Now this policy basicallytells you that you can only use the S3 servicein the Management console and no other service. All right, so I'llclick on create. Whoop and now whateverwhichever user I will be putting in putting inside. This group willhave this property. All right, so I don't haveto configure the policy for any user now. So what I'll do isI'll create a new user now. So say I createa new user saying test. All right, and then I'm not giving himthe programmatic access. I'm just giving himthe Management console axis. All right, I'll clickon this and I'll give it a custom password. And then I don't wanthim to reset his password and click on next. Right, and now it is asking me whether I want to includeit inside a group. So yes, I do. I want to include itinside the group that I've just createdand I'll click on next and review allthe settings are adjusted and click on create user. All right. So the test accounthas just been created now as you can see guysin the case of my account, which I created. I got an access keyand a secret access key, right? So in this case, I'm not getting any because I didn't selectthe programmatic access only when you select the programmaticaccess it will give you the key so that your applicationcan actually interact with the servicesthat you have launched. All right, so I have have createda test user successfully. Let's log into this test user. so I will type in the URLthat has been given to me. Right now when Ireach this page, I'll enter the username as testand the password as what I have entered rightand I click on sign in. Now with this you can see that. I will now be able to seethe Management console the Management consolewill exactly look like how it was used to see how I used to see itin my root account or my administrator account. But when you will tryto access say a service, which you have notbeen assigned to say, for example, I only haveaccess to S right now because I've deployed it in the group where it hasonly the access to S3. If I try to go inside easyto let's see what'll happen. Right. So it says youare not authorized to describe running instances. As a matter of fact, I'm not authorized to seeanything on my ec2 page. Alright, so that is because I cannot I don't haveaccess to the ec2 dashboard. But let's seeif I can see the S3 dashboard. So I'll quickly go to S 3 andif I have the S3 axis, I will be able to see allthe buckets which are there in - 3 And yes, I do. So let me go inside a bucket and delete somethingso that all right. Let me delete an objectfrom this particular bucket. So yes, I can lead it. All right, so let me checkif what if what happens if I delete or II detachthis particular policy from that group? All right. Let's see what happens. So I will go to I amand I will go to groups. I'll go to this particulargroup and I can see that the policyis listed over here. What I do is I clickon detach policy and let's see what happens now, right? So I'll goto Management console. So on if now Itry to exercise 3. It will show methat access is denied. Right so I no longer have access to the S3 serviceon my AWS console. So this is how you can controlaccess to different users. You can revoke accessyou can include access right you can do allof that and I am right. So let us come back to our slideto discuss our next component or as we've discussed what our userswe have discussed. What a groups now let's comeback come down to rules. All right, so rulesare Similar to users but roles are actuallyassigned to Applications. All right, so users are actuallyassigned to people right? So whenever you havea developer in the company, you will have sine Mthe developer rules, right but when you have rules rules are basicallyassigned to Applications, how let me explain you sayyou create an ec2 instance and inside that needs, you know instance you're hostingyour web application. Now that web applicationhas been has been designed in such a way that it has to interactwith your S3 service. Is for examplethat will be doing to a will be I will be showing you thedemonstration today for this. Right. So say that application hasto interact with the S3 service. Now if I want to want that application to interactwith the S3 service, I have to give it permissionsand to give it permissions. I will use rule so I will create a rulewherein I will specify that this role canaccess the S3 service and I will attachthis particular role to that particulare0 instance in which my application is hosted and in Kiss my applicationwill be able to interact with the S3 service, right? It might sound complicated guys, but it is veryeasy to implement. Let me show you how so what I'll do now is I'll go backto my Management console which is here. All right, I'll goto the dashboard and say I will go to rolls now. All right, so I'll create a newrole now roles can be assigned to any either Lewis servicewhich is listed here. What I'll do is I'll assignit to I'll create a rule type of easy to write so I will select Amazon ec2. And what type of roledo I want to apply to I want to say havethe access to S3. Right? So I'll select Amazon S3full access over here and I'll click on next step. So, it'll ask me the role name. So let me specify the role name as Eddie Rekhaunderscore one right and I'll click on create role. So with this rolehas now been created but mind you guysare not attached this role to any easy to instance. Right? So what I'll do now is I'll goto my ec2 console so over there. I already have builtan issue instance. It is stopped. So I'll start it and attachthis particular policy to that ec2 instance. Alright, so my ec2 instance nameis hemant underscore one. So here it is. I go to actions I startthis particular instance. Right. And what I can do is Ican attach the policy using instance test settings. It says attach or replace. I am roll. I'll go here. I will go to the drop-downand select the role that I just created which isa lyric underscored one. I'll select that andI'll click on apply. Now with this what will happen ismy rule is now my sorry. My ec2 instance is nowconfigured to interact with the S3 servicein this particular account. Alright, so any application that I deploy in this ec2instance will be able to interact with the S3. Okay, so I don't haveto specify any access key any secret access key. If you're still confusedwith that be patient. We are getting onto where do weactually use these keys? And where do we not? All right. So this is whatyour roles are all about. Right so roles. Like I said, they are for resourcesin AWS users are for people roles and uses a similar things you attach polledpolicies on to them and they basicallyidentify Particular instance or a particular person as the owner of thatparticular service, right? So we've discussedwhat roles are let's move on and discuss policies. So if you think about it guys, we've actually beendealing with policies, right so policiesand nothing but permissions that you give to yourwith whatever role or user or groupthat you have created, right? So, for example, I want to givethe ec2 instance axis, right so that ec2 instanceaccess is basically a Policy that I will be attachingto the user or to the rules. All right. Let's see how wecan create policies guys. So I'll go tomy Management console. I'll go to I am Right. So the you can either createpolicies or you can actually use already existing ones. So there are a couple thereare a couple of policies that have already been createdin your AWS account, but you can go ahead and createyour own policy as well. Alright, so let me show you how. So say for my test account, what I'll do is I will goinside test account. All right, and Iwill add permissions. And I will attachexisting policies. Directly and here I am guys. So now you can youcan create policies as well. So you see the tabover here guys, it says create policy. So if you feel you'rethe kind of policy that you want to createis not listed over here in the default policies. You can actually create one and creating a policyis very easy guys. You just click on create policyand you will see this page. All right, so you'llhave three options. You can either copyand AWS managed policy. That is a default policy. Can create our own policyby just typing in the Json code and if you'renot comfortable with coding, what you can do is youcan use the policy generator. Now. What is policy generator? Let me explain you. So with policy generator, you just have to selectwhat effect do you want poor? Do you want it to allow itor do you want it to deny it? Right? So say I want to allowthe easy to service to this particular test account? All right, so I'll gotoo easy, too. Right, here. It is. I selected easy to what kind of actions can he perform sayI want to give him all the actions you can doanything with these two and the show's name isbasically a particular resource. So where they are and you canidentify a particular resource. So I don't want a particularresource to be assigned to him. I want PE can accessevery resource in easy to write so I just add starfor all of them right and click on Next Step. So with this you as you can see ithas Automatically created a policy document for you. All you have to do nowis click on create policy. And it will createthe policy for use as you can see there are18 customer managed policies that are now 19 so Ican go here and select. T' the policya policy over here. Alright, so if I goto my user now, which is test I'mgoing to permissions. I will just click on addin line police policy. Click on select again Guru ec2. select actions all actions rightand pull it to Star. So I click on ADD statementclick on next step and click on apply policy. So a policy has been appliedon the test user that it can actually accessthe ec2 instances now, so if I go to my test user now which in which I was not allowedto access the ec2 instances, I can actually useeasy to instances now, so if I go too easy, too You can see the Lord giveme the access denied thing, right so I can access allthe instances over here as if I was usingthe root account, but only forthe ec2 service right? If I go to S 3 youcan see I will still have the access denied page. Because I'm not beenassigned the access to this particular service. Alright, one more thing isif what if you add an allow and Adonai policytogether inside a group what will happen then? So in that case so since Ihave allowed easy to access what I'll do is I'll denyis you access as well in this particular user. So I'll click createone more policy and I'll say denyI'll select ec2. Right as like the actionsas all actions. I will give the resources allat the statement and click on Next Step apply the policy. So now I have deniedec2 instances as well and created and allowed ecdinstance ec2 instances as well. What do you thinkwill happen now? So if now I tryto go too easy, too. Let's see what will happen. So it will say you'renot authorized to use Easy to anymore because wheneveryou creating policy guys, you either get the along optionor the deny option. If you have selectedboth of them, it will always prefer the least permissionthat you have given. So in our casethat is the deny option, right so it will alwaysdeny the case. Even if you have allowedit in the same user, right if you have mentioned that that particularservice has to be denied to that particular user. Alright, so this wasabout policies guys. Let me come back to my slides. So we have discussedwhat our users what a groups for a roseand what apologies let's go ahead and discuss the veryimportant part of authentication which is calledthe multi-factor authentication. So what is multi-factorauthentication guys, so multi-factor authenticationis basically something like OTP that you get when you loginto your Gmail account, right? So you enter a Gmail Email IDyou enter your password and when you click on continue, it will ask youfor your OTP, right? So same as the casehere as well. You can configureyour AWS account in such a way that you will enter username. You'll enter your password. And when you click on login, it will ask alsoask you for a code that has to be given to it. Now that code is basically the multi-factor authenticationthing that we document so there are basicallytwo layers of security Now one layer is a passwordand second layer. MC code that will be enteringright now with AWS. There is an application calledthe Google Authenticator right which you can use to create a virtual multi-factorFactor authentication device. Now for those of you who already are usingmulti-factor authentication in your company's you so there'sa thing called gemalto, right? So people who work from home and they have to connectto the company's Network the way you connect itis using a gemalto token. And so those of you who are from the IT backgroundyou can relate to it. Right but if you want to go through tothrough a simpler way, you can actually create a virtual multi-factorauthentication device and to create thatin your AWS is pretty simple. You just have to downloadan application called the Google Authenticatoron your phone and you have to connect thatapplication to your AWS account. And that is it now. It might sound tough,but it's very simple. Let me show you how so you you will basically goto your AWS Management console and you will goto the particular user that you want that multi-factor authenticationto be assigned to. All right. So for example, I wanted to be assignedto the test user right. So what I'll do isI'll go to users. I'll go to test right andin the security credentials tab, I will have this pagewhich says assigned MFA device. So it says no as of now, so I'll assign ita device I click on edit and now it'll give me an optionbetween a virtual MFA device and a hardware MFA device. Now. I have to choose among the two. So since I said, you can create a virtualMFA device very simple easily. So I'll selectthe virtual MFA device. And now it's basicallyasking you to install the application on your phone. So we have already done that. Let's click on next step and now you'll be presentedwith this screen. So basically nowwhat you have to do is you would be logging in toyour Google Authenticator app, and you will be scanningthis barcode from your phone. So let me show you how let me connectmy phone to the computer so that you can see the screen. Give me a second. Alright, so this isthe screen to my phone guy. So what I have what I haveto do now is I have to go to the Google Authenticator app. I'll ask me tocreate an account. So I click on beginand once I have that basically now I'll have toscan the barcode from my mobile. So the way to do that is I'll clickon scan a barcode and then I'll scanthis barcode over here. Right, it might take some time. So be patient. Yeah, so it's done now,you're all set. Right. So you just click on done and now you haveto enter two codes that you are youwill be receiving on your on your Google Authenticator. So basically these codes changefrom every 30 seconds, right? So I have to endurethese codes over here. So it's 2 0 4 and then 3 5. Sorry 0 2 0 & 3 5 3 Zerotwo zero three five three, and I have to enterthe next code as well. So let's wait forthe next code and it's 1 2 7 8 9 1 so I'll enterthat over here as well. So it's 1 2 7 8 9 1and that is it guys. So now I'll clickon activate virtual MFA and it says the MFA devicewas successfully Associated. So I'll click on finish and that is it guysyou're done, right? so now if I log outfrom my test account that is From here, right? This is my test account. So if I log outfrom here right now. And try to loginagain using test. So I come to my normallogin page, right? So I'll enter my usernameand my password. Which is this and now I'll clickon sign in so now it will ask me for the MFA code. So let's see. What is our MFA code as of now. So it has changed toseven three four five five two. So let us enter that seventhree four five five two. And click on submit. So with this I willnow be able to log into my AWS consoleusing the test account which are configured usingthe administrator account in I am right so it'svery simple guys. It's you can actually geta world-class security with the click of a buttonusing I am alright, so we have seen how we can domulti-factor authentication. Let's move onto the Hands-On part now, so this is what Is youguys have been waiting for so just give me a second? So that I can configureeverything on my end. All right. So what we'll be doing now isI have created an application which can interactwith the S3 service. All right. So using that asthe service now. We will be. Uploading files to RS3 console and how will we are goingto do that first? We are going to do that usingLocal Host and that is where our secret keysand my accesskey comes in and then we will be we have assigned roleto are easy to instance. Right? So we'll be accessingthat website using easy to without the access keyand the secret access key and we can and we'll see dowe get the access to our SEC service or not? Alright, so let us do that. So now what I'll do is I will goto my local host application. So guys this isbasically my application. What I have to do is I'll choosea file upload a picture from any sample pictures and then it will upload itto a particular bucket that I've defined in S3 and that the bucket lookssomething like this. It show that buckets nameis quarantine demo. So let me show you the bucket. So as of now,I think there are some objects. So let's delete those objects. So here it is. This is thebucket quarantine demo. So I have like three objectsover here as it's now. So let's delete these objects. Alright, so now what I'll be doingis this is the code for my application guys. All right. So in this codeas you can see, I'm not specified the keyand the secret key as of now, so I'll get the key and the secret keyfrom here, right? So let me quickly. So let me show you withoutthe secret can access key. How is this localhostwebsite functioning? So if I try to upload a fileas it is now See, this is the filethat I want to upload I click on upload imageand I will get an error right because itis not authenticating itself to the servicethat I want to go to. So now I'll add the credentials that that is a keyand the secret key. Now the way to do that islike this so I'll copy it. And I'll paste it here. I'll delete this and this is well not requiredand now I'll paste my key and my secret key, which is this rightso I'll copy the key. Over here and thenmy secret key as well. over here and now I'll save it if I try to accessmy Local Host website now, I should be ableto upload a file right so if I try to upload the file now. It says well doneS3 upload complete. So these credentials that have just enteredour basically credentials for my him and account. So if you want to see where did I getthese credentials from again? You can basically goto users you can go to your user and you can goat security credentials and over here. It will last youthe access key ID lot list you the secret access key because it is only availableonce you can only use it once. Copy it once you willnot be able to see it again. And if I make this particularkey inactive from over here, and if I try toUpload anything again. I will again get an error because without the keysmy account will not be. I will not be authenticatedto the S3 Service as you can see it saysinvalid access key because it is not valid anymore. All right, so I can makeit active again, but that is not required as now. So what I do now is Ihave already configured this website on the ec2 console. All right, so let me goto my easy to Right, here. It is. So remember in this startingof the session we created a role for S3 full access, right? So that role has been attachedto my ec2 instance. So let me show you the website. Here it is. All right, so I can accessthe website on my ec2. Now if I choose a file as of nowand I try to upload the file. I'll be able to do so because my policyhas been attached now. Let's see what happensif I d-- attach the policy. All right, so I'll go to this and I'll selectno role click on apply. Yes detach. And now if I tryto upload a file again. As you can see I see a blankpage with basically means that an error has occurred. All right, so I amnot able to upload any file because my role has beendetached from my ec2 instance. So if I wantedto be working again, I'll just simply go here goto actions settings. Attach the rule. That is this click on applyand it will again work. Right, I'll choose a file seethis file upload the image and your work again workslike a charm, right? So that is it guys. You don't haveto configure much. You just have to havethe knowledge of I am and with that you can do complex procedureswith the click of a button and you don't haveto swear about it, right? You might want to you might be wondering did I changeanything in the code when I uploaded to easy to so you don't haveto do anything guys. You just have to deletethe Choose key and secret and you will upload the code as it is you don't haveto change anything it will if it doesn't havethe key mentioned in this particular function, it will basically get those keysfrom the metadata of easy to and metadata is the place where your role is actuallyassigned or your role is actually attached right? So if it doesn't findthe key in the code, it basically goes to the metadata and picksthe key from over there. All right. So guys that is it for the demo partin this session. We will be discussingabout Amazon redshift the most popularcloud-based data warehouse. So let me run youthrough today's agenda quickly. We will Begin by taking a lookat traditional data warehouse will be discussingits underlying architecture and the disadvantages of usingtraditional data warehouse, and then we'll move onto our today's topic which is I'm redshifthere will be discussing its architecture its keyConcepts its unique features and the advantagesof using Amazon redshift. And finally, we'll be doing a demoon Amazon redshift in this demo. We'll see how to importdata from Amazon S3 to Amazon redshift and perform querieson this data very easily. So I hope that wasclear to you guys. Let's get started. I'm sure you know, what a data warehouses youcan think of data warehouse as a repository. Story that data generated from your organization'soperational systems and many other external sourcesis collected transform and then store you can hostthis data warehouse on your organization'sMainframe server or on cloud, but these days companies are increasingly moving towardscloud-based data warehouses, instead of traditionalon-premise systems and to know why we need to understandthe underlying architecture and the disadvantages of usingtraditional data warehouses. So let's beginBy looking at architecture, but it is important tounderstand where the data comes from traditionally data sourcesare divided into two groups. First. We have internal datathat is the data which is being generated and Consolidated fromdifferent departments within your organization. And then we have external datathat is the data which is not getting generatedin your organization. In other words. That is the data which is comingfrom external sources. So this traditionaldata warehouse follows, It's a simple three-tierarchitecture to begin with we have bottom tierin bottom tier. We have awarehouse database server or you can saya relational database system in this jar using different kindof back in tools and utilities. We extract datafrom different sources and then cleanse the data and transform it before loadingit into Data Warehouse and then comes the middle tier and middle tier wehave olap server. Olap is an acronymfor online analytical processing this Oily performsmulti-dimensional analysis of business data and transforms the datainto a format such that we can perform complexcalculations for analysis and data modelingon this data very comfortably. Finally. We have top-tier. The stopped hereis like a friend and client layer this jarholds different kind of query and Reporting tools using which the client applicationscan perform data analysis query reporting and data mining. So to summarize what we have Vlad till nowtraditional data warehouse as a simple three tier architecturein the bottom curve. We have back in tools usingwhich we collect and cleanse the data and thenin mid 80 or we have tools which is olap server using which we transform the datainto the wavy Ward and then finally dropped yourin which using different query and Reporting tools. We can perform data analysis and data mining moving onto the disadvantages of traditional datawarehouse concept there. Is this leadingus Business Service Company. And this company is running a commercial Enterprise datawarehouse this data warehouse as data coming from different sourcesacross different regions. The first problemthat this company faced was when it was setting upa traditional data warehouse as we discussed earlier, the architecture oftraditional data warehouse is not very simple. It consists of datamodels extract transform and load processes, which we call ETL and youhave bi tools sitting on top. So this US based Denishad to spend lot of money and resources to set up a traditional datawarehouse data warehouse, which was initially5 terabytes is growing over 20% year-over-yearand it was expected that the might behigher growth and future. So to meet this continuouslyincreasing storage and compute needsthe company had to continuously keep upgradingthe hardware again this task of upgrading the hardwarecontinuously involves lot of money Manpowerand so many resources so, To scaling and traditionaldata warehouse is not an easy concept and since the companycould not meet all the storage and compute needs easily. It was facing a lotof performance issues as well. And finally the companyhad to deal with increasing cost initially that to spend a loton setting up data warehouse like that to spendon Hardware Manpower electricity security real estate and deployment costand many other and as their data warehouse grewthey had to spend again to meet Courage and compute needs so to sum it up settingup a data warehouse and deploying it and managing it laterinvolves lot of money and resources moreover auto-scaling in traditional datawarehouse is not an easy concept because of all these reasons many companiesare increasingly moving towards cloud-basedwarehouses instead of traditional on-premise systems. So guys in this session, we'll be dealing with oneof the most famous cloud-based data warehouseprovided by Amazon, which is arms, And redshift and simplewhat's Amazon redshift is a fast scalable data warehouse that makes it simpleand cost-effective for you to analyze all your dataacross your data warehouse and data leak guys. I have a definitionwhich is put up on the screen and I have few words, which I havehighlighted over there. So as we progressthrough the course of the session will knowwhat those words exactly mean. So let's ignore them for now, but there are certainkey Concepts which you should be aware of when you're dealingwith Amazon redshift. So we'll discuss them now. Now Amazon redshift data. Where is a collectionof compute resources, which we call notesand these notes when organized into a groupthey become clusters each of these clusters runan Amazon redshift engine and it contains oneor more databases. So this clusterhas a leader note and one or more compute nodes asfor the leader node, it receives queriesfrom Klein applications. And then it passes these queries and develops a suitablequery execution plan and then it coordinates the power. Execution of these plantswith one or more compute nodes watch the compute nodes finishexecuting this plan. Again, the leader node Aggregates the results from allthis intermediate compute nodes and then sends it backto client application. Then we have compute nodes youcan think of this compute nodes as a compute resources that execute the query plan which was developedby leader node, and when they areexecuting this plan, the transmitted data among themselves tosolve many queries. These compute nodes are further. Added into slices which we call note slices eachof this note slices receive part of memory and disk space. So the leader node distributesdata and part of user query that receives from Clanapplication to this note slides and all this note splices walkin parallel to perform operation and increase the performanceof your redshift data warehouse. So to say we have leader node, we have compute nodesand nodes slices. But how do they interactwith line application? That is the question here. So I This line applications basically bi tools or it can beany other analytical tools which communicate with Amazonredshift using drivers like jdbc and odbc jdbc ref is to Javadatabase connectivity driver. It is an API forprogramming language Java. Then we have odbc it refers to otherdatabase connectivity driver and it uses SQL to interactwith leader node. So basically usingthis drivers client application sends a query to leada new read a note on receiving the clientapplications queries. It passes these queries and develops asuitable execution plan. Once the plan is setup compute nodes and compute slices start working on this plantthe transmitted data among themselves tosolve this queries. So once the executionis done leader node again Aggregates the resultsfrom all this intermediate totes and sends it backto client application. So this is the simpleexplanation of Amazon redshift Concepts moving on when you launch a clusteryou need to specify the know. But basically we have two typesof nodes then storage notes. These are storage optimized and I used to handlehuge data workloads. And basically theyuse hard disk drive or HDD type of storage and then we have densecompute distance compute nodes are compute optimized and they are used to handle highperformance intensive workloads in the mainlyuse solid-state drive or SSD kind of storage, but there are three thingsthat you should keep in mind when choosing one among themfirstly you should be aware. If the amount of data that you want to importinto your Amazon redshift and then the complexityof the queries that you run on your database and the needof Downstream systems that depends on the resultsof these queries. So keeping this threethings in mind, you can chooseeither Den storage nodes or dense compute nodes. So guys thatwas the architecture and its key Concepts now, we'll take a lookat few reasons as to why Amazon redshift is very popular as we discussed earliersetting up a You smell data warehouse involveslot of money and resources, but it's very easyto setup the deploy and manage a suitable datawarehouse using Amazon redshift on Amazon redshift console. You will find createa cluster option. When you click on that option Amazon redshift ask youfor certain details, like the type of node. You want to choose the numberof nodes the VPC in which you want to create your datawarehouse user ID password and many other details. Once you feel that youhave given the right set of details you have an option which says launch the cluster and one click your datawarehouse is just created. So with one click you can easilycreate a data warehouse in Amazon redshift. Once your data warehouse is setup Amazon redshift automates most of the commonadministrative tasks like managing monitoring and scaling your database. So you don't haveto worry about managing or scaling your database needs. So that's how easyit is to develop or set up a data. Using Amazon redshift. We also learned that auto scaling is difficultin traditional data warehouse, but you can scale quicklyto meet your needs and Amazon redshift. Well, we already know thata cluster node as a leader note and one or more compute nodes. So if you want to orderscale an Amazon redshift, all you have to dois resize your cluster size as we know this compute nodesare like compute resources. So if you want to scale up, you can increase the numberof compute notes similarly if you want to scale. Held up you just haveto decrease the amount of compute nodes alternatively. We have somethingcalled single note and multiple new and single node cluster one node takes theresponsibilities of both leader and compute functionalities and the multi node clustercontains one lead in node and user specified numberof compute nodes. So suppose you wantto resize your cluster and you are usinga single mode cluster, then you can changefrom single node cluster to multi-node kirsta. Similarly. You can change from multiple node clusterto single node cluster. Of a need so that'show easy it is to scale up and down and Amazonredshift moving on. We learned earlier that while usingtraditional data warehouses. It's possible that the performance of yourdata warehouse might decrease but with Amazon redshift, you can get ten times betterperformance than any other traditional data warehouse. It uses a combinationof different strategies, like columnist storage and massively parallelprocessing strategies to deliver high throughputand response times. So let's discuss the strategiesone by one will first we have columnar data storageto understand what that is first. We should know row storage most of the traditional datawarehouse and database is used this row storage in row storage. All the data about the recordis stored in one row. Okay. So let's say I havethis database here. I have three columnsand two rows the First Column containsthe unique number associated with student the second columncontains the name of a student and the third columncontains the edge as we already know. Data is stored in formof blocks in databases or data warehouses. So as you can seein row storage the block one contains all information. There is about a particularstudent has SSN his name and then age. So basically it storesall the information that there is in a single Loop. So in the first block you haveinformation about first student and in the second block you haveinformation about second student and it goes on nowthe columnist storage again. I'm using thesame database again. I have three columnsand two rows. Rose but Colin storage storesdata by columns with data for each column store together. So again, we have blocks but the first blockhere has all the data that is there in First Column. So you have all assistantstored in first block and all named store in second block and allthe ages Stone in third block. So it goes on there are a lot of advantages of usingthis column storage firstly since and column storagea single block contains same type of data. You can achievebetter data compression. As you can see columnist storage can hold values3 times the records as robe a storage because of this the number of input/outputoperations decreases and thirdly by storingall the records for one field togethercolumnar database can query and perform analysis on similar type of data farquicker than row storage. So this is how the conceptof columnar storage which is used by Amazon redshift providesus a better performance. And then we havemassively parallel processing. I'm sure you might haveor of parallel processing and computer science. It's just that number of differentprocessors walk together or compute togetheror in Palin similarly massive parallel processing in Amazon redshift is nothing but cluster we have alreadydiscussed this earlier. We have a cluster and this clusterhas a leader node and one or more compute nodes and this compute nodes isfurther divided into something called note slices. So when this leader nodereceives a query it develops execution plan andthis compute nodes and computes. Isis walk together or in parallel to executethis plan and later. Thus leader nodesends the results back to client application. So basically this compute slices and compute nodes work in parallel to achievebetter performance moreover Amazon redshift is also ableto smartly recognize the data or notes before running a query which dramaticallyboost the performance. So that's how we can getour ten times better performance using Amazon redshift and then the costand traditional data. A bear houses peoplehad to spend a lot of money to set up and then later to maintainthe data warehouse. But Amazon redshift is the most cost-effectivecloud-based data warehouse. If you rememberin traditional data warehouse, they had to spendon Hardware real estate man, power electricity and deployment costand many others and as their data warehousegrew they had to spend again on meeting the storageand compute needs but an Amazon redshift. We don't have to payany upfront cost. So Amazon, Redshift ismost cost effective and it cost one tenthof traditional data warehouse. You can start small fishes pointtwo five dollars per hour without any commitments and youcan gradually scale up later. If you need in additionto all those advantages Amazon redshift allowsyou to query data from data leak data leakis a storage repository that holds a vast amountof raw data in its native format until it is needed. So in data Lake you have data in different formatsyou can Can load data from Amazon S3 intoyour Amazon redshift cluster for analysis very easily that is from data leakyou can store easily 20 or Amazon redshiftbut it needs more effort and cost the first because loading data intoAmazon redshift cluster involves extract transform and load which we simply calledETL process and this process is very time-consuming and compute intensiveand it's costly because uploading lotsof data cold data from Amazon S3 for analysis. Is growing your clusters, which is again costlyand requires a lot of resources. So as a solution, we have something calledAmazon redshift Spectrum, which acts as the interfacebetween your Amazon S3 or data Lakeand Amazon redshift. So you can directly querydata stored in Amazon S3 or data lake with this red shiftSpectrum without need for Unnecessary data movement. I hope that was clear andfinally with Amazon redshift. Your data is safeand secure it offers. Backup and recovery. So as soon as data is created or stored in Amazon redshifta copy of that data is made and through secure connectionsa snapshot of it a sin to Amazon S3 for later. So suppose you lose your data or if you have deleted the datafrom Amazon redshift by mistake, you can restore the data easily from Amazon S3 serviceAmazon redshift also provides you with an optionto encrypt your data. So when you enablethis encrypts option all the data in your clusterin your leader node, and Compute nodesand nodes slices is encrypted. And this way your datais very safe and secure. So Guys, these areall the advantages of using Amazon redshift. So now you have a basic ideaof its architecture. Its various key Concepts, like clusters nodesleader node note slices now, it's time to workon a demo in this demo. We'll see how to transport data from Amazon S3 to Amazonredshift data warehouse and perform simple queries. So I hope that wasclear to you guys. Let's get started the first First thingthere are certain software's which you need to pre-install so that you can start working onAmazon redshift first suppose. You want to perform querieson the data on Amazon redshift. Then you need a SQL work bench where you can performyour queries and as we learned earlierthe client application need a connectionto communicate with redshift. So we need to installa jdbc driver and for that jdbc driverto run we need to have a Java runtime environment. So we have three things toinstall your now I'll show you how to install it. And I have this Java runtimeenvironment download link by Soft tunic.com. So it says free downloadand you click on that. It will be downloaded. You can store it anywhereand once you're done with that search forAmazon redshift documentation. So here it is. Okay, not that not that just one and when you scroll downit says Amazon redshift get started click on thatand in the step one, we have prerequisite UPS. Okay, scroll down and Chase in the Step2 you have an option where you can download a goto SQL work bench website and download it. So click on that and here itsays build current version and you have download genericpackages for all systems. You can download it. Once you click on that it'll start downloadingand there is one more thing which is jdbc driver. Go back to documentation partscroll down in the step 4, you can see configurea jdbc connection click on that it will take youto a page where you have. I've jdbc driversof different version. You can downloadthe first one click on this and it will be downloaded. So once all these three thingsare downloaded stored them in a file of your choice. Well, I have storedthem on my desktop. I have this AWS folder and in that which ifftso here's my workbench. Zip file. It was a zip file. So extracted all the filesand then I have my jdbc driver your well Java runtimeenvironment as in download, so that's okay. So I hope that was easy to justinstall all these things and you are set to go And your backdoorAmazon Management console? I have previously usedthe Amazon redshift. So I have this Amazon redshiftin recently visited Services. Anyway, you can search forAmazon redshift here your it is whether it's takingtime to load. Okay. This is my Amazon redshiftconsole page and you have different kind of optionson your navigation pane on the left side and there are two ways to createa launcher cluster first. You have quicklaunch cluster option and launch cluster option. This is the very easy wayto launch a cluster but suppose you wantthe freedom to specify all the details as in the vp's. He's the security groupsdifferent type of notes username password and all that. You can go for launchclustered option. Let's go ahead an Explorer. So first it asks for a name. Let's say my clusterand database day T1. And the poor this is defaultPort 5 4 3 9 is a default Port which would be handledby Amazon redshift you then the master user name. Let's say AWS user and password. That's it and confirmyour password and click on continue option. So cluster details are done and dusted then youhave note configurations. Well for the free tire, you only have DC too largebut suppose you have a premium membership. Then you can choose anyof this for this DC to large. This is the CPU capacitymemory and storage and the input output performancehas moderate you can go ahead and choose the cluster type. We discussed this. We have multi nodeand single load and single node. We have both the leaderand the compute nodes. Note responsibilities handledby single note the multi node. We have a single leader nodeand use a specified number of compute notesclick on continue and then here it asks forthe VPC details parameter group in suppose you want encryptionor not and all the details. So basically in thislaunch cluster option, you have the freedomto specify all the details, but for this demo, I'm going to usequick launch cluster option. So again as for the free tire, I'm using DC too largeand again for the free tier. I'm using DC to large typeit says Our to compute nodes and let's retainthe same cluster name as for the masteruser AWS user now. Let me give the password. And the default Port is 5 4 3 9 and last option we haveto choose among the viable. I am users or IM roads, but the question is why we needour I am role here in this demo. I said that we're tryingto import data from Amazon S3, but you need certain setof permissions to access data, which is storedin Amazon S3 for that. We need to create a I am roll. So let's go backto I am service. Let me close all the steps. Okay, here youhave roles option. You can click on thatand click create true. And since we're dealingwith Amazon redshift select red shift, let's shift customizableand click on next permissions. So we want Amazon redshiftto access data from Amazon S3. So search for S3 ofand you have a permission which says Amazon S3 read-onlyaccess well for this demo, this is an if but thereis one more permission, which is Amazon S3 full access so you can perform read and write operations aswell as for this demo. I'm going tochoose this permission, which is Amazon S3 read-only access provides read-onlyaccess to all the buckets and Amazon S3 and click on nextto view give you a role in name. Let's say my redshift roleto and click on create rule. So now our Amazon redshiftdatabase as permission to access data from Amazon S3. Let's go backto redshift console. Okay, let me refresh thisand now it's showing the role which has been createdby showing your so as you can see unlikeother launch option in this I didn't have to specify By much details just the nodetype the number of notes and then the master user namecluster identifier and password and the default database port and you can clickon launch cluster option. So with one click youhave easily deployed a database on Amazon redshift. If you remember when we try to usethis launch cluster option we had option to selecta default database or use or create our own database, but when you use this quicklaunch cluster option a default database calleddeath will be created for us. So guys this clusterhas been created. So before we connectedto your SQL work bench. Let's try to explore here. You need to make sure that the database health status and in maintenance state iseverything is in green color as for the clustera cluster status. It should be available. And for the database Health, it should be healthyonly then you can make a perfect connectionwith your SQL work bench. So you have this iconhere click on that. Well, you get allthe information there is about your cluster or you can just go aheadand click on this cluster. So this is the end pointthis tells me all about how to make a connectionwith this cluster. I have this when I click on thatit says publicly accessible. Yes in the username as AWS userand the security groups. Apparently, it justshows the TCP rules which are set so that's about the end point then the cluster name you havecluster type node type and it shows the nodes andthe zone and the date and time when it was created and you have cluster versionas well on the right side. You have cluster status, which is why Syllabledatabase health healthy. So is it currentlyin maintenance mode? No, and then you haveparameter group apply status which is in sync with your database and thereare few other features as well. But here you can seethis VPC group click on that go for inboundand make sure it is set for TCP. Okay edit make this custom TCP Rule and hereare five four three nine. Custom that's itand click on Save option. So that's the default port with which you can accessthe redshift and it's go back. Clusters. Okay, where werewe we will change the default group of a PC. So this is the URL with which you can connectto the SQL work bench. So let's copy thisand paste it in our x file I pasted over there. Well, if youusing odbc connection and you can use this URL when you scroll down youhave capacity details of your entire cluster, it's DC too large. So seven easy to compute units total memory storageand platform, okay. Let's go back to the I am role but I should havean IM roll option here. Let me see check it out. Okay, there's an option. It's acim rules. You can copy this entire thingand paste it again the editor so that while connectingit will be easy for us to find it. Okay, then so now wehave cluster has created your database or datawarehouse is set up now. You can just connect itwith SQL work bench and start working on it. So let's go back to the folder where I storedmy Workbench here it is. When you scrolldown there's a file which says SQL work benchexecutable jar file. Open so here it is. It's asking fora default profile name. Let's say new profile one. Okay, then driver that was Amazon redshift driveronly jdbc driver. And this was the yarol. We copied it earlierin the editor. So I'm going to pasteit over here. Now. This is the URL control C and pests AWS userin the password. Okay, that should work make Sure that you selectthis order commit save it and then click on OK it saysconnecting new database now, it's successfully connectedso I can easily perform queries. Now first. Let's create some tables. Well, I'm using the sampledatabase from Amazon S3. So you have this AWSredshift documentation. Go back to that and hereit says get started and in the step 6 you havethis default SQL queries and tables provided. You can go ahead and usethat I have it stored in my data. So I'm going to copy first. I'm going to createall the tables. Control C and pasteit over there. Let's check what tables arethere first we have user table. Well, this is likean auction data schema. So you haveuser table many users. When you have category users the category differentcategories to which users belong to then you have a date date on whicha particular event occurred. Then you have eventable all the details regarding an eventlisting as in the items, which are being sold are listed here all the detailsabout the items. Then you have salesas in which user is Sighing how much which itemin on that details? So basically we havesix to seven tables. I'm going to select allthat and say run option. So here it saystable users created table when you created categorydate event listing and sales. So all the tablesare easily created now as for the next part, we need to copy the dataor the data for the database from Amazon S3to Amazon redshift. Let's go back to the editorand I have this copy command. I'll explain you the format. Control C. And let's paste it at herb. Okay, let's explorethis copy command. It says copy to the table users, which you just created fromthis path that is from the file, which is toward an S3 bucket. But this is the credential AWS. I am role which we copiedto the editor the earlier. Apparently, we justgiving a permission to access the data from S3. So we need to copythis I am rollio and then we have delimiter as then let me go backto a return show you an example. Amber Okay, let's sayI've added all the child's name. Archana space some h b. Hobbiesso you can see the straight line This is the delimiteras in the thing which are using two separate. All the fields are the columns. So going back. So that's delimiterwhich separates the data and this is region in whichyou are S3 bucket is located. So that's it. We have to replace diam roll. This is the AR and ifthe role I'm going to copy it and wherever this is youneed to just paste it ctrl-v. Can the dawn last oneso select everything and click on the execute button. It might take a while because the data setwhich was stored in Amazon S3 might containlarge number of rows. So it might take a while asfar as you can see it states executing statement here. It says one outof seven finished so we have six more to go. So this is good work benchhas successfully executed all the scriptwhich we have written here. Let's go and start performingsome simple queries. Let's say I want to extractthe metadata of user table. I have this query OK select starfrom page table definition. So since we are extractingmetadata from table name, let's say users and clickon execute option. So you have so many columns. You ought to tasteFirst Column user ID of type integerand coding Delta. Then you have user name firstname last name city state email. So basically that's the metadataor the structure of user table. So we have sales ID listID seller ID by your ID and many other details. Let's execute another command. Let's say I want to findtotal sales on a given date. Okay some the countyour have some function. Which will count the numberof sales from sales and date where the sales data is date ID and the date on which I wantto calculate a specified here and then click. Okay the summit at your number. Let's just walking on itthat is not working. I've selected the user table and I've asked themto display all the all that dairies in the user table. So this has the data sayselect star from users. So I want to extractthe names of people who are from let'ssay some states. Let's consider some State. Let's take an edgeso s Tage Like and hatch it should work nowit is executing statement. So these are the peoplewho are from State and Edge. So basically once you if the perfect connectionfrom your SQL work bench to your Amazon redshift, you can performwhatever queries you like. So let's go backto our Amazon redshift console. Well, So this is the cluster. I'm going to clickon this here you have queries when you click on thatall the queries, which you performedtill now will be shown. So this is the query so it says first namefrom users was from State NH. This was the querywhich we performed earlier. So you have all the data or all the informationregard the queries which are executed. Well, that's allabout Amazon redshift. So guys, this is how easy it is to createa data warehouse using Amazon redshift go ahead and explore different many otherfeatures of Amazon redshift. Well, I've just showeda part of them here. So go ahead and createa database perform various queries and have fun. So when you talkabout software development, you have to mention develops. Now. Let's try to understandwhy to do that. Let me give youthis basic definition first. So it is nothing but a setof practices intended to reduce the time between committingthe change to a system and the change being placedinto normal production while ensuring high quality. Yes, very text bookishand again for people who do not know what devops has thismight seem a little way. So let me just simplify thisdefinition for you people again. See an image here what you see isyou see a developer. You see an operatorand there is a deployment wall which none of these twois ready to take responsibility of they're pushing theresponsibility on someone else. So yes, this iswhat the scenario is when you talk aboutsoftware development again, let me give you a little moreidea about this particular term. So let's try to understandhow developers work and how operators work andwhen you talk about developers, their responsibility isto create code to update this code whenever required waitfor the next releases and if there are any changescommit those changes submit those changes and again move itto the production environment where the operators take careof it then wait for the feedback from The Operators if there is any and then again gothrough the changes if there are any likewise wait for newer software isnewer products to work on. So, yes, this is whattheir responsibility is create code create applications, right? So what happens here iswhen you do create a software, so there are constant releasesthat you need to focus on. We all know that every now and then you'd be gettinga Windows update or Our mobile phone updatesaying that okay, you have a new operating systemnew release new version updated. So this ishow the technology is working. Everything gets updated everynow and then so the reason this is happening is people want tostay competitive in the market. The software company is at leastand they want to ensure that the product hasthe latest features. So this puts burdenon the developers because they have to constantlyupdate the software now once they updatea particular software. It has to go and workin the production environment, but at times it does not workin the production environment because the developerenvironment And the production environment might bea little different. So something that worksin the developer environment might not workin the production environment. So again, some changesare thrown back by The Operators and developers again get stuck. So they have to wait till they get the responsefrom The Operators and if it takes a longerwhile their work is stuck. Now if you take a look at itfrom The Operators perspective the job is to ensure that whatever is workingin the developer environment. It has to work in the productionenvironment as well. They deal with the customersget their feedback and if there are any changeswhich need to be implemented. At times theimplemented themselves if there are any coreor important changes that are required those have tobe forwarded to the developers. So yes, what happensat time says what works as I've already mentioned worksin the developer environment does not workin the production environment and operators might feel that this was the responsibilityof the developer which they did not do andprobably they are facing problem because of it againthe customer inputs. If those are forwarded backto the developers team. The operator team has to depend on the developers to makethose changes, right? So as you can you seethese two teams are interdependent on each otherand at times they feel that somebody else's work. The developers work is pushedupon the administrators or the developers feel that the administrators teamswork is pushed up on their side. So there is this constant teslwith the company owners have to take care of theyhave to think as an okay if this goes onhow can I generate or produce new releasesnew software's every now and then this could bea problem, right? So this is what devops doesas the name suggests. It is deafplus Ops that meansit combines the operation. Team and the devops team when I say combinedthey bring in this approach where integrationand deployment and delivery. It happens continuouslyand the fact that these thingshappen continuously. We do not see the tusslebetween these two teams. So yes as you move furtherdevelops helps you unite these two teams and theycan work happily together. So this is what happens in devops you code your planyou release this deployment. There's operations. There's monitoring this testingeverything happens in a Pipeline and these are someof the popular devops tools that let you take careof all these things. But now again this is the warps in general you have getyou have puppet you have Chef you have ansible saltstack that help you automatethis process of integration and deployment of your software, but the fact that everything is movingto Cloud these days we are thinking about how can wedo all these things from cloud. Do I need to movein these many tools if you want definitely youcan move all these tools but a platform. Ew s which is a popularcloud service provider what they have doneis that ensured that all the requirementsof develops can be taken care on the platform itself and youhave various services that are made available to you that help you in this processnow say for example, you have easyto write instances. Now you can launch servers at your will you can launchinstances at your will so if your concernis scaling up and down, aw takes care of it youhave various Services, which help youmonitor your process. So monitoring is somethingthat is taken care of. There's auto-scalingtheir various other services which this cloudfront which actually lets you createcontent delivery networks. I mean, you canhave temporary caches where you can store your dataand stuff like that. So there arevarious AWS services that actually helpyou carry out the divorce or the CI CD processwith a lot more ease and that is why it develops an AWS. They form a very goodcombination or a combo, hence. We are talkingabout this term today. That is AWS develops. Not that we have some ideaabout what AWS is what devops is let's try to understand how continuous integrationdelivery and deployment work with AWS and how they incorporatethe devops approach to do that. Lets try to understandcontinuous integration and delivery first. So let's take a lookat this diagram to understand this process. So these are the four steps that are there youhave split the entire chunk of code into segments. So guys think of it as more of your mapreduce kindof an action. I mean, I mean what happens is in your continuousintegration and delivery. We are trying to bridge the gapbetween the developer team and the operations team, right? So we try and automate this processof integration and delivery. So the fact that continuously you havevarious software updates, which I just mentioned right? So what if I have like50 or maybe a hundred developers who are working parallely now, there are certain resources that need to beused by everyone. Right? So what problem itcreates is suppose if I'm workingon a particular code. I work on that piece of code. And if somebody else is workingon that piece of code and we have this Central system where the dataneeds to be stored. So I'm workingon this piece of code. I make a particular changeand I store it there now someone else is workingon this piece of code and that someonemakes a change and he or she stores it there, right? So tomorrow if I come backprobably I need a fresh copy of this piece of code. What if I just start workingon the piece of code that I'm working and thenI submit that code there so there would be an ambiguityright whose coat to be accepted who's codes copy should be made so we need this Central systemto be so smart that each time. I submit a quote it updates. It runs tests on it and see is whether it's the mostrelevant piece and if someone else submits that deputies of code then testsare run on that piece of code. This system shouldbe able to ensure that each of us next time when we go and pickthe piece of code. We get the latest piece of code and we get the most updatedone are the best piece of code. So this process of meetingthe code putting in that piece of code and automatingthis whole process so that as it moves further, it also gets deliveredand deployed to the production in the similar mannerwith the tests that need to be conducted iscalled as continuous integration and delivery now integration as I've mentioned herethe continuous updates in the source code or the code that I'm building the codeis built compiled and when I talk about delivery anddeployment the pieces of code once they're ready to moveto the production environment, those are continuouslyhe deployed to the End customer now deployment seemsa very easy process, right? I mean picking up the codeand giving to the End customer. No, it's not that easydeployment actually involves taking care of all the servers and stuff like thatand spawning up. These servers isa difficult task. So automating this processbecomes very important. And if you do it manuallyyou're going to suffer a lot. So yes, this iswhere continuous integration and delivery comesinto picture code. It is continuously generated. It is compiled it is builtand compiled again then tested. And then delivered and made sure that it gets deployedto the End customer the way it was supposedto be so you can see that there are certain steps areit says split the entire chunk into codes or into segmentskeep small segments, of course into manageable form basically integrate thesesegments multiple times a day, which I mentioned that there should bea central system and then adopt a continuousintegration methodology to coordinate with your team. So this is what happens. I mean you havea source code repository where the developerswork they continuously. Submit their piecesof code now repository think of it as a central place where the changesare constantly committed. Then you have a build server where everything gets compiledreviewed tested integrated and then packaged as well. Finally certain tests final tests are run to gothrough the final integrity's and then it goesto the production environment where this processthe building the staging and the committing process it gets kind of automatedto reduce your efforts. So guys when you talkabout a double Dress in particular you have somethingcalled as AWS code pipeline, which lets yousimplify this process. It lets you create a channel or a pipeline in whichall these processes can be automated. So let's take a look atthose processes as well first. Let's get throughthe definition part. Let's see what it has to say. I wouldn't be blanklyreading this thing and then promptly we'd be having the explanationpart that follows. So as the definition saysit is a code pipeline which Is nothingbut a continuous delivery service we talked aboutcontinuous delivery already and you can use the serviceto model visualize and automate certain steps required to releaseyour software something that we've already discussed in continuousintegration and delivery. So this is basicallya continuous delivery service which lets you automateall these processes. So as I mentionedautomating these processes becomes very important. So once you do use the service, these are someof the features it provides you it lets you monitoryour processes in real-time with Comes very important because we are talkingabout deploying software's at a greater pace. So if this can happenin real time, I mean if thereis any change and if it is committed rightaway probably just saving a lot of time right you ensureconsistent release process. Yes as I've told you deployingservers is a difficult task and time-consuming task. If this can be automated a lot of effort is savedspeed of delivery while improving quality. Yes, we've talkedabout this as well and will pipeline historydetails monitoring becomes. Very important guys. So what court pipeline does isactually lets you take a look at all the processesthat are happening. I mean if yourapplication is built, it goes to the source, then it movesto the deployment. All these processescan be tracked in the pipeline. You get constantupdates as a new cat. This happened at this stage. If anything failedyou can detect as know K. This is the stage where it is feeling maybestage number 3 stage number four and accordinglyyou can edit the stuff that has happened at that stageonly so weaving the pipeline. Details actually helps a lot and this is where codeby plane comes into picture. So this is what the architectureof Code by plane looks like. It's fairly simple guys. So some of this might seem alittle repetitive to you people because the conceptsare similar the concepts which we discussedthose can be implemented by using Code pipeline. So ESF talkedabout these things, but let's try to understand how the architecture works and we will be usingsome other terms and discuss some termsin the future slides as well, which we've alreadytalked about but each of these Isis they dothis task a little differently or help you automate theseprocesses hence the discussion. So, let's see how much level can we keepit unique and let's go ahead with this discussion as well. So, let's seehow the code pipeline Works. Basically there are developers as I've already mentioned thesedevelopers would be working on various pieces of codes. So you have continuouschanges and fixes that need to be uploaded. So you have various Services. One of them is code commitwhich lets you have a initial Sourcemanagement system kind of a Which lets you basically takecare of repositories and stuff like that. So it lets you directly connect with get I wouldbe talking about get what get is but for peoplewho know what get is if you have to manageyour git repositories, you have a service calledas code commit. So this is what happens if there are any changes those go to the source developerscan commit those changes there and then it goesinto the build stage. This is where allthe development happens. Your source code is compiled and it is tested then it goesto the twist aging phase. Where it is deployed and tested now when I say testedthese are some final tests that have to be implemented before the code gets deployed. Then it has to be approved. Manually. It has to be checked manuallywhether everything is in place. And finally the code is deployedto the public servers where customers can use it againif they have any changes as I've mentioned thosecan be readily taken from them and it goes back againto the developers and the cycle continues so that there iscontinuous deployment of code. This is another look at it. It is very Simple but this is morefrom AWS perspective. So if there are any changes that developers commit those goto the source now, your data is storedin a container called as S3 that is simple storage servicein the form of objects. So if there is anything that has to happenthe data is either fetched from the storage container, which is S3 and the changesare built and then again a copy of it is maintainedin the form of zip as you can see here. There are continuous changes that are happeningand those get stored. In the S3 bucket nowS3 should preferably be on the region or in the placewhere you are pipeline. Is that helps you carry out the process of continuousintegration and delivery with he's in case if you are concernedwith multiple reasons, you need to havea bucket at each reason to simplify these processes. So again here to the codegets to the source. It is probably submittedto the build stage where the changes happena copy is maintained at S3. And then it goes to the stagingagain a copy is maintained and then it gets deployed. So this is how the Quarter pipe line worksand to actually go ahead and Implement all the actionsof quarter pipe line. You have a serviceor the services that is your code deploy builtand code commit in AWS. So these Services actuallyhelp you carry out some or most of these processesthat are there. Let's take a lookat those services and understand what do they do? So first and foremost you haveyour code deploy code built and code commit. So this is not the order in which you dealwith these things. Now these things actuallyhelp you in Automating your continuous delivery and deployment process they havetheir individual commitments. Let's talk about themone by one first. Let's talk about code commitwhich is last in the slide. So basically I talkedabout moving a piece of code to a central place where you can continuouslycommit your code and get the Fresh store the best copy. That is their rightso code commit what it does isit helps you manage? Your repository isin a much better way. I mean think of it asa central repository. So it also lets you connect with get Which itself isa central storage or a place where you can commityour code you can push and pull that pieceof code from their work on it make own copyof it submitted back to the main server or your main orCentral operating place where your code getsdistributed to everyone. So that is getand what core come it does is it lets you integratewith get in a much better way so you do not haveto worry about working on two different things. It helps younot Ematic authorization pulling in the repositories that are therein your gate account and a number of other things. He's so yeah, that is what code commit as then you have somethingcalled as code built as the name suggests. It helps you automate theprocess of building your code where your codegets compiled tested certain tests are performed. And again, making sure that artifacts of the copiesof your code are maintained in your S3 and stuff like that. So that is what code billed asand then you have code deploy as I've already mentioneddeployment is not an easy task. I mean if we are stuckin a situation where we are supposedto manage the repositories we're supposed to On quitea few things in that case if we are forced to kinda takea look at the servers as well for new instances painnew piece of servers that could be a tedious task. So code deployhelps you automate these processes as well. So this was some basicintroduction to these things. Let's just move furtherand take a look at the demo so that we can talk about someof these terms and the terms that we've discussed previouslyin a little more detail. Now in one ofmy previous sessions. I did give you a demoon continuous integration and delivery I believe If they were certain terms that people felt were taken careof in a speedy way hope that I've explainedmost of the terms with more finesse this timeand in more detail as we go through the demo to I will try and be as low aspossible so that you understand what is happening here. So let's just jumpinto the demo part guys. So guys, what I've doneis I've gone ahead and I've switchedinto my AWS console for people who are new to AWS again. You can have a freetier account with AWS. It's very easy. You have to go and signinput A credit card or debit card detailsa free verification would happen and probably you would be givenaccess to these Services most of these servicesare made available to you for free for one complete year and there is certain limitationon these services. So you have to followthose limitations if you cross those limitations, maybe you'd be chargedbut that happens rarely. I mean if you wantto get started definitely this one yearfree subscription is more than enough to get Hands-Onon most of the services. So I would suggest that you createthis free tier account. If you've taken a lookat my previous videos, you know that how to createa free to your account. If not, it's fairly simple. Just go to your browser and type AWS free tierand probably you would be guided as in what detailshave to be entered. It's not a complex process. It is fairly simpleand it happens very easily. So we just have to goahead and do that. Once you do that again, you'd be having accessto this console guys. So once you have an accessto this console, you have all the servicesthat you can use. So in today's session we wouldbe working on a similar demo that we worked in our oneof the previous sessions here. We would becreating an application. In a pass application platformas a service application and we would be deployingthat application using our core pipeline. So there would be talkingabout other terms as well. Like code commit codedifferent code built. So do not worry we wouldbe discussing those as well. So this is what the demo isfor today's session. So guys, let's start by creatinga pass application to do that. We would be usingelastic Beanstalk, which lets you have a readyto use template and using which you can createa simple application at this being a demo guys. We would be creating a verysimple and a basic application. So just Come hereand type elastic Beanstalk. So when I cometo this page guys, if you've createdan application, it would show youthose applications, but the fact that if you're using itfor the first time, this is the consolethat you'd be getting that is why I have createdthis demo account. So that probably we get to see how you can startfrom the scratch. So if you click on get started as creating an applicationhere is very easy, like extremely easy you haveto enter in certain details only it takes a while to createan application under Stan double I would tell you why it takesthe time but once it happens, it happens very quickly. So all you have to do isgive your application name. Let's call itsay deployment tap. I'm very badat naming conventions. Let's assume that this is good. You can choose a platform guys. You can choosewhatever platform you want. Say PHP is what I'm choosing right now as Itold you it's a pass service past that is platformas a service means that you have alreadyto use platform guys. That is why you can just chooseyour platform and your elastic. In stock would ensure that it takes care of allthe background activities. You do not have to setup your infrastructure. It takes care of it. So once I select the platform Ican use the sample application or use the codeif I have in this case, I would be using a sample code that AWS has to offerand I say create. There you go guys. This thing iscreating my application. So whatever is happening here, it shows that these arethe processes now, it is creating a bucketto store all the data and stuff like that. So it would take careof all these things guys. It might take a coupleof minutes of meanwhile. Let's just go aheadand do something else. Let me just open it uploose console again. Somewhere else. I hope it does not askme to sign in again. I've already signed in. So meanwhile thatapplication gets created. Let me just go aheadand create a pipeline guys. So code pipeline againas fairly simple guys. What happens here is very easy. I just go ahead and put incertain details here as well in my pipeline would be created. So do you want to usethe new environment or wanna stick to the old one? You can click on Old right and you can go back and createit the way it was done or you can usethe previous environment. I'm going to stick. And I was verycomfortable with that. So let's just stick with it. If you want you can usethe new interface. There's not a lot of difference certain littleare minor differences. So you can just comehere and add in the name of the pipeline that you wantto creates a demo pipeline. I see next Source provider guys. I would be using GitHub here because I want to basicallypick up a repository from GitHub that helps me in deployment. So I need to connecttogether for that. It would ask me to authorizeif you have an account. You can always do that so that it can basicallyringing all the repositories that you have. So just say authorized if not, you'll have to sign in onceso my account has been added here guys repository. I need to pick a repository. This is the repositorythat I would be picking. Do not worry. I would be sharingthis piece of cord or is what you can do is you can justgo to GitHub and type AWS - Cole pipeline -S3 - code deploy - Linux now it is a repositorygiven to you by AWS if you take a look at it, and if you type it just the wayit is named here from AWS. You should getthat repository in GitHub. You just have to goahead and Fork it into your GitHub account and probably you would be able to importthat repository directly. You can see that repositoryhas been fought. Here into my GitHub account. You just type the name hearthis name search it and probably there would bean option your fork. I fucked it. So it does not activatethis option for me in your case. It would be activated. You have to just click on itand the repository would be forkedinto your account. So I am getting or importinga fork from my GitHub. I was authorized my accountand then I can just go ahead and do the stuffBranch Master Branch. Yes, and just do the next stepbuild provider no build here. I don't have Teenager to buildso I don't need to go ahead and provide a bill provider. You can use codebuild right guys, if you want to move or basically deployyour code to ec2 instances. You can use code build. If you want in this case. I have an application in which I have an ec2 instanceand stuff like that. So I don't need to go aheadand do any building stuff. Hence no build for me. So I say next deploymentprovider in this case. My deployment providerwould be my EBS so we have that option. Yes. Yes select EBSelastic Beanstalk. Naughty BST b standsfor elastic block storage. That is a different thing guys. Elastic Beanstalk. Make sure you dothat application name deployment a pause the name, right? Yep, and the environment. This is the environment. It creates the environmenton its own. I believe that ithas created the environment. It says it is starting. I hope the environmenthas been created. So guys, let's just see whether our applicationis up and running so that probably Ican pass in the details. Yes, the applicationhas Been created guys. So let's just go backand select this say next now create an IM role is alreadysaying so let's say sample. Okay guys, so what happens normally is and Iam user gets created each time. You create a role. So in this case it is asking meto create one taxes create a new item role database code pipelinenice shell of successful. So role has been Increated next step now. It gives me the details guys. Basically it would tellme what are the stuff that I've done. So everything is here. I don't think I needto cross check it. You might just crosscheck the stuff that has happened andsay create a pipeline. So guys, the pipelinehas been created here as you can see. These are the stagesthat have happened. If you want you can just goahead and say release a change now these thingsare happening guys, and let's hope the deploymentalso happens successfully. We've just created an eye. User let's seewhether it falls in place. Everything is in place. As far as the source partis concerned it has succeeded and now the deploymentis in progress. So it might take a while. Meanwhile just go back and takea look at this application. So if I open this applicationguys It would give me an overview of what has happenedwith this application guys, as you can see, these were the stepsthat were implemented. Now the applicationis available for deployment. It successfully launchedthe deployment environment. It started with everything that it was supposedto do like create or launch an ec2 instanceand stuff like that. So everything is mentioned here what happened at what time sothis is a passive is guys and it works in the background. I mean if you actually go ahead and launch an instanceon your own configure, I am users canAs you go to groups, it takes a longer while but what the service doesis it automate that process. It understands that you needan ec2 instance. It launches that instance. It assigns security groups. We PCS and stuff like that. All you have to do is runyour application on top of it as simple as that. So it has taken care of everything and runa PHP application for me. So yes, this iswhat has happened here. If I just go back here. Meanwhile, let's see whether our codehas successfully run you can see what has happened here. I am released the change as well and you can movethe pipeline history. If you want you can clickon this icon and all the details would be given to youwhat happened in what stage. So these are the things that have happenedtill time now guys, let's just go backand take a look at something that we could so I'm goingto come here and say service easy to because my applaunched an ec2 instance. So there should bean instance created by elastic BeanstalkC1 instances running. It has a keep your attachedto it as well. So He's any details guys. I have a public IPassociated with it. If I copy it. There you go copy this IP and I say run this IP you havesuccessfully created a pipeline that retrieved thissource application from an Amazon S3 bucket and deployed itto three instances. It did not deploy to three instancesusing Code deploy. It deployed itto only one instance. You see this message that it deployed itto three instances is because the code orthe repository that I used it. Supposed to deploytwo different instances if there are multipleinstances and hence. This message would have mademore sense than but the fact that we've deployed itto only one ec2 instance. It should actuallydisplay that message. So the message that you're supposed to giveyou can actually come back here and make change to the pieceof code that you worked on. If you go to the readme MD file, I think this iswhere the piece of code is. There you go not here. Where is that filethat needs to be edited? Let me just take a look at. Some other files as well. Yeah. This is the file. Sorry. So if you go to the index dotfile here is the message guys, so you can probably makea change to this message instead of seeing three you can sayone here edit this piece of code and then you submitthe code again. So when you do launch or type in this IP address probablythat change would be reflected. So guys, what we've doneis we've actually gone ahead and createda pipeline successfully and in that process we'veactually gone ahead and move. Move or deployedour application from here. So guys in case if I do go aheadand commit changes to the code that I just talked about those would get reflectedright away in my history when I talk about this pipeline. So it does give you a continuousintegration and deployment. So, I hope that this session madesense to you people and we've talked artistupon most of the stuff that I wanted to talk about. And as far as thesession goes guys, I would be resting it here. So let's startwith the first question. Now I first question saysI have some private servers on my premises. Also. I have distributedsome of my workload on the public Cloud. What is thisarchitecture called? So basically our workloadhas been divided between the public cloudand the private Cloud now, they're asking me what isthis architecture called? It's a prettybasic question guys, but if you look at the optionsare quite confusing, the first option isa virtual private Network then We have private Cloud, which is obviously not there. Then we have a virtual privateCloud could be the option and then we have hybrid Cloud. All right guys. So what do you think? What do you think isthe right answer for this? Come on guys, let's be more interactivein this session because if it'sa two-way thing then it's going to be interestingfor you and for me as well. So let's make itas interactive as possible and let's get the mostout of this session today. Alright, so a she says it's either virtual private cloudor hybrid cloud. So as usual, it's actually only oneout of all the for so give one answer. Okay, I can see some of you are saying the rightanswer some are confused. It's okay. I shall clear your doubts. Alright guys, so the answeris hybrid Cloud now, why hybrid Cloud because okay. So let's actually discussthe first three options which are actuallynot the right answer. So it is not a virtual private Network becausea virtual private Network. Is something that you useto connect your private cloud and your public, right? So to connect betweenyour private cloud and the public Cloudyou actually have to make a connection and that connection is doneusing a virtual private Network. Alright, then wehave private clouds or private cloud is something where in you haveyour own servers on your own premise, right, but in our case we havepublic Cloud involved. So it is obviously not privateCloud virtual private cloud is not the As well because a virtual privatecloud is basically a logical isolation kind of thing wherein youisolate your instances from the rest of the instanceson your AWS infrastructure. And this logicalisolation cloud is called a virtual private cloudand then you have hybrid Cloud which I think fits aptlyby its name as well. We're in it's a mixtureof your public cloud and your privateCloud infrastructure, right? So, let's see the answer. So the answer is hybrid cloudand the nation is like this because we are usingboth the public cloud and you're on from Isis servers, which is a privateCloud be called and hybrid architecture, right and it says herethat if you want to be better if your private andpublic Cloud were all on the same network, right? So basically when youconnect your public cloud and private Cloud togetherusing virtual private Network, you basically are accessingone network and you feel that all your resources. Is it says deadon the public cloud and the private Cloudare actually there in one network, right? So it seems It'sa virtual private and virtually you feel that you areon the same network, but it's they are actuallytwo different resources or two different locations from where you areaccessing your resources. Alright guys, so guys any questions regardingto the first question that we have discussed anythingthat you're not clear whether it wasa very basic question, but then we are gettinga very lot of Concepts. Here, we have a virtual privateNetwork concept then we have the virtual privateCloud concept, right so it can be confusing and this is how they askedto you in interviews as well. Right? So you have to bevery clear in your answer. You have to be very clearin your thoughts that what shall bethe right answer. All right, so I can see that people are givingme a go there all clear. Okay guys, so let's move onto the next question then so our next question starts withour Section 1 which is easy. Questions, so it's from here. We'll be talking all about AWS. So let's startwith the question first. So we have a videotranscoding application and the videos are processedaccording to work you with the processing of a videois interrupt in one instance. It is resumedin another instance. Okay, good enough. Then currently there isa huge backlog of videos which needs to be processed. But this you needto add more instances, but you need these as mrs. Only until their backlogis Oost right. So once your backlogis reduced you don't need those many servers. So which pricing optionshould be the efficient should be the mostcost efficient for this? Okay guys, so first of all, when you havequestion like this, a lot of things are addedinto it to make it confusing. So first of all, the things is the firstline reads that it's a video transcoding application. So it is not relevantto your question, right? It is not relevant towhat is being asked so you Discard that out and then it says the videos are processedaccording to work you again, it's their confuse. You don't the first thingthat you should look out into a question, which are trying to menare trying to figure out an answer is the important part. What is important in the question youshould be able to unfair that so according to me. The thing that is important is that there is a hugebacklog of a video. So there is a lotof pending work and this pending work hasto be reduced right and one. Is it is reduced we will not be needingthose many servers. So basically we are increasingour number of servers to actually reduce the numberof backlogs that we have. And once we have reduced that we have an applicationwherein we don't need those too many servers anymore so we should get rid of them. Right? So now it is askingme which pricing option should be efficientfor this seller. Now, you have three kindof pricing options you have on demand pricing thenyou have spot pricing. And then you havereserved place, right? So you spot pricingis basically used when you want serversat the minimum cost. So basically what happens is why spot pricing hasan introduced is because of this that new AWS has centers, right? It has service zones where it has a lotof servers now not all the time that the serversare actually being used. Some of the timesare idle, right. So in times like this when the serversare ideal, what eight? SS does is it givesyou a discount that since no server is being used. I shall give you a discount. If you want to usemy servers now in this case you use pot pricing. So if you are goingfor spot pricing you see these reduced rates from AWSwhenever their servers are idle and you should bid rate, right? So say example serversare being offered at some particular price. And you say Okay. I want these many servers,but I can only afford $10. So as long as the serverAnd be allotted to me for $10. I shall use them. Right so you setyour price a $10 and then you use the service but the momentthe demand increases in that particular serverlocation the prices go up again. All right, and if the price crosses $10your server shall be shut down, right you will not be ableto access that server anymore. Right? So this is what spot pricing isyou basically bid for the minimum priceand whenever the price. Co- op your server is takenfrom you right then second type of pricingis called reserved pricing. When you reserve your serversfor a particular amount of time say a one-year termor a three-year term, right? So it the applicationfor this could be when say I have a company right? And my company has a website. So my website is hosted on AWS. Now, my websiteis going to be there till my company is there right? So it makes sense for me to actuallyreserved the instances for like maximum Dome. Possible because I haveno plan to sell my company and hence take downmy website right now. The reason people offerreserved instances is because as comparedto the on demand pricing the reserve pricing isactually pretty cheap, right? So if you reserve your instancesfor a longer term, you get discountsfrom AWS, right and then we haveon demand pricing where and we can getas many servers as you want at the time what we want asper your requirement at whatever time you Choir and the pricing for themare standard right? I'll not say they are highbut they are standard but they are morethan reserved pricing and your spot pricing. Now. Our question says that we have to reducethe backlog and once a backlog has been reduced. We'd have to get ridof the service. So obviously will not beusing reserved instances because we cannot save and our backlogwill be ending right? We cannot be using spot prices because we want that backlog tobe reduced as soon as possible. So what we'll dois we'll be using on-demand instances or ondemand pricing and using that we will reduce the workload or will reduce the backlogof the videos. And once it's been reduced wewill reduce the server size for our instance. Right? So the answer for thisshould be on-demand instances and if you read the explanation, you should be using an on-demandinstance for the same because the workloadhas to be processed now meaning it is urgent. Secondly you don't need them. Once you havea backlog is cleared. Therefore is evidence isout of the Picture and since the work is urgent. You cannot stop the workon engines just because the spot price by right. So therefore spot pricein can also not be used and hence will be usingon demand has. All right guys, so any doubt in this questionanything that you're not clear with by are we usingon demand pricing?
Yes Cloud does supportapplications in such a way that you would spend very less amount but it involvesa lot of planning guys. So each time you usea particular service. It is veryimportant to understand. How does thatparticular service work? And if you actually planin the services in that manner you would actually endup saving a lot of money. So let us try and understand how the pricing models workwhen you talk about it. See two in particular. So Guys. These are someof the pricing models that easy to hasto offer to you. You have your on demanddedicated on the spot and reserved instances. Now, let me try and simplifywhat these instances are. And what do I mean by these now when you say an on-demandinstance as the name suggests, it is an instancethat you demand and you get it. Now these instancesare made available to you for a limited time framesay for example, I need a particular instancefor an hourly basis. So I would be wantingto use that instance for only that Eurasian. So to use that instancefor that particular duration. What I do is I actually go aheadand demand this instance. So a tub - would give me that instancebut it would work for an are only so my prices for that instancewould be fixed on that manner.
I mean the fact that I would be usingit for one instance or for an one are basically so I would be charged onlyfor that one hour. And once that are is complete that instanceit gets Terminated on its own it's similar to renting a flatfor one month suppose if I move to a new city and I'm lookingsomething temporary say, for example, I'mlooking for a hostel or a paying guest kindof a living system. Right? So in that case, what I would do is I wouldupfront go and tell the owner that I would be stayinghere for a month. You can charge mefor a month only if it is 1000 morethan normal charge. It is fine. But once the month is over, I would like to leaveright so that kind of service or that kind of instance. Demand is called as on-demand instancesbasically dedicated now Guys. These instances arekind of given to a particular organization so that their securityis defined better than other say for example, if I need to protect my data, I need my data to be privatizedNow understand this thing AWS or the other Cloud platformsare highly secure. Your data is secure no matter whether they areon dedicated instance or not. But what happens is younormally share your Space with someone elsedata remains private but there are companies that deal with highlyconfidential data. And in that case they wantthat extra Assurance as an okay. I am using a spacewhich is not shared by anyone. So in that case youhave dedicated instances, which basically serve your needslike high security and basically an isolationfrom the other vendors as well. So that is what dedicatedinstances do they are costlier. But yeah, they give youthat isolation on spot. Now guys, when I sayA non spot instance, it is like biddingsay for example, I am buying a particular share.
So I havea particular budget right so I might havea budget of $300. So what I do is I goahead and buy the chair and I sat in a capas an okay to the max I can bid for $300for the share. So if the price goesabove 300 dollars, I'm not taking that share right? So if there is a particularinstance you can bid for that instance as an okay. This is the maximum pricethat I pay for this. Ernst so if that instanceis available at that price it is given to you and if after a particularduration the price of this instance can change so it is available to youfor a limited period of time. So if you are dealingwith data that is volatile and you want to workon the data in real-time, so you cannot for this instance because after a while the priceof this instance might change and this instancemight be terminated and you might not be ableto use it for a longer while but the thing it doesis it is available to you at a cheaper price? And at the pricing bitthat you put on it, so that is why itis more affordable. But again, it is good for volatile data only finallyyou have the reserved instance. It is like rentingan apartment on a lease for a longer period right? I mean suppose if I am getting a flaton an agreement will basis where I signan agreement for a year. That means Iam reserving this flat for one complete year, right? So nobody elsein comments say that okay, you have to vacate this. A flat right sothat is one benefit. And the other thing isyou have a fixed set of rent.
So if you're taking somethingfor a longer duration, there is a chance that you might end up payinglesser money for that as well. Now what happens here is when you talk about it from theinstance perspective suppose, you know that youwould be needing this much configurationfor this duration. You can rent that particularinstance for that duration, and probably you end upsaving a lot of money now when you talk about AWSit gives you Latif where you can actually go ahead and upscale downscaleyour instances to your needs. You can kinda terminate stuffand move to the next up. But if you are certainabout certain things as an okay, I have to use this no matter what happens for a longerduration in that case. You can offer reserved kind of instances and those aremore affordable to you. So Guys, these weredifferent types of instances based on the pricingthat is there. Now. We have talked about Generalcluster ization of instances, like the general-purpose the GPU that was basedon They're functioning, right then we learned aboutthe pricing models as well. Now. There is one more type that we need to understandor one more classification that we need to understand. Let us try and take a lookat those as well. So we are classifying instances based onthat General functioning. Now, what do I mean by this? Well, these are the types. Let us take a lookat those one by one first. So when I sayburstable instance, we've talked about generalpurpose instances, right? So what happens is there isa category of General. But was instances with start with a base utilization poweravailable to you. That means if you wantto utilize your CPU for a certain amount burstableinstances are good here. Let me throw in some more lightas in what am I talking about? Exactly suppose. I need a CPU utilizationof 20% And I know that so I can gofor burstable instances. What they do is they start with the functioningof 20% but in case if I'm dealing with data that It is not constant that might changewith time say for example, if my websiteexperiences more traffic, so I might needmore performance.
Right? So in that case what burstable instancesdo is they burst out of their current performance200% CPU utilization so that you can getmore performance. Now what happens here is youare charged a particular amount for these instances and you have certain creditsfor which you can use the burst people performance andif you do not use the bustable. Performance those creditscan be used later as well. So you are gettingoptimize performance as well. And you are savingsome money as well in case if there is an urgent traffic that you experience youhave something called as EBS optimized now when you talk aboutEBS optimized now, these are the applications where basically youare processing data at a higher speed. Say for example,there is some application where the data isflowing in continuously. So I need quick response, right? So EBS backed upor EBS optimized instances. What they do is they give youhigh input output processing and that is why these aregood instances to art for these situationscluster networking. Basically, they form clusters of instances nowa particular cluster what it does is it servesone kind of purpose say for example in my application. What I want is I havedifferent sections and in different sectionsmy first section requires To be processing dataat a faster rate.
The other one. I wanted to be storage optimized so I canDefine different clusters of instances that servedifferent purposes here. And then I havethe dedicated one. We've already talkedabout dedicated one. It is more relatedto the data security part. So Guys, these were thedifferent types of instances. I know I've talkedabout a lot of stuff once we get into the demo part probably this would ease upa little more for you people. I believe you people are with me and you arefollowing this session. So guys now let us move furtherand take a look at the use case so that we can just move further and take a look at the demo partas well for this use case. I've considereda derecho itself. Let us try and understand what could bethe possible problems that can be solved byusing these instances. Now imagine that if it is Erica used AWSas their Cloud partner and they used the ec2 service. So what kind of problems couldbe solved by these instances that we just talked about suppose we havethe first problem where you have To analyzethe data of the customer.
So what kind of applicationwould you use? Can you guess that for me? I won't be lookingat your answers. Let me just quickly go aheadand give you other examples as well so that we can discussthese one by one suppose. You also have an autoresponsible system now compare these two and letme know which one would you believewould be served better by these instances thatwe've just talked about. So when you talkabout the performance here guys when you talk about analysisof data for the customers data, it is never Went right at times the data is usedat times it is less. So in this case,I would need burstable performs. So my general purposeburstable performance instances would serve me better rightauto response email system. I need quick response, but I do not wantto invest a lot of money EBS optimized instances with iops would help me bettersearch engine and browsing. I believe it is fairly clear. I'm talking about browsingand search engine to different things I wantto do I would be opting for Stud Network instances, right and confidential data. Well, I would be opting forthe dedicated instances here.
So guys, this wasa very simple use case. So let us move intothe demo part and try and understand ec2 a little more shall we so guys whatI've done is I've gone ahead and I've signedinto my AWS Management console. Please forgive me guys. I have a lot of gold today and that is why my voice islittle Jiggly and echoing. So I hope you peopleare not offended by that moving further. The guys this isthe AWS Management console. You can sign in to AWSfree tier account and probably Availthese Services you can practice a lot of stuff by signinginto your free tier account. How do you do that? Just go ahead and look for a SS free tier and sign inwith your credit card or debit card. You won't be chargedyou have these services for free for one complete year and you can practice mostof the services that are there. There is some free tier limiton these services. So check the upper cap asin what those limits are so that you Get charged. So guys this ishow the console looks like. We are going to go aheadand learn about easy to hear. That is the instantservice in AWS. So let's search for ec2. And you would be redirectedto this page guys. Now when you talk about ec2, there are a lot of thingsthat you can do. You have Amazon Marketplace where you have am eyes,I will tell you. What am I is our do not worryyou can just go ahead and launch our instances. You can attach volume to it. You can detach volume storagefrom these instances. And when I say am I is those areAmazon machine image has that means once youcreate an instance, you can create an imageof that instance as well. That means a templateof that instance as Suppose you havecertain applications running on top of that instancecertain specific settings that you've donefor those instance and you do not want to dothose settings again. And again, you can create imagesof that instances as well. So let us see what all we can dowith these instances. So let us firstlaunch an instance. So guys, once you clickon that launch instance button, you would be given a number of options to choosefrom you can launch Linux instances Ubuntuinstances Windows instances. And you can choose the EBSbacked up non-abs backed up.
So there are a lot of choices when you actually go aheadand launch these instances. You can see this UbuntuRed Hat Microsoft Windows and there are specificinstances specialized in deep learning someof our service specification. You can see that there arequite a few instances, but ensure thatif you are practicing choose the free tiereligible one for now, I'm going to go ahead and launcha simple Windows instance. Let's not getinto the Ubuntu one because Request a petitionto sign for that. So let us not do that. So guys once you clickon launch an instance, you can see that youare redirected to this page. Now if you take a lookat the information here, it talks a lot. Now. This instance isgeneral purpose. We've discussed theother families, right? This is one. This one is T 2 micro there are t 2 T 3 micro and mediumand bigger instances as well. The size is very guys the Titomicro one is free tier eligible. You have t to Nanoyou have small right? So you have me doAnother large instances as well. So when you say a microphone, it has 1 V CPU and one gigabyteof memory instant storage. It is EBS backed upand what kind of network performance itgives you low to moderate. So I would sayconfigure further. These are some configurationdetails what network it is following what subnet ID. It is falling that means it fallsunder the cloud Network guys. That means your Cloudwould have a network and under that Networklies are instance so that it's accessible. SS policies security policiescan be managed.
So let it be basic for now. Let us move further. Storage now guys, this is the storage itis your route storage and 30 GB of space. You can change it if you want say a hundredbut let us take 2 34 now and guys you can seethese are the types. You have a general purpose. You have yourprovisioned magnetic now, there is one more typeof instance guys. That is HDD kind of an instance, but guys when you talkabout root storage, you cannot attach HDD to it, right because routestorage is something that is constantly Constant, if you wish to have HDD kind of storage it hasto be attached secondary. So if I add new volume here, you can see and if Isearch for this now, it gives me an optionof cold HDD, right? So that is what guys I meanin order to have this kind of HD kind of a volume you needto use secondary storage for it. So let us cancel this for nowand just go ahead and say next you can add in tags guysfor the Simplicity of namesake say for examplesample today and let's just say next Security Groupguys Security Group. What do I mean by this? Well, basically you have set of policies as inwho gets to access. What kind of traffic do youwant to your instance? What kind of traffic do you wantto flow out of your instance so you can create a security group and youcan use customized as well when you create onethis type is RDP.
That means it can allowtraffic from a desktop or a remote desktop appand through which I can log. To my system I can addother rules as well. I can add PCP HTTPkind of rules. And these are the port rangesyou can specify those for now. I'm allowing trafficfrom everywhere through our DP and I can say review and launch improveyour security it says but this is a basic one guys, you can add in more rulesas I've already mentioned. So let's not do that. Let's say launch generate a keypair now a key pair is something that lets you loginto your instance. It is a double securityfor your Instance you do not want your instanceto be left insecure. Right? So in that case,you need to generate a key pair. You can use an existing one or you can createa new one as well. So let's just say that I want to createa new key pair. So I say create and let us sayVishal 3 4 1 2 1 and let's just say download. So guys once youdownload this instance, what you do is and protects cut it from hereand I'm going to go ahead and paste this instance to the desktop guys andlet's just say paste.
Here it is. So the reason I'm doing this is because basically wewould be needing this thing is if you lose this key thereis no other way to explain. Is your instant somake sure you keep it safe and I say lunch. So guys now this processit takes a minute or two to go aheadand launch our instance. So meanwhile you'd haveto bear with me. So what happens is once you do actually go aheadand launch this instance. It involves a couple of steps like basically it doessome Security checks some status checks andwhile these statistics happen, it takes a minute or two and once the instances upand ready we can actually go ahead and take a lookat this instance. So meanwhile guys what I'm goingto do is I'm going to go ahead and take to the ec2 part Nowthere are three instances that are running guys. Now, this issomebody else's account. So there are quitea few other instances that are running you can see that there must besome instance here which basically is initializing. So this is the onethat we are going to use. This is the ID. Let's not remember that we know that thisis getting initialized. So as these are the otherinstances this one is start. Let us take a lookat this instance as well to understandas an what happens. So Guys, these are the optionsthat I have right? You can actually goahead and get the password. You can create a templatefor your instance. What you can also dois you can start stop. Now.
This instanceis already stopped. So you do not have these optionsthat has stops. He Burnett and reboot youcan start this instance and probably you can goahead and do that. Now when you stop an instance if you want to actually make a snapshot youwant to take snapshots you want to create Amazonmachine image is out of it. What you do is youstop that instance so that you preventany activity from happening. In that instance so that you can takean exact snap of it. So that is why youstopped an instance when you wish to dothese kind of operations. Once you start it again, you can make it functionnormally at it was functioning. If you are doneusing an instance, you can terminate it there and there guys, so these arethe options instance setting. Okay. So as these are the optionsyou can add tags to it. You can attach replace. I am rules that isaccess management policies guys. So you have a useraccess management. Here you can attachroles to it as well. You can change the instancetype guys you can click on it and you can go aheadand do that. You can change itto higher versions as well. Now, why do you needto do this suppose? I am experiencinga particular traffic and my instancesupports that need but if I move further and future,
I need to cater more traffic. What do I do in that casein that case guys? I can actually goahead and update it to a larger versionunlike your other applications. You areon-premise infrastructure. Where you haveto actually go ahead and have new servers you dataon top of it here. What you do is you just clickon this thing and it happens in a couple of seconds. You are instance gets optimizedor upscale to a better lever. And that is whyit is highly scalable because what you can alsodo is you can change termination protection of thisis for data security suppose. If I am usinga particular instance, and in that case, I accidentally deletedmy data would be lost. Right? So what this Does is it changes or turns my terminationprotection on that means if I have todelete this instance? I have to get into the instance. I have to change the policyand then delete it. I mean I cannot deleteit unknowingly, right? So that is why this servicehelps now while talking about these things guys areinstance is up and ready. Let us just launch it. I say connect. And it says downloadremote desktop file the RDP path that Italked about right and I need to get in my passwordas well guys to login. How do I do that? I click here. I choose the file for that. I'm gonna go to the desktop. I'm going to scroll down. There is a filecalled as Vishal. I open it and I decrypt itand there you go guys. My password is here. I can just copy it. So if this is copiedI can launch this. Remote desktop file. It would ask mefor the password.
I would say take this and okay. Do you want tologin and securely? Yes. And guys a Windows instancewould be launched. It is just like yourWindows operating system, but it is runningon my existing system guys. They can seepersonalized settings. It is setting uppersonalized setting for me and in half a minutemaybe in 10 seconds. My Windows app would beup and running. So just like my Windows device. I have one more Windows device so I can do somethingin this device and something else in my normalWindows device as well guys. So this is what you are. Instance does it basicallycreates an instance of word Sewell machine for you to work on I Believeby Navi one understood. What a virtual machine is. So guys we are donewith this part. So let us just use it for now. Let us see if there is anything elsethat we need to talk about now, if I come backhere I've mentioned that you can takesnapshots, right? So these are am is what am I is it is an image basically so I can actually go aheadand launch an Emi for an instancethat I already have.
I can create an image of it. There is a volume here. So my instances areEBS backed up right? So there is a block storageattached to it. Can I add another storage to it? Yes, I can remove the previous storage and attacha different storage to it. Say for example, this is the store isthat I have with me if I click on it and Iwill go into actions. I can createa A short out of it. Once I createa snapshot out of it. I can attach itto the existing instance. So we just launchedan instance, right? So if I want toreplace the volume that is already attached to it. What I do is I actually go aheadand detach the volume that is already attached. So I would be stoppingmy instance First Once I stopped the instance. I can come to the volume assume that this volume is attachedto some instance. So I need to detach itfrom here and the snapshot that I've already created. Or if I have created one, I can selectthat and I can attach that to the existing instance. All I have to do isI have to go ahead and create an image here. Once I create an imageit would ask me. What can I do with it? I would ask meto actually go ahead and given the region in whichthe instance was created. Now my instance that I just used was createdin a particular region. I'm working inOhio reason for now. What do I mean by these regions? Well, basically what SaysAWS has different data centers in different regionsof the world. So you can choose the reason that is convenient to you thatsuits your business needs right so I can create instancesin those particular regions. So if my instance wasin particular region, I need to createa snapshot in that region and then attach that snapshotor that volume to my instance. So guys I Believe by now, you've understood a lot of things you've understoodwhat instances are how to launch those how to create thoseand how to make those work. So as far as thisis Ian goes guys. I wanted to talk about these pointersone more important point that I would liketo mention here is make sure that you terminateyour instances so that to avoid any charges if there are any now thisbeing a free tier account. I don't think therewould be a lot of charges but still I would requestyou to actually go ahead and terminate the instances even if they don't charge you a lotbecause that is a good practice because there are certainservices that might charge you a lot more guys. So I'm going to terminatemy instances the ones that I have created today. So let's just wait a minuteand in a minute or two guys, these instances wouldbe terminated from end to end. Today's session is goingto be all about AWS Lambda. So without makingany further Ado, let's move on to today'sagenda to understand what all will be covered today. So we'll start off today'ssession by discussing the main services in the AWScompute domain after that. We're going to seewhy AWS Lambda is as a separate service. We're going to discusswhat aw is Lambda actually is and then we'll move onto the part where we'll see how you can use a double sLambda using the AWS sdks once we're done with thatI'll teach You guys how you can integrate your SDKwith the Eclipse IDE? And in the endwe'll be doing a demo. So let me quickly show you guys how we will be using AWS Lambdain today's demonstration.
So guys, this is a website that I created which is hostedon the Local Host. Now what this websitedoes is it applauds a file onto the H3 file system nowonce the file is uploaded. It sends me a mailregarding that now that meal is generated by a SS. I'm not now let mequickly show you how that mail actually looks like so let me uploada file over here. So let file be this I click onopen and before uploading image. I will show you my inbox. So as of now, I don't have anyAs you can see, right. So what I'll do is I'll clickon upload image now. It is S3 upload complete. Now. What is this website doesis it will upload my file? It will rename the fileaccording to the system time so that there is no conflictin the name of the object. Right? So whatever file that I've uploaded rightnow will be uploaded on in this bucket. So if I refresh this you can see that there's a fileover here, right? So this file has nowbeen renamed, right? Right, and I also havean email over here, which says awacs test, right? So if I click on this email, I can see that I have got a mailfrom this address saying that an object has been uploadedthe name of the object. Is this the size of the object? Is this the bucket name? Is this and it will slashmodified on 12/31 UTC right? So let me quickly compare whether this filename is the same. So it's seven four eight and it's a sinfor it here as well. Awesome. Now, the next cool thing that you can do over hereis you can move this file to some other folder. So all you have to do isyou will reply to this mail by saying move you clickon send now when I send move to this email address that I have configuredin my code what it does is it will basically movethis file from this bucket to some other bucket. So let me quickly. Press it and seewhether my file has been moved.
So as you can seemy bucket is now empty now. Let me go back. So basically my file wasthere in Erica demo now, it will be therein quarantine demo bucket. So as you can see seven foureight file has now been moved to the quarantine demo by simplywriting a male over here. It says move so we'll be creatingthis demo today. Let's move on to the first topicof today's discussion. That is the AWS compute domain. So the main services areunder this domain are easy to elastic Beanstalkand AWS Lambda. Now among these three the mostimportant service is easy to so easy to is basically justlike a raw server. It is like a personal computerthat you're working on remotely, right? So it can install any kindof improv operating system of your choice, which is supported bythe AWS infrastructure and then you can use itin any manner as you want. You can configure it to become. A web server. You can configure itto become a worker to your environment anything. Uh, next serviceis elastic Beanstalk, which is an automatedversion of ec2. So with the elastic Beanstalk, you don't get the accessto the operating system, but you still have a controlover the configuration of your system so you can choose what kind of instance you wantto launch, right? So elastic Beanstalk is usedto deploy an application. So basically you just uploadyour code and your application is deployed on theAWS infrastructure, right. So this is what elasticBeanstalk is all about. Then we havethe AWS Lambda service. So the Lambda service isagain an automated version of ec2 wherein youdon't get the access to the operating systemwith the errors Lambda. You don't even havethe choice to choose what kind of configuration you wantwith your server, right? So with either plus Lambda youjust have to upload your code and it executes. It's that simplebut then why do we have? Have an AWS Lambda servicewhen we have elastic Beanstalk. So let's understand that. So either plus Lambdalike a told you guys. It is an automated version of easy to justlike elastic Beanstalk, but then with AWS Lambda, you can only executebackground tasks, right?
You cannot deployan application. So either plus Lambda is notused to deploy an application. It is used to executebackground tasks. Other than that like I toldyou guys you don't have to choose the Integration and a double s Lambda youdon't have to choose what kind of servers you want ondepending on your workload. Thus kind of configuration. The server configurationis assigned to you, right? So this is whywe use AWS Lambda, but then let's go on to the definition part and seewhat AWS Lambda actually is. So according to its definition. It's a survivalistcompute service because you're not choosingthe server's right. You're not choosing what kindof Aggression you want in your server? It's a serverlesscompute service you just upload your code. And the code is executed. It's that simple right and also like it's mentionedin the definition and I told you guysagain again it is used to execute background tasks. It is not used to deployan application guys. This is the maindifference between elastic Beanstalk news12. So as an architect, you should knowwhat the use case is and with servicewill suit it better. So Moving on now, you've understood whatAWS Lambda actually is and why do we use it? Right? So let's move ahead to seehow you can use this service. So you can use the service usingthe software development kits which are provided by AWS. So before moving aheadand understanding how you can use the skills. Let's understand whatthese kids are all about. So the software development kitsare basically apis which are used by developers to connect to the desiredservice at the wound. So it makes the lifeof the developer easy because he can now concentrateon the logical part of his application rather thanwasting time on understanding how you can connecthis code to the service which is there on AWS, right? The other part is that these sdksare used with ID. He's right. So currently wehave only two IDs which are supported that is eclipseand visual studio.
So today in this session. I'm going to teach you guys. Is how you can connect your SDkeys with the Eclipse IDE? So let's do that. So before that weare going to configure or we going to code ra SSand of function in Java, right? And that is the reasonwe're using Eclipse. Now. First of all, you have to installeclipse on a system. Once you do that. This is the eclipse green guys. This is how your Eclipsedashboard will look like. So for installing ews SDKon your Eclipse, you have to click on Help and then you'll goto install new software. Once you have reached here. You will enter the website name. That is aws.amazon.com/ Eclipse. Once you have enteredthat just hit enter and it will list youguys all the SDK is which are availableall the tools which are availableselect all the tools and click on finish and then it will takesome time to download the SDK, but then it will integrateeverything into your And then you'll have a buttonlike this over here. Right? So with this button youcan actually deploy a new server which is configuredaccording to AWS. So guys, this ishow you install sdks with IDE. Alright guys, so it's time forthe demo now enough of theory. So what we'll be doing is where our aim isto create an application which will be uploading ourfiles onto the S3 file system. And what a Lambda functionhere Willy We'll be doing is so like I told you guys Lambda function basicallyexecutes your background task, right so that wedon't want to burden server on which the websiteis hosted in this task. We want some other serverto execute this task. What is this task?
We basically want to get an email with allthe details of the file, which has just been uploadedon the S3 file system. So that email will be sentby the Lambda server now once we get that emailif you reply to that email that the file has to be moved Lambda will Pick up that emailit will read that email and it will performthe necessary operation. So if we specify move, what will basically do is itwill pick that file move it to some other bucketand store it over there. So this is the project that will be doing rightnow sounds simple right? But let me showyou the architecture. Let me explain you whatthe architecture tells you. So basically thisis our website. So what our websitewe'll be doing is it will be uploading a fileonto the S3 file system. At the same time it will alsobe making an entry into the sqs, which is nothingbut a simple queue service which use your data, right? So as soon as your fileis uploaded on to S 3 S 3 is bucket is configured in a way to invokethe Lambda function. Now as soon as the Lambdafunction is invoked now Lambda functions are stateless. They don't know anything aboutwhat file you have uploaded or what you have done. You have to feedthem information. And that is the reason wehave updated the entry in s us or the file which Recentlybeen uploaded right? So what ew is Lambda will dois it will read this queue and we'll get the file name and we'll actuallyretrieve all the properties from that file name from S3. Now once it has retrieved all the file names allthe properties of that file. It'll actually mailed me with using the SES service inAWS the details of that file now once I receive the detailsof that file, I have an option to replyto that email, right?
Now how will I replyto that email is like this. So I will open the email client on my computer and Iwill reply to that email that email will actuallygo to that address which is actually pointedto my DNS server and that DNS server will actuallyredirect that email to SES. Now SES on receiving that email has been configuredto invoke the Lambda function that Lambda functionwill be invoked again. The file will be readfrom the SQL. That file will be movedto a new bucket and in the end that messagewill be deleted by ask U s-- now my Sus has been configured like this that in case I don't reply to that email withintwo or three minutes that message will automaticallybe deleted from the queue. And in that caseif you try to move that file, you will not be allowed to do so because that file isno longer available in the cube, hence. You cannot move it, right? So this is what our project. It is going to be all about now. I have already showed youhow the project works. So let me quickly deletethe project and again show you how it can be configuredfrom scratch right? So give me a moment. All right. So everything is set. Now the first thing that I'll be doing is I'llbe configuring my S3 to interact with my Lambda function, right? So what I have not done is I'mnot deleted the Lambda function because there's no point. You just have to click next and your functionwill be created. What matters is the code, so I have uploadedthe code in your LMS with the proper documentation. If you have any doubts, you can actually email meregarding the doubt and I'll clear it. You so as an architect, your job will be to acttake this architecture. Not the coding.
The coding part has to be doneby the AWS developer, but it is a goodto know knowledge, right? So that is the reason Ihave uploaded the code for the websiteand AWS Lambda to your LMS. Okay. So like I said, I have to configure my is 3so that it can interact with AWS number. Now. My website's code is like this that it will uploadthe file to a bucket in S3 called either a car. A demo, right? So what we'll be doingis we will be going to the Elder a car demo bucket. Which is here, I clickon the dareka demo bucket. I click on properties. I'll click on events and letme delete this event right now. Right? So I will be adding a notification now now letme call this notification as AWS - Lambda right. Now. What I want it to do is wheneverthe event is a put event that is and upload event. I want it. Send a notification tomy Lambda function. So I have to selectthe Lambda function. So my functionshould be this one and I will click on Save. Let me checkif everything has been filled. Yes. It has let's click on save. All right, so I haveone active notifications now now you might getan error over here saying that you don't havesufficient permissions. So if you get that erroron the right hand side, you'll have a buttoncalled add permissions. Mission just clickon that button and everything will open upan automatically basically those permissions arefor your Lambda function. Your Lambda functionmay not have permissions to get notifications from S3. But once you clickon that button, you will get the propernotifications automatic. Right? So this is how youwill configure your S3 bucket. Now, let's go backto our slide to see what other things we have to do. So we have configured RS3to invoke a Lambda function once a file is Loaded to S3.
Now. A Lambda has alreadybeen configured to interact with ses through the code, which is so through the code should be callingthe SES service and we'll be livingin a meal now the next function or the next thing isto configure SES or before that lets configureour sqs, right? So our sqs is basicallya simple queue service. So we have to create a queuein a COS in which our website. It will be uploading of files,right so let's do that. Let's just go backto our dashboard. So this is our dashboard guysand we'll go to the sqs service. Well, click on createnew Q fifo queue and that Q has to be namedas hello - Lambda. And since it's a fifo queue, you have to givethe extension as dot fifo. All is done. Let's click onquick create Cube. Okay, so my Q has now been created and now Ihave to configure this Q so that wheneverthe message comes in, it gets automaticallydeleted after 2 minutes. All right, so letus configure it so Will click on configure qand we set this to two minutes. All right. All is done. Let's click on Save changes. All right. So my Q hasalso been configured. Let me go back to my slide. Alright, so my sqshas been configured now, so let me configure my SES now now thismight be a little tricky. So hang on with me. We'll go back to the dashboard. We'll go to the ACs service. Now first of allin the SES service, you actually have to addthe email addresses. Now. How will youadd email addresses? You will actually haveto verify a new email address. Now you have to verifythe recipient as well. So since I want to receivethe email from the SES service,
I'll have to typein my email address, which is he meant at the rateof the rate during car.com. And we have to verifythis email address. Now I'll receivea verification email on him and the other a cannot go. So, let me quickly goback click on inbox now. I have gota verification request right? So I'll clickon this verification link. Okay. So my email address has now been configuredhas now been verified. So it sayscongratulations awesome. So let me go back to my ACSsays pending verification. Let me quickly refresh it. All right. So it says verified nownow let's go back to our slide. All right, so guys we haveconfigured the recipient of SES. But what about the sender right? So we have to configurethe sender as well because and why do we haveto configure the sender? And the sender hasto be a domain name that you own right? Can you have to ownthat domain name so that you can send emailsvia that domain name now what I mean by that is you may say that okay, why not use the recipientaddress only why not use payment Authority diwaker dotcofor sending the email but our applicationalso receives email if you would have noticed rightso for receiving the emails through a CSU have to actuallyown the domain name now since I'm an employee, I don't own any record or go, right? So what I've done is Ihave actually created a domain name I can geta free domain name. This website it ismy dot dot dot TK. You can go in this website and create a domainfor yourself for free. So basically you will be gettingthis domain name free for three months.
All right. I am almost fromthe expiry date. So I might have to renew it. Okay, but since this is a demo,let me quickly show you. All right, so I have actuallycreated this domain name and I can use this domain. Name to send or receive emails. Now what I'll have to do or how do I configure thisin my CSS is like this. So you will go to your SES. You see this tab? It says email receiving right? So we will click on rule sets and you'll have to createa new rule said before that. You have to actuallyverify a domain you basically have to verify that the domain is actuallyowned by you now how you will do that will clickon verify a new domain and you You will giveyour domain name here, which is any record or TK. Click on verify this domain and you will getthese two records over here. Now. Where will you enterthese two records is actually in the DNS server. So the domain nameEddie record or TK has to point to a DNS server, right? And in that DNS server, you will be puttingin these two records. Now. How will you point any recordor TK to a DNS server? So DNS server isbasically Route 53 8 so we'll be configuring Route53 with any record or TJ. Let me show you quicklyhow you can do that. Let me open my Route 53 service. So this is my Route 53 service. I don't have any hostof drones as of now. So let's click on get startednow click on create hosted zone. So my domain name isanyway card or DK right? Click on create.
All right, so I have createda hosted zone now in my Route 53. Now what I have to do isI'll have to connect this domain to my Route 53 now. How will you do that? You will click on manage domain. And you will clickon management tools and you'll clickon name servers, right? So these name servershave to be updated with the name serversprovided you over here, right? So let me quickly show you so you will copythis paste it here. Remember guys don't includethe dot in the end. Otherwise, it willgive you an error. So without the dotcopy the name server. Right, so I firstsave to and see if it's working clickon change name server. All right sayschanges saved successfully. All right, so it's savingthe server's now. So, let me copythe rest to as well. All right. So I've copied my name serversI click on change name servers and fingers crossed. Okay, so it sayschanges saved successfully. All right. So my domain name is nowpointing to Route 53 awesome. So now in Route 53, I have to includethese records now. How will I do that? Let me quickly show you so you go to Route53 and you will click on create record set now youdon't have Prototype anything here just in the type click on MX and in the value. So as you can see, there's a value for m xover here just copy this value and paste it here, right? This is it guys nothing hasto be done here. Click on create. Awesome, so I have an MX record now now let's we haveto create one more record, sir. And that name has to belike this right? So I'll copythis part paste it here as you can see now. The name is underscoreAmazon SES dot Ed u-- a card or TK. And as you can see the nameover here is to seem right. So this name has to be the sameand the type of value is txt. Select EXT from here and thenyou have to enter the value. So the value is this enterthis value over here and click on create. Awesome. So my Route 53 is nowconfigured to actually Sue actor receive the emailsfrom the Ed Eureka dot t-- k domain cool. So we'll go back to our SES now close it it sayspending verification refresh it. Alright, so as you can seemy domain name is now verified. All right, so let's just goto the rule sets now. So email receiving we haveto configure so I click on view active ruleset. There is no rule setswhile create a rule. Now I have tospecify a recipient. So let me specifyhello at the rate and Eureka door TK, right? I'll click on ADD recipient. So my verificationstatus is verified because my domain nameis verified now will click on next step. Now. What action do youwant it to do right. So if you receive emailon this email-id, what do you want to do? So what we want to do is we wantto invoke a Lambda function. Now what Lambda functiondo you want to invoke? I want to invoke my functionto and will click on next step. So everything seems finewill click on Next Step again. So it is ask me the rule name. Let me give the rule nameas Lambda - demo. click on next stepand click on create rule. Okay, so my rule set has nowbeen enabled awesome. So I have configuredmy SES as well. So let me go back to my slide. Alright, so I'veconfigured my CS I have configured my Route 53. I've configured my ews Lambda. I have configured my sqs. I have configured my S3. And my website is alsoconfigured right so we created a rescue SQ. So we may have to change the url in our code to Let'squickly do that. We'll go back here. Go to the dashboard. click on SQL s Alright, so this is our qand this is a URL. So basically I have namedthe queue seems so so if you do that sometimesa URL don't change. So let me see if I have to uploadthe code or not. So I'll go to my Lambda functionHandler go to the part where my cue is saved. All right, let meanyway space to Q over here. I think it is the same. Yes. It is the same. Anyways, let us save it. This is my function one. So let me upload the code now. So it's my functionand click on finish. Right, so it is uploadingthe function right now. So meanwhile, let me go to my function to and configurein the queue address, which is this. Paste it here control s save it. And once thisprocess is complete. I will upload this code as well. So while this is uploading, let me change the addressin my index file as well. This is my websites index file. So I'll go to the queue URLwhich is this. I will change it saveit and close it. Alright, so my website'saddress has also been done. Alright, so my code is uploadedfor this function. Let me upload the codefor function to as well because we are may changeupload function to AWS. So it is my functionto that is my function to in Lambda click on next. And click on finish. All right, so my codeis being uploaded Let's Wait Awhile so thatmy code gets uploaded and then we can proceedwith our demonstration. Alright, so my codehas now been uploaded to both my Lambda functions. Now. What I'll do is I will go to my local host websiteclick on refresh. And I will upload a file. So let me go back and see what is therein my bucket right now so that it becomes easier for us to verifythat a file has been uploaded. So as of now my bucket is empty. I there's nothing in my editor a car demo bucket and my otherbucket is quarantine demo. This is the place where my other filewill go right? Let me empty this as well sothat we are clear that some Checkedhas been added. All right, so this buckethas also been cleared. So we'll go to a local hostwill choose a file. So let's upload some image. So let it be this image, right I click on openand click on upload image. All right, so it saysS3 upload complete. All right. So let me check if a file has been addedin My riruka Demo bucket. I'll click on refresh. Awesome. So one file has been addedand it's called one four. Nine two, five foursix zero nine seven. Let me check in my emailto let me check if I got an email. So yes, I've got an email. Let me click on it. All right. So this is the nameof the file that I got, which is the same right? So, let me see if there is somethingin my Quarantine demo bucket, so there's nothing there. I'll come back now. I'll reply tothis email as move. So this basically means movemy file to some of the bucket and I'm replying it to hello either a TeddyRicardo TK, right? So now we'll hit on send. So my message hasbeen sent to Route 53, which will be sent to ACS which will invoke the Lambdafunction which will move. My file to the other bucket. So let us check if that is done. So first let us check if I enter a car demo buckethas been emptied so will click on refresh. Alright, so my I do takea bucket has now been emptied. Let's go back and check if something has an adin my core and tine Emma bucket. Alright guys, so my filehas successfully moved to this bucket LetUs verify the name. So this is one phone nine tofive four six zero nine seven. Let us check that in the email. So the email that we replied to had thenthe object name as one phone nine to five four sixeight or 7 so this is the same file you guys. All right guys, so we have completedour demonstration successfully. Welcome to the sessionon elastic Beanstalk a web application hostingplatform offered by Amazon. So without any delay, let me give youa brief overview of what we will bediscussing today firstly. We will see what elasticBeanstalk exactly is, and then we'll discuss certain. In Salient featuresof elastic Beanstalk moving on. We'll try to understand elasticBeanstalk a Little Deeper by taking a lookat its components and then atits architecture in finally, we'll try to deploy anapplication on elastic Beanstalk for practical understandingof the concept. So let's get started. What is elastic Beanstalk? If I have goingto find elastic Beanstalk and Amazon terminology, then it is a platformas a service where you can deploy your application, which you might have developed with programming languageslike Java dotnet PHP node.js and many others on familiar servers such asApache nginx passenger and Tomcat the definition, which I just mentionedseems to have a lot of technical terms as ended. Well, let's try to figureout what elastic Beanstalk is and simple terms. All right, let's say you Needto build a computer tonight. Well, you have two waysto go at it first. You can go to a computerWarehouse Computer Warehouse is a place where you have differentcomponents of computer laid out in front of you like you have CPU motherboardsrouter disk drive models and many other componentsyou can choose which have a component you needand assemble them and form a brand new computer. This is similar to situation when you try todeploy an application without using elastic Beanstalk when you try to developApplication by yourself you will have a list of taskswhich you need to do. Like you might have to decide on how powerful you wantyour ec2 instance to be then you have to choosea suitable storage and infrastructure stackfor your application. You might have to installsubstrate surface for monitoring and security purposes aswell moving on to option b, you can always visitan electronic retail store which has pre-configuredcomputers laid out in front of you. Let's say you area graphic designer and you want a computer which has a modern graphicaluser interface installed in it. All you have to dois specify this requirement to a salesperson and walk outwith a computer of your choice. Well, I personallyprefer this option. This is similar to the situationwhere you're trying to deploy an applicationusing elastic Beanstalk when you use elastic Beanstalkto develop your application. All you haveto do is concentrate on your code list of the tasks like installing ec2 instances auto-scaling groupsmaintaining security and monitoring. Etc is done byelastic Beanstalk. That is the beautyof elastic Beanstalk. So let's go back and take a lookat the definition again and see if he'll understandit this time. Well elastic Beanstalk asa platform as a service where developers just haveto upload their application load balancing auto-scalingan application Health monitoring or all and it automaticallyby elastic Beanstalk. Now, let's try to understand how elastic Beanstalkas a platform as a service is beneficial. Vishal to app developer. I'm sure most of you know, what platform as a servicehas but let's try to refresh what we know platform as a service asa cloud computing service which provides you a platform where you can deployand host your application elastic Beanstalkmakes the process of app development much more fun and less complex and Ihave five points to prove that to you firstly itoffers quicker deployment suppose you're developingan app by yourself. Then you'll have to do a lotof tasks by yourself like you might After decideon ec2 instance choose a suitable storage and infrastructure stock as well as installauto-scaling groups as well. And then you might haveto install substrate surface for monitoring andsecurity purposes. Well, this will takequite a lot of time but if you have usedplatform-as-a-service to develop your app then all you haveto do is develop a proper court for your application rest will be handled byplatform as a service or elastic Beanstalkin this case, which makes the entire process of app developmentmuch more faster. now secondly elastic Beanstalk simplifies entire appdevelopment process like the set or developers haveto do is concentrate on developing a codefor their application rest, like monitoring serversstorage networking Etc and managing virtualizationoperating system databases is done by elastic Beanstalk, which simplifiesthe entire process for a developer usingplatform as a service to deploy our application makeCenter app development process more cost-effective if you're tryingto dip By yourself, then you might have to installseparate surface for monitoring and security purposesand I'm sure for that you'll have to paya lot of money extra money. But if you're usingan elastic Beanstalk to deploy your application it will provide you allthis additional software such as a package and you can avoid payingunnecessary operating costs also elastic Beanstalk offers multi-tenantarchitecture by that. I mean, it makes it easy for the users to sharetheir application on different devices. And that too with high security when I say highsecurity platform as a service will provideyou a detailed report regarding your application usagedifferent people or users who are trying to accessyour application as well. But this informationyou can be sure that your application isnot under any cyber threat and finally platform as a service provides youan option where you can know if the user who is usingyour application is getting a better experience out of it ornot with platform-as-a-service. You can collect feedback at Seven stagesof your app development like during development stage like testing Stageproduction stage design stage by doing so you will havea report regarding how your applicationis performing at every level and you can makeimprovements if needed. So this is how platform as a service like a are an elasticBeanstalk makes it easy for developers to developan all-around perfect up guys will be ableto relate to this point when we try to deployan application using elastic Beanstalk in the laterpart of this session. You'll understand. How will a StickBeanstalk is beneficial to app developer in Marquette. There are quite a lotof application hosting platforms which are providingplatform as a service. Let's have a lookat few of that. First. We have somethingcalled openshift. It is a web hosting platformoffered by Red Hat. Then you have Google app engine which we all know ask a lingoat is a platform as a service where you can deploy yourapplication and just do minutes apparently will provide youa production ready environment where all you have to dois deploy your application code. Then you have python anywhere. It doesn't onlineintegrated development platform and web hosting service as well. But based on Python language, then you have elastic Beanstalkoffered by Amazon moving on. We have a sure app Servicesby Microsoft and many others. But today our main focus will beon elastic Beanstalk, which is a web hosting platformoffered by Amazon now that you have basicunderstanding of elastic. Stop, let's go ahead and take a look at fewof its features. Mostly all the featuresare similar to the ones which we discussed earlier, like elastic Beanstalk makesan app development process more faster and simplerfor developer moreover. All developer hasto do is concentrate on developing code listof the configuration details and managing and monitoring details will be handledby elastic Beanstalk. Also elastic Beanstalkautomatically scales up your abs resources, which have beenassigned to your uh, Occasion by elastic Beanstalkbased on your application specific needs butthere is one feature which is specificto elastic Beanstalk suppose. You have deployed an applicationusing elastic Beanstalk, but now you want to make changesto the configurations which have been already assigned to your application byelastic Beanstalk though. Bienstock is a platformas a service. It provides you with an option where you can changethe pre-assigned configurations like you do and infrastructureas a service. Well if you remember Memberwhen if you're trying to use infrastructure-as-a-service todeploy an application, you will have full controlover AWS resources. Similarly Beanstalk alsoprovides you with full control over your AWS resources and you can have accessto the underlying resources at any time. Now, let's try to understand elastic Beanstalka little deeper first. We'll be discussing fewcomponents of elastic Beanstalk, then we'll have a lookat its architecture. What we have your first wehave something called application suppose youhave decided to do a project. So what you do you go ahead and create a separate folderon your personal computer, which is dedicatedto your project. Let's say your project needsApache server SQL database and a platformingsoftware like Eclipse. So you installall the software's and stole them in the folder which is dedicatedto your project. So that will be easy for you to accesswhenever you need all the software's similarly when you try to dodeploy an application on elastic Beanstalk Beanstalkwill create a separate folder which is dedicatedto your application and an aw storms. This folder iswhat we call an application if I have to Define folder orapplication in technical terms, then it is a collectionof different components like environmentsyour application versions and environment configuration. Let's try to understand eachof these components one by one. We have something calledapplication version suppose you have written a code stored. In the file and deployedthis coat on elastic Beanstalk and your applicationhas been successfully launched but now you want to makecertain changes to the code. So what you do you go ahead and open the file makechanges to it save it and then again deployed on elastic Beanstalkelastic Beanstalk again, successfully launchesyour application. So you have two versionsof your application now, it's just a copyof your application code, but with different changes and elastic Beanstalkwill provide you with an option where you can uploaddifferent versions. As of your application without even deletingthe previous ones then we have something called environmentenvironment is a place where you actuallyrun your application when you try to launch and elastic Beanstalkenvironment Beanstalk starts as ining various AWS resources, like ec2 instancesauto-scaling groups load balancer security groupsto your application the point which you have to rememberis at a single point of time environment can runonly a single version of your application. Elastic Beanstalk will provideyou with an option where you can create multiple environments foryour single application suppose. I want and different environmentfor different stages of my app. Like I want an environmentfor development stage one for production stage and onefor testing stage. I can go ahead and do that create a differentenvironment for different stages of my application and suppose you have sameversion or different version of your application installedon all these environments. It's possible to run allthis application versions at same time. I hope that was clear. Well, you'll understandthem practically when we try to deploy an application inthe later part of the session. Then we have somethingcalled environment Tire when you try to launchan elastic Beanstalk environment elastic Beanstalk asksyou to choose amount to environment tires, which are webserver environment. And then you haveworker environment. If you want your applicationto handle HTTP request, then you chooseweb server environment. And if you want your applicationto handle background task that is where a work environmentcomes into picture. Sure, which to chooseeither web server or work environmentand how to work with them when we'll try to deployan application in later part. And lastly we havesomething called environment Health based on how your application is runningBeanstalk reports the health of your web server environment and it uses differentcolors to do. So first gay indicates that your environmentis currently being updated. Let's say youhave installed one version and now you're tryingto upload different version. Well, it's taking a lot of time so that timeit shows gray color. It means your environment isstill under updating process. Then you have green which means that your environment has passedthe recent health check. Then you have a low which means that your environment has failedone or more checks and red failed three or morechecks moving on. Let's try to understand the architecture ofelastic Beanstalk. Like I said early onwhen you try to launch an elastic Beanstalk environmentBeanstalk ask you to choose Was among two different environmenttires firstly we have web server environmentweb server environment usually handles HTTPrequests from clients and it has different componentsfirstly we have something called environment. You know, what environmentis it's a place where we actually run your application and Beanstalk provideyou with an option where you can createmultiple environments and the main point isat a point of time this particular environmentcan run only one version of your application movingon we have Something called elastic load balancer. Let's say your applicationis receiving a lot of requests. So what elastic load balancerdoes is it distributes all this requestamong different ec2 instances so that all the requestsare handled and no request is being delayed. What actually happens is when you launch an environmentor URL is created and this URL in the formof C name is made to point elastic load balancersenior is nothing but alternate name for your url. So when your applicationreceives requests all these requests are forwardedto elastic load balancer and this loadbalancer distributes. These requests among ec2instances of Auto scaling group. Then we have Autoscaling Group Well, if your web server is tryingto handle a lot of traffic and it's having a scarcityof ec2 instances, then Auto scaling group automatically installsfew easy to instances. Similarly. If traffic is very low, then it automatically terminatesunder use ec2 instances then we Have ec2 instance. So whenever you tryto launch an elastic Beanstalk environment Beanstalkwill assign your application with a suitable ec2 instance, but the software stack likethe operating system the servers and different software's which are supposedto be installed on your instance are decided bya device called container type. For example, let's say my environmentas Apache Tomcat container. So what it does it installs Amazon Linux operatingsystem Apache web server and Tomcat software. Do you see two instancesimilarly depending on your application requirementsit installs different software stack on your ec2 instances. Then we have a softwarecomponent called host manager which runs on everyeasy to instance that has been assignedto your application. There is host managersresponsible for various tasks firstly it will provideyour detailed report regarding performanceof your application. Then it providesinstant level events. It monitors your applicationlog files as well and it monitorsyour Datian server, you can view allthese metrics log files and create various alarms oncloudwatch monitoring dashboard. Then you have securitygroups Security Group is like a firewallto your instance. Not anybody canaccess your instance. It's just for security purposes. So elastic Beanstalk hasa default Security Group, which allows client to accessyour application using Port 80. You can Definemore security groups if you need and then elastic Beanstalk alsoprovides you with an option where you can definea security group. All your databasefor security purposes moving on. We have somethingcalled Walker environment. First question that comesto our mind is what is worker. Well suppose your web server hasreceived a request from client. But on the way while it's trying to process therequest it has come across tasks which are consuminga lot of resources. I'm taking a lot of time because of whichit's quite possible that your web servermight deny other request. So what it does it forwardsthese requests to something called Welcome these workerhandles all this stuff. Us on behalf of web server. So basically worker is a processthat handles background tasks which are time intensiveand resource intensive. And in addition. If you want you can use walker to send email notificationsto generate metric reports and clean up databases when needed let's try to understand why we need Walkerwith the help of you skis, so I have a client he has madea request to a web server and the web serverhas accepted the request and it startsprocessing the request but While it's processingthe request it comes across the switchare taking a lot of time. Meanwhile, this client has requested or sendanother request to a web server since web server is stillprocessing the first request it denies second request. So what is the resultof this as the performance and the number of requests accepted bya web server will drastically decrease alternatively let's saya client has made a request and your web servers accepted it and it starts processingthe request and again, it comes across Stars which are doing a lotof time this time. What it does it transfers or it passes all this taskto walk our environment and this work environmentwill handle all these stars and request oneis successfully completed. Meanwhile, if itreceives a second request since it has completedprocessing request one, it will accept requests to Ihope the scenario was clear. We'll all we are doingby installing work environment is we are avoiding spending lotof time on single request here. Now, you know whatweb server environment is and work environment is and whydo we need work environment? But there has to be some way sothat this web server environment can pass on this taskto work environment. Let's see how so you haveyour web server environment. It has received a request and while processingit as encounter tasks which are taking a lot of time. So what it does it creates andsqs message sqs is a simple to service offered by Amazon and this message is then putinto es que es que and the differentrequests are arranged based on priority in this qsq. Meanwhile when you're tryingto install Walker. Environment elasticBeanstalk has installed something called demon. What is demon does it pullssqs message from Askew and then it sends the Starsto web application, which is running on vodka environment asa result or as a response to spin start applicationhandles all the stars and responds withan HTTP response option. So this ishow the entire process of handling tasks transferringand then handling does goes on so you have a client he has madea request to a web server, but the web serversencounter with tasks which are I'm consumingand resource consuming. So it passes thisrequest rescue is Cube. And when you tryto install walking environment, there's a demon which pullsout all this messages art us from your rescue. And then this demonsends all the stars to our application applicationresults all the stars and then it respondswith a HTTP response option. So this is how your toapplication communicate I can read was lot of 30. Don't worry. We have arrivedat the fun part of session where we'll be tryingto deploy an application using elastic Beanstalk hear you by doing or by creating an application onelastic Beanstalk practically, you'll understand differentconcepts its architecture and different environment tiresand all this. So let's go ahead. So this is my areaplus Management console. And if you want to take a lookat all the services, then you have all the services here, but were mainlyconcerned with elastic. Up, which have recently used. So it shows that all recentlyused resources or Services here. So I'm going to choosethat elastic Beanstalk and this is my Beanstalk console. If you're trying to deployan application for first time, this is the page where you landwhen we scroll down it says that I can deploy an applicationand three easy steps. All you have to do is selecta platform of my choice then upload our application code if I have one or usea sample application code and then run it. Let's see if it'sas Easy as it says here, so go ahead and click on createnew application option here. It will ask you for applicationname and description. I'm going to name my applicationas Tomcat app then description as my new web app. And then I'm going to clickon this create option C. When I try tocreate an application. It has created a separate folder which is dedicatedto my application. And in that folder, we have different componentsas you can see here. I have my environment then Ihave application versions and if I've saved any configuration, it will show allthe saved configurations here. Now. Let's go ahead and create an environmenton the right side. You see an actions optionand you click on that you get different choices. You can just selectthe create environment here. So again, it's asking you to choose among two differentweb environment tires. You have web server environment and work environmentin web server environment. Your application handlesHTTP requests from clients. Then you have work environment where your applicationwill process background tasks like time intensive and resource consumingtask in this demo. I'm going to work onlywith Observer environment. You can go ahead exploreand create work environment. Once you understand how to deploy an applicationon elastic Beanstalk. So I'm going to clickon the select option here. It will take me to a It's badenough to give a domain name or in technical terms are URLto my application. You can give any URLof your choice and see if it's available. So let's say my Tom appand it see if it's available. It says the domain name isavailable then description. I'm going to giveit a same as before. So my new web app then when I scroll down it asked mefor a platform of my choice. There are different options. You have go then you have dotnet Java Ruby PHPnode.js python Tomcat. At and if you're tryingto deploy an application on the platform, which is not here, you can configureyour own platform and deploy turnelastic Beanstalk. It provides an option here. You can see there'sin custom platform here. So I'm going to choose Tomcatplatform for my application. And since I'm notany kind of developer, I'm just going to go aheadand use the sample application provided by Amazon. But if you haveany application code if you have created or developsome code you can store that in a file and uploadyour it says you can upload your code then you have a zip. You need to convertyour file to zip our war file and then upload it here. So I'm going to justselect sample application and then click on createan environment here. So it's going to take awhilefor elastic Beanstalk to launch my environment though. It's not as much time as it would havetaken me to develop entire application by myself while elastic Beanstalkis trying to launch environment. Let's discuss some points or inthe earlier part of the session with discuss some benefits ofelastic Beanstalk firstly I said that it fast ins your process. Of developing an entire. So it's true. Doesn't it? All I did wasselect the platform of my choice dress is doneby elastic Beanstalk itself. So thereby saving a lotof time similarly it simplifies the processof app development again. All I did was selecta platform of my choice like installing easyto instances security groups Auto scaling groups and assigning IP addresses restis done by elastic Beanstalk. I even mentioneda point where I said that it will provide elastic Beanstalk provides youwith an opportunity. And now you can changethe present configuration. We'll explore that. Once the environment is created. Let's go ahead and seewhat elastic Beanstalk is doing. It says that it has createda storage for my environment. Well S3 bucketsolar all my files where I have my application codeare stored there then test created a security group as well and elastic IP address then it saysit's launching an ec2 instance. So you see it's as easy as that. All you have to do is selecta platform of your choice rest is Founded by elasticBeanstalk and later on if you're not satisfied. If you want to changesome configuration, you can go aheadand do that here. Look at this. This is the IP addresswhich are domain name which are assigned to my up. It says new instance has been added and in additionit showing each task while it's doingIsn't that cool? You'll know what yourenvironment is currently doing. So it's still taking a while. So it says it has installed and added instanceto my application and my environment has been We launched it is finishedalmost all the tasks. It should have takento environment page now. So this is my environment page or you can seeour dashboard first. You have environment healthier. It says green. It means that my environmenthas successfully passed the health check thenit shows the sample version of your application since I've used the sampleapplication and saying sample application here since I've chosenTomcat as my platform. It has installedsuitable infrastructure stacked like Amazon Linux and you have Java8 aiming language. Let's go aheadand explore this page first. We have somethingcalled configuration here. Like I said, though,it is a platform as a service. It provides you with an optionvalue can change configuration. So you will have full controlof your resources first. We have somethingcalled instances here. When I click on modify option, you can see that elastic Beanstalkhas assigned micro instance to our application if I want I can goahead and change it to different instance based on my applicationrequirement scrolling down. I have cloudwatch monitoring. If I want detailed monitoring,then I can go for one minute if I want basicmonitoring or not. So detailed monitoring then Ican choose five minutes here. Then I have an optionof resigning storage to my application aswell at says we have magnetic storage general purpose and provision. Iops as well. When we scroll down again. We see differentsecurity groups. I can just click on that and the security groupwill be added to my application. So once you've madethe changes you can click on apply option or do Ihaven't made any changes. I'm just going to click here. So now elastic Beanstalk istrying to update my environment. So it's showing gray color here. If you recollect a mentionedduring the earlier part that grey indicates. My environment is being updated. Okay, let's go backto configurations. We did have a look at instances. Then you have somethingcalled capacity apparently elastic Beanstalk is design a single instanceto my application. If I want I can go ahead andchange to auto-scaling groups. You have an optioncalled load balance so you can click on that hereand you can set the minimum and maximum number of instancesthat your auto scaling. Group can install as well then if you have chosena load balancer option earlier than a load balancewould have been enabled here. Then we have monitoring details which provides you withtwo options enhanced monitoring and basic monitoring and when we scroll downyou can see a streaming to cloudwatch logs option here. So if you want your log files, you can view themon cloudwatch dashboard as well. You can set the retention periodaccording to your choice and suppose you want your application forsome private purpose. Then you can create a generatea private VPC for you. Your application similarly, you can add or decreasethe amount of storage as well. So by explaining all this what I want to say is your handsare not tied you can make changes to configurations. If you want. Then we have logs option. If you want to have a lookat the last 10 lines of your log files,then you have an option. It says last hundred line. Sorry lost a hundred lines thenif you want full log files, then you click on thatdo provide you a file and download format. You can just download it. Then we have health option herewhere it provides health. You are a cc sources basicallyshows ec2 instance here. It says it's been7 minutes or six minutes since my ec2 instancehas been installed. Then you have monitoring where it showsdifferent monitoring details like CPU utilization Networkin network out. If you want you can go aheadand create an alarm with alarm option here suppose you want notificationsto be sent to you when the CPU utilizationor when the number of ec2 instances are scarcein your auto scaling group. Then you have events here events basically are nothingbut it's a list of things which has happened since you started launchingan environment when I go down it says we have seen earlier on the black screenthe same things are applied your so it says createan environment starting then we saw that AC to instance has been installed securitygroups elastic IP address. So basically itshows all the events that has happened from the timeelastic Beanstalk has started to launch our environment and till the time youterminated the environment. So that's it. Then you have tag files. You can assign differentkey values as well. Let's go back. This is a sample application, which I've tried to use not letme try to upload and deploy a new application version here. Okay, I'm gonna goto documentation here. I'm interested withelastic Beanstalk. I'm going to select on that and then develop a guide clickon getting started on when you scroll down on deploy a new application Virginia basedon your sample application. You have different versionsof your application since I've selecteda tomcat is my platform. I have a tomcat zip file. You're a boy. Already downloaded that so I'm gonna just goingto upload the file then so let's go backand it says upload and deploy but let's goback to our folder. Then there's an applicationversions option here. So it gives you deploy andupload option separately here. I'm just going to uploadfirst then we'll deployed version label new versionand upload the file. I have it here zip file. I'm just going to attachthe file and then click on upload optional. The new version ofmy application has been uploaded but it's not been deployed yet. So when I go Can you can see that I can still seethe same version which was there before now? Let's go back and deploy it. Okay. I'm going to select thisand then I'm going to click on deploy optionand select employer. Let's go backto environment and check so my environmentis being updated. So again the gray color here once it's updated as and showthe new version name here. It is uploaded. So as you can see it showing the version name of my newversion application version. Like I said all your bothmy application versions. Are there have beendeleted any you don't. Have to deleteyour application versions when you createa new one similarly, you can upload multiple versionsof your application going back actions option. Then you haveload configuration, which will definitelyload your configuration. Then you have saved we can savethis configuration suppose. You want to createan application with the same configurations again, you don't have to startfrom the beginning from creating applicationenvironment all that. You can just savethe configuration and use for the other application or other environmentof your application. Then you can cloneyour environment as well rebuild and I environmentand terminate as well. So here I havesaved configuration. If you have saved thisconfiguration the configuration of been listed hereand like that conversation. I can use when I'm creatinga new environment. Okay, just let's see if have explored allthe options environment how well I forgot to showyou one most important thing when I click on this URL. It takes me to a pagewhere it shows but my applicationhas been successfully installed. Well, that's it. So now you know how to deploy an applicationusing elastic Beanstalk. Do I have usedthe sample application? Are you can go aheadand upload a code of yours if you have any and try it out. Well, all the options hereseems to be user-friendly so you will know what to do. It seems to be easier process. You'll understand it betterwhen you try to reply an application by yourself. So first and foremost, I would start by talking aboutwhat cloud storage exactly is. Then we would move furtherand understand some of the myths that surround cloud storage but also discuss certaincloud storage practices and would understand how different cloud storageservice providers work. Finally, I would finishthings off with the demo part where I would be talking abouthow cloud storage Services work on Amazon web services. So I hope this agendais clear to you guys. So let's not waste any timeand quickly get started then. So what exactly is cloud storagenow first and foremost, let me tell you what promptedme to actually go ahead and take this session. Well recently. I had been interviewingand where I asked people what do what did the knowabout cloud computing and they told me that cloud computing is a place or it is a place onlinewhere you actually store data. I went to some extent I agree. Yes cloud computinghelps you store data, but that is not the definitionon the longer run. So that is why I thoughtthat we should actually go ahead and have this session so that we can discusssome of the myths that surround cloud computingand tout store is in particular. So guys, let's startwith a basic definition first. Storage. Well, it is something that is made availablein the form of service. Which is connectedover a network. So guys this isa very basic definition and the throw some more light. I would like to actually goahead and given certain examples as well to specifywhat does this definition mean? But to some pointthis definition is correct. It says that it isnothing but a storage which is available as a service which is connectedover a network now again, you might wonder asin this is what people told me in the interview, right? I mean it is a placewhere you store data. So yes cloud storageto some extent. Yes. This is what it is. But when you talk aboutcloud storage it is lot more than this basic definition. Let's try to understandwhat all this cloud storage exactly has to offerto you people. Well first and foremost as I've already mentionedit is storage it can let you store emails media. Now when I saymedia you can store in a different kind of media whether it's your images whether it's your videosor maybe other kind of files. It also lets you holdServices as well. Yes. We are living in the worldof internet right now and there are various Services websites that are online and this data can be storedby using Cloud platform. and finally I'm sorry guys finally it is nothingbut the backup now when I say back up guys, we are talkingabout large Enterprises that let you back up the data and the using Cloudplatform to do that. But again, it's to stillholds the same point right? I mean when I sayemails Media Services backup for large organizations, I mean it is stilla simple storage know now, let me tell you what it does when I say backupfor large organizations. We are referring to a lotof pointers here data coming in from different sources. The weight is processed. The weight is integrated andstored into a particular storage how it is handledand what all can you do with it. Now when you talkabout a cloud storage, it actually takes careof all these things. That means it's not redundantor a dead storage where you just takeyour data and put in your data you can thinkof it as smart data storage. So to understand that let's talk aboutcloud computing a little so what cloud computing doesis it lets you have this data on the platformand it is a platform where it hasa number of services that lets you compute or process this data to suityour business needs now, it can be using machinelearning Big Data finding out certain patternsusing power bi tools or not power bi tools bi tools. And also do a lotof other things like maybe use a cloud platform where the data can be usedfor marketing purposes, Maybe. I think I owe to Botsand stuff like that. So this is whata cloud computing platform. Does it basically lets you usedifferent sources and use this particular data to domultiple or different kinds of things. So when I say a cloud storage it basically ensuresthere is a mechanism that in first place it storesdata and lets you perform some of the actions that you can actuallyperform on this data. So as we move further, I would be discussingquite a few pointers that support this claim or this. Definition of mine. So let's just movefurther and try to understand a little more pointersor some other pointers that talk about cloud storagebut to keep it simple. It is a storage that lets you do a lot of thingswith the data primary reason being storing the data and the other reasonsbeing processing it or managing it also so let'smove further and take a look at the next pointer. So what are the mythsthat surround a cloud storage? Well when you talkabout the myths, this is what some peopleThe same that cloud computing is suitable only for large scale organizationsknow this is not true. Let me give youan example recently. What happened was oneof my friends. He actually happento format his mobile phone and he lost all the imagesand other data that was there on that phone. So the problem was henever backed that data on any Drive neitheron Google Drive or anywhere so he lost the data so he came to us and he told usthat this is what happened. So we told him that Youshould have backed it up. Maybe on Google Drive. So next time he didthat and again, he being usedto losing his data. He lost his data again. So he again comes up and he's like I've lost the dataso we reminded him that he had his data storedon Google Drive. So when you talkabout Google drive, it is nothing but an onlinestorage where you actually make a copy of a data, so he made a copy of his data and he could actuallyget that data back. So when I say cloud storage itgives you a simple application or a simple. That you can actually go aheadand just put in your data just like Google River you can putin your data as well. So it is not limited tolarge-scale organizations only if even you area single individual where you just needto store your data, you can use cloud storage. Now, there are there arevarious cloud service providers that actually meet or cater different cloudcomputing needs So based on that the cloud storageis might get complicated and might give youmore functionality. But even if you need isas basic as storing data, don't worry cloudcomputing or cloud. Storage is for you as well. Now if you talkabout small scale businesses, yes these daysthe amount of data that is generated is huge. And that is why what happens is evenfor small scale organizations. You need a place where you can store your dataand somebody can manage the data for you so you can focuson your business goals. So this iswhere cloud storage comes into picture for even smallscale businesses as well. So if you ask me, yes last scaleorganizations are suitable for cloud computing or onlylarge-scale organizations. A suitable for cloud storage. This is a myth. Complexity with cloud guys. Now. What does this term symbolizepeople normally assume that having that privateinfrastructure makes it easier for them to actually goahead and put in your data that is not true. The fact that people are usedto certain methods or methodologies. They feel comfortable with it. Whether cloud is complex or not. I would say it is not why because if you get usedto certain Services, you would realize that storing or moving a data to cloud isactually lot more easier than Normal infrastructures are your previous or traditionalinfrastructures is what I would say, so whether cloud is complex, I would say no as we move into the demo partprobably we would be talking about this pointer or once I give the demo probably you would havea clearer picture how easy it is to actuallymove your data to Cloud. Not eco-friendly. Now this might soundout of the blue. I mean you might wonder this isnot a sociology session. So where did thispoint coming from? I mean not eco-friendly. Yes what peopleassume is the fact that a large amountof data is being stored on these platforms. So we have use amountsor use numbers of data centers which are big in size and they consumea lot of electricity. So there is powerwastage electricity wastage. Well, that is a myth again firstand foremost the fact that Getting a centralizedstorage somewhere. That means most of the datawould be stored there. So yes, you areautomatically saving out on your power consumption when you talk about it froma global or an Eco perspective. The other thing is Iwould not want to point out a particularcloud service provider. But when you talk about GCBthat is Google Cloud platform, then Amelie provide their cloud servicesat a very affordable price now, why is that? The reason for thatis they've actually put in a lot of effortinto the research part. Where the researched a lot on how they can actuallyminimize the cost and how did they do it? They basically ensurethat the amount of power that is consumedby the resources. They tried and optimizethat amount to a minimum amount so that they are charged less and in a way youare charged less. So if they're optimizingthat particular process, obviously you're consumingless amount of electricity. So whether it's eco-friendly definitely it iseco friendly friendly. Zero down time again. There's no such thingas zero downtime. Now the fact that I'm talking aboutcloud storage does not mean that I tell you that it has zero downtime and you're completely securedknow there is a possibility that there might bea downtime the fact that cloud ensuresthat this downtime is very less. Now. That is a plus Point what loud alsodoes is it ensures that there is disaster recovery and there is always a backupof your data or your resources. So even if something goes downfor a very little time and we normally it happensfor a very less time if it does happenand it happens very rarely, but even if ithappens care is taken that nothing harmsyour resources or your data. So zero downtime. No that is not true. But definitely downtimeis taken care of when you talk about Cloud storages. There is no needof cloud storage. Okay, this is oneof the biggest myths whether people agree or not. If you go back like 10 yearsfrom now probably people did not know a lotabout cloud computing. But with time peopleare actually moving to cloud and if you take a lookat recent statistics, they would agree as well. I mean people would be wantingto switch to cloud in near future. And the reason for thatis the quite a few service is quite a few facilitiesthat cloud gives you and that is why peopleare moving to And if you do move to Cloud, you'll be usingcloud storage inevitably. So yes that is going to happen. And if you think that there is no needfor cloud storage definitely near future. I would assure you that even you wouldbe moving to Cloud. So Guys, these are someof the major myths there are some other myths as well as wemove further not worried. We would be discussing that aswell in some other pointers. So let's just go ahead and talkabout some of the benefits of using a cloud storagefor data storage or basically using Cloudfor data storage. So what are the benefitsof the signal I purposely kept this pointer for the later halfand I first discussed the myth because these pointerswould definitely help you understand someof those myths better. Not a cloud platformis customer-friendly. What do I mean by this? Well, first and foremost when you talkabout cloud storage, what you're able to dois you're able to scale up your storage scaledown your storage keep it secure monitor it and you can ensure that there is constantbackup taken of your data. So when you talk about itfrom a security perspective, it is secure as well pluswhat cloud service providers do is they've had so many services that In the market you talk about any popular cloudservice provider they have lot of servicesthat are made available. What do these servicesdo is they ensure that you're functioningon cloud platform is very smooth and same isfor cloud storage as well. You can utilize variousServices which ensure that you're functioning or you're workingon cloud becomes easy again, which I have beenreiterating for a while. Now that I would be talkingabout these in future slides. Don't worry as we getinto the demo part you would and how user-friendlythese Cloud platforms are Security now again, this is an important point when you talk aboutCloud platforms Cloud storages are they secure or not? Definitely they are very secure and there was a timewhen people believed that these platforms when not secureto a greater extent and that out was understandable. I mean if there is something that is new in the marketyou tend to doubt that but if you talkabout Cloud platforms these platforms are actuallymore secure than your on-premise or your traditional. Says which people are usedto using the reason for this is if you talk aboutcloud service providers, let's talk about AWS. That is Amazon web servicesin this case. What it does is it gives youa shared security model now, what do I mean by this youhave service level agreements where you and your customer or maybe the customerand the AWS providers. They basically come to a term where the decide asin what kind of security or what kind of principlesare to be implemented on the architecture and youcan take control as a new. You can decide what accesses doyou want to give to the vendor? And what are the axis isyou want to keep to yourself? So when you docombine this approach? It ensures that security is isat the optimum and you get to be or you get to take controlof your security as well. So yes, if you talk about cloud storagebeing secure or not. Yes. It is very secure to namesome we have S3 and AWS. It is highly durableand it is highly reliable. So when you talkabout disaster recovery and T it is almost up to there and as I've alreadymentioned not everything is hundred percent when I talked aboutthe downtime or yeah the downtime part so yes, not everything ishundred percent. But when you talkabout security and durability when you talk about S3 in particular it is99 point something six or seven times nine that is99.999999 times durable. So that does makea system very secure. Another benefit guys. It is pocket-friendly. Now, if you talkabout cloud service providers, whether it's storage, whether it's compute servicedatabase Services all these Services you can actuallygo ahead and use these services for rental basis. It's just likepaying for electricity. I mean, if you're using a particular service youwould be paying for that service for the durationyou use that service and you would be payingonly for the resources that you've used. So it is pay-as-you-gokind of a model where The only for the resources you use and only forthe time duration you use so whether it'spocket friendly or not. Yes. It is pocket friendly. And as you move further, I mean if you are usingmore storage the cost again, it comes downto a greater extent. So it is already cheaper andif you decide to scale up, it would be more cheaperor it would be cheaper is what I should say. So yeah, these are someof the benefits now if you talk about cloudcomputing and storage again, there are other benefitslike as I've already mentioned durability. Scalability and variousother benefits but these are some core ones. I would not want to getinto the details because I wish to keep everyoneon the same page for people who have been attending this session for the firsttime and for people who probably know a bit aboutcloud computing again guys, if some of the termsthat I'm talking about in this session you feel that these terms arefairly new for you and I'm probably goingat a faster Pace, I would suggestthat you actually do go ahead and check into the The sessions that we haveon our YouTube channel because we've talkedabout a lot of stuff there. I mean other cloud services what cloud computing iswhat cloud service providers are what are differentservice models and quite a few other videosand sessions to be honest. So I would suggest that you go throughthose sessions as well. And I'm sure that by now many of youmight have been wondering as in whether this sessionwould be recorded and a copy of itwould be available to you. People are not not verymost of us sessions. They go on you. Boop so probably a copyof it would be there on YouTube. And if not, you can actually shareyour email IDs as well. If it does not go on YouTube. Somebody would share a copyof the session with you people. So guys if I'm if I'm happening to goa little faster than what you're expecting do not worry you'd be havinga copy of this as well. But for now just try to keep upwith the pace that I am going with and I'm sure that by the end of the sessionwe all would be good. So guys what are someof the cloud storage practices that you should takecare of now? These are the practicesthat should concern somebody who is planning to moveto Cloud again. If you are a newbie and you're just here to practicewe are not talking about you in particular but these pointers are important for you asan individual as well. But I'm talking about it from morebusiness business perspective or more industrial perspective. So if your organizationis planning to move to Cloud Definitely. These are someof the practices or pointers that you should take care of. So first andforemost scrutinize SLA, so as I've alreadymentioned you have SLS where your service providers orvendors basically come to a term where you actuallygo ahead and decide on particular rules as a nugget. These are the terms and theseare the services as a vendor. I would be providingyou people and you as a customer you agreeto certain terms as an okay. This is what youwould be giving us. And this is what wewould be paying you. So there are certain pointersthat you should consider while you are actuallysigning your essays. That you need to understandis when they say that you would be this is thebase charge try to understand how the charges would be when you decide to scale upand stuff like that other thing that you need to consideras I've talked about downtime. Right? So normally you have SLS where people talkabout the stuff that there won't be an outagewhich is more than 10 minutes. So yes, I mean thissounds fairly good right? So in an hour's time, this is a hypotheticalexample do not consider that there would bea downtime of 10. Minutes, this isfor your understanding. Let's assume that there'sa downtime of maybe 10 minutes in an hour's time, which is too high for now,but let's assume that so what serviceprovider would claim is if there is a downtime once probably this iswhat the charge would be. But if it goes downafter that probably you get some more consistent discountand those kind of things. So if there is an SLAwhere you say that it is 10 minutes, What if they were to down timesof nine minutes in an hour and that is fairly close, right? So you've been robbedof your right? So that iswhat I'm trying to say. I mean if you do actually go ahead and haveparticular SLS make sure that you considerin right points that suit in your business as well. Follow your businessneeds again guys storage as we move further, we will be discussingwhat are the different kinds of storage is so when you talkabout cloud service providers, they provide UN number of storages or In typesof storage is what I should say. So depending upon the businessyou're dealing with the kind of data that is generated. You should be able to choose a proper storagefor your requirements. I mean, whether you're dealingwith a real time data, whether it's stationarydata archival data based on that you should be able to actually go ahead and setup your cloud storage. Also, you need tounderstand as an okay. Um, this is the dateI would be putting in and these are the IntegrationsI would be needing because I'm usingthese kinds of tools. So are those Withmy cloud platform, so probably you need to considerthese pointers as well. And if you follow these rules probably a business would endup saving a lot of money. Now there have been used cases where businesses haveactually gone ahead and saved lakhs of dollarsthousands of dollars. So yes consideringthese pointers understanding your business alsobecomes important. You need to ensure that the securitywhich you are actually managing or monitoringis defined properly. I've already mentioned that if you talkabout cloud service providers, they let you have an SLA where you both cometo a similar agreement. So understand the securitywhat are the accesses that you have? What are the accesses? You want to give? What kind of data are youdealing with and based on that? Probably you can come to terms when you're actuallymoving to Cloud. Plan your storage future what we are trying tryingto say here is plan the future of your storage again. Do you need to scaleup in your future? What are the peak timesthat we can expect and stuff like that. So when you initially actuallyset your storage up probably you would be in a muchbetter position to scale up. I'm not refraining from the fact that cloud providersare already scalable, but just to be secure you can do that when you talkabout Cloud providers mostly the give you an optionof scaling, right? V or instantly but stillhaving an understanding of how much storage you need where you going to movein like two years three years time probablyhaving an understanding of all those thingswould definitely hold you in a much better position. Be aware of hidden costsagain guys have talked about the first SLA, right? So it is similar to that understandwhat you're paying for. How much are you paying for? It is a pay-as-you-go model but having an understandingof which Services would cost you how much would help youin performing proper essays or having proper policiesfor your storage. So these are someof the do's and don'ts of cloud storage guys. Again, if you need more insightson different Services as well. We have a video or a sessionon YouTube which is called as Interviews best practices youcan take a look at that as well where we talkabout different services and how can you actually performcertain tasks which would ensure that you are in thebest possible position. So guys we've talkedabout quite a few things. We wonder stoodwhat cloud storage is. We were understoodwhat are the benefits what are some of the myths and what are someof the practices that you should takecare of now, let's take a look at some of the differentcloud service providers that provide youwith the services and once we are done with it, then probably we would moveinto the demo part. So guys the quitea few cloud service providers, which also provide youwith storage Services. We have Google cloud platform, which is one of the leading ones digitaloceanprobably it's everywhere whether you searchfor Internet ads companies. It's there. Tara Mark again, this is a popular cloudservice provider IBM. Is there in storage or in Cloudfor a very long time guys now if you go way backI happen to did like I happenedto attend a session where I believe it was AWSand some reinvent session where I do not rememberthe name of the speaker, but that wasn't madea very valid point. He's at that in 1980s. He remembered or he happento visit a facility. I believe it. As IBM's I'm not surewho's I think it was IBM's so he said that they had this huge machinewhich was for storage. I mean, it looked very coolin 1980s use machine and it was very costly it was like somewherearound thousands of dollars and the storage space was 4mb. Yes for 4mb, the costwas thousands of dollars. So you can understandhow far storage has come how far cloud has comeand And yes, IBM, it has been there. I mean it has beenthere since then. So if you talk about IBM you talkabout Google's Cloud platform. These are principalcloud service providers. Then you have MicrosoftAzure knife you talk about current market. I mean if you go by the statsalone Microsoft Azure and AWS. These are the leadingcloud service providers AWS is way ahead of all the othercloud service providers. I'm so sorry, but if you talk about Mike Soft as your it isactually catching up that Amazon web servicesand greeson starts show that Microsoft Azureis doing fairly fairly. Well, so yes, these are some of the popularcloud service providers and more or less all of them havegood storage Services as well. But as I've already mentionedAmazon web services is one of the best in the marketand in today's session, we would be understanding some of the popularcloud service services that Amazon web serviceshas to offer to you and when I say popular Services, I would be focusing onstorage Services specifically. So guys, let me switch into theconsole and we can discuss some of these Services there and directly moveinto the demo part. So yes guys, I hope this screen isvisible to you people. This is how the AWSManagement console looks like. So again for people who are completely newto Cloud platform. Let me tell you that what Amazon web services are most of the othercloud service providers do is they give youa free tier account? What they're trying to say hereis you come you use our services for free for a shortduration of period And if you like then goahead and buy our services so These services are actuallymade available to you for free for one complete Year. Yes. There are certain limitsor bounds on these services. So if you exceed those limitsyou would be charged. But if you stayin the bounds or limits, you won't be charged and if you talkabout exploring these Services, these limits are free tierservices are more than enough. So again guys, if you are completely newyou should come here. That is Amazon web servicesManagement console create a free tier account. It is a very simple process. Put in certain detailswhere you work. Why do you want to usethese services are basic details and then probably you would haveto enter your debit card or credit card details. Don't worry. They won't charge you but thisis for the verification purpose. And again, if you're worried aboutwhether you would be charged or an amount would be - from your credit amount thator your credit card that does not happen guys, aw is gives you a notificationsaying that okay, you've been using these servicesand probably you might be over using some of your servicesalso you An setting alarms where if you reacha particular limit after that, you can actuallygo ahead and ensure that there is an alarm so that you do not exceedthe free tier limit. So yes, once you do have an account you can Avail allthe services that are here guys. So let's just go ahead and takea look at the console a little and just jump into the storageServices right away. So when you clickon this icon here storage guys or Services rather you getaccess to all these Services as I've already mentionedAWS provides you quite a few Services the sameroom hundred Services guys, and they coverdifferent domains. You can see the domain namesat the top computer Vortex analytics businessapplications storage. You have management and governance securityidentity management and all those Services guys. So the in number of serviceswhether it's migration whether its MediaServices you Services for almost everything so as we would be focusingon the storage Services before we go there. This is one thing probablyyou can select a region where you want to operatefrom that is you want to create your resourcesin this particular region. You can always havethis option of using it. So what is the reasonguys your data is based in a data center, right? I mean your datais copied somewhere. So if you areusing those resources, probably your data would be fetchedfrom that particular location. Asian so you can choosea region probably which is close to you if you like if your businessis located somewhere else probably you can choosethat region as well. So you need to gothrough the list of regions that are availableand accordingly make a decision. Now this beinga simple demo guys, I'm would be sticking upor sticking to Ohio basically. So let's just go ahead and jump into the cloudservices part and let's talk about storage in particular. So guys, if you take a lookat the storage services that are here you can see that These arethe storage services that AWS has to offer to you. We have S3. We have EFS you have FSXyou have S3 Glacier storage Gateway an AWS back up. Let me just try and throw some lighton some of these services and probably we would justgo ahead and get into the demo of one or twoof these services at least. So guys, I'mwhen you talk about S3, it is simple storage service. So that is s now this storage is basicallyObject bucket kind of a storage. I mean your containerwhere you put in your data where you store your datais called as bucket and your data or your filesare basically stored in the form of objects. Let's just go ahead and quicklycreate a small bucket. This would be a very smallintroduction to the service. Let's just go ahead and do that. So when you keep on clickon this icon guys, that is S3. It redirects youto the S3 console guys where you can actually go aheadand create a bucket. I've mentioned the pointer that there are Don't services that make your job very easywith cloud service providers and when you talkabout storage Services, it is no different. I mean there areServices which ensure that your job is fairly easy. So let's just go ahead and seehow easy it is to work with S3. If you wish to createa bucket guys, if you wish tocreate a container, it is very easy. Just go ahead and clickon create bucket and give it some name say Samplefor today, maybe guys. I'm very badat naming conventions. But please forgive me for that. Again. The names here should be unique. I mean if the name is takensomewhere else probably you cannot renamed. I mean you cannot usethat name again. So yes, and sothat your name is unique and probably guys you should try and name your bucketsin such a way that those are morerelatable say for example, if you have a bucket for maybe creatinga particular application, so maybe bucketfor that application. And or something like that so that you have a hierarchy and in that way youcan assign IM users or access to those bucketsin a particular order because you would not want all your users to haveaccess to that bucket. Right? So naming conventionbecomes very important. So just go ahead and say next. Keep all the virgin'sguys versioning becomes very important again. Let's not get into the details. But let me give you a small ideawhat happens here versions. That means each timeof buckets get updated. Probably I would wantto version or a copy of it and I would want the latest one. So when I was on it, it maintains those copies and if I need to go backI can actually go back to a particular levelor a benchmark, which I set the previoustime in this case. Let's stick to basic one and I'd not wantany logging details either. So just next. Again, guys, there arecertain Public Access has which have been given so permissions and accesswe would talk about that not worry for now just say next and Iwould say create a bucket. And guys the bucketis already ready. I'm in my containeris already ready so I can just go aheadand probably open this bucket and put in a file if I want and that wasvery easy guys. I say upload and if I'mconnected to my local system, I just say add files. Let's pick this random file, which uses this nameand I see upload. And there you go guysthe file is already there. I mean, we've created a bucketa container will put in a files. It's as simple as that permissionsas I've already mentioned now, let me talk about this point. I skip this point, right? So let's discuss this a littleso guys security something that you can handle. So you would decideor you need to decide what are the users that need to accessa particular bucket suppose. Your organization hasdifferent people working on different different teams. I mean you have somebodywho is a developer. There's somebody who's workingon maybe The administrative part on maybe on the designing part. So for particular bucket, you have particular data so you can decidewho gets to access what so settingin policies becomes important. You can create your own policiesas well initially. We saw that certainPublic Access is restricted to this bucket. I said, let's skip it skipthat for now. So when I say thatPublic Access is restricted, that means not any publicpolicy can come in and dictate terms are sayingthat use this policy why because There is a restriction. This is a private bucketand not anyone can use it. So guys when you talkabout S3 in particular, you can create bucketsyou can have backups. You can have your EBS backupsalso moved here. You can have your you can moveyour data from here to Glacier. We would be talkingabout they should not worry. You can have your elasticBeanstalk applications your past applications and the data can be storedin your S3 buckets. You can haveyour CI CD pipelines and the data can be movedagain to the S3 bucket. Now, this is highly durableand highly reliable. It's of storing data and it gives you fast retrievalof data as well. Let's go ahead and try to understand some otherservices as well guys. So when I come back here and I cefs elastic file storageor system browser. So here basically in this storage youcan store files. Yes. We are talking about datathat is in the form of files. And if you wishto connect it better with the network you can go for EFS as well because then you have somethingcalled as S3 Glacier. Yes. We talked about S3 rightwhere data is. Is durable and itcan be accessed very quickly S3 on the other hand letsyou store archival data. Let me tell you whatarchival data is first. So guys when you talkabout archival data, basically what happens with archival data isyou're dealing with data that you do not needto use every day. Let me give you an analogy. I'm not sure whether you'd be ableto relate to that. So guys, I'm yourbirth certificate now, I belong to India and we've been taking A lotbut we still have a lot of data that is in the form of papers. Even if you go to hospitalsattempt to request for a birth certificate. It might take days for you to getthat birth certificate. Why because there is some person who will be goingthrough all those documents and giving you that document. This is just an example. Do not relate itlike very seriously. But yeah, so it might takea couple of days, right so and the birthcertificate thing. I mean, I might not needbirth certificate every day. It might be once-in-a-decadethat I might go to a hospital and probably requestthat particular birth. Ticket, right? So this is a kindof data probably which had not needregularly or in real time. So I can compromisea little on the fact that if the person is givingme that data in two days time. It's okay becausethat does not cost me anything. I can wait for two days maybebut that's not the case at times you need the datato be retrieved very quickly. So if that is the case youshould store it where in S3, but if you're finewith this delay, probably you would wantto store it in Glacier. Why? These are normallytakes a longer while to retrieve your data, but the advantageof Glacier is it is profitable because it is very affordable compared to S 3 S 3 isalready affordable. You can check in for the prices. But if you have archival data, which you won't be usingeveryday, you can store it here and the factthat it takes a longer while it won't cost you. I mean, it won't cost in that perspective of accessingyour data in real time. Right? So if the data is something that is not needed regularly youcan Move to S3 Glacier, right? So what happens is S 3 you canactually move in all your data. And then if you realizethat there is certain data, which would not need every day. Just move it from S3 to S 3 Glacier where the data is storedin archival form and it is or it does not cost you a lot. So again guys, I won't be gettinginto the demo of S3 Glacier. We have a session on S3 Glacier or Amazon web servicesGlacier other and to do that. What you need is you needprobably a third party tool. That makes it easierfor you to retrieve the data. So I won't be gettinginto the stuff where I download that to landand show you how it works. It's very simple. We'll just likewe created buckets. Are you create volts thereand you probably move in your data and youcan retrieve that data. But again, it takes a long whileto retrieve that data. So it is similar to S3,but little different so yeah, that is S3 Glacier. We understood what EFS isand what S3 is then again guys, you have some otherservices as well here if I Scroll down you haveyour storage Gateway. You have your AWSbackup as well. So what are these things? And what do these thingsdo well storage Gateway an AWS back up basically back up as it says you can havebackup of your data and you can like save itfrom going down and stuff like that when you talk about storageget with these are services that let you move your datafrom on-premise atmosphere or your infrastructurerather to Cloud. So if you already have data thatis on your existing on-premise or infrastructure rather, you can actually movethat data to Cloud as well. So there are servicesto help you do that. And those services areyour storage Gateway services? So guys we've discussed some of these Servicesthere is something else which is called aselastic block storage. Elastic Block store is what it does is it letsyou create volumes snapshots and copies of the volume that is attachedto your instances. Let's go ahead and takea look at how this works. I mean there are a lotof pointers to talk about it. So as I move further, I would be discussingthose pointers while I also show you how to do it. So guys when I say EBSor elastic block storage what that does is it letsme attach some kind of volume to my instance now instances. Let me tell youwhat instances are first. Now when you talkabout cloud services, they give you compute Serviceswhere you can spawn instances or spawn temporaryservers or servers where you want to hosta data now each time. I won't be going out and buyinga new machine right instead. What cloud does is it? What happens? Yes, guys. Okay, guys, I'm not surewhether there was a lag while you were goingto this session. What happened is let me tell youwhat happened my connection the streaming connectionto my software, which I'm using to stream. This session did go downa minute back and it shows now that it is connected. So I would like to know whether I'm audibleto you people are not if yes, then we can continuewith this session guys. Okay, I'm guessing we're fine. So I'm just gonna go aheadand continue with the session. I was talking about instances. Let me talk a littlemore about it. So when I talkabout these servers that are ready to use basicallythese servers are something that you can use and you can havesome memory attached to it. So what we're goingto do is we're going to go ahead and launchone instance and understand how memory or hosestorage works with it. So to do that wewere going to go ahead and just launchedthat particular service. It is called as To whichis a compute service guys. So here I can actually go aheadand create servers or launch instancesin simple words. So let's just go ahead andlaunch a particular instance. Now, I have the freedomof launching both linux-based windows-based oneto based kind of instances. So you have the freedomof choosing what kind of instance do you wantthis being a simple demo guys. I'm going to stickwith the windows instance. I'm not going to show youhow to deal with that instance because I've donethat in previous sessions. You can take a look at some of those switchsessions as well guys. Let's just go ahead and launchthis particular session or this particular instancerather now guys, this is a Windowsinstance and okay, not this let me launchon basic one. This is also free tier guys. But yeah, I wouldwant this make sure that your instanceis EBS backed. So guys, you're backingup Works in two ways. You can back it up on S3. You can back it up on eBay as that is elastic block storagenow elastic block. Storage is important why it letsyou create images and volumes. What are thosewe'll talk about that once we create this instance. So ensure thatfor now it is EBS. So if I clickon this is the thing if I click on this icon, It would give medetails what kind of instance I'm launchingwhen I say T2 micro. It is a small instancewhich has one CPU and one gigabytes of memory for now and I can justgo ahead and say next. Okay, some of the other details whether you wantto be PC or not. Let's not discussthat and then you get into the storage part guys. This is the device with two which I am attachingmy root volume. So this is the path rather. So I need to focus on this. It is SDA one guys. That is slash Dev slash sd1. You need to remember thiswhen you create new volumes and the types of volumes that you can attachto your instance are these you have general-purpose SSDprovision tie offs and magnetic. It is take a something that is getting outdatedprobably might be replaced. So these are the few ones youalso have some other kind of volumes that youcan attach but the point that you need to remember is when you talk about havinga primary volume in that case you have only these options because these are bootable guys so there are certain othervolumes that you can attach if I attach a secondary volume, you see the options are more. I have SSD for trafficoptimization and then I have cold SSD as well. But this is a basic thing. We not going to getinto the details of that. You would skip that so guys all I'm tryingto say is this is the device this is the size and probably this is the typeof instance or volume. Sorry is that would be attachedto my instance. So let's just go ahead and saynext a tax for now. Let's not add anything and then let me sayconfigure the settings. So guys when I launchedan instance it says that security is not Optimum. It's okay. I mean you can assign the portyou want to when you use it for a higher security purpose. And then this is important guysfor your each instance. You need a key pair which is a secret wayof logging in or a secure way of loggingin not secret a secure way. So this is a secondplace authentication. Once you're loggedinto your account. You would be needing a key pair if you wish touse this instance, so make sure you create one and you store that oneas well if you have one which you can use probably. can do that as you can justcreate one say Nuki I said download guys. Once you download it. Keep it safe somewhere. It is stored in the formof that p.m. File. So do that and then Isay launch an instance. So guys once this happens if I just go backto the ec2 dashboard probably I can see that there is an instancewhich is running for now. It is 0 why because guys my instancesstill getting launched. It takes a couple of minutes or 1 and 1/2 or 1 minuteprobably to launch an instance. The reason for this is probablya lot of things happen in the background. I mean certainnetwork is associated. If you talk about an instance, it needs to communicatewith other instances, right? So in that case Probablyyou need to have a network that lets allthese instances connect. So a network is set herebasically and probably all the storage volume is attachedin a lot of things happen. That is why there arecertain statistics that your instance needsto go through and hence. It takes a minuteor so to launch this instance. So if you take a lookat this the status text it says that it is initializing. So if you refresh itprobably it happens at times. So let's just try our luck seewhether it's No, it's still initializing but guys we can see the volumethat would be attached to it. So, let me just come hereand rather go here if I click on volumes, there is there is a volumethat is attached to it. So there is a 30 GB volume. So there's a volume that probably hasa size of 30 GB. So it is here alreadyand it is in use so it would be attachedto my instance once it is up and running. So the point I'm trying to makehere is what elastic block. Storage does is it letsyou manage all these things now? There are two ways to managethese things either you create a copy of this volumedisable this volume and then attach the next one or probably you can directlyscale your existing volume or make changesto it right away. So what elastic Block store is does is it letsyou manage the storages? So again, let me tellyou how it works. So when I createan instance probably discredited in a particle particular region, right so in that A particularregion say for example now I'm based in India. So I have a datacenter in Mumbai. So my instance would be createdat that data center and probably the storagefor it would also be there. So there is no latencywhen I try to use that storage. So this is what EBS does it lets you managethat particular storage. So how it works is Ican create a copy of it. So what this copy does is itserves two purposes so next time if I wish to make In justto that storage I can do that if this particular storageor volume goes down. I have a backup copy again. I can create snapshots as well. Now what snapshots do isbasically they let me replicate my instance and the volumethat is attached with it. So instead of creatingan instance again, and again with if I've defined certainproperties for my instance and not have to worry aboutdefining those properties again, and again, I can just createa snapshot or I can rather create an Emi out of it, which I can storeand use it next time. If I want to spawna similar instance, so this is very BS helpsin it lets you have backups of all these storages it lets you create copies of it. So even if something goesdown you can work on the copy that you have so guys by now. Our instance would be created. Let's just go aheadand take a look at it. It says it is running guys, and we've already takena look at the volume. Let us create a copyof this volume to do that. I'm going to go to the actionsmy instances selected already. I can just go to modify and make changesto this volume right away, which is an easier way, but I'm going to show you how it can be donethe other way as well how it used to workpreviously so I can just say that create a snapshot. details Sample,and I say create. So guys are snapshot is created. If I come here I can take a lookat the snapshot again. It is spending mighttake half a minute for the snapshot to get created so I can just come hereand replace or refresh other. These things at timestake a little while. So guys we would be creatinga copy of it probably viewed by detaching the volume that we have created and itis attached to our instance and we would replacethat with the copy that we are creating now. So once this thing is doneand created we can do that. For some reason it's takinglonger while today. Let's hope that itgets done quicker. Look, it's still processing. Let's bear with meor just bear with me. Meanwhile this happens. Again guys if I was too fastand if I missed out on certain things Iwould like to tell you that you can go throughour other sessions on YouTube and probably you would be in amuch better state to understand what has happened here again, there was an outagewe're not out. It's my software did not workproperly the streaming software and probably there was a lackof a minute or two. So I'm hoping that you are did not miss outon anything that was happening. Meanwhile. Just hope that this Snapshotgets created quickly. It is still pendingand this is irritating at times when it takes a longwhile It's completed guys. A snapshot is ready. I can just go ahead and saycreate a volume out of it, which I wish to attach. So guys thereare certain details that we need to do. So for that laces go back first. Let's go back to the instancethat we have and let's see where the instanceis created guys. So as you can seeif you come here, it would give youthe details of the place where the instance is created. So it is u.s. East to see so when youcreate an volume a volume, it is necessary that you createdin the same region guys because as I've alreadymentioned the benefits of having it in samereason is region is that you can attach itto your existing instance and it saves youfrom various Layton sees so, yep, let's go back to the snapshot spot and saycreate a volume of it. I say create and then I probably let's sayI want more storage guys that's in 90. Okay, this is generalpurpose it is to way. So let's go to to seeif I'm not wrong. It was to see let's just go ahead and create it into see and say create volume. Clothes so guys are instances where our volume is createdsuccessfully again guys. Now you can take a look at it. From this perspective. I have my Snapshot here, right? So this snapshot says 30gbthat does not mean that the snapshotwhich I took its size is 30 GB. It says that it was created from an instanceor size is 30 GB. So there's a difference betweenthese two things guys understand that as well. So I have a volume which is based in availabilityZone to see I have an instance which is here and it again isit availability Zone to see so we can attach to it. Let's just again go backto the volume spot. So guys, I have two volumes. I created this one and thisis attached to my instance. Let me just tryand remove this first. detach volume Okay, it's giving me an errortry to understand why this error is there guys. My instance is already running. So I cannot directly removethis volume from here for that. I would have to selectthis instance go to instant State and say stopso it stops working for now. And once it does Ican attach the volume. So for now what you can seeis there are these volumes here it is in use right? So once the instantstops it would be available and won't been used so I can replace itwith this instance. So it has stopping ithasn't stopped yet. So as do not worry, we would be donewith the session very soon. And once we are done probablyyou all would be free to leave. I believe that this sessionhas taken longer than my normal sessions. But yeah, there wasa lot of stuff to talk about we talked aboutthe complete story services that you have reached hasto offer to you people hence. This session was so long. So let's just quickly go aheadand finish the stuff. It has stopped. So guys I can now go aheadand remove the volume or detach this volume and goahead and attach the other ones if I say detach it would detach. Yeah, see both are available. Now. Let's try to attachthis volume and say attach volume searchthis is the instance guys, which I have created and you need to givein the device details, which was / whatwith the details. Let's just go backand take a look at the details that we're supposedto enter in here. So as a you need to givein the path that we talked about which is the drivethat we've discussed, right? So that is the partthat you need to enter. And then you actually goahead and say SD a one. Slash and probably youwould be more than four to go. So this is the other thing Ido not remember the other part. So you need to go ahead and putin these details here. If you put inthese part details guys, you can just go ahead and attach your volumeright away and this volume would get attachedto your instance. So this is how it works and you can actually go backand do other things as well. So if I just come hereI have this instance. So what you have to do isyou have to actually go ahead and click on this thing for now. It's not working. But if you just come backhere or to the volume part. So if you just goto the volumes part with we were at in the previous. Slide you can actually go ahead and attach the volumes now hereyou go by just go to instances. Probably go backand I say ec2 again. Yeah, if I come backtwo volumes guys. You can attach the volumes that are there youcan delete those and you can do a numberof changes that you wish to do. So just go aheadand attach these volumes and you would be morethan good to actually go ahead and launch our instancesor manage the storages that are there. Again. The only thing that I missed outon is the path I told you to note the paththe device name, right? You just have to go ahead andenter in the device name here. And if you enterin the device name while creating your volume or attaching yourvolume your instance. Get attached to that or your volumewould get attached to that instance right away. So yes guys thus prettymuch sums up today's session. We've talked aboutquite a few things here guys. We've talked about S3 Serviceswe've talked about we've talked about EBS in particular. We've understood likehow to detach a volume how to attach on Ijust did not show you how to attach the volume, but you can do that. The reason I'm not showing you that is probably lost outon On the device name here, which normally comes in here. So before youdeactivate your device, make sure that you havethis name and when you do launch or attach your volumeto that particular thing, all you have to do is youjust go to the volume spot. And probably when you say attached to a particularinstance put in that device name there and you areinstance would be attached or your volume would be attachedto your instance and you can just goahead and say launch or just startthis so-called instance again, and you'll be good to go guys. So as far as this particularsession goes Guys, these are the pointersI wanted to talk about. I hope that I've talkedabout most of these pointers and I've cleared all your mintsor doubts that were there. So that's when youtalk about S3. Now. It has a simple storage service which is simple or easyto use in real sense. It lets you storeand retrieve data which can be in any amount which can be of any typeand you can move it from anywhere usingthe web or Internet. So it is called asstorage service of the internet. What are the featuresof this particular service? It is highly durable guys now. Now, why do I call it durable, it provides you durabilityof 99.999999 some 11:9 now when you talk aboutthat amount of durability, it is understandable how durable this Serviceswhat makes it this durable. It uses a methodof checksum wear. It constantly useschecksums to analyze whether your data was corruptedat a particular point and if yes that is rectified right away, and that is why this service isso durable, then it is. Be flexible as well as I'vealready mentioned S3 is a very simple service and the fact that you can storeany kind of data. You can store it in any reasonor any available reason is what I would meanby the sentence. It makes it highly flexibleto store the data in this particularservice and the fact that you can use so many pi as you can and of securethis data in so many ways and it is so affordable. It meets different kinds of needs thus making itso flexible available. Is it available? Yes, definitely it isIs very much available as we move into the demo part, I would be showingyou which regions basically let you createthese kind of storages and how can you move and store datain different regions as well. So if you talkabout availability, yes, it is available in differentregions and the fact that it is so affordable making it available becomes allthe more easy cost-efficient. Yes now to start with we normally do not getanything for free in life. But if you talk about S3 storageAWS has a free tier which lets you use. Public services for freefor one complete year but this happensin certain limits. Now when you talk about S3, you can store 5 GB of datafor free at least to get started or get used to the service. I believe that is morethan enough and what it also does is it lets you have somewherearound 20,000 get requests and somewhere around 2,000put requests as well. So these are somethingthat let you store and retrieve dataapart from that. You can move in 15 GBof data every month outside. Side of your S3 Service as well. So if you are gettingthis much for free, it is definitelyvery much affordable. Also, it charges you on payas you go model. Now. What do I mean by this? Well, when I say payas you go model what we do here is we pay onlyfor the time duration that we use the servicefor and only for the capacity that we use this service form. So that is whyas you move along if you need more services,you would be charged more. If you do not need more amount of the service youwon't be charged to that. Extent, so is it cost efficient? Definitely it is scalable. Yes. That is the best thingabout AWS Services. Most of them are scalable. I mean you can storehuge amount of data, you can processhuge amount of data. You can acquireuse amount of data if it is scalability that is your concern you donot have to worry about it here because even thisservice readily scales to the increasing data that youneed to store and the fact that it is pay as you go modeldid not have to worry about the cost Factor as well. Is it secure definitely? It is now you can encryptyour data you have various bucket policies as well that let you decidewho gets to access your data who gets to write dataor gets to read data. And when I said you can encrypt your datayou can actually go ahead and encrypted databoth on client side and on your server side as well. So is it secure I believe that answers the questionon its own. So Guys these were someof the features of Amazon S3. So guys now letus try to understand how does S3 storageactually work now it works with the Concept of objectsand buckets now bucket, you can thinkof it as a container where as an object is a file that you storein your container. These can be thought ofas AWS S3 resources. Now when I say an object basically object isyour data file. I've already mentioned that you can store any kindof data whether it's your image, whether it's your files blocks,whatever it is, these are nothing but your data and this datacomes with metadata when I say an object. It is combination of your dataplus some metadata or Or informationabout the data what kind of information basicallyyou have the key that is the name of the file that you use inversionID is something that tells youwhich version are you using as we discuss versioning? Probably I would talkabout Virgin ID a little more. But meanwhile, I believe this is morethan enough your objects are nothing but your fileswith the required metadata and the buckets as I've already mentioned. These are nothing but containersthat hold your data. So how does it work guys? Well, what happensis Sickly you go ahead and create pockets in regions and you store your datain those regions. How do you decide what bucketsto you is what reasons to use where to create the bucketand all those things. Well, it dependson quite a few factors when I say I haveto create a bucket. I need to decide what reasonwould be more accessible to my customers or to my users and how much costdoes that region charge me because depending uponthe region your cost might vary. So that is one factor that you need to considerand let and see as well. I mean if you put your dataIn an S3 bucket, that is far away from you fetching it might causehigh amount of latency as well. So once youconsider these factors, you can create a bucketand you just tore your objects when I said version ID key, actually a system automatically generatesthese features for you. So for you it is verysimple create a bucket pick up your object put it in it or just go ahead and retrieve the data fromthe bucket whenever you want. So I believe this givesyou some picture about what S 3 is now letme Weekly switch into the demo part and letme give you a quick idea or quick demo as to how S3 works so that it is not toomuch theory for you people. So guys what I've done isI've actually gone ahead and I've switched intomy Amazon Management console. Now as I've alreadymentioned AWS gives you a free tier for whichyou can use AWS services for free for one complete year. Mine is not a free tier account. But yeah, if you are a starter youcan create a fresh account. You just have to go aheadand given certain details all You do is you just go to yourweb browser search for AWS free tier and sign inwith the required details. They would ask youfor a credit card or your debit card details enter any one of thosefor the verification purpose and you can actually go ahead and set up alarms as wellwhich would tell you as in. Okay. This is the limit to whichyou have used the services and that way you won't becharged for Access of data usage or service usage having saidthat guys this is about creating an account. I believe it is fairly simple. You can create an accountonce you create an account. Is this is the consolethat would be available to you? What you have to do isyou have to go ahead and search for Amazon S3. If you search s3r, it would kind of redirect youto that service page. So guys as you can see, this is the company'saccount probably somebody uses it in the companyand they have the buckets that are already created. Let's not get the that is just go aheadand create our own bucket and just go ahead and putin some data into it. It is fairly simple guys. I've already mentioned. It is very simpleto use kind of service. All I have to do is clickon create bucket and enter in name for some bucket guys. Now this name is unique. It is globally unique once you enter a namefor the bucket you Not use the same namefor some other bucket. So make sure you putin valid name and the fact that I use the term Globalsomething reminded me to be explained of so guys as you can seeif I go back here. I want you to notice this part. So guys when you areinto the Management console or you open any service by default the regionis North Virginia? Okay. So if I create a resource,it would go to this region. But when I select the servicethat is S 3 you can see that this regionautomatically goes to Global that means it isa global Service. It does not meanthat you cannot create bucket in particular regionsyou can do that. But the service is global is what they're tryingto see so let us go ahead and create the bucketLet Us call it today. Demo, you cannot use caps guys. You cannot use some symbols. So you have to followthe naming Convention as well. Today is demo. Sorry. I'm very badat naming conventions guys. I hope it is. Okay, let it be in u.s. East you can chooseother regions as well guys, but for now,let it be whatever it is. So I'm going to stickto North Virginia. There are 76 bucketsthat are being used. Let us just say nextbucket name already exists. So this was already takenguys see So you cannot use it. Let's call it say. vamos bucket 1 3 1 1 3 Okay. Do you want to keep allthe versions of the object? We will talk aboutwhat versions are. Okay guys. Meanwhile, you justbear with me. I'm just going to go aheadand create a bucket create a bucket and there you go guys. I'm sure removes bucketshould be here somewhere. Here it is. If I open it I can just go aheadand create folders inside it or I can directly upload data. So I say upload select a file. Let's just randomlyselect this file. It is Van Dusenfounder of python. Basically, let's just say next. Next next and the datais uploaded guys. You can see the data being uploaded and my fileis here for usage. So guys, this is how objectand bucket kind of stuff works. You can see that this isthe data that I have if I click on it,I would get all the information. What is the key? What is the versionvalue for now? Let's not discuss version. But this is the key or the name of the filethat I've uploaded. So it is fairlyclear right guys. So let us justquickly switch back to the presentation and discusssome other stuff as well. Well now guysanother important topic that is to be discussedhere is S3 storage classes. Now, we've discussed how the data is storedor how buckets and objects work but apart from thatwe need to discuss some other pointers as well asin how does AWS charge me or what kindof options do I have when it comesto storing this data. So it provides youwith three options guys standard infrequent and Glacier. Let me quickly giveyou an explanation to what do these storage classesmean and what all this? Offer to us when I say standardit is the standard storage which gives you low latency. So in case if there is some data that needsto be refreshed right away, you can actually goahead and use standard storage say for example, I wish to go to a hospitalfor certain kind of checkup. So in that case my detailswould be entered in and the fact that I am gettingmyself checked in a hospital or diagnosed in the hospital. What happens is this data is important andif it is needed right away, it should be available. So this kind of data can bestored in your standard storage where the latency isvery less the next we have in frequent access. Now, what do I meanby that now in this case my latency period has to be low because I'm talkingabout data that I would actually need any time if I want to butwhen I store this data for a little longer duration, all I want is this datato be retrieved quickly say, for example, I geta particular report or a particular test done. So in that case IActually go ahead and submit my detailsor say for example, my blood samples, but I need this informationmaybe after three days. So what happens isin this scenario, I would want to store this datafor a longer term, but the retrieval should befaster here in the first case that was not the case if Ineeded that data right away, and if I wanted it to be storedfor a very short duration, I would use standard. But if I want to store itfor a longer duration, and I want a quickretrieval in that case, I would be usingin frequent access and finally I Glacier we havealready discussed this here. Your retrieval speed is low and the data needs to be put infor a longer duration. And that is whyit is more affordable. If you take a look at the stats that are there in the imageabove you can see that minimum storageduration is nothing for standard for infrequent. It is 30 days and forGlacier it is 90 days. If you take a look at latency, it is millisecondsmilliseconds and four hours. So that itself explainsa lot of stuff here. So what art This classesand what do they do? I believe some ideas clearto you people again as we move into the demo part, we would be discussingthis part as well. And we would also discussexpiration and transition that supports theseterms but let us move further and try to understand something else firstversioning and cross region replication now guys when I say virginie, I'm actually talking about keeping multiple copiesof my data now, why do I need versioning? And why do Ineed multiple copies? He's of my data. I've already mentioned that AWS S3 is highlydurable and secure. How is that because you can fixthe errors that are there and you can also havemultiple copies of your data. You can replicate your data. So in case if your data center goes downa copy of it is mentioned or maintained somewhereelse as well. How is this done by creating multiple versionsof your data say for example, an image, I store itin my S3 bucket. What happens here is there iskey the name is same image. And virgin is some 3 3 3 3 3right now take a look at the other image. If I actually go ahead and create a copy of the firstimage its name would remain same but it's versionwould be different. So suppose both of these images. They reside in one bucket. What these images are doingis they are having multiple copies are givingme multiple copies now in case of imagenot a lot would change but if I have doc filesor data files in that case versioningbecomes very important because if I make changesChanges to particular data if I delete a particular filea backup should always be there with me and this is where versioning becomesvery very important. What are the features ofversioning by default poisoning is disabled when you sayor when you talk about S3, you have to go aheadand enable this versioning it prevents over writingor accidental deletion. We've already discussed that you get non-concurrentversion by specifying version ID as well. What do I mean by this? That means if Iactually go ahead and create one more copyof the data and store it. So the latest copywould be available on top but I can go to the virgin'soption put in the ID that belong to the previousversion and I can fetch that version as well. So what is cross reasonreplication now guys, we've discussed versioning. Let us talk aboutanother important topic that is cross region replication. Now when you talk about S3, basically what happens is youcreate a bucket in a region and you store datain that region, but what if I want to movemy data from one region or from one bucket in The regionto other bucket in other region, can we do that? Yes cross reason replicationslet you do that. So what you do is youbasically go ahead and create a bucketin one region you create another bucket in another region and probably you give access to the first bucket to move datafrom itself to the other bucket. So this was about versioning. This was aboutcross region replication and I believe you've also talkedabout storage classes. Let me quickly switchinto the demo part and discuss these topicstoo little He did so guys moving back. What we have done iswe've actually gone ahead and createda bucket already right when you talk aboutwhat was the name of the pocket. It was removes if I'm not wrong. Yep. So if you clickon the bucket name removes what it does is it basicallyshows you these details guys. Now you can see that your versioningis disabled, right? So if I click on it, I can actually come to this pageand I can say enable virginie. That means a copy of the data. That I createis always maintained. So if I go to the most bucket, or I just move backget this interface can be a little irritatingat times you have to move back and forth every nowand then so guys there is a file which we have stored. You can just take a lookat this date first. It says that it is 235that was the time when the object was moved. Let me just saythat upload the same file. This was the filewill be uploaded as in next next next upload. So where is this fileis getting uploaded. You can see the nameof the file is still same. We have only one file here. Why because it was recentlymodified at 2:45 from to 25 to 35. It got changed to 245. So it is fairly clear guys. What is happening here? Your data is getting modified. And if you wonder as in what happened to the previousversion, don't worry. If you clickon this show option, you can see that both of your virgins arestill here guys. This was created to 30. And at 2:45. So this way data replication and data securityworks much better. So you can secure your data. You can replicate your data. So in caseif you lose your data, you always havethe previous versions to deal with how does the previousversion thing works so as what happens isif I delete this file what Amazon S3 would dois it would set a marker on top of this file. And once I delete it if I search for that IDthat ID won't be available. Why because the our carhas switched to the next ID now. So whatever I want to do Ican do with the next ID as well. So there is one more thing that you also needto understand here is what happens to the file. I mean, I've actually deleteda file but a virgin is there with me can I deleteall the versions? Yes, you can specify the ID and you can delete allthe versions that you want. You can also do one thing that is you can set a particularlife cycle for your files when I say life cycle youcan decide as an okay now. I have a file instead. That storage we've discussed. This storage is Right standardstorage infrequent and Glacier what you can dowith your life cycle management is you can decide as an okayfor a particular time duration. I want this file to stayin standard maybe after a while. I want to move it to infrequentand after a while. I want to moveto Glacier say for example, there is certain data, which was very important for mebut having used that data, I don't want to use itfor next few months. So in that case I can move to the substitutes or tothe other storage classes. We're probably I won'tbe needing to use that data for a long while and doing that. I won't be paying for this data as I used to payfor the standard because standard isthe costliest of the three. So let us quickly. See can we do that orhow does it work? At least if I just go back? This is my file. I can actually just go ahead andswitch to management in that. I have the option of life cycleif I click here. There is no life cycleadd a life cycle. You can adda lifecycle rule as well. This new let me call it newand let me say next it asks me. What do I want to do? You can add rulesin life cycle configuration to tell Amazon S3to transition objects to another storage class. There are three requests fees when using lifecycleto transition data to any other S3or sa Glacier storage. So which version do Iwish to use current? I can say yes a transition and I can selecttransition to this tear when after 30 days. Days, and if I say nextit would agree expiration. You can select otherpolicies as well. So guys when I saytransition first thing what it does is it tellsme what time to transition to which storageclass and expiration. It tells me when does thisexpire so I can decide when to clean up the objectsand when not to let's not do that for now. Let's just say next next so guys what will happen here isafter 30 days my data would move to a standard one a storage so you can actuallygo Then decide whether you want to moveto Glacier in that drop-down you had more options as well. I did not do that,but it is pretty understandable. You can move to Glacier as well. So this is aboutlife cycle guys. One more thing. You have something called as replication you can addreplication as well. If you wish to replicate yourdata cross reason replication. I believe guys, I do not have access to do that because I'm usingsomeone else's account for now, but let me just giveyou some idea as to what you can doto replicate your data. You can just go aheadand click on get started. Dated so replicationto remind you people it is nothing but a process of moving data from bucket in one region to add the bucketin some other region. So for that I needto select the source bucket. So let us just say that this is the bucket that Ihave next now guys in my case. I haven't createdthe second bucket. What you can do isyou can just go ahead and create one more bucket. Once you createthe bucket you can select the destination bucket for now. Let us just saythat this is a bucket that has been createdby someone else. I'm not gonna transfer dataare but let's just select this for the demo sick. This is the bucketthat I have see it says that bucket does nothave versioning enabled. This is veryimportant Point guys. I showed you how toenable versioning right? If you select the bucket there is an option on the rightside saying virginie, you can actually go aheadand enable versioning there. So once you enableversioning you would be able to use this bucket. Do you want to changethe storage class for the replicated objects if you say yes it Would giveyou the option of selecting. What storage class do youwant to select right? If you don't you don't haveto you can say next you have to enter an IM role. If you do not have any youjust say create a roll and then the rule namein this case. I do not have any details about this and Idon't want to create a role because this accountdoes not belong to me. Sorry for that inconvenience, but you can actually go aheadand select create a role in just say next and I'm sure that you can actually go aheadand your bucket starts. Audio our cross reasonreplication starts working. What happens after that is once you store your objectin a particular file, you can actually move that object not in a particularfile in a particular bucket. You can move the datafrom that bucket to the other bucket and a copyof your data is maintained in both the buckets that you use. So this is what crossregion replication is guys. I believe that we have discussed what our storage classeswe have discussed. What is cross region replicationand we've discussed versioning in general let Let'squickly move back to the presentation and discuss the remainingtopics as well. So guys have switchedinto the presentation part till time we've discussed how cross region replicationWorks we've discussed how versioning worksand we have seen how to carry out that process. The other important topic that we need to focuson is we've know like how to create versions how to move data from one placeto the other but the thing is what if I have to move datafrom a particular location to a location that isvery far away from me. And still ensure that there is not toomuch latency in it. Because if you're moving datafrom one location to location that is far away from you. It is understandable that it would takea longer while why because we are movingdata from internet. So the amount of data that you move and the furtheryou move it should take a longer while for that. So how do yousolve that problem? You have S3transfer acceleration. You can do that by usingother services as well. We discussed snowballand snowmobile as well, but they physically move. The data and at timesit takes a number of days to move your datawith S3 transfer acceleration that is not the issue because it moves at dataat a very fast pace. So that is a good thing. So, how can you move your dataat a faster Pace by using S3 transfer acceleration? Okay, let us first understandwhat it is exactly. So what it does isit enables fast easy and secure transfers of files or long distancesbetween your client and S3 bucket and to do that. It uses a service call. Cloudfront and the S locationsit provides you as I move further I would be talkingabout what cloudfront is do not worry about it first. Let us take a lookat this diagram. So normally if youare moving your data or directly uploading your datato a bucket that is located at a far away distance. I mean suppose I'm a customerand I wish to put my data into an S3 bucket, which is located maybea continent away from me. So using internet it might takea longer while instead. What I can do is Ican use transfer. Generation. So how is it different now guys, there is a service calledas AWS Cloud front what it does. Is it basically letsyou cash your data when I say cash or data that means you can storeyour data at a location that is in the interim or that is closeto your destination. Now this serviceis basically used to ensure that data retrievalis faster suppose. I'm searching fora particular URL. What happens is when I type that URL request is sent tothe server it fetches the data and sends it to me. So If it is locatedat a very far location, it might take longwhile for me to fetch the data. So what people do isthey analyzed as in how much requests are comingfrom a particular location and if there are frequentand a lot of requests what they do is they setup an age location close to that particular region. So you can put your datayou can cash a data on that is location and the data can be fetched from that is locationat a faster rate. So this is how is locations work what transfer accelerationdoes is it basically puts in your dataat the edge location so that it can be moved to your S3 bucketat a quicker pace. And that is why it is fast. So guys this wasabout S3 data acceleration. Let us quickly move into the console partand try to understand how S3 acceleration works. So guys have switchedinto the console S3 acceleration or data transfer accelerationis very easy thing to do. I do not rememberthe bucket name. I think it was Ram or something. Okay, if I select thisand open it I actually go to the Properties part less. There are other thingsthat you might want to consider. You can come here and takea look at those as well for now. I'm just going to saygo ahead and enable transfer acceleration. It is suspended. I can enable it it givesme the endpoint as well and I say save So guyswhat this means is if I'm putting my datainto this bucket, it would betransferred very quickly or I can use this bucketto transfer my bit data at a quicker Pace by usingdata transfer acceleration by S3 again guys. I missed out on oneimportant point the fact that we have been talking aboutbuckets and stuff like that. There is something important that I would like to showto you people first. Let us just go backand disable this part. I do not want it to havethe transfer acceleration. Going and I just wanted to showit to you people how it is done. I just say go back to suspendedand one more thing guys, if you once you actually unablethe transfer part and if you upload a file, you can see the differencein the speed. The problem is you needa third party tool to do that. So you can actually go ahead and download a third-party toolas well and using that you can actually goahead and see how it works. Having said that I was talkingabout buckets in general. So let us just go backand go to removes again. There you go. And I'm going to copy the a RN. I'll tell you whyI've copied the iron now when I open this bucket guys, we have quite a fewthings permissions. I talked about security, right so you can decidePublic Access as in who gets to access your bucket. So guys, you can actuallygo ahead and decide who gets to accesswhat kind of buckets say, for example herein your blog Public Access. You can decide who gets to accesswhat data publicly for that you have access controllists using these ACLS. You can actually decide who getsto How other thing you can do is you can just go ahead and createa bucket policy and decide who gets to access your bucketor who gets to put your data or delete your dataand do all these things. Let us just go aheadand create a policy. Now, you can writeyour own policy or you can just use a policy generator which again isa third party tool. So I want to createa bucket policy forum is 3 so, let's just say S3 bucket policyand what kind of effect I want. I mean do I want someoneto access my system or do I want to deny someonefrom accessing my system I can. Decide that so let'sfor now just say that I want to deny someonefrom doing something and what I wanted someone to dois to deny a particular thing for that personfor all the objects. I mean, I do not wantthat person to access any of the objects that is there. So what I say is star that means nobodyshould able to do anything to any of the objectsthat are there in this bucket. So it says star serviceAmazon S3 what action I want. I want to prevent someonefrom deleting an object they go and This is the ARn that is why I copied it. It should be followedby a forward slash and a star add a statementand Ice Age ended policy. So guys the policyhas been generated. I just have to copy it if I copy this thingand I go back to the console if I paste it here I can say save Itsaved I'll save it again just to be safe. So guys we have actually goneahead and let me just go ahead and again go to ramose. So there's not there isan object here. Let me just tryand delete this object. If I just goto the actions part here and I say delete seethe file is still here. Is it the other version? No, it's not deleted. See there's an error here. If I click on it. It says hundred percent fieldwhy access denied because I do not have the accessto delete the object right now. Why because I've createda bucket policy guys. So that is what bucket policiesan AC else do the Let you make your objectsor your data more secure. And as you saw in the option, there are quite a few optionsthat you have at your disposal, which you can choosefrom which you can mix and match and decideas an look at this is what I want to do. I want to probably give someonean access to delete a bucket. I want to give someonean access to do this or do that. So, where's this was aboutS3 data transfer acceleration, and we've also seen how you create a bucket policyhow you attach it to your bucket and stuff like that now, let me just go backand kind of Shove this session or finish this sessionup with a use case so that you can probablyunderstand the topics that we've discusseda little more first. Let us go backto the use case guys. So guys have switched intomy presentation console again, and we would be discussingIMDb media now for people who watch movies. They might know what IMDbis it is a website that gives youdetails about movies. They tell you what arethe movies that are nice if you probably selector type a particular He named they would give youdetails about it as a whole where the actorshow was the movie how was the review a shortsnippet explaining you what the movie is about its genreand stuff like that. Plus they have their ownratings to kind of gauge in the customers even betteras an IMDb being a popular site and when they say that this movie isthis person good or like by these many people peoplenormally believe it so they have that score as well. So if you talk about a websitethat basically deals with movies you understandthe number of movies that are released worldwide. And if most of themare present here on IMDb, that means that database is hugebut we are talking about data that is being processedin great numbers great amounts. I mean when you talkabout the data that is here. What is happening hereis you have n number of movies that are being released. So if someone searchesfor a particular movie, it has to go throughthe database and the data has to be fresh to him right away. So how do you dealwith the latency issue? Well, this would answera lot of questions or it would sum up lot of topicsthat we've discussed. Here let us go throughthis use case probably. So what happens hereis in order to get the lowest possible latencyall the possible results for a search our pre-calculated with a document for every combinationof letters in the search what this means is probablybased on the letters. You have a document that is created and itis traversed in such order that all the datais scanned letter wise when you actually goahead and put forth a query what happens is suppose if there is a 20 characterOr a word that you put in so there are somewherearound twenty three two, one zero three zero combinationsthat are possible. So your computer has to gothrough these many combinations. What S3 does is it basically lets you storethe data that I am DB has and once IMDb has told that datathey use cloudfront again, we have discussed. What cloudfront is they usecloudfront to store this data to the nearest possiblelocation so that when a user fetches this data, it is Fest from that location. So what happens is Basically, when these many possibilitiesare combinations are to be dealt with it becomes complicatedbut in practice what IMDb does is it basicallyuses analytics in such a way that these combinationsbecome lesser? So in order to search for a 20 character letterthey basically have to go through one fivezero zero zero zero documents and because of S3 and cloudfront you basically can distribute all the datato different Edge locations and two buckets with in asAnd since we're talking about huge amount of data, it is more than terabytes. It is like hundredsthousands of terabytes of data so we can understand how much data are we talkingabout and S3 actually features or serves a number ofsuch use cases or requirements. So as I Believe by now, you've understood what S3is let me give you a quick sum up or a quick walkthrough asto what we've studied because we've talked about a lot of topics guys first westarted with the basic. Six of differentstorage Services we were understood sorceresseslike EFS EBS storage Gateway. We've talked about Glacier. We've talked aboutsnowmobile snowball and then we move to S 3 S3 we talked about buckets. We talked about objects. We talked about versioning we understood whyversioning is needed so that we can basicallyreplicate our data prevent it from deletion preventit from corruption. We also talked aboutacross region replication where you can movedata from one region to the other we talked about how we can Movedata Faster by using S3 data transfer acceleration. And then we also took a look at the basics like whatare the storage classes? What are the bucket policies how to create bucket policies and we also discussedan important topic called as transition and expiration where if your dataexpires it is deleted if your data needsto be transferred to different stages youcan do that as well. So all these topics arediscussed and we also discussed some important features and finally We finishthis session up with a use case. So networking domainbasically offers three kind of services the VPCDirect Connect and out 53. Let's discuss each. One of them. So vbc isa virtual private Cloud. So it's a virtual network. If you include your allyour air pollution sources that have launchedinside one VPC then all these resourcesbecome visible to each other or can interact with each other. Mine said inside the VPCnow the other use for PPC is that when you havea private Data Center and you are usingAWS infrastructure as well and you want your AWS resourcesto be to be used as if they were on your ownnetwork in that case, you will establisha virtual private Network that is a VPN connectionto your virtual private cloud in which have includedall the services that you want inon your private Network. You will connecta private Network through the V PC using the VPN and then you You can accessall your AWS resources as if they wereon your own network. And that is what wesee is all about. It provides you securityit makes communication between the AWS Services easy and it also helps you connectyour private data center to the AWS infrastructure. So guys, this is whatVPC is all about. Let's go ahead onto our next service, which is Direct Connect soDirect Connect is a replacement to an internet connection. It is a leased line. A direct lineto the AWS infrastructure. So if you feel that the bandwidthof internet is not enough for your data requirementsor your networking requirements. You can take at least lineto the AWS infrastructure in the form of thedirect connect service. So instead of using the internet you would nowuse the direct connect service for your data stream to flow between your own data centerto the illness infrastructure. And that is whatDirect Connect is all about. Nothing much further to explain. Let's move on to a next servicewhich is is Route 53 be so Route 53 isa domain name system. So what is the domainname system, basically, whatever URL you enterhas to be directed to a domain name system which converts the URLto up IP address. The IP address is of the server on whichyour website is being hosted. The weight functions islike this you buy a domain name and the only setting that you can doin that domain name or the setting which is required in that domain name arethe name servers right. Now. These name serversare provided to you by Route 53 these name servers that areTo provide you are to be entered in the settingsof that domain name. So whenever userpoints to that URL, he will be pointed to Route 53 the work in thedomain name settings is done. You have to configurethe Route 53. Now another your requesthas reached out 53. It has to be pointed to the server on whichyour website is hosted. So on a Route 53 now youhave to enter the IP address or the Alias of the instance on of to which you wantyour traffic to be directed to so you peed in the IP addressor you feel in the Alias and It's done. You're the loop is now completeyour url will now get pointed to Route 53 and Route 53 in turnwill point to the instance on which your application or website is being hosted. So this is the rolewhich Route 53 plays. It's a domain name system. So it basically redirectsyour traffic from your url to the IP address of the serveron which an application or website is hosted. Alright guys, so we're donewith the networking domain. In today's session wewould be understanding what AWS Cloud front is but before we do goahead and understand what cloudfront exactly is. Let's start by taking a look at today's agenda firstfirst and foremost. I would be talking aboutwhat AWS exactly is good. Also understand. Why do we needit abuse cloudfront and what it is exactlythe never talked about how content gets deliveredusing Amazon cloudfront and what are its applications? Finally, I would finishthings off with the demo part where I would be talkingabout AWS Cloud turn distributions having said that let's not waste any time and jump into the firsttopic of discussion that has what is AWS. Will AWS standsfor Amazon web services, which is a leadingcloud service provider in the market and it hasthe highest market share when you talk aboutany cloud service provider. Now what Amazon web servicesdoes is it provides you with 70-plus services and these servicesare Growing the name some of these Services wehave something called as your computationServices your storage Services your database services and all these services are madeavailable to you through Cloud. That means you can rent all these services and payonly for the services that you use and onlyfor the time duration you use these services for if you want to know more abouthow a database works exactly. I would suggest that you go through the videosthat we have on YouTube. We have quite a few videoson YouTube with talk about AWS in particular all youhave To do is you have to go to our YouTube channel and type a direct iaws andyou'd be having all the videos that are related to AWS. But that is not thediscussion for today. We are here to discusswhat cloudfront is and I would liketo stick to that. So coming back to cloudfront when you talk about AWSyou have some Services now, what aw does is it offers you variousinfrastructure as services and even platform as Servicesnow these services are made available to you in the formof infrastructures or platforms where you can actuallygo ahead and host. Applications or websites. So when you do go ahead and hostthese applications online what your cloud providerhas to worry about is the way data is fetched because if you havea website online now that website would be visitedby quite a few people and they would be requestingparticular content or data, right? So in that case that data has to be madeavailable to your customers. So how does it happen? Exactly and how does AWSmake it happen to understand that consider the scenariosuppose you You are a particular user in your trying to visita particular website and imagine that that websiteis based somewhere at a very far location suppose. You are based somewhere in USA. And that websiteits server actually hosts or is based in Australia. Now in that case when you make a requestfor a particular object or particular image or maybecontent now your request is sent to the server that is in Australia and thenit gets delivered to you. In this process to there are quite afew interrelated networks that deal which you arenot aware about the content directly gets delivered to youand you have a feeling where you feel that you typein a particular URL and the content is directlymade available to you, but that is not how it worksquite a few other things happen in the interim and due to that. What happens is the datathat gets delivered to you. It does not get deliveredto you very quickly. Why is that becauseyou'd be sending in a request it would goto the original server. And from there. The content is delivered. To you now,if you are based in USA, the situation would beconvenient if the data is delivered to youfrom somewhere close by now when you talk abouta traditional system where you are sending a requestto somewhere in Australia, this is what happens your data or your request is sent tothe server based in Australia and then it processesthat request and that data is made available to youwhich gets delivered to you. But if you havesomething like cloudfront what it does is it setsin an intermediate point where? Data actually gets cached first and this cache datais made available to you on your request. That means the deliveryhappens faster and you save a lot of time. So how does AWS Cloudfront exactly do it? Let's try to understandthat but when you talk about aw, cloudfront what itdoes is first and foremost, it speeds upthe distribution process and you can havea any kind of content whether it's static or dynamic and it is madeavailable to you quickly. What cloudfront does is it? It focuses on these three pointsone is your outing to is your Edge locations and three is the way the contentis made available to you. Let's try to understandthese one by one when you talk about routing. I just mentioned that the datagets delivered to you through a series of networks. So what cloudfrontdoes is it ensures that there are quitea few Edge locations that are located close to you and the data that you wantto access it gets cached so that it can be deliveredto you quickly. And that is why the data that is being deliveredto you is more available than in any other possible case. So what happens exactly and how does this contentgets delivered to you? Let's try to understandthis with the help of this diagram suppose. You are a user. So basically what you would dois you would send in a request that needs to reacha particular server. Now in this case what happens is firstyour request it goes to an edge location and from there to your serverto understand this to you have to understandtwo scenarios first and foremost supposeyou're based in USA and you want to fetcha particular day. That is based in Australia. You would be sendingin a request. But what AWS does is instead of sending the requestdirectly to your server, which is based in Australia. Maybe it has theseinterim as locations which are closer to you. So the request it goes to the edge locationfirst and it checks whether the data that you are requestingis already cashed their or not. If it is not cached then the request is sent toyour original server. And from there the data isdelivered to the edge location and From there it comes to you. Now, you might wonder as an this is a verycomplex process and if it is takingthese many steps. How is it getting delivered to me quicker thanin normal situation. We'll think of itfrom this perspective. If you do send inthis request directly to the main server again, the data would flowthrough some Network and then it would be deliveredto you instead. What happens here is at your age locationthe data gets cached. So if you requested again, it would be deliveredto you quicker if it is requested by anyone. It would be deliveredto them quicker plus how as locations work is when you do send in this request and when there's location Fitch's this data fromyour so-called original server in that case 2 whenthe first bite it arrives at your age location, it directly gets deliveredto you and how does this content exactly get stored here? Well, first and foremostwhat happens is what your age location has is ithas some Regional cash as well. Now this cash would basicallyhold all the content that is requested more. More frequently inyour region suppose a website has summon numberof content and out of it. Some content is kind of requested a lotin a particular region. So surrounding that region. The closest is locationwould have a regional cash which would hold all the content that is more relevantfor those users so that it can be frequentlydelivered to these users and can be made availableto them quickly in case if this data gets outdatedand it is no longer being requested then this datacan be replaced with Guys that is requestedmore frequently. So this is how cloudfront work. What it does is itcreates a distribution and you have some Edge locations through which you can actuallyrequest the data faster. So what are the applications that cloudfront hasto offer to you now, I won't sayapplications instead. I would say some of the benefitsof using cloudfront. Let's try to understand thoseone by one first and foremost what it does is it accelerates your static websitecontent delivery. We just discussedthat that means if you are requestinga particular image or something like that, it gets deliveredto you quicker. Why because it is cashedat your age location and you do not have to worryabout any latency issues. Next. What it does is it providesyou various static and even Dynamic contentsuppose you need some video or a live sessionor something like that even that gets deliveredto you quickly. I just mentioned that when you requesta particular thing When the first bite it arrivesat your age location your cloudfront starts streaming that to you our start deliveringthat to you same happens with the live streamingvideos as well. You would be gettingthat streams instantly without any Latin seewhat server encryption now when you do access this content what AWS Cloud Trenddoes is it lets you have this so-called domainwhere you put in HTTP and you get secured data. So you already haveone layer of security, but it also letsyou add another. Layer of security by giving yousomething called as encryption by encrypting your data or byusing your key value pairs, which is the same. You're actually ensuringthat your data is more secured and it can be accessedprivately as well customization at the age. Now. What do I mean by this now? There is some content that needs to be deliveredto the user or to the end user if the customization it happensat the server again, it might be time consuming and there are quitea few drawbacks of it. Say for example, I need a particular contentand it needs to be processed or Customized atthe very last moment. So these things can be doneat the age location as well. Thus helping you save time money and various otherfactors as well. And finally what it doesis it uses something called as Lambda H which again lets you dealwith various customizations and lets you serveyour content privately. So these are someof the applications or uses of cloudfront. What I'm going to do nowis I'm going to switch into my AWS console and I'm going to talk aboutAWS Cloud Trend distributions. And how can you go aheadand create one? So stay tuned and letme quickly switch into the console first. So yes guys, what I've done is I've goneahead and I've logged into my AWS console. Now for people who arecompletely new to AWS. What you can do is youcan actually go ahead and create a free tier account. You have to visit AWS website and search for free tieryou would get this option. Just create an account. They would ask youfor your credit or debit card details probably but And charge youa minimal amount is charged and that is revertedback to your account that is forverification purposes. And after that what awis does is it offers you certain Services which are made available to youfor free for one complete year that is as long as youstay in the limits or the specified limitswitch AWS has set so those limits are morethan enough to practice or to learn AWS. So if you want to do goahead and get a proper hands on on various database Services, I would suggest that you do visit their websiteand create this free Terror. Count once you do have that account you haveall these services that are made available to youas I just mentioned. There are 70 plus servicesand these are the services that are there which are can actuallygo ahead and use for different purposesour Focus today. However is creatinga cloudfront distribution which we just discussedin the so-called theory part. I would be repeatingfew topics here to while we do go ahead and createour cloudfront distribution. Now as I've already mentionedwe want to fetch data or fetch a particular object and if that is placedA particular Edge location that would be madeavailable to me. So what we are doinghere is imagine that our data is placed at a particular originalserver in our case. Let's consider itas an S3 bucket. Now S3 is nothingbut a storage service with AWS that is simplestorage service rather. That is SS and that iswhy we call it S 3 so what we are going to dois we're going to go ahead and create an S3 bucket in that we would be puttingin certain objects, and we'd Be accessing that by usingour Cloud Trend distribution. So let's just go aheadand create a bucket first you can see we have S3in my recently Used Services. You can just type S three-year and that would madeavailable to you. You can click on it and your simplestorage service opens. You would be required to goahead and create a bucket. This is how you do it. You click on Createand you give it some name say maybe bucket use smallletters bucket for AWS demo, maybe and I would givensome number 0 0 0 I see next next nextI need a basic bucket. So I won't be puttingin any details. Do we have a bucket here? There you go. We have a bucket here. And in this bucket, what I'm going to do isI'm going to put in some content that we can actually requestfor so let's just go ahead and create an HTML file and putin maybe an image or something. So I have a folderhere in that folder. I have a logo of ADA Rekha,I would be using that logo and I would want to goahead and create. Create an HTML filewhich I can refer. So I would open my Notepad and I would writea simple HTML code. I won't get into the detailsof how to write an HTML code. I assume that you all know it. If not, you can use this code. So let's create a head filebasically or a head tag rather. Let's see a demo tag, maybe and I closethis head tag. I need somebody in here, right? So let's say Didthe body we say? Welcome to Eureka and I and the body hereand I save this file and save as where do I want to save it? and see if it hereand I would save it as a maybe index dot HTML. I save it probablygot saved somewhere else. Let me just copy itand paste it here. I've done that. This is the file now. We have these files. Let's upload itto our S3 bucket. Come here. I say upload I wantto add files. So add files. Where do I go? I go to the folder I go to demoand I select these two files and I say upload. There you go. My files are here and I say upload small filesso should not take a long time fifty percent successfulhundred percent successful. There you go. You have these Two files now, we have our S3 bucketand we have two files. This is our origin server. Now. I need to create a distributionand use it to do that. I would click on services and come here and Iwould search for cloudfront. There you go. And I say create a distribution. So I click on this icon. Now you have two options. First one is something that lets you haveyour static data moved in or moved out or if you want to live stream your data youshould go for this option. But that is not the case. We would be stickingwith this thing. I say get started. I need to enterin a domain name. So it gives me suggestionsand this is the first one which I just createdoriginal path is something that you can give in father. A folders from where youwant to access the data, but mind directlyresides in the bucket. There are no extra folder. So I don't need to enteranything original ID. This is what I have here. Basically I can use this or I can just go aheadand change the name if I want to but I would let it stay the waitersrestrict bucket access. Yes. I want to keep it private. So I say restrictand I create a new identity and the you I have a new usercreated here apart from that Grant readpermissions on bucket. Update my bucketpolicy according this what I would say then I wouldscroll down customer headers and on I don't need to putin these details. How do I want my data tobe accessed the protocol policy? I would say redirectis TTP to https, so that it is secured if I scroll down I havesome other options as well cast STP methodsand all those things. Do I need to changethese object caching? Can I customize it? Yes, I can. But again, I would be usingthe by default one if you want to you canIs it smooth streaming? No, these are some of the things that you need to focus onif you have some streaming data, you can put indetails accordingly, but we are not doing that. What is the price classthat you want to choose? You have some options herewhich you can pick from I would be going for the defaultone and then I just scroll down and I say create a distribution. So your distributionis getting created now and this processmight take a long while if you click on this thingyou realize that. It is in progress and it takes somewherearound 10 to 12 minutes for this distributionto get created. So meanwhile, I'm goingto pause this session and I would come backwith the remaining part. Once this distributionis completed. So bear with me for that whileso there you go. The distributionhas been deployed. The status is deployed here so we can actually goahead and use this thing. Now, we have a domain name here, which I can use and Ican just enter it here and we would be redirectedto the page. And what happens here isyou would be actually given access to this pagethrough the age location. That means you're not goingto the server instead. The data has been cast awayfrom your distribution or your eyes location other so you enter this websiteand you hit the enter button. As an error itshouldn't have been. Oh, I know what just happened. When you do go ahead and createyour so-called distribution in that you actually have an optionof selecting a by default file, which I did not so I will have to give an extensionhere saying slash index dot HTML and if I hitthe enter button now, it should redirect you to the demo tag with sayswelcome to edu Rica, right? So this was the HTML file that we created and wealso had a PNG file which we wanted. Access the namewas logo dot PNG. Okay, this is funny. This should not happen. Why is this happening? Let's take a look at it. Whether we have that file there because if it was there weshould be able to access it. And what was my bucketthis was the one oh, this has happened when I uploadedthat file it got saved with this extensiondot PNG dot PNG. So if I come hereand I type dot PNG here, there you go. You have that object delivered to you through your Or so-calleddistribution in this session. We will be discussingabout Amazon cloudwatch. So without any delay, I'll walk youthrough the topics which we will bediscussing today firstly. We will see what Amazon cloudwatch hasand why do we need it? Then? We'll discuss certain Amazoncloudwatch Concepts moving on. We'll take a lookat two most important segments of Amazon cloudwatch. What chart Amazon cloudwatch? Events and Amazon cloudwatch locks and finallyto make the soil more fun and interesting for youof included Adam as well. So let's get started first. Let us try to understand whywe need cloud based monitoring with couple of scenariosin our first scenario consider that you have hosteda messenger app on cloud and your app hasgained a lot of Fame but clearly the number of people using an applicationhas gone down tremendously and you have no ideawhat the issue is. Well, it could be dueto two reasons firstly since your application hascomplex multi-tier architecture monitoring the functionality of every layer by yourselfwill be a difficult task. Don't you think and secondly, since you're not using any kindof monitoring tool here, you wouldn't know how your applicationis performing on cloud. Well one solution for that is to employ a monitoring toolthis monitoring tool will provide you insightsregarding have your application is performing on cloud and with the state. You can makenecessary improvements and you can also make sure that your application is in partwith today's customer needs and definitely aftera while you'll notice that the number of people usingyour application has increased moving on to our next scenario. Let's say your manageras assigned you with a project and he wants youto make this project as cost effective as possible. So as you can see in this project you usingfive virtual servers which perform highlycomplex computations and all these Servers arehighly active during data. That is the and mosttraffic during data. But during nighttime, the servers are idle by thatI mean the CPU utilization of these servers during night time isless than 15% and yet as you notice here in both the cases youare paying same amount of money. You have to noticetwo points here firstly all your virtual serversare underused during night time and secondly you're payingfor the resources which are not using and this definitelyIs not cost-effective. So one solution isto employ a monitoring tool this monitoring toolwill send you a notification when they serve as our Idol and you could scheduleto stop the servers on time. So guys, this is one way to makeyour project most cost-effective and avoid payingunnecessary operating costs. Let's consider another scenariofor better understanding. So let's say I have o stoodan e-commerce website on cloud and during sale seasonmany customers are trying to access my website which Which isdefinitely a good thing, but for some unfortunatereason application downtime has occurred and youguys have to remember that I'm not using any kindof monitoring tool here. So little bit difficult for me to identifythe error and troubleshoot that in reasonable amountof time and it's quite possible that in this periodmy customer might have moved on to different website. So you see that I've losta potential customer here. So if I have hada monitoring tool in this situation, it would have identifiedthe error in all yours. Just itself andrectify the problem. Well at could have easilyavoided losing my customer. So I hope guys with helpof these use cases you were able to understand as to why weneed cloud-based monitoring. So let me just summarizewhat we have learnt till now. We need monitoring firstly because it provides a detailedreport regarding performance of your applicationson cloud and secondly, it helps us to reduceunnecessary operating costs, which we are payingto the cloud provider moreover it did. Ex problems at all your stage itself so that youcan prevent disasters later and finally it monitorsthe users experience and provides us inside so that wecan make improvements. So while guys in this session, we will be discussing about one such versatilemonitoring tool called Amazon cloudwatch Amazon cloudwatch basicallyis a powerful monitoring tool which offers your most reliable scalable and flexibleway to monitor your resources or applications whichare currently active. One Cloud it'susually offers you with two levels of monitoring which are basic monitoringand detailed monitoring if you want to resources to beeligible for basic monitoring. All you have to do is to sign up for 80-plus feet herein basic monitoring. Your resources aremonitored less frequently, like say every five minutes and you're providedwith a limited choice of metrics to choose from whereas in detailmonitoring all your resources are monitor more frequentlylike say every five minutes. And you're providedwith a wide range of metrics to choose from but if you want your resources to beeligible for detail monitoring, you'll have to paya certain amount of money accordingto a SS pricing details. Now, let's have a look at few monitoring services offered by Amazon cloudwatchAmazon cloudwatch firstly it provides a catalogof standard reports, which you can useto analyze Trends and monitor system performance and then it monitors storesand provide access to system. And applicationlog files moreover. It enables you to setup high-resolution alarms and send notifications if needed and Amazon cloudwatchalso send system events from AWS resources to AWSLambda functions SNS topics Etc. So if you have notunderstood any terms, which I've usedhere, don't worry, we'll get to know moreabout this terms as we progress through the courseof this session earlier. I mentioned that Amazoncloudwatch allows administrators to monitor multiple. Sources and applicationsfrom single console these resources include virtualinstances hosted in Amazon ec2. Database is locatedon Amazon RDS data stored in Amazon S3elastic load balancers and many other resources like auto-scaling groupsAmazon Cloud 12 Etc. So guys now let's tryto understand Amazon cloudwatch a little deeper firstlywe'll have a look at few Amazoncloudwatch Concepts and then I'll explain you how Amazon cloudwatchactually operate So it's metric or metric representsat time audit set of data points that are published a cloud. So what I mean by thatis suppose let's say you have three variables XY and zand you have created a table which has values of Xwith respect to Y over a period of timein this scenario the variable X, which have beenmonitoring till now is a metric so you can thinkof metric as a variable which needs monitoring next. We have Dimensions. Let's consider same variablesXY & Z Basically, you had created a table which has values of Xwith respect to Y now, let's create another table which has values of Xwith respect to Z. So basically we have two tableswhich describes same variable X, but from twodifferent perspectives. These are nothingbut Dimensions. So basically our Dimensionis a name value pair that uniquely identifies a metric and Amazon cloudwatchallows you to assign up to ten Dimensions to a metric then youhave statistics previously. We had created two tables which are values of Xwith respect to Y and as well as that you cancombine data from these tables like to create a chart or maybe plot a graphfor analytical purposes. This combination ofdata is nothing but statistics statisticsare metric data aggregations over specific period of time, then you have alarm. Let's say you havebeen monitoring this variable X for some time now and you wanta notification to be sent to you when the valueof x reaches certain. Short all you have to do is set an alarm to sendyou a notification. So basically alarm can be used to automatically initiateactions on your behalf. Now that you haveclear understanding of concepts of Amazon cloudwatch. Let's see how Amazon cloudwatchoperates Amazon cloudwatch has complete visibility into yourAWS resources and applications which are currentlyrunning on cloud. So firstly it collects metrics and locks from allthese AWS resources and applications. And then by using this metricsit helps you visualize your applications oncloudwatch dashboard moreover. If there is some sortof operational change in a SS environmentAmazon cloudwatch becomes aware of these changes and response to them by taking some sortof corrective action, like maybe it sendsyou a notification or it might activatea Lambda function Etc. And finally it providesyour real-time analysis by using cloudwatch metric map. So if you're wonderingWhat cloudwatch metric Mathis it is a service which integrates multiplecloudwatch metrics and creates a new time series and you can viewthis time series on cloudwatch dashboard as well. So working this wayAmazon cloudwatch provides you with system by disability it even providesyou actionable Insight so that you can monitor your applicationperformance moreover. It allows you to optimizeresource utilization if needed and finallyit provides a unified. I'd view of operational healthof your AWS environment. So I hope that by now if you know what Amazon cloudwatch has sonow let's try to understand how Amazon cloudwatch workswith help of a demo. So guys, this is my AWS console. Let's say AWS Management console and the serviceswhich you can see on the screen are the servicesoffered by Amazon AWS. But in this demo we are goingto use only few Services. Let's say cloudwatch,and then you have easy to and a service calledSimple notification. Service and when I click on ec2it takes me to ec2 dashboard where you can see that I have four instanceswhich are currently active, you know that here in this demo. I'm supposed to geta notification saying that CPU utilization ofmy instances less than or if a person for me to receivea notification first, I'll have to create a topic And subscribe to itwith my email ID. So let's explorea service called Simple notification service where you can createa topic And subscribe. To it. Once you reach SNS dashboard click on topicsoptional navigation Pane and click 'create new topicgive you a topic a name. Let's say CW topic andif the display name as well, let's give the same name and click on createtopic option here. You can see that I've successfully createda topic now click on the topic, which you have createdand select actions and subscribe to topic option. Well, I want notificationsto be sent to me in form of email youOf different options as well and form of Lambda functionor Jason Etc. But I'm going to choose itas email and give my email ID which is her and then clickon create subscription option. So now whenever AWS consolewants to send me a message. It will send to the email ID which are used tosubscribe the topic now, let's go backto cloudwatch dashboard. So guys this is my cloudwatch dashboard and youcan see different options or navigation pane firstly. I have dashboard where I can view allmy metrics at same place. Then you have alarmswhich shows the list of alarms which you have configured and then you haveevents and locks which will be exploring later. Our topic of interestis the last one which has metrics selectthe metrics option here and then choose ec2and then / instant metrics when you do that or listof metrics will be shown to you like Network out. Soup utilization Network packetin network packets out and various other metricsfor various resources, which are currentlyactive on your Cloud. So but we are interested onlywith CPU utilization. So I'm going to type that here. Well, it showsthe list of instances which are active on my cloud and I'm going to choose Windowsto instance and then click on graph metrics option here. Okay, let's select Windows toonly and then on the right side, you can see you havea alarm button when you click on that a dialog box will be open where you can configureyour alarm firstly. Let's give alarm a name. Let's say low CPU utilization. And a brief description as well. Let's say lowerthan 25 percent lower than 25 percent CPU utilization. Now I'm going to setthe threshold Which is less than 25% in this caseand on the light side, you can see of period option if you resources are eligiblefor basic monitoring the speed optionby default as five minutes. And if your resources are eligible fordetailed monitoring, it's usually one minute and when you scroll down youcan see a send notification to option here soselect the topic which you have previouslycreated that will be C Topic in my case and thenclick on create Allah. But there is some error. Okay. It says there's an alarmalready with this name. So let's give it another nameof my instance. Now, let's try againand when you click on this alarm button And clickon refresh option here. It says that I've successfullycreated a alarm here. You can see that lowCPU utilization of my instance. And when you click on that itshows you all the details like description threshold and what action itis supposed to take when alarm is configuredand all the details. So guys try it out. It'll be easy for you to understandcloudwatch console much better. Okay guys. Now, you knowwhat Amazon cloudwatch has what it does and wait operates, but to understandthe capabilities. You have Amazon cloudwatchcompletely we should be aware of two important segmentsof Amazon cloudwatch, which are cloudwatch eventsand cloudwatch locks. So let's discuss them oneby one firstly we have Amazon cloudwatch eventsconsider the scenario. Let's say you've createdan auto scaling group and this Autoscaling group currently has terminated an instance so you can see this as some sort of operational changein area Bliss environment when this happens Amazon cloudwatch becomes awareof these changes. Changes and response to them by taking some sortof corrective actions, like in this case. It might send youa notification saying that your auto scaling grouphas terminated an instance or it might activateand Lambda function which updates the recordingAmazon Route 53 zone. So basically what Amazoncloudwatch Evans does is it delivers a real-time streamof system events that describe changein your AWS resources. Now, let's have a lookat few concepts related to Cloud watch events. First TV happy Venterand even indicates change in a SS environment andAWS resources generate events, whenever the state changes. Let's say you have terminatedan active ec2 instance. So that state of this ec2 instance has changedfrom active to terminated and hence an event is generated. Then you have rules rules arenothing but constraints every incoming eventis evaluated to see if it has met the constraint. If so, the event is routedto Target Target is is where the events are handled Target can includeAmazon ec2 instances or a Lambda functionor an Amazon SNS topic Etc. Now let's try to understandAmazon cloudwatch events better with help of use casein this use case. We are going to create a system that closely mimicsthe behavior of Dynamic DNS. And for those who don't know what Dynamic DNS has Letme Give an example. Let's say you want to accessinternet at home then internet service providerassigned to an IP address, but Since internet serviceprovider users different kind of online systems. This IP address keeps changing because of which itmight be difficult for you to use this IP addresswith other services like webcam security camerathermostatic cetera. So this is where DynamicDNS comes into picture what Dynamic DNS does isit assigns a custom domain name to your home IP address and this domain nameis automatically updated when IP addresschanges so basically dynamic ANS is a service that automaticallyupdates a name server in domain name system and Amazon office you with a similar kind of servicecalled Amazon Route 53. So in this use case, we are going to updateAmazon dropped 50 3 whenever a Amazon ec2 instancechanges its state. Now. Let's see how the use caseactually works this use case precisely works this way. So whenever an ec2instance changes, it states Amazon cloudwatchevent becomes aware of these. Operational changes and ittriggers a Lambda function this Lambda functionuses different kind of information regardingthe instance like that's public and private IP address and it updates a record in appropriate Route53 hosted zone. So let's say you havean ec2 instance and you have terminated the instance. So Amazon cloudwatch eventsbecome aware of this and it triggersa Lambda function and this Lambda functiondeletes the record from Amazon Route 53 similarly if you have createda new instance, Once again Amazon cloudwatchevents become aware of this and it triggersa Lambda function in this Lambda functions createsa new record in Amazon Route 53. I hope you have understoodwhat Amazon cloudwatch even sees and what it does. Now, let's discuss how Amazon cloudwatch eventsworks with help of a demo. So in this demo, we will schedule to stopand start ec2 instances with help of Lambda functionand cloudwatch events. So let's go ahead with demo. So guys, you can seethat I have four instances which are currently Deaf first, I'm going to createa Lambda function which is going to stopmy windows to instance and you guys need to know thatfor Lambda function to do that. We need to assign permission. So Amazon provides youwith the service called I am which is identityand access management where you can assignpermissions when you search for I am in the tab, it shows you the service select that and on IM dashboardon the navigation pane. You can see a policies optionhere select that and click on create policy option. First it's asking youfor a service here. We should be easyto in our case click on easy to function and actions which will be to startand stop may see two instances. So let's searchfor start instance. Well, a predefined functionis already there. So you can choose that then you have stoppedinstance again select that And then I wanted to beeligible for all the resources. So I'm going to chooseall resources here and click on review policy option. Let's give our policy a name that is to startand stop ec2 instances and description aswell a brief description. Let's say to startand stop instances. And now clickon create policies. It's taking a while. So I've successfullycreated a policy here. Next we have to assignthis policy to Lambda function. So click on rolls here then click on create role chooseLambda function here and click on next permission. Search for the policywhich we have created earlier that is to start and stopthe found the policy select that and clickon next view option that's asking for a name. Let's give a namestart-stop instances and click on create role. I've successfullycreated a role. So what we have done here iswe have assigned permission for Lambda functionto control ec2 instances. Now, let's createa Lambda function. You can searchfor Lambda in the search that and there R click on create function give youa Lambda function a name. Let's say to stop instanceand select the role, which you have previouslycreated and click on create function. You can seethat I've successfully created and Lambda function and now I'm just goingto copy the code to stop ec2 instances here. I'm going to select thisand paste it over here and make sure to save it as you can see herein this function a task for instance regionand instance ID. So let's configure the details. Let's give it a stop instance and here you will have to insertinstance region and ID. and Stan's region an instanceID Novel have to copy the instance regionand ID of the instance, which I ever need. So let's goto ec2 dashboard here. Now let's say I want my windowsto instance to be stopped. But this is the instance ID, which I'm goingto paste it over there. similarly instanceregion now Well, in this case, I'm choosingWindows to instance. You can choose whicheverinstance you want to stop. Once you're donethat you click on create option here testthe configuration details. When you scroll down you can seethe execution results here. It says that my instancehas been successfully stopped. Let's go and check and easy to dashboard hereon the ec2 dashboard. I'm going to refreshit and you can see that my windows to instancehas successfully stopped now, we'll createanother Lambda function which will restart this functionagain the same search for Lambda functionin the search tab and click on create functionoption it ask for a name. So let's say start instance. And choose the role with your previouslycreated and click on create function again. You'll have to paste the code tostart the instances over here. And click on Save option. Let's try to configure this. Let's name it as start instance. and again a task for to our tributes which areinstance region and ID. Now what we have to do is copythe instance region and ID here like we did earlier. Let's go to easy todashboard and copy the instance ID and region. Well, you guyscan see that here. My windows to instant has beensuccessfully stock now. I'll copy thisand paste it over there. similarly instance region aswell and click on create option not test the configuration andwhen you scroll down you can see that my instancehas successfully restarted in the ec2 dashboard. I'm going to refresh this. Well, my windows to instance is on its wayto get restarted till now. I've used Lambda functionto start and stop my instances. But now I'm going to automatethis process with help of Amazon cloudwatch. So let's go tocloudwatch dashboard here. Well, it's taking a while toload then choose events option and click on create true. So here we are going to shareJewel to stop my instances every day at 6:30 p.m. And to restart this instancesevery day at 6:30 a.m. So click on schedule. If you want to know moreabout Grand Expressions, you can visitAmazon documentation. So let me show you it hassix Fields firstly it's minused. Then you have hours then dayof month day of the week and your your concern. Only with minutes and house because we wantour instances to be start and stop every day every month. So let's give the details. So if you're going to createa rule to stop the instance, let's say 6:30 in the evening30 minutes and 18, which is nothing but 6 p.m. And then rest all youdon't have to mention anything. When you give a propercron expression sample timings would be provided to you. You can see her the restof the sample timings and now let's addthe target function which is Lambda functionin our case and select on stop instance function and click on configure detailsgive you a rule a name. Let's say stop my ec2 instance and description to stopmy ec2 instance. At 6:30 p.m. Every day. And click on createvideo you can see that I've successfully createda rule to stop my instance every day at 6:30 p.m. Now. Let's create another ruleto restart this instance every day at 6 a.m. In the morning. Again. The scene shows the schedulehere and cron expression which will be 6 a.m. In the morning. Again, the sample timeis shown here. Then that's that Target functionagain Lambda function and select the function that is to start instanceand click on configure details. Let's name it as start my ec2 instanceand the scripture has to start my ec2 instanceevery day at 6 a.m. And click on create. So now we have successfullycreated two rules to start and stop the easy twoinstances at 6:30 p.m. And 6:30 a.m. Respectively. So what we have done is wehave saved our time here. We've automated theprocess of stopping and starting ec2 instances. So try it on yourself. It will be easierfor you to understand. So guys now let's discussour next topic which is Amazon cloudwatch locks. Have you guys heardof log files? Well log files are nothing but detailed recordof events that occur when you are usingyour AWS environment, you can view a log fileson your on-premise server as well search for an app calledEvent Viewer select the app and click on Windows locksand select systems or list of log fileswill be shown to you when you choose a particularlog file all the details regarding the clock files will be shown like the number ofkeywords the login time number. Of hours, the filehas been logged onto and various other details. Similarly. You have log files created when you use AWSenvironment as well. So you can consider this logfiles is a data repository. Most of the metrics aregenerated from these log data. So whenever a metricis generated a part of data is extractedfrom this log data. So you're designing metricsaccording to your like by choosing a part of datafrom this log data. So basically this log files are what we calla primary data store. Please and Amazon cloudwatchlocks is used to monitor store and access log filesfrom AWS resources, like ec2 instances cloudtrail Route 53 Etc. Let's try tounderstand cloudwatch locks better with help of some features firstly you can use Amazon cloudwatch locksto monitor your application and system log files. Let's say you have madea lot of errors, but trying to deployyour application on cloud in this scenario. You can use cloudwatch locksto keep track of your errors. And send a notification to you when the error rateincreases certain threshold so that you can makeavoiding errors again, then you have log retention by defaults logsare kept indefinitely but cloudwatch providesyou with an option where you can set the periodbetween 10 years to one day. Then you have locked storage. You can use cloudwatch logsto store your log data and highly durable storageand in case of system errors, you can access raw log datafrom this storage space and then you have DNS queriesyou can use Watch lugs to log informationabout the DNS queries that Route 53 DC's now let's have a lookat few Concepts regarding cloudwatch locks firstly we have somethingcalled log even so log even is just to record a factDVD that has occurred in AWS environment. It's straightforward. Then you have lockedstream a log stream as a sequence of log eventsthat have same Source. Then you have something calledLaw Group Law Group defines group of lock streams. That has same. And access controlsettings by default. You have to make sure that each log streambelongs to one or the other Law Group guysnot let's try to understand cloudwatch logs betterwith help of this use case in this use case. We are going to useAmazon cloudwatch looks to troubleshootthe system errors, you can see that I havethree instances here and a cloudwatch agent which is monitoring allthese three instances. So what cloudwatch agent does isit collects custom level metrics from all these easy to instancesand then This metrics and locks collected by the agentare processed and stored in this Amazon cloudwatchLots Amazon cloudwatch locks, then continuouslymonitors these metrics as you can see here by then. You can set an alarmwhich will send you notification when some sort of erroroccurs in the system. So whenever you receivea notification saying that some sort of error is there in the system you can accessthe original log data, which is stored in Cloudwatch locks to find the error. So this is how you can use Amazon cloudwatch locks totroubleshoot the system errors. So basically you are havinga look at original data so you can solve your problemsfaster and quicker. So this is it guys todayin this session. We are going to discuss aboutthe service AWS cloudformation. So without wastingany more time, let's move on to today's agenda. So we'll start today'ssession by discussing why cloud formationis actually needed in the first place. Once we're done with that,we'll move on to the what of what is cloud formation. Actually after that. We'll be discussing what thingsare needed to get started in the cloud formation service. Now among those things. You have a Json document. So we will be learninghow to create a Json document. So before that we'llbe seeing the structure of a Json document. Once we learnthe structure will see how a Json documentactually looks like so we'll see how a sample Json document looks and in the end we'll bedoing a demonstration. Ocean so in the demonstrationwill be doing two demos. The first one will bea really simple one and the other one will bea little Advanced. Let's move onto the first topic. That is why AWS cloudformation? So why do weneed cloud formation? So for example, you have an application now mostof you guys know that for and we have done thisin the previous sessions as well that we createdan application right. Now. The application isactually dependent on a lot of AWS resources. Now if we were to deploy and manage all these resourcesseparately it will take up a lot of time of yours, right? So to reduce that time or tomanage all these resources. What if I told youyou have a service? Yes. Yes, you got that, right. So you have a servicecalled AWS cloudformation. So using AWS cloudformation, you can manageand create and provision all these resourcesat a single place. Now, this iswhat cloud formation does. But now what iscloud formation exactly. So a cloud formationis basically a service which helps you model and setup your AWS resources so that you can spend more timeon your application rather than setting up and provisioningthese resources, right? So basically It's a tool using which you can createyour applications quickly. Also, you can create templatesin AWS cloudformation. Now, how do youcreate templates? Basically, you would be usingthe cloud formation designer you'd be putting inall the resources that are needed. You would be defining thedependencies of these resources and then you'll be saving thisdesign as a template right now. What will you dowith this template? This template can be usedto create as many copies as you want right? Say for example Exampleyou have a use case wherein you want your applicationin multiple regions for backup purposes. Right? So if you want that you won't be implementingor you won't be creating each and every resource one by onein each of the regions. What you can do is youwill create it at one place in cloud formation havethe template in your hand and deploy that templatein the other regions as well. Right? So what will this do? So first of all, your replication willbe very precise, right so they won't beAny changes in the copies that you have made second of allyou will be doing that quickly because you don't have to dothe process all over again. You just have to click a button and that templatewill be provisioned or will be launchedin that region. So this is whatAWS cloudformation is all about. It makes your life simpler by handling all the creation andthe provisioning part, right? So this is what isAWS cloudformation. Now, how do we get started in cloud formation saysit's a very useful. Is how can you as a user use the serviceso let's move on. So for usingthe cloud formation service. First of all,you need a Json script now. Why do you need a Json script because you would be creatinga template right in the cloud formation designer. You would be usingthe drag-and-drop option and filling in the AWSresources right now when you will be doingthat in the back end it will actuallybe creating a Json script. Now what you can do as a user isif you're good in Json, you can createyour own Json script. Otherwise you can useCloud formation designer to create a template nowfor creating a template. Like I said,you need a Json script. Now. What is the Json script then? So a Json script is basically aJavaScript object notation file, which is an open standard form. And that meansit is human readable so you can read it as wellas well as the computer. So if you don't need theprogramming knowledge for this, what you as a userwould be doing is you would be designing your templatein the cloud formation designer and that willautomatically create. Eight a Json scriptyou can do it. The other side is well. Like I said, you can create your ownJson script and feed it in the cloud formation designer. So this ishow cloud formation works. This is how you wouldbe using AWS cloudformation. But then how can youlearn the Json script? So it's very easy. So basically you haveto follow a structure in the Json document. What is this structure? So that structure is like this you would be creatingthe following Fields. So the first field will be theThis template format version. So this will basically containversion of your template. Next up is the description. So description is a text-onlyfile or is a text-only field wherein you will be describingyour template in words, right? So if I'm a userand I want to know what your Json does without reading your Json scriptfrom beginning to end. I can read the descriptionin simple English and understand what ages from triple to rightthen you have the metadata. So metadata will basicallyWhen the properties of your template thenyou have the parameters. So any values that you have to pass throughthe template will be included in the parametersnext comes mappings. So mappings would basicallyinclude the dependencies between your AWS resources. Then comes conditions. The conditions arebasically the conditions that you would be givingto your template when the Kristof will be createdor while the stack is upgraded. So if we are stackis being created or their stack is being updated. These conditions will be looked. One two, then comes output. So whatever outputsyour template will provide or your creation of Stackwill provide will come in the output header. Then you havethe resources field. So resources will basicallyinclude all the AWS resources that you want to include inyour infrastructure right now. If you look carefully youactually will be only dealing with the resources part, right because you will justbe populating in the resources and creating the dependencies. Right. So basically you'd be populatingthe resources part and that is what it was allabout the resources, but right now,this is Theory now, how does a Json documentactually look like right a Json document lookssomething like this. So like I said, you would be workingon the resources field, right? So you'd be includingthe resources field and in that say you so this Json documentis all about if you had noticedit's about S3, right? So you are basicallyincluding an S3 bucket. It and the type you'dbe specifying the type of service that will beincluding this bucket. Right? Like in this examplea Json document doesn't know what serviceyou're talking about. So you specify the nameof the bucket and inside the brace isyou'll be specifying which service over here. You'll be specifyingthe S3 service. Don't worry. I'll be showing you guysthis Json document in a moment. But before thatyou should understand how a Json documentis structured and this is what we're doing right now. Now guys, this isthe cloud formation dashboard. Now, you have to createa stack over here, right? And for the creation of a stackyou require a template so first we'll design a templateand then we'll create a stack. So this is my cloudformation designer. Let's go backto our slide and see what we actually have to do. So, this is our firstdemonstration here in will be creating a S3 Bucketfrom cloud formation. So we'll be designing a template around that for first and thenwe'll be deploying this code. Right? So let's do that. So let's go to our cloudformation window now so we have to createan S3 bucket. So we'll scroll downto the S3 service. So here is AC Service. We click on this we service. Click on bucketand drag it over here. Right. So this isthe recipe bucket guys. Now you can edit the nameof the template over here. You can name itas either a car CF that means and Eurekacloud formation, right? So you specify that now, this is your Json code now youcan compare the Json code guys. Let me make it a littlebigger for you guys. Yeah. So this is the Jsoncode guys now, I didn't codethis Json script, right? I just dragged and dropped this Bucketover here in cloud formation and Automatically generatedthis script comparing it with the code that we havein our presentation. Let's see so we have resources. Yes. We have resources. We have the nameof your bucket part. So basically this isthe name of your bucket and then it's a type. We're in you'll be specifyingthis you service. So you have type and specifyingthe SC service over here, right? So if you want to changethe name of the bucket, we can do that over here. Let's specify it asand Eureka CF. Alright, so we are done. This is it guys this isall you have to do. So now for running thisin cloud formation, all you have to do is clickon this icon create stuck. Now this will leadme to this page which is the create stack page. Now, it has automaticallyuploaded this template to the S3 bucket and it has specifiedthe URL here, right? We click on next you specifythe stack names. Let's specify it as a lyric RCF, right so you don't have tospecify anything are let's click on next click on create. So you'll be seeingthe events on this page. Let's refresh this. So it says createin progress, right? So my template is nowbeing created into a stack and that stack will havethe AWS resource in it, which is the S3 bucket. Right? So I think the time is enough. Let's refresh it and checkif our stack has been created. So it's stillin the creation phase. Let's wait. All right, so now it shows methat the Creator is complete. All right guys, so let's go to our S3 serviceand check whether we have Bucket that are AWS cloudformationcreated for us. So we go to the AC Service. And here it is guys. So this is the bucketthat we created right? I see you can see the time. It's March 28th. 2017. Today is March 28th, 2017. And the time is 7 5and the time is 7 7 here. Alright, so this buckethas just been created by cloud formation. So guys, like I said,it is very easy. It is easy to understandand to deploy as well. You basically just haveto create a template and that is it AWS cloudformationwill do the rest for you and the cool part is that you can replicatethe template as many times as you want. Right? So it will save you the time. Okay this demonstration is done. So we have created an S3 bucketusing cloud formation. Let's see what our seconddemonstration is all about. So now we'll be creatingan easy domain students in which we will bedeploying the lamp stack which means in thateasy to instance. You'll installing Linuxyou installing a patch a you'll be installing MySQL andwe'll be installing PHP as well. Right? So, let's see. How will we do that? So for our second demonstration, we will again go backto the cloud formation console. We will click on create stack and now we haveto launch a lamp stack. So a lamp stack is basicallya sample template in AWS, right so we can selectthe sample template and we'll click on viewor edit template in designer. So a lamp stack is basicallyan easy to instance with Linux Apache MySQL and PHPinstalled onto it, right you can see the designerthat you have only specified and easy to instance anywayto ask the security group to it. So you needthe security group obviously because you haveto connect to this. You do instance right now. A lamp stack is basicallya web server remember? Now, let's see the templatefor this lamp stack. So we discuss the structureof a Json document if you guys remember sothe first part was the AWS template format version. Then you have description. Then you haveparameters so parameters if you guys rememberit is basically the values that will be passingto the template right now. If you are creating a lamp stack you'd be needingthe database name you'd be needingthe database password. You'd be needing a lotof things, right? If you're installing MySQLyou be needing the username you'll be needing the password. So all of that you can feedin here in the parameters so you can specify the key name. So if you are connecting to the slough instancethrough SSH connection, you'd be needing a keeper right? She would be specifyingthe keep are here. Then you will bespecifying the DB name and the other detail now how will that lookwhen you'll be creating a stack? So let's do that. We will click on this iconwhich will now create a stack automatically sowill be prompted. It on this cage click on nextthen you will reach this page where in you are feelingthe entry right? So you would specifythe stack name. So this is by defaultso stack name, so we'll be specifyingthe stack name first. So I'll let us tagname be lamb demo, and then we move onto the parameters part. So whatever you specified in the Json parameters fieldwill be reflected over here. So we specifiedDB name over here. So it was asking mefor the DB name. So let's give it as a rake. And let's give the DB passwordas something candy. Be root password DB useras a Eureka instance type as Steven dot micro wideeven got micro because if you guys noticedin the template, we didn't specifya virtual private Cloud that is a VPC nowall the instances which are launched these daysof with all the new instances which are there in easy to haveto be by default launch the VPC. But since we are creatinga Json file and we didn't specify a VPC you haveto select T' an older version of your ec2 instance. So let it be T 1 so T1 is an older version. It runs without a V PC as well. And then you have to specifya key name the key name would basically be usedto create SSH connection to your instance. Right? So our key pair was arraycalendar score a will select that and will click on next now SSH location isbasically your IP address if you want to specify Idon't want to specify it. So we'll click on next you don'thave to enter anything over. Click on next confirmand click on create. Now is happening in the background as itis picking up that Json file and is creating a stack firstlaunch an ec2 instance. It will then install the nextonto that it will then install Apache MySQL and thenthe end a PHP installation. So what we will do theonce it says that the creation is completedwe will go and check if everything has been installed on our server by creatingan SSH connection, right? So let's wait until the stack. complete Alright guys, so as you can seein the events that the creationis now complete. So let's check that if our installationhas been correct will go to the ec2 instance. Now this is our instancewhich has just been created. We can check that. It's been createdon March 28, right? So today is 28. Alright, so now let's connectto this instance. So for that we will haveto copy the IP address. This is the police officer. For those of you who don't knowhow to connect to easy to you'll be pastingan IP address here. Right? And then you havethis private file, right? So this is of the pemex tension, but the party softwareneeds a PPK extension. So you have to convertthis pem file to PPK that can be done usingthe puttygen software. So this is the footageand software so I will be dragging this file here. Okay, it doesn't work. So well click on load goto downloads click on all files select my pem fileclick on Open click on OK and then clickon save Private key. So let's name it as a Eureka. Underscore a click on save so a filehas been saved will close it. Go back to our party softwarehere enter the IP address here. You will click on SSHclick on authentication. Click on browse goto your PPK file click on open and click on open here. So now you'll be connectedto your SSH through your SS has to your ec2 instance. So any Linux installationon Your AWS infrastructure. The login will beeasy to - user. I see you're in let's see if you can connectto a MySQL installation. So MySQL - Edgeso it is on localhost. - P port number which is your 6and then the user that we gave was a Eurekaand the password was this. Okay guys, so we are in so that means we successfullycreated the Eddie Rekha username which is specifiedin the Json script. That works. Well and then you specified. Okay. We also specifythat we need a database right? So, let's see if itis showing a databases or our databaseshave been created as well. Okay, so it has a data-basedcalled Ed, Eureka? Right. So the Json script worked. Well now the thinghere to notice. Is that how granularity youcan configure your Json file? Right? First of all, it launched an ec2 instancethen install Linux then install MySQL itconfigured it settings and inside MySQL it gaveyou a database, right? So this is awesome guys. So this gives youthe whole control of AWS just through Json script. Right and this is the powerof cloud formation. Now if you wantthis infrastructure or whatever you have createdright now to be replicated again to some other instance that can be donewith a single click of button, right and it isactually pretty awesome because if you wereto install this lamp stack on a server or on AWS again, if you launch ec2 instancewith the Linux OS installing Apache MySQL and PHPmay take time. It actually takes time. We can you haveto open the console. All you have to openthe terminal you have to enter the commands and depending onyour internet speed you will install all those packages. So this is neat. It does everything foryou automatically, right? So guys, this is what cloudformation was all about. So I'll close the session. Let me go back to my style. All right, so guys we are donewith the lamb stock demo. Today's session is going to beon auto scaling and load. And so so todayI'm going to tell you how you can orderscale your resources so that they becomehighly available and this is what we're going to do today. All right. So with that guys, let's start with today's sessionwith the agenda for today. So guys, this is what we are goingto do today first. We're going to see what are snapshotsand am I so these are basically the entities usingthis using which you will be or scaling your resources. So once you know, what are snapshotsin Amis will move on to why do we actually needor scaling and what? Is auto-scaling exactlyafter that we're going to see what is a load balancerand towards the end. We'll be doing a Hands-On which is going tobe very interesting because I don't thinkthere's a demo out there which can show you the kind of demo that I'm goingto show you today. All right, and if you thinkabout a guy's if you're if you're thinking about movingto the cloud industry order scaling our load balancingout the very important topics in this in this in this domain, right so you shouldknow about them. So if you have been so if you About them pleasepay attention today because you're going and going to go and gain a lotof knowledge today. All right moving on guys. Let's start with the first topicwhich is snapshots and am is so let us see what are those so I guessmost of you are aware of what an ec2 instancesof for those of you who are not an ec2 instanceis just like a row, so it's in freshpiece of computer that have just bought isjust like that, right? So on that computer, you can choose any operatingsystem that you want. Want so once you havethe operating system, you can install any kindof software on it. All right, so you haveto install every time you launch a new in an ec2 instance. You have to install allthe required software's on it. All right, butthere's a workaround what if you wanta specific configuration of ec2 instance a wantfive easy to servers which are exactly like thislike each other, right? So one way of doing that would be to launcha new instance every time install the required packages. Daytime and going about it, right the other way of doing it would beto actually create an image of once you will be configuringyour ec2 instance. And after that you'llbe creating an image of your ec2 instance. And that using that imageyou can actually deploy for more easy to do servers. All right, so this imageis basically what is and am I so am I which is an Amazonmachine image is nothing but an executable imageof your already existing. You do instance, right? But before an am I can be created there isa thing called snapshot now what a snapshotssnapshots are nothing but the copy of the datathe data the copy of the data that you haveon your hard drive. So basically if youhave your C drive, right and you wantto copy your C drive you copy a CD driveon to some external drive so that becomes a snapshot but if you can bootfrom that external drive, so that has to your wholeoperating system comes up. Some other machinethen it becomes an Ami. So this is basically the difference betweenthe two a snapshot is not a bootable copy and Ami isa bootable copy that you have. Alright, so I hopeyou got the difference between what is in am Iand what is the snapshot? So I'll repeat it again and you use an Ami to basicallyreplicate an easy two wins is easy to instance again, so that you don't haveto do the configurations all over again, right? So now you'd be Oh, we were we were to talkabout what is auto scaling. What is load balancing? Why do we need EMS but be patient youwould be clear with everything with the session. All right moving on guys,let's now discuss. Why do we need auto-scalingnow before the right. Now the way I will be going through the session is I'llbe explaining you each topic and then I'll show you itin the AWS console. All right, so we just discussedwhat are snapshots and what are a mere am Iso let me quickly show you How you can configure our how you can createan Ami of an already existing ec2 instancein the AWS console. So, let me give me a second. So give me a second. I'll just go to my browserand my AWS console. So guys, this is my AWS console. I hope it's visible to you. So the first thing that you'll be doingis you'll be going on to your ec2 consoleor all right. So in your easy to console youwill have all your servers that are runningright now, right? So for the for the Sakeof Simplicity I have deployed. I've already deployed to serverswhich are server 1 and server to now I have configuredthem both with a purchase so that they can have yourthey can host a website. Uh, let me quickly show you how the websiteactually looks like. So if I go to this particular IP addressof server 1 This is in part. So what one right so this is how the website lookslike right similarly for my server to if I go to gointo my server to this is how my server to be look like. Here it is. All right. So these are my two servers. Now. What I want is I will create an exact copyor the of these servers so that they can be replicated. All right. So when I say replicatedeverything from software's to this website willbe copied onto an image and that copy or that image when I will deploy it. It will be deployedinside one more. He should do server in whichI don't have to do anything. This website will be there. I just have to goto the IP address and I can see this website. All right. So now what I'll be doingis I'll be creating an Ami of both the server. So let's create an EMFor server one first. I'll select the server one. I'll go to actions. I'll go to image Iclick on create image and all I have to do isgive an image name for it. So let me give the nameas live server one, right? This is my image name. I click on create imageand that is it. It takes in your requestfor Eating an Ami and it does that rightpretty simple now similarly. I will be doing itfor server to as well. I'll select serverto I go to image. I'll create an image and I'll name the imagesay live server to So once I've done that you can see the imagesin your am I tab? So if you look at over here in the images sectionyou can look at Ami is if you go to your aim is youcan see there are two images which are just being created which are in the pending Stateas of now and they are live. So one and lives over to Now using these images youcan create any kind of server that you can createthe exact same server with just a click of a button. All right, you don't haveto configure anything much. Alright, so this ishow you create a new map pretty straightforward guys. Let's move on and discuss. Why do we need auto-scaling now? So you learned how to createan Ami, let's go ahead and stand auto-scaling and see how they are connectedto Ami is all right. So say you have an applicationyou have a website and every machine nowthis website is hosted on server guys, right and so was a nothing but machines now every machinehas Has its limitation right? For example say there'sthis machine is say around 8GB + C i5 processor. So say it can hoston hundred people. Right only a hundred peoplecan come to this website and easily and navigateinside the website. But if more than a hundredpeople comes in this computer or the server becomes slow. All right, so say there area hundred people as of now and they are tryingto access your website and they can easily access. Sit now your websitebecomes a hit overnight. All right, and now a lot of people are tryingto access your website which make sureserver overburdened now in this scenario youcan do only one thing that is deploy more servers and distribute the trafficequally among those servers so that the requestscan be handled. All right. Now this thing is a manual task and manual is a big No-Noin the IT world guys. So we invented a service call. Old Auto scalingand using order scaling what happens is it sees it it actually analyzesthe kind of load which is coming in right and it deploys the server'saccording to that. So say around 300 peopleare coming in and it sees there that you need three servers tohandle those kind of requests. It will dothat automatically, right? And that is where your amI comes in guys because the new servers that you will be launchingthose new servers have to be takenout of some template right so The first server has to bethe exact copy of the sorry. The second server hasto be the exact copy of server 1 the third server aswell has to be the exact copy of server one, right? And that iswhere the am I comes in. So what is what basicallyhappens is in the order scaling service youbasically attach your Ami which you created and using that Ami it deploysmost servers, right? This is why am I is significant or this is how am Iis related to Auto scaling and And this is whydo we need auto-scaling? Let's move ahead and justgive us a definition that what auto-scaling exactly is. So like I said, whenever you your loadincreases and you have to scale automatically upand down you use Auto scaling, so it's not onlyabout scaling up that is when you loadincreases a three or four so as you have deployed andnever when you load decreases Still Force, I was upthere to sitting I'd write so that is not the casewith auto-scaling you can So skilled down as per your needsyou can configure everything which you can imagineabout scaling up and scaling downin the auto scaling properties. All right. So this is whywe need auto-scaling. Now one more thing that you needwith auto scaling is if you would have noticed Isaid the number of servers it deployed gets deployedin the order scaling. So there are theythere are four servers which get with get deployed youduring order scaling right now. The traffic hasto be distributed. It equally right. So this trafficwhich has to be distributed has has nothing to dowith auto scaling. It has to be done bya separate entity. And that is what we are goingto discuss in the next section. But before that, let me show youhow you can configure or how you can configurethe auto scaling properties and attach the related am I so that the related serversare launched right? So let me go to my AWS console. So here am I and as you can see the aimis have already been created. They are lives over oneand live server to now what I'll be doing is I'llbe creating auto-scaling groups or I'll be configuringthe auto scaling properties so that these serverscan be Auto scaled as and when required right? So before that I actually have to createa launch configuration. Now, what isthe launch configuration? So if you look at the a my guysyou have only specified what kind of data should bethere in your server. What you have not specifiedis what kind of machine you should launch every timethere's a need right? So that is exactly what you doin launch configuration. So you have the data but you don't have the informationabout the kind of machine that you want to launch so that that that kind of stuff you will be specifyingin the launch configuration. So what I'll be doingis I'll click on create launch configuration and now it will give me a wizardas same as that of any issue. So right in the ECU server. I had to choosean operating system, right so sameit'll give me the wizard but I don't have to go here. I'll have to goto a separate tab, which is calledmy m is right, so I'll select my mice and now I'll selectthe newly created a match which is the Miwhich I just created which is say we are creatinga launch configuration for us over one right now. So I'll select the lives of A1. I'll click on select and now it will ask me the kindof the configuration that I want for my So rightso I need attitude or micro because we are doinga demo today, right so we don't need muchof of computing power. So we just have to select E2 dot micro and will namea launch configuration a thing. So let's name it as life. So one. Right and the I am roleis not required and I click on next now. It will ask me for addingthe storage so easy be is enough for anyone to machine. I'll go toconfigure security groups. Right? And in this regard to groups. I just have to add the HTTP rule because I have to connectto all the instances that I'm launching. Right? So I'll select the HTTPrule from here right and I click On review so that is it guys. Nothing else hasto be configured you. All right, and it is askingme to check everything that I've just configuredeverything seems fine. I click on createlaunch configuration. Now it last me for the keeper. Right? So every server which will be launchedit will be associated with the with a key pair whichwill be specifying here right? You can create a new one if you don't have already Ialready have a key pair. So let me choose my my keeper so that is a month underscoreto and I acknowledge that I have this keep your and I'll createthe launch configuration. It just takes a secondor two to do that and we are done. Alright, so now we have createda launch configuration. We have specified what kindof machine we want. We specified what kind of datashould go into that machine now, we'll be creatingthe auto scaling group in which will be specifyingin which cases we want to Auto scale. All right, so let's createan auto scaling group now. All right. So it has automatically pickedup the launch configuration that we have just createdthat it's life. So one right let's name thisgroup as live server one group. Right. And what is the initial size that you wantin your launch configuration? That is the minimum numberof servers that you want. So let it be 1and remember guys. This is the most important part when you are creatinga launch configuration in sure that you're doing itin your default VPC to be on the safe side because there area lot of settings that you have to do if you create a VPC on your ownand that becomes a hassle. All right, soif you accidentally delete your default VPC, which I did right so you haveto contact the AWS support team and they'll helpyou out with it. They'll basicallycreate one for you. You cannot createone on your own. All right. So always ensure that you are in a default VPCwhenever you're creating an auto scaling group. Alright, so now Iwill be specifying the subnets. So basically you haveto select a minimum number of to subnets right? I'll need not gettinginto what I said Nets because then it will belike a three-hour session. I will click on configure scalingproperties now over here. You can specify the propertiesthat I was talking about that. When do you wantyour server to scale? Right so over hereyou can specify the average CPU utilization. Now, what do you meanby average PT CPU utilization? So there are four serversrunning as of now, right? So it takes the averageof all the four servers. All right, and if the average goesbeyond whatever number you're specified heresay I specified. 70 over here, right? So in that case wheneverthe average pcpd utilization will go beyond 70 it will launchone more server similarly. If it goes I can configureone more property here, which says if it goes below 20%like scale down from one server. All right. So if there are five servers in there and see people izationhas gone less than 20 percent it will it will itwill scale down from one. Seven and come downto four servers. All right, and you can also set how many seconds should itpaid say the traffic is spiking down and uplike to frequently, right. So for that what you can dois you can set a time. So if the 20% Markhas been not cross still say like five minutes, then it will scale down a server or if the seventy percentMark of the CPU utilization has been crossedover five minutes. It will then scone. Scale up, it will not scale up with at only oncefor only one second. It becomes 71 person. All right, so you can specifyall of that over here. But since I cannot load testmy instance over here, I'll just keep it at its initial sizewith just means that it will even if I delete my instance that is I one instance hasto be there in any case if I delete the instance it willautomatically launch it again. Alright, so let's will selectthe keep this group at an edge at its initial size and we'll goto configure notifications. So I don't want to configure thenotifications neither the tags, I click on review and I'll click on createauto scaling group. Alright, so I've successfullycreated an auto scaling group for my life server one. All right. Similarly. I will do the same stepsfor my server to as well. I'll click on createauto scaling group and I'll selecta launch configuration which was there. For my so to so not donethat so let's create a launch configuration firstfor us over to will go to a mice and we'll selectthe server to part here. Alright, so I've selectedserver to I do the same steps that I did earlier. Right. So let me give it the nameas live server to group. I click on add storage configureSecurity Group over here. I'll add the HTTP rule. Click on review and launch configurationselect the key pair. Acknowledge it createlawn configuration doing the same steps Kuipernot doing any new thing here. I've tracedlaunch configuration. Now. I create the auto scaling Group, which is life'sover to group. Right and then the vpz as I said should be defaultsubnet minimum gruesomeness. You should select You'll clickon scaling properties. I keep it at initialsize configure review and create the auto scaling group. All right, nothing much guys. So same things that I didfor my server one. I've done formy server to as well. All right, so since I've createdor or an auto scaling group, if you go to your ec2 dashboard, you would noticethat two more servers are now being deployed, right? So you can actuallyidentify them over here. See these two serversare being initialized with Eva. These have just been createdby your auto scaling group because we specified that a minimum numberof one server should be there at all times right now. If you try to go to the IP addressof this server. Right, you will see that it will havethe exact same settings for my easy Tucson's instance. So this is my sober one. Right. So as you can see a new instance called created but withthe exact same settings, I hadn't had to doanything it automatically created an instancewith the same settings. All right, and same is the casewith server to as well guys, if I go to my serverto and try to access it. I'll see the same thingsover there as well. So I'll Show you a bit Yeah,so this is my server to alright, so my auto scaling groupis functioning fine. So let us come backto our slide now. So we are donewith auto-scaling now. Like I said, you need to have an entitywhich will equally divide the traffic between the serversthat have just deployed right so they say in I've createdto Auto scaling group Skies as of now write the and why I have createda second Auto scaling group. I will tell you in a bit, but for now understand thatthere is an auto scaling group. All right and inside that auto scaling group saythere are Five servers and if a person is comingin or a customer who has logged ontoyour website is coming in How would how wouldhis traffic be treated? How would he knowwhich server to go to right? So there comesin the third entity which is calledthe load balancer. So what load balancer does isa load balancer your customer will basically basicallybe coming to your load balancer and the load balancerwill decide based on the usage of yourself. Others that which server is more free and then we'll givethe connection to that server. All right. So this is basically the roleof a load balancer. So like I said a loadbalancer is a device that acts as a proxyand distribution Network or application across a numberof servers now, I've been saying it repeatedly that your your serversare actually sorry. Your traffic is actuallydistributed equally among the servers rightbut in a few moments, I'll tell. That there is one moreone more way of Distributing your traffic, right? So before that, let me again stresson the point that this was your autoscaling group guys. This is just the example that Itook in the beginning, right? So there are like these set of users and they're tryingto access your website and they are being routedto these server. So this routing is actually doneby a load balancer right now. Like I said the traffic which is distributedit is distributed in in two types, right? The first time would beto equally distribute them among the number of serverslike say there are five server. So it will distribute itamong the file servers. But if there are say thereare two kind of servers now and so your load balancer can identify what kind ofrequest is being made by a user for example in your website on in your applicationyou have you have a part where in you canprocess the Mitch right and you have a part where you can where you havethe your blogging section. All right. So if you wantto process the image, you want your traffic to goto a different set of servers which are order scaled at their own in their ownAuto scaling group. Right? And if you havethe blogging section, you have a differentorder scaling Group, which is auto scaled at a different weatherdifferent Auto scaling group, but you want everything to gofrom one single link. So the way to do that is usingan application load balancer. So let me just repeatwhat I just said. So the say the this set of servers they hostyour image processing part. They do allyour image processing and these set of servers that they host your blog's thatyou have on your application. All right, a user comes in. He just logs onto your websiteand he goes to a URL which says say Eddie recordor KO / image. All right. If you go / imageyour load balancer, we'll see. Okay, he's askingfor the image kind of content. So he should goto this set of servers because this this serviceof the image purpose and if you go to a Dirac array card or KO / blog yourload balancer identify. Okay, this user he is askingfor the blog content. So you should goto this set of servers. All right. So all of that is doneusing your load balance or if you compare itwith a classic load balancer it is it does not have that kindof Of intelligence, right? What it will do isbasically all the traffic that it has got in coming to it. It will equally distributedamong the number of servers that are under it. All right, but with application loadbalancer you have this option where in you can divide the traffic accordingto the needs of the customers? All right. Now when you have dividedthe traffic again the same thing will happen here as happensin classic load balancer that at this point itwill equally Traffic among the numberof image servers, right and similarly the people who want to accessthe blog it will equally distribute the trafficamong the number of people who want to accessthe blog server. All right. So this is what an applicationload balancer is all about. So classic loadbalancer was something which was invented earlier and these days nobody uses theclassic load balance anymore. People are using applicationload balancer, right? And that is what our demonstrationis going to be. All about today. All right, so enough of talks. Let's move on to the handson that is the demo part. So let me quickly show you what we are goingto accomplish today. So basically a userwill come in. He will have the addressof your load balancer. And if he asksfor the image path or say server one in our case, he will go to the autoscaling group of server 1 if he asks for server to he will go to server to but all of themwill have the same at Is that is using your addressof your load balancer? All right. So this is what we are goingto accomplish today. Now for those of youwho didn't understand that why did we createto order scaling groups is because we want these servers that is the image processingservice to be skated as well. And as as at the same time, we want the Blog showsto scale as well. Right? So that is the reason we want we createdto Auto scaling group. So I dated a server one, which you can imagine isfor your image processing and I created an autoscaling group for server to which you can imagine isfor your blogging section. Right having saidthat guys now, let's move on to my AWS consoleand go to our load balancers. All right. So what I've been doingnow is I'll be creating a new load balancer and that load balancer would be of the typeapplication load balancer. You can see I havetwo options here. I either I can createa classic load balancer or I can createan application load balancer. So I'll go on withapplication load balancer and I will name it as life load balancerand the scheme is internet-facing. So since mine is a website that I want youguys to access right so it could be internet-facing. Otherwise you if youare working in a company and that company wants. A load balancerfor their internal websites that the companies haveyou can actually opted for an internal internalload balancer as well. But since as we havea website and we want that to be used via wewill use the internet facing load balancer, right and the listeners, it's HTTP, that's fineand the availability zones. Like I said, you have to select a minimumof two availability zones and you clickon configure security settings. All right. So now you'll be specifyingthe security group, right? So in Security Group, you'll it's better to createa new Security Group. Remember guys don't includethe default Security Group for your load balancer. It's a good practice to alwayscreate a new security group so that you can customizecustomize your rules according to your needs. All right, so I'll createa new security group and specify the HTTP Ruleand I click on next. And now comes the part where in will bespecifying the targets. All right. Now what our targets now in application loadbalancer guys targets are basing basicallybut or scaling groups, right? So Target one would beyour or scaling group one your target to would beAuto scaling group to Target three Target for youcan have as many targets as you want. But in this wizard, you have to specifya minimum number one, right? So we'll create a newTarget group will call it as say Just killinga life or two one. All right, and the protocol is HTTP Port is80 will click on next and I'll review everything. I think everything is fine and I'll createthis load balancer, right so we have not doneall the settings guys. I'll show you how to doall the settings for now. We are just createda plane load balancer. All right, so I havecreated a load balancer which is pointingtoward Target group. Group one and that Target group is not pointing to my autoscaling group as of now. All right, we will dothat now in this part so we have created. I just created a Target groupcalled live Auto one. I'll create onemore Target Group which will be called live Auto to for my secondAuto scaling group. All right, so I willcreate this and done. So I now have to Target groups that is live Auto oneand live Auto to now these two. Get groups have to point to my auto scalingGroup C respectively. All right. Now the way to do that youcannot appoint them here. You have to go to your autoscaling groups, right? And in your auto scaling groups, you have to selectthe auto scaling group that have just launched. So it is live server one groupand lies over two groups. So you I will go to live soone group and go to details and over here you click on edit. All right, and inside edityou have this option for Target groups. You don't have to specifyanything in the load balances. This option is onlyfor classic load balancer, but we are creating an application loadbalancer, right? So we'll be specifyingeverything in the Target groups. So for live server one group will be specifyingthe demo server one. So demo server onehas already been sorry. Sorry, it will be live AutoOne the target group that I just created and live Auto One is connectedto your load balancer. So basically your load balancerwill point to your target group and your target groupis now pointing to your auto scaling groupone which are pointing to your instances. All right. So this is how itthe visibility comes in so I save it. The target group one islive server one group and the target group 2. I'll be specifying inthe second Auto scaling Group, which is here that is liveor two to write. I'll save it and letme quickly verify if I've done everything, right? So this is a lifesaver one groupand this is live Auto One Fine. This is lice over to groupand it is live or to to fine. So my load balancer can nowsee the auto scaling groups that I've just configured. So let me quickly goto my load balancer. Now comes the part guyswearing I'll be specifying when to go to auto scaling Group1 and when to go to auto scaling group to like Isaid will be specifying it using the using the kind of request that the that the userhas made, right? So the way to do that is using is by firstselecting your load balancer and going to listeners. So once you goto listeners guys, you will reach this particularpage now in this you have to click on view or edit rules. Alright. So once you clickon view or edit rules, you will reach this pagewhich is kind of an if else which is kind of FL structured. So now what will you do isso you can see that there isa default rule as of now that anything any requests which is made it will goto live Auto one. All right, which meansany requests at which is made it will straight away pointed tothe auto scaling group one now, we'll specify ifthe request is our is if the user is asking for sir. To he should be pointedto server to so let us do that the way we'll do it is like this will clickon ADD rules will click on insert Rule and now I'll specify so youhave two options here either. It could be the routingcould be based on your host. That is the address of your of your website or itcould be based on the path. Now. What is the difference sayEddie record or Co this is the host name right now if I try If I type inresources dot Ed u-- record or go it is stillpoint to my domain. But if I have specifiedresources dot ID record or go and if I write it over here and I specify it hasto go to server to it will go to serverto otherwise if you type in resources or Daily Recordor code nothing will happen because now if youhave not configured anything, right, so that is the host pathwith paths the difference. Is that say you rightEddie Ricardo Coast. - block right. So that's / blogbecomes the path. But with host the thingis the difference is resources dot edu record orko. So that becomesone host name, right? But with path you'rebasically putting a slash and you are goinginto a particular folder. All right, so you can specifythe path here, right? It doesn't matter if you have not specifiedin a server for different for different say you couldthe way you could have done. The image processingand block the other way round rather than having iton two servers was that you have you could haveconfigured it inside to servers in your root directory, right? It could be server onefor your image processing and server to for your blog'sbut I don't want that because you'reas distributed as a system. Is it becomesmore reliable, right? And that is the reason wehave two different servers for two different set of things. So the way you can routeyour traffic to body servers is by typing in the path. So say if I haveto go to server one. I'll type in server 1 /star so star basically means anything after serverone could can be accepted but it has to go to the request will be forwardedto live Auto one. All right, so if I have server one in my pathanywhere in my path, it will go to live Auto one. So I'll save this rule. Similarly, I say that if ithas a server to in its path and anything after that. It has to go to live Autoto write and save it. And that is it guys nowmy load balancer has now has saved its settings. Let's hope for the bestand try executing it. So this is the Ling guys, right if you justtype in this link, it will by defaultgo to server one. Right. So if I go to this link, you can see it is goingto server one as of now, but if I specify / server 1 it will goto my server 1 and if I specify / server, too. It will go to my second server. Now. You might be wondering that he meant you might havea different directory in your same server. So let me clear your doubtaccording to that. So what I'll do is I will goto my ec2 dashboard, right and so you have to server one. And I'll quickly show you. If what happensif I type in server to hear? All right, so this isthe IP address, right? So if I typein this IP address, I'm going to server one. If I type in / server to it will give me a photo forbecause there is no folder called server to writesame is the case here. So if I go to is IPL,you can see Server one. If I don't specify anything after my address it will stillgo to the same server that is here. That is this. IP address right but if I specify / over two over here Itwill not be able to do so because this isnot a load balancer. It is directly your IP address, but over hereif I specify server to. It will redirect meto the second server one second. Right, it will redirect meto the second server and that is all that I need. All right. So with one address you areactually pointing to two servers which be solvingyour to problems. Now the real life you skate. Like I told you it could befour different kind of task say you have a bloggingsection on our website and you have an image processingsection on our website. If you want to different servers to hostyour two different Services, you can do that easily usinga load balancer. Alright guys. So with this Iconclude my session for today today in this session. We'll be talkingabout Cloud security without making any further Ado. Let's move on to today'sagenda are to understand what all will be coveredin today's session. So we'll start of the sessionby discussing the why and what of cloud security after that. We'll be seeing how we can choosebetween a public or private and hybrid cloud. For that we'll see whether Cloud security isreally a concern among companies who are planning to makea move on the cloud. So once you have establisheda cloud security is really important. We'll see how secureshould you make your application after that? We'll be lookinginto the process of troubleshooting a threatin the cloud after that. We'll be implementingthat process in AWS. So guys, this isour agenda for today. Let's move on to the first topicof today's session that white cloudsecurity is important. So let's take an example here and talk of three verypopular companies linked in Sony and iCloud so LinkedIn in2012 experience the cyberattack. We're in 6.5 millionusernames and passwords for made public by the hackersafter that soon experience the most aggressiveCyber attack in history where in their highlyconfidential files like the financialstheir upcoming movie projects were made public bythe hackers, right? And this made a huge impacton the business front of Sony. ICloud which is a service from Apple alsoexperienced a Cyber attack where in personalor private photos of users were made publicby the hackers, right? So guys now in allthese three companies you can see there'sa breach in security which needs to be addressed. Right? So Cloud securityhas to be addressed. It needs to be therein the cloud computing world. So since now we've establishedthat cloud security is really important. Let's move on to understandwhat cloud security actually is. So what is cloud security? So it is a useof latest Technologies and techniques in programmingto secure application, which is hostedon the cloud or the data, which is hosted on the cloudand the infrastructure which is associatedwith the cloud computing. Right and the other part of this is thatwhatever security techniques or whatever techniquesor technology that Using to secureapplication should be updated as frequently as possible because every day new threats are comingup right everyday. There are new workaround two problems. Right and you should be ableto tackle these problems or these workarounds and hence. You should upgrade your security as frequently aspossible Right Moving ahead. Let's understand howwe can choose between a public a privateand a hybrid Cloud. So we have understood that what cloud security charityactually is now let's talk in termsof security and understand how we can choosebetween a public private and a hybrid Cloud. So if you were to choose betweenthese three infrastructures, what should be our basis of judging which Cloudwe should choose right? So you would offera private Cloud when you have highlyconfidential files that you want to storeon the cloud platform right now. There are two stories or there are two ways of thinkinga private infrastructure. You can eitheroffer private servers or private infrastructureon your own from Isis or you can look upfor servers dedicated servers by a cloud provider. Right? So that all comes underthe private infrastructure. Then we have the public Cloud infrastructurein public Cloud infrastructure. You would basically use websitesthat are public facing. So say if you havea products page where you have application which can be downloadedby the public so that can be hostedon the public Cloud because there is nothingthat has to be seen. Secret over there, right? So things like websitesthings like data that is not confidentialand you don't mind public seeing it can be hostedon your public Cloud. The third infrastructure is themost important infrastructure, which is thehybrid infrastructure. And this is the set of that most companiesgo for right? So what if there's a use casewherein you have private files of Highly confidential filesand a website as well, right? So if you have this kindof use case Might go for a hybrid infrastructure, which is kind of Bestof Both Worlds, you get the securityor the Comfort or the private infrastructure and the cost effectivenessof the public Cloud as well. Right? So you your hybridcloud is basically if you want your highlyconfidential be stored on your own from Isis and your website be hostedon your public Cloud. This infrastructure would bea hybrid Cloud infrastructure. So basically youwould choose a private Cloud if you have a highlyconfidential files, if you choose a public Cloud if you have files that arenot that important or files that you don't mind peopleseeing and you would choose a hybrid Cloud infrastructureif you want Best of Both Worlds, right? So this addresseshow we can choose between a public privateand hybrid Cloud moving on. Let's understand whether Cloudsecurity is really a concern. So we will discussed that white cloud securityis important we've discussed what is cloud security, right? Now let's talk aboutwhether this really makes sense. Right? So if we say that cloud security is reallyimportant in this is no one who is actuallythinking about it. There's no point, right? So let's see if companies were making a moveto the cloud actually think about Cloud security. So here's a gardenerresearch on companies who are making a planto move to the cloud or who has not movedto the Cloud yet, right. So what are their concerns? Why not they're doing so so the topmost First reason listedby these companies was security and privacy concerns, right? So as you cansee these companies who want to make a moveto the cloud are also worried about the securityon the cloud infrastructure. And this makes it clear that cloud security is actuallyvery important right now. We have understood that cloud securityis very important. We have understoodthat companies are looking for cloud securityare actually following. The practicesfor cloud security, but now how secure should youmake your application? Right? What is the extent to which you should makean application secure? So let us start with this line. So it is said that cloud security is a mixtureof Art and Science right why let's seethat so it's a science because obviously you haveto come up with new technologies and new techniques to protect your datato protect your application, right? So it's a science. Because you have to be preparedwith the technical part, but it is art as well. Why because you shouldcreate your techniques or you should createnew technologies in such a way that your user experienceis not hindered. Let me give you a guy'san example suppose you make an application right and for making itsecure you think okay after every 3 or 4 minutes, I'll ask the userfor a password right from the security point of view. It seems okay, but from the users pointof view it Actually hindering his user experience. Right? So you should havethat artist in you that you should understandwhen to stop or till where should we extendyour security techniques and also you should be creativeas to what security techniques can be implemented so that the user experienceis not ended. For example, there is a two-stepauthentication you get there when you're logginginto your Gmail account, right? So if you know your password that is not enough you shouldhave Have an OTP as well to log into your Gmail account, right? So this might be hinderingwith user experience to some extent but it is makingyour application secure as well. Right? You should have a balancebetween your science and the art part that you're applyingon cloud security moving on. Let's now discuss the processof troubleshooting a threat in the cloud. So let's take an example here. So like you'reusing Facebook right and you get a random messagefrom Person saying there is some kind of storieslike you usually get that by using Facebook right that such and such thinghappened and click here to know more right you getthe similar kind of message here and by mistake you actuallyclick on that link. You didn't know that it's a Spamand you click on that link. Now what happensis all the users that are there are allyour friends on the Facebook Chat gets that message, right and they get furious as to why this kindof spam messages. They're in their inbox, right and you get scared. Now you get angry as well and you have to bring yourfrustration out on Facebook. So you contact Facebookand it get to know that they alreadyknow the problem and they're already working onit and then near to this leash. Now. How did they come to know that there isthis kind of problem and needs to be solved. Right? So basically Cloud securityis done in three stages. So the identification process or the thread identificationprocess is done. Three stages the first stageis monitoring data. So you have ai algorithms, which know what a normalsystem behavior is and any deviation from this normal systemBehavior creates an alarm and this alarm is thenmonitored by the cloud experts or the cloud SecurityExperts sitting over there. And there's a thread theysee there's a thread they go to the next step which is gainingvisibility, right? So you should understandwhat caused that problem right? And Or who causedthat problem precisely. So your Cloud Security Expertslook for tools, which give them the abilityto look into the data and find or pinpoint that statementor pinpoint that event which caused this problem. Right, so that is done usinggaining visibility stage. And once we haveestablished, okay. So this is the problem then come stage 3which is managing access. So what this basically will dois it will give you a list of users in casewe are tracking the who will give you a listof users who have access and we will pinpointthe user who did that, right and that user can be wiped out of the fit system usingthe managing exist age. Eight. So these are the stages which are involvedin Cloud security Now if you were to implementthese stages in AWS, how would we do that? Let's see that so the first stagewas monitoring data, right? So if you have an applicationin AWS and you are experiencing this same kind of thing, what will you dofor monitoring data? So you have a service in AWScalled AWS Cloud watch now, what is AWS Cloud watch? So basically it'sa Monitoring tool so you can monitor your ec2 and your other AWSresources on cloudwatch how you can monitor them. You can monitor the networkin network out of your resource and you can alsomonitor the traffic which is coming onto your instance, right? You can also create alarmson your Cloud board. So if there's deviationfrom normal system Behavior, like I said, so it will createan alarm for you. It'll escalate the eventand alert you about that thing so that you can go onaround and see See what that problem actually is, right. So this is cloudthe monitoring tool, right? So this was aboutAWS Cloud watch. Let me give you a quick demoof how the AWS Cloud watch dashboard actuallylooks like Okay. I said this isyour ews dashboard. So now for accessing cloudwatch, you can go under the managementtools here is cloudwatch Will click on cloudwatch. Now over here youcan monitor anything right? We'll go to Matrix. And you can see there arethree Matrix over here. You can monitor your EBS. You can monitor your ec2. You can monitor your S3right now suppose. I want to monitor my ec2. So as you can see, so I have two instances runningin my easy to one is called for batch instance. And the other is calledWPS instance right now. These are all the metricswhich are there so I can check Matrixfor my WPS instance for network in I can checkthe disk read Ops. So let me selectthe network out metric and they'll be a graph overhere so I can see this graph and as you can seebetween six o'clock and 6:30, I experienced. Search in my traffic, right? So basically this is how you monitoryour instance in cloudwatch. And you have allthese default metrics to check how your instance is doingand you know AWS, right? So this is what cloud watches. You can also setalarms here, right? So if you go to alarmsclick on create alarm. You go too easy, too. And you can select your metric from over here nowselect a discrete bite. So we're now once I dothat will ask me if there's a Time range to which I want to monitorthat instance, right? Okay, let's not set. Any time Ray. Let's click on next. So when I click next youwill be prompted with this page so you can set your alarm name. You can set your alarmdescription here and then you can specify that forwhat read rights number. You should getthis alarm for right? So you'll be setting that. Over here after thatwe will go to actions. So once an alarm is triggered. We should that alarm go whoshould that alarm go to right? So you can seeas I said over here. Now whenever the stateis alarm, right? What should we do? So when the state is alarm you can send you a notificationto your SNS topic now, what is this nation SNS? So basically it'sa notification service will be discussing what SNS isin the next session. Don't worry if you don'tunderstand so basically for now what you can understand Isthat SNS is a protocol where a new set if you get a notification what to do with thatnotification or whom to send to that notification, right? So if there's a topiccalled notify mean SNS, so in notify me, I have configuredan email address. That is my email adress that whenever a notificationcomes to the SNS service or the notify metopic to be precise. It sends an email to me rightwith that message. So I will get a messagewith this alarm. Such and such thingthat has happened in cloudwatch. Now you do whatever is required. The other thing that you can do over here isin the same as soon as topic. You can also configure Lambda function tobe executed right now what that Lambda functionwill do so say suppose I configure the metricto be of CPU usage. Right and I say whenever 40-person metricis crushed create an alarm or like go to an alarm Stateand it notifies the SNS know Or if I mean topic about thisin the notify me topic, I can configurea Lambda function to clear all the background processesin that easy ruins, right? So if I do that the CPU usage willautomatically come down, right? So this becomes a use case that you want to launcha Lambda function, wherever your CPU uses goesbeyond 40 percent, right? And hence. This is the way you would do it. So this was about cloudwatch. There's nothing much to it. You create alarmsand you monitor metrics, right? Moving ahead and let's move onto the second process which is gaining visibility. So for gaining visibility, basically, you have to trackyour whatever activity is happening inyour AWS account. So this is service in AWS calledCloud trade, right? So the cloud rail service isbasically a logging service where in eachand every log to each and every API call is made now. How is it useful? Let's talk aboutthe security perspective. Right? So your hacker gotaccess to your system, so you should knowhow he got eggs. Your system. So if you have a timeframe sayhe got access to your system or you started to facethe problem say around four o'clock, right so you can set the timebetween two o'clock and whatever the damageright now and monitor what all has been goingaround and hence. You can identify the place where that hacker got accessto your system right now. This is the part where you will get to know whothat person actually is or you can isolatethe problems or which calls that so if you take Q fromour Facebook example over here. You can actually pinpoint who is responsiblefor those spam messages because you all have those logsright you will see the origin of those messages now, once you've done that the next step is managingthis guy out of the system or wiping this guyout of the system. But before that letme show you guys how cloud trail actually looks like so let's go backto our ews dashboard and go to Cloud tree service. So I again underthe management tools. You have the cloudforest service you click on the cloud resources and youwill reach this dashboard. All right. So here you have the logs. So as you can see youcan set the time range here, but I'm not doing that. I'm just showing you the logs. So even for logginginto my console it is showing me that I'm loggedinto my console at this time on this date, right? So every event is logged guys. Every event that is happening on your ews consoleis being blocked. So let's talkabout the S3 bucket. So somebody deleted a bucket and that has againbeen locked, right? So it happened at 7:30 8:00 p.m. On 28th of March 2017, right? So any activityany kind of activity, which happens in AWSwould be logged where? Okay guys, so this isabout Cloud Trails. Let's go back to our slideand move ahead and play session. So like I said, so now you have identifiedwho is responsible for your problem. Right? So now the next stepis managing access, right? So now you should be ableto throw that person or remove that personfrom the system. So most of the timeswhat happens is like if we takeour Facebook use case, so basically there was a userwho triggered that problem right so too Things that youhave to do is first of all, you have to removethat spam from a system. So you've got to knowwhere it originated. So now you startwiping it after that. You have to D by that userfrom doing it again, right? So from The Source, you'll get to know who that useris now using managing access. You will actually getaccess to do all that right? So if you talk about AWSthis service is called AWS. I am so what AWS I am does is It basically authenticatesthat particular service. Now, you are a root user. Right so you can do anything. But what if you have employees and obviously all employees willnot have all the rights right. Now. What if you want to givegranular permissions to your employees now forlike in our example, what if one specific employee is capable to track downthis problem right or track down what has to be done? So you can give that particularperson the rights how using I am right? So I M is used to providegranular permissions. It actually secures your access to the ec2 instancesby giving you a private file and also it is freeto use right. So, let's see how I am is used. So let me go backto my AWS console. Okay. I said this is my AWS dashboard. I will go to the securityidentity and compliance domain and then click on I am. Right now over here. I'll click on rolls. Now. I can see all the roles which are therein my I am right? So since I would have identified which roleis creating a problem, so I'll go to that role. So for example, I have a problem in save AWSelastic Beanstalk easy to roll, right I click on this now once I click I willbe getting this screen. So now I can see the The trustrelationship success advising the revoke sessions, right? So I'll go to revokesessions and I click on the book active sessions. And hence. I will be able to wipe outthat user from accessing my AWS resources, right? So this is how you use I amguys are now one more thing that you can do overhere is you'll go back to your dashboard go to Rose. Now I get told you guysyou can actually create a role for a person who would be able to accessrestricted things on. Your AWS account, right? So let me quickly show youhow you can do that. So you will clickon create new role and you will giveyou a roll some name. So let's give ithello over here. Right click on Next Step go toroll for energy provider access. Right, and now you can select how that user of yours willbe accessing your AWS account. Right? So allow users from Amazon CognitoAmazon Facebook Google ID. All right, so let'sselect this now. Let us select Facebook andlet's give it some random application ID, right? So anyways not goingto create this role. I'm just telling youguys how to do it. Right? So basically you getan application ID by Facebook over there. You'll be since youare using Facebook thoughts. Educate that guideto your AWS account. You'll get an application ID by going on tograph at facebook.com. You can do allof that over there. Okay, so that is not the concernyou'll enter the application ID and click on next step. Right? So you get the policy document. So whatever you configured in your text boxes has actuallybeen created in a Json file, right so you don't haveto edit anything over here. Click on next step. Now you have to attacha policy now, what are the policiesof policies basically what all permissions youwant to grant that user. Right? So if you want to Granthim the execution role for Lambda you can do that. You can grant themthe S3 execution roll, right? So whatever policy that you create you can actuallycreate a policy near I am right. I'm not going muchin details of this because all of this is coveredin your I am session, but I'm showing you guys because I just told youguys This can be done to let me show youhow it can be done. Right? So you'll selectwhatever policy want and click on next stepand review it and create that rule. This is it guys right so youcan actually select a policy whatever policy you wantthat role to have and hence. So policies basically a permission that youwant that role to have. So if you get the permissions itto just review your instances, he'll be only ableto review your instances. Okay, one more thing. I want to make Make clear is that you don't have to giveyour security credentials to that kind anymore because now you'll be specifying that user can will be ableto connect to Facebook. Okay. So also you have a parthere wherein you can specify what specific usercan access it right so I can type in my name here. And if I'm being logged in through Facebook ismy username is him and Shauna only then Iwill be able to connect to my AWS account right now. This is ID right I can alsoset the local parameter. Right so idea I think is fine wherein youwill be adding the ID of the guy whom you want this AWS accountbe accessed by right? So you all haveFacebook IDs, right? So you all have to justpunch in your Facebook IDs. We're here click on next step and then you'll be ableto access this AWS account. If I create this roleright now with the policies that I will be attachingto your role. Right? So this ishow you use I am guys. Let us go back to our session. Okay. So these arethe three services guys. So you have I amyou have cloud trail and you have cloudwatch usingwhich you can control or you can actually see what is going onin your AWS account. So let's go ahead and start with today's sessionwith the first topic which is why do weneed access management? All right, so todiscuss this topic, let's understand it using anexample say you have a company in which you have a server and the server haseverything in it. It has all the modulesin it and it gives you the it gives different usersthe permission to use the different serversright now in your company. First of all, you should have an administratorwhich will have all All the rights to to accessthe server, right? So nobody in the today's it World workson the root account, right? So there has to bean administrator account. So first we will createan administrator account with all the permissionsnow tomorrow say a UI developer comes into your company right nowA UI developer will only work on the graphical tools, right? So he should only be allowedthe graphical tools and not some other tools. Maybe he shall not be giventhe internet access. Or something like that, right? Maybe he's not givingthe PowerPoint access. Maybe he's not given some folders access some drivesaccess anything like that. So all of that can be defined inthe server by the administrator and specific rights will be given to a UI developerright similarly if to if after thata business analyst comes in so he should only be ableto access the analytics module which is therein your soul, right? He should not be able to getinto the UI development. In part, or he's not be ableto see the other aspects of what is there in your server? Right? So each and everyuser each every rule will have specific rightsassigned to them. Right? And this is done by policies which are in turngiven by administrators. Right? So this iswhat access management is that giving each rolethe specific rights that they deserve and this is what we are going to accomplishtoday in AWS, right? So this this is Weneed access management. Let's go ahead and understand. How can we accomplishthis in AWS? Right? So as to accomplish this in AWS, you need a service called I amyou have a service called I am which uses this conceptof access management and allows you to give itto your users who are going to use your account. All right. So what is I am so I am is basicallya service from AWS using which you can givepermissions to different users who are usingthe same AWS account that you have created, right? So in a company likein any company be it, you don't have to havetwo or three AWS accounts. You can have one AWS account on which a numberof people can work. Right? For example, you can Define that maybe a developerwould like to Work on your AWS account and he should onlyhave the ec2 instances or you should only workon the ec2 instances you decide that right? So you can only Define youcan define a policy like that that only the devel the developers will only be ableto access the ec2 instances on AWS account. Similarly if saydatabase administrator comes in so you should be able only ableto access DB instances on your AWS account and so on right so allof that is possible using I am but what I am is not only about creating usersand creating policies. It's more there is more to I am right and hencewill be discussing the different components of I am now so let's go on and see what arethe different components. So there are basicallyfour different components in I in the I am service. So the first service isuser then we are groups then we have Rose and then youhave policies right? So the way we are going to goabout these are first I'm going to explain youeach role on each service in I am each component and I am and then we're goingto see how Can execute them or create themand the AWS console, right? So let's start with the users. So the very first time youactually create a AWS account that is basicallythe root account that you have created, right? So there is no user inside it. So why do we basicallyneed a user you need a user because you are supposed to givepermissions to someone right? So say I first of all wantto give administrator Rights to a user right? So you understand you haveto have an entity first to which you can assignpermissions, right? So these entities are calledusers on E. Wa so any person who wants to accessyour AWS account has to be added as a user in I am and then you can attachdifferent policies on to that user. Right? So this is whatuser is all about. Let me go to my AWS Managementconsole and show you how you can createa user in I am. All right, so giveme a All right guys, so this is my AWSsign sign in page. All right. So this email ID when you log inthrough your email ID and your password that is basicallyyour root account. So what I'm going to doright now is I'm gonna log in using my root account and first createa admin account for myself. Alright guys, so you shouldnever work in your root account. You should always havean administrator account through work in the root accountshould only Used when there is an emergencysay you have been locked out of our administrator account only then you should be usingyour route accounts. The first thingthat you should do when you enter the rootaccount is go to I am which is just right here goto I am and then you will have this dashboard thingright over here. You can see there isa thing called users. You will click on usersand you will click on add user. All right, so now it will askyou for the The username so you can provide a username say I'll add my name first so that be hemanth,right and what what kind of access do I want to giveto this particular user? So there are basicallytwo kinds of access that I can give first isthe AWS Management console axis, and then we havethe programmatic access, right? So what is these two so if you want to sothere are basically two ways you can accessthe AWS resources right? You can either access. Using apis that is using your code say youhave created an application which is interactingwith your AWS resources. Right? So in that case if you're interactingwith the apis using the API is that is calledthe programmatic access, right secondly is the AWS Managementconsole access that is when you are using the AWS website to actuallydeploy resources or create or create or remove policiesor whatever, right? So that That is calledthe AWS Management console axis. So for my user I'd be givingit both the accesses that is programmatic axisand the Management console axis. Also, there is when you enable the programmaticaccess programmatic access, basically you get the access keyand the secret key as well. What are these I will beexplaining you in a bit. All right, so we have selectedboth of these options and then move aheadto choose the password. So do you want an autogenerated password? A custom password. I'll choose a custompart for password since I'm creating accountfor myself, right? So I'll choose a custom password and do I want to resetthe password on the first login? No, I don't want that. So I'll clickon next permissions, right? So what kind of permissions do I want my account to have Iwill become drink configuring that over here. So as of now thereare no groups, there is no existing userthat I can copy from. So I'll attachexisting policies. And since I want to attachthe administrator access that is the firstpolicy over here. I'll select that and click on next right so youcan review all the settings that you did over hereand click on create user. This will create a new userin your AWS account. So as you can see, I have got my access key ID anda secret access key now guys, the secret access key. You only get to see one time only one timewhen Created your account. So it is essential that is tore your access keyand secret access key once you get this page. All right, letme store it quickly. So this is my access key IDwhy we are copying it. You'll get to knowduring the session. Don't worry andmy secret access key, which is this let me copy thisand paste it in the notepad. All right, so don't worry. You might be thinking that I've exposedmy secret key to you. So I will be deletingthis account afterwards so you don't haveto worry about that. All right, so I've gotmy access key ID and my secret access key. So that is done. Now. What I'll be doing isI'll be logging out from my from my root accountand logging in this user account that I just created. All right. So one more thing that youhave to be very careful of that you will not be logging inthrough the same login page that is just saw rightso you'll have to log Through a differentlogin page now and the URL for that is this right? So you will be logging inthrough this link as a from now on so whatwhenever you create a user if you want them to loginto your account, you have to give themthis link to log into right? So let us copy this linkover here and log out from a root account. All right. So I've logged out I'll closethis and I'll come here and go to this particular link. All right. So once you reachthis particular link, it will be asking you the account name which willbe self filled by your link. Right? So you have to giveyour username now, which is hemant and then the password so I'll type inthe password that I've given it. and click on sign- in So now I have basically signed in two monthsto mature to the user that I've just createdon my route account. Right? So I no longer haveto use my root account. I can basically lockaway my root account for emergency purposes. I'll be using my administratoraccount from now on I can do everything from administratorson that could be done from a root account as well. But there are cases where in you get locked outfrom your administrator account in that cases you will beNotable success rate so moving on guys, so I'll go to I am not so as you can see wehave created a user and we have loggedin to that user. And if I go to Iam now you can see that it will showthat one user has been created. That is here. All right, so let's getback to our slide and discuss the next component. All right, so we've discussed what our users let's moveon to the second component which are groups. All right. So whenever you createusers they can also be combined into groups. Now, why do we need groups? We need groups because saylet's take an example. So say you have five users and these five users haveto be given identical axis. Right say these five usersbelong to the development. And the developing team hasto have some common access that they all will have right. Now one way of doingthis would be that I would go to each and every userand attach a policy that they need rightthe smart way to do this would be to to includethem inside one group and to that group. I will once only once I will attach the policyand it will apply to all these five users, right? So these are why groups arevery important now how we can create groups. Let me shed a light on. On that so you will go to you can see you can clickon groups over here. And what you'll do isbasically is you'll click on create new group, right? So, let me givethe group name as live demo. All right, and Iclick on next step. Now lastly the policy that I want to attachto this particular group. All right, so say for example, I just want this groupto be able to access the S3 service from AWS. So what I'll do is Iwill select the policy which says Amazon S3 full accessand I'll click on next step. Now this policy basicallytells you that you can only use the S3 servicein the Management console and no other service. All right, so I'llclick on create. Whoop and now whateverwhichever user I will be putting in putting inside. This group willhave this property. All right, so I don't haveto configure the policy for any user now. So what I'll do isI'll create a new user now. So say I createa new user saying test. All right, and then I'm not giving himthe programmatic access. I'm just giving himthe Management console axis. All right, I'll clickon this and I'll give it a custom password. And then I don't wanthim to reset his password and click on next. Right, and now it is asking me whether I want to includeit inside a group. So yes, I do. I want to include itinside the group that I've just createdand I'll click on next and review allthe settings are adjusted and click on create user. All right. So the test accounthas just been created now as you can see guysin the case of my account, which I created. I got an access keyand a secret access key, right? So in this case, I'm not getting any because I didn't selectthe programmatic access only when you select the programmaticaccess it will give you the key so that your applicationcan actually interact with the servicesthat you have launched. All right, so I have have createda test user successfully. Let's log into this test user. so I will type in the URLthat has been given to me. Right now when Ireach this page, I'll enter the username as testand the password as what I have entered rightand I click on sign in. Now with this you can see that. I will now be able to seethe Management console the Management consolewill exactly look like how it was used to see how I used to see itin my root account or my administrator account. But when you will tryto access say a service, which you have notbeen assigned to say, for example, I only haveaccess to S right now because I've deployed it in the group where it hasonly the access to S3. If I try to go inside easyto let's see what'll happen. Right. So it says youare not authorized to describe running instances. As a matter of fact, I'm not authorized to seeanything on my ec2 page. Alright, so that is because I cannot I don't haveaccess to the ec2 dashboard. But let's seeif I can see the S3 dashboard. So I'll quickly go to S 3 andif I have the S3 axis, I will be able to see allthe buckets which are there in - 3 And yes, I do. So let me go inside a bucket and delete somethingso that all right. Let me delete an objectfrom this particular bucket. So yes, I can lead it. All right, so let me checkif what if what happens if I delete or II detachthis particular policy from that group? All right. Let's see what happens. So I will go to I amand I will go to groups. I'll go to this particulargroup and I can see that the policyis listed over here. What I do is I clickon detach policy and let's see what happens now, right? So I'll goto Management console. So on if now Itry to exercise 3. It will show methat access is denied. Right so I no longer have access to the S3 serviceon my AWS console. So this is how you can controlaccess to different users. You can revoke accessyou can include access right you can do allof that and I am right. So let us come back to our slideto discuss our next component or as we've discussed what our userswe have discussed. What a groups now let's comeback come down to rules. All right, so rulesare Similar to users but roles are actuallyassigned to Applications. All right, so users are actuallyassigned to people right? So whenever you havea developer in the company, you will have sine Mthe developer rules, right but when you have rules rules are basicallyassigned to Applications, how let me explain you sayyou create an ec2 instance and inside that needs, you know instance you're hostingyour web application. Now that web applicationhas been has been designed in such a way that it has to interactwith your S3 service. Is for examplethat will be doing to a will be I will be showing you thedemonstration today for this. Right. So say that application hasto interact with the S3 service. Now if I want to want that application to interactwith the S3 service, I have to give it permissionsand to give it permissions. I will use rule so I will create a rulewherein I will specify that this role canaccess the S3 service and I will attachthis particular role to that particulare0 instance in which my application is hosted and in Kiss my applicationwill be able to interact with the S3 service, right? It might sound complicated guys, but it is veryeasy to implement. Let me show you how so what I'll do now is I'll go backto my Management console which is here. All right, I'll goto the dashboard and say I will go to rolls now. All right, so I'll create a newrole now roles can be assigned to any either Lewis servicewhich is listed here. What I'll do is I'll assignit to I'll create a rule type of easy to write so I will select Amazon ec2. And what type of roledo I want to apply to I want to say havethe access to S3. Right? So I'll select Amazon S3full access over here and I'll click on next step. So, it'll ask me the role name. So let me specify the role name as Eddie Rekhaunderscore one right and I'll click on create role. So with this rolehas now been created but mind you guysare not attached this role to any easy to instance. Right? So what I'll do now is I'll goto my ec2 console so over there. I already have builtan issue instance. It is stopped. So I'll start it and attachthis particular policy to that ec2 instance. Alright, so my ec2 instance nameis hemant underscore one. So here it is. I go to actions I startthis particular instance. Right. And what I can do is Ican attach the policy using instance test settings. It says attach or replace. I am roll. I'll go here. I will go to the drop-downand select the role that I just created which isa lyric underscored one. I'll select that andI'll click on apply. Now with this what will happen ismy rule is now my sorry. My ec2 instance is nowconfigured to interact with the S3 servicein this particular account. Alright, so any application that I deploy in this ec2instance will be able to interact with the S3. Okay, so I don't haveto specify any access key any secret access key. If you're still confusedwith that be patient. We are getting onto where do weactually use these keys? And where do we not? All right. So this is whatyour roles are all about. Right so roles. Like I said, they are for resourcesin AWS users are for people roles and uses a similar things you attach polledpolicies on to them and they basicallyidentify Particular instance or a particular person as the owner of thatparticular service, right? So we've discussedwhat roles are let's move on and discuss policies. So if you think about it guys, we've actually beendealing with policies, right so policiesand nothing but permissions that you give to yourwith whatever role or user or groupthat you have created, right? So, for example, I want to givethe ec2 instance axis, right so that ec2 instanceaccess is basically a Policy that I will be attachingto the user or to the rules. All right. Let's see how wecan create policies guys. So I'll go tomy Management console. I'll go to I am Right. So the you can either createpolicies or you can actually use already existing ones. So there are a couple thereare a couple of policies that have already been createdin your AWS account, but you can go ahead and createyour own policy as well. Alright, so let me show you how. So say for my test account, what I'll do is I will goinside test account. All right, and Iwill add permissions. And I will attachexisting policies. Directly and here I am guys. So now you can youcan create policies as well. So you see the tabover here guys, it says create policy. So if you feel you'rethe kind of policy that you want to createis not listed over here in the default policies. You can actually create one and creating a policyis very easy guys. You just click on create policyand you will see this page. All right, so you'llhave three options. You can either copyand AWS managed policy. That is a default policy. Can create our own policyby just typing in the Json code and if you'renot comfortable with coding, what you can do is youcan use the policy generator. Now. What is policy generator? Let me explain you. So with policy generator, you just have to selectwhat effect do you want poor? Do you want it to allow itor do you want it to deny it? Right? So say I want to allowthe easy to service to this particular test account? All right, so I'll gotoo easy, too. Right, here. It is. I selected easy to what kind of actions can he perform sayI want to give him all the actions you can doanything with these two and the show's name isbasically a particular resource. So where they are and you canidentify a particular resource. So I don't want a particularresource to be assigned to him. I want PE can accessevery resource in easy to write so I just add starfor all of them right and click on Next Step. So with this you as you can see ithas Automatically created a policy document for you. All you have to do nowis click on create policy. And it will createthe policy for use as you can see there are18 customer managed policies that are now 19 so Ican go here and select. T' the policya policy over here. Alright, so if I goto my user now, which is test I'mgoing to permissions. I will just click on addin line police policy. Click on select again Guru ec2. select actions all actions rightand pull it to Star. So I click on ADD statementclick on next step and click on apply policy. So a policy has been appliedon the test user that it can actually accessthe ec2 instances now, so if I go to my test user now which in which I was not allowedto access the ec2 instances, I can actually useeasy to instances now, so if I go too easy, too You can see the Lord giveme the access denied thing, right so I can access allthe instances over here as if I was usingthe root account, but only forthe ec2 service right? If I go to S 3 youcan see I will still have the access denied page. Because I'm not beenassigned the access to this particular service. Alright, one more thing isif what if you add an allow and Adonai policytogether inside a group what will happen then? So in that case so since Ihave allowed easy to access what I'll do is I'll denyis you access as well in this particular user. So I'll click createone more policy and I'll say denyI'll select ec2. Right as like the actionsas all actions. I will give the resources allat the statement and click on Next Step apply the policy. So now I have deniedec2 instances as well and created and allowed ecdinstance ec2 instances as well. What do you thinkwill happen now? So if now I tryto go too easy, too. Let's see what will happen. So it will say you'renot authorized to use Easy to anymore because wheneveryou creating policy guys, you either get the along optionor the deny option. If you have selectedboth of them, it will always prefer the least permissionthat you have given. So in our casethat is the deny option, right so it will alwaysdeny the case. Even if you have allowedit in the same user, right if you have mentioned that that particularservice has to be denied to that particular user. Alright, so this wasabout policies guys. Let me come back to my slides. So we have discussedwhat our users what a groups for a roseand what apologies let's go ahead and discuss the veryimportant part of authentication which is calledthe multi-factor authentication. So what is multi-factorauthentication guys, so multi-factor authenticationis basically something like OTP that you get when you loginto your Gmail account, right? So you enter a Gmail Email IDyou enter your password and when you click on continue, it will ask youfor your OTP, right? So same as the casehere as well. You can configureyour AWS account in such a way that you will enter username. You'll enter your password. And when you click on login, it will ask alsoask you for a code that has to be given to it. Now that code is basically the multi-factor authenticationthing that we document so there are basicallytwo layers of security Now one layer is a passwordand second layer. MC code that will be enteringright now with AWS. There is an application calledthe Google Authenticator right which you can use to create a virtual multi-factorFactor authentication device. Now for those of you who already are usingmulti-factor authentication in your company's you so there'sa thing called gemalto, right? So people who work from home and they have to connectto the company's Network the way you connect itis using a gemalto token. And so those of you who are from the IT backgroundyou can relate to it. Right but if you want to go through tothrough a simpler way, you can actually create a virtual multi-factorauthentication device and to create thatin your AWS is pretty simple. You just have to downloadan application called the Google Authenticatoron your phone and you have to connect thatapplication to your AWS account. And that is it now. It might sound tough,but it's very simple. Let me show you how so you you will basically goto your AWS Management console and you will goto the particular user that you want that multi-factor authenticationto be assigned to. All right. So for example, I wanted to be assignedto the test user right. So what I'll do isI'll go to users. I'll go to test right andin the security credentials tab, I will have this pagewhich says assigned MFA device. So it says no as of now, so I'll assign ita device I click on edit and now it'll give me an optionbetween a virtual MFA device and a hardware MFA device. Now. I have to choose among the two. So since I said, you can create a virtualMFA device very simple easily. So I'll selectthe virtual MFA device. And now it's basicallyasking you to install the application on your phone. So we have already done that. Let's click on next step and now you'll be presentedwith this screen. So basically nowwhat you have to do is you would be logging in toyour Google Authenticator app, and you will be scanningthis barcode from your phone. So let me show you how let me connectmy phone to the computer so that you can see the screen. Give me a second. Alright, so this isthe screen to my phone guy. So what I have what I haveto do now is I have to go to the Google Authenticator app. I'll ask me tocreate an account. So I click on beginand once I have that basically now I'll have toscan the barcode from my mobile. So the way to do that is I'll clickon scan a barcode and then I'll scanthis barcode over here. Right, it might take some time. So be patient. Yeah, so it's done now,you're all set. Right. So you just click on done and now you haveto enter two codes that you are youwill be receiving on your on your Google Authenticator. So basically these codes changefrom every 30 seconds, right? So I have to endurethese codes over here. So it's 2 0 4 and then 3 5. Sorry 0 2 0 & 3 5 3 Zerotwo zero three five three, and I have to enterthe next code as well. So let's wait forthe next code and it's 1 2 7 8 9 1 so I'll enterthat over here as well. So it's 1 2 7 8 9 1and that is it guys. So now I'll clickon activate virtual MFA and it says the MFA devicewas successfully Associated. So I'll click on finish and that is it guysyou're done, right? so now if I log outfrom my test account that is From here, right? This is my test account. So if I log outfrom here right now. And try to loginagain using test. So I come to my normallogin page, right? So I'll enter my usernameand my password. Which is this and now I'll clickon sign in so now it will ask me for the MFA code. So let's see. What is our MFA code as of now. So it has changed toseven three four five five two. So let us enter that seventhree four five five two. And click on submit. So with this I willnow be able to log into my AWS consoleusing the test account which are configured usingthe administrator account in I am right so it'svery simple guys. It's you can actually geta world-class security with the click of a buttonusing I am alright, so we have seen how we can domulti-factor authentication. Let's move onto the Hands-On part now, so this is what Is youguys have been waiting for so just give me a second? So that I can configureeverything on my end. All right. So what we'll be doing now isI have created an application which can interactwith the S3 service. All right. So using that asthe service now. We will be. Uploading files to RS3 console and how will we are goingto do that first? We are going to do that usingLocal Host and that is where our secret keysand my accesskey comes in and then we will be we have assigned roleto are easy to instance. Right? So we'll be accessingthat website using easy to without the access keyand the secret access key and we can and we'll see dowe get the access to our SEC service or not? Alright, so let us do that. So now what I'll do is I will goto my local host application. So guys this isbasically my application. What I have to do is I'll choosea file upload a picture from any sample pictures and then it will upload itto a particular bucket that I've defined in S3 and that the bucket lookssomething like this. It show that buckets nameis quarantine demo. So let me show you the bucket. So as of now,I think there are some objects. So let's delete those objects. So here it is. This is thebucket quarantine demo. So I have like three objectsover here as it's now. So let's delete these objects. Alright, so now what I'll be doingis this is the code for my application guys. All right. So in this codeas you can see, I'm not specified the keyand the secret key as of now, so I'll get the key and the secret keyfrom here, right? So let me quickly. So let me show you withoutthe secret can access key. How is this localhostwebsite functioning? So if I try to upload a fileas it is now See, this is the filethat I want to upload I click on upload imageand I will get an error right because itis not authenticating itself to the servicethat I want to go to. So now I'll add the credentials that that is a keyand the secret key. Now the way to do that islike this so I'll copy it. And I'll paste it here. I'll delete this and this is well not requiredand now I'll paste my key and my secret key, which is this rightso I'll copy the key. Over here and thenmy secret key as well. over here and now I'll save it if I try to accessmy Local Host website now, I should be ableto upload a file right so if I try to upload the file now. It says well doneS3 upload complete. So these credentials that have just enteredour basically credentials for my him and account. So if you want to see where did I getthese credentials from again? You can basically goto users you can go to your user and you can goat security credentials and over here. It will last youthe access key ID lot list you the secret access key because it is only availableonce you can only use it once. Copy it once you willnot be able to see it again. And if I make this particularkey inactive from over here, and if I try toUpload anything again. I will again get an error because without the keysmy account will not be. I will not be authenticatedto the S3 Service as you can see it saysinvalid access key because it is not valid anymore. All right, so I can makeit active again, but that is not required as now. So what I do now is Ihave already configured this website on the ec2 console. All right, so let me goto my easy to Right, here. It is. So remember in this startingof the session we created a role for S3 full access, right? So that role has been attachedto my ec2 instance. So let me show you the website. Here it is. All right, so I can accessthe website on my ec2. Now if I choose a file as of nowand I try to upload the file. I'll be able to do so because my policyhas been attached now. Let's see what happensif I d-- attach the policy. All right, so I'll go to this and I'll selectno role click on apply. Yes detach. And now if I tryto upload a file again. As you can see I see a blankpage with basically means that an error has occurred. All right, so I amnot able to upload any file because my role has beendetached from my ec2 instance. So if I wantedto be working again, I'll just simply go here goto actions settings. Attach the rule. That is this click on applyand it will again work. Right, I'll choose a file seethis file upload the image and your work again workslike a charm, right? So that is it guys. You don't haveto configure much. You just have to havethe knowledge of I am and with that you can do complex procedureswith the click of a button and you don't haveto swear about it, right? You might want to you might be wondering did I changeanything in the code when I uploaded to easy to so you don't haveto do anything guys. You just have to deletethe Choose key and secret and you will upload the code as it is you don't haveto change anything it will if it doesn't havethe key mentioned in this particular function, it will basically get those keysfrom the metadata of easy to and metadata is the place where your role is actuallyassigned or your role is actually attached right? So if it doesn't findthe key in the code, it basically goes to the metadata and picksthe key from over there. All right. So guys that is it for the demo partin this session. We will be discussingabout Amazon redshift the most popularcloud-based data warehouse. So let me run youthrough today's agenda quickly. We will Begin by taking a lookat traditional data warehouse will be discussingits underlying architecture and the disadvantages of usingtraditional data warehouse, and then we'll move onto our today's topic which is I'm redshifthere will be discussing its architecture its keyConcepts its unique features and the advantagesof using Amazon redshift. And finally, we'll be doing a demoon Amazon redshift in this demo. We'll see how to importdata from Amazon S3 to Amazon redshift and perform querieson this data very easily. So I hope that wasclear to you guys. Let's get started. I'm sure you know, what a data warehouses youcan think of data warehouse as a repository. Story that data generated from your organization'soperational systems and many other external sourcesis collected transform and then store you can hostthis data warehouse on your organization'sMainframe server or on cloud, but these days companies are increasingly moving towardscloud-based data warehouses, instead of traditionalon-premise systems and to know why we need to understandthe underlying architecture and the disadvantages of usingtraditional data warehouses. So let's beginBy looking at architecture, but it is important tounderstand where the data comes from traditionally data sourcesare divided into two groups. First. We have internal datathat is the data which is being generated and Consolidated fromdifferent departments within your organization. And then we have external datathat is the data which is not getting generatedin your organization. In other words. That is the data which is comingfrom external sources. So this traditionaldata warehouse follows, It's a simple three-tierarchitecture to begin with we have bottom tierin bottom tier. We have awarehouse database server or you can saya relational database system in this jar using different kindof back in tools and utilities. We extract datafrom different sources and then cleanse the data and transform it before loadingit into Data Warehouse and then comes the middle tier and middle tier wehave olap server. Olap is an acronymfor online analytical processing this Oily performsmulti-dimensional analysis of business data and transforms the datainto a format such that we can perform complexcalculations for analysis and data modelingon this data very comfortably. Finally. We have top-tier. The stopped hereis like a friend and client layer this jarholds different kind of query and Reporting tools using which the client applicationscan perform data analysis query reporting and data mining. So to summarize what we have Vlad till nowtraditional data warehouse as a simple three tier architecturein the bottom curve. We have back in tools usingwhich we collect and cleanse the data and thenin mid 80 or we have tools which is olap server using which we transform the datainto the wavy Ward and then finally dropped yourin which using different query and Reporting tools. We can perform data analysis and data mining moving onto the disadvantages of traditional datawarehouse concept there. Is this leadingus Business Service Company. And this company is running a commercial Enterprise datawarehouse this data warehouse as data coming from different sourcesacross different regions. The first problemthat this company faced was when it was setting upa traditional data warehouse as we discussed earlier, the architecture oftraditional data warehouse is not very simple. It consists of datamodels extract transform and load processes, which we call ETL and youhave bi tools sitting on top. So this US based Denishad to spend lot of money and resources to set up a traditional datawarehouse data warehouse, which was initially5 terabytes is growing over 20% year-over-yearand it was expected that the might behigher growth and future. So to meet this continuouslyincreasing storage and compute needsthe company had to continuously keep upgradingthe hardware again this task of upgrading the hardwarecontinuously involves lot of money Manpowerand so many resources so, To scaling and traditionaldata warehouse is not an easy concept and since the companycould not meet all the storage and compute needs easily. It was facing a lotof performance issues as well. And finally the companyhad to deal with increasing cost initially that to spend a loton setting up data warehouse like that to spendon Hardware Manpower electricity security real estate and deployment costand many other and as their data warehouse grewthey had to spend again to meet Courage and compute needs so to sum it up settingup a data warehouse and deploying it and managing it laterinvolves lot of money and resources moreover auto-scaling in traditional datawarehouse is not an easy concept because of all these reasons many companiesare increasingly moving towards cloud-basedwarehouses instead of traditional on-premise systems. So guys in this session, we'll be dealing with oneof the most famous cloud-based data warehouseprovided by Amazon, which is arms, And redshift and simplewhat's Amazon redshift is a fast scalable data warehouse that makes it simpleand cost-effective for you to analyze all your dataacross your data warehouse and data leak guys. I have a definitionwhich is put up on the screen and I have few words, which I havehighlighted over there. So as we progressthrough the course of the session will knowwhat those words exactly mean. So let's ignore them for now, but there are certainkey Concepts which you should be aware of when you're dealingwith Amazon redshift. So we'll discuss them now. Now Amazon redshift data. Where is a collectionof compute resources, which we call notesand these notes when organized into a groupthey become clusters each of these clusters runan Amazon redshift engine and it contains oneor more databases. So this clusterhas a leader note and one or more compute nodes asfor the leader node, it receives queriesfrom Klein applications. And then it passes these queries and develops a suitablequery execution plan and then it coordinates the power. Execution of these plantswith one or more compute nodes watch the compute nodes finishexecuting this plan. Again, the leader node Aggregates the results from allthis intermediate compute nodes and then sends it backto client application. Then we have compute nodes youcan think of this compute nodes as a compute resources that execute the query plan which was developedby leader node, and when they areexecuting this plan, the transmitted data among themselves tosolve many queries. These compute nodes are further. Added into slices which we call note slices eachof this note slices receive part of memory and disk space. So the leader node distributesdata and part of user query that receives from Clanapplication to this note slides and all this note splices walkin parallel to perform operation and increase the performanceof your redshift data warehouse. So to say we have leader node, we have compute nodesand nodes slices. But how do they interactwith line application? That is the question here. So I This line applications basically bi tools or it can beany other analytical tools which communicate with Amazonredshift using drivers like jdbc and odbc jdbc ref is to Javadatabase connectivity driver. It is an API forprogramming language Java. Then we have odbc it refers to otherdatabase connectivity driver and it uses SQL to interactwith leader node. So basically usingthis drivers client application sends a query to leada new read a note on receiving the clientapplications queries. It passes these queries and develops asuitable execution plan. Once the plan is setup compute nodes and compute slices start working on this plantthe transmitted data among themselves tosolve this queries. So once the executionis done leader node again Aggregates the resultsfrom all this intermediate totes and sends it backto client application. So this is the simpleexplanation of Amazon redshift Concepts moving on when you launch a clusteryou need to specify the know. But basically we have two typesof nodes then storage notes. These are storage optimized and I used to handlehuge data workloads. And basically theyuse hard disk drive or HDD type of storage and then we have densecompute distance compute nodes are compute optimized and they are used to handle highperformance intensive workloads in the mainlyuse solid-state drive or SSD kind of storage, but there are three thingsthat you should keep in mind when choosing one among themfirstly you should be aware. If the amount of data that you want to importinto your Amazon redshift and then the complexityof the queries that you run on your database and the needof Downstream systems that depends on the resultsof these queries. So keeping this threethings in mind, you can chooseeither Den storage nodes or dense compute nodes. So guys thatwas the architecture and its key Concepts now, we'll take a lookat few reasons as to why Amazon redshift is very popular as we discussed earliersetting up a You smell data warehouse involveslot of money and resources, but it's very easyto setup the deploy and manage a suitable datawarehouse using Amazon redshift on Amazon redshift console. You will find createa cluster option. When you click on that option Amazon redshift ask youfor certain details, like the type of node. You want to choose the numberof nodes the VPC in which you want to create your datawarehouse user ID password and many other details. Once you feel that youhave given the right set of details you have an option which says launch the cluster and one click your datawarehouse is just created. So with one click you can easilycreate a data warehouse in Amazon redshift. Once your data warehouse is setup Amazon redshift automates most of the commonadministrative tasks like managing monitoring and scaling your database. So you don't haveto worry about managing or scaling your database needs. So that's how easyit is to develop or set up a data. Using Amazon redshift. We also learned that auto scaling is difficultin traditional data warehouse, but you can scale quicklyto meet your needs and Amazon redshift. Well, we already know thata cluster node as a leader note and one or more compute nodes. So if you want to orderscale an Amazon redshift, all you have to dois resize your cluster size as we know this compute nodesare like compute resources. So if you want to scale up, you can increase the numberof compute notes similarly if you want to scale. Held up you just haveto decrease the amount of compute nodes alternatively. We have somethingcalled single note and multiple new and single node cluster one node takes theresponsibilities of both leader and compute functionalities and the multi node clustercontains one lead in node and user specified numberof compute nodes. So suppose you wantto resize your cluster and you are usinga single mode cluster, then you can changefrom single node cluster to multi-node kirsta. Similarly. You can change from multiple node clusterto single node cluster. Of a need so that'show easy it is to scale up and down and Amazonredshift moving on. We learned earlier that while usingtraditional data warehouses. It's possible that the performance of yourdata warehouse might decrease but with Amazon redshift, you can get ten times betterperformance than any other traditional data warehouse. It uses a combinationof different strategies, like columnist storage and massively parallelprocessing strategies to deliver high throughputand response times. So let's discuss the strategiesone by one will first we have columnar data storageto understand what that is first. We should know row storage most of the traditional datawarehouse and database is used this row storage in row storage. All the data about the recordis stored in one row. Okay. So let's say I havethis database here. I have three columnsand two rows the First Column containsthe unique number associated with student the second columncontains the name of a student and the third columncontains the edge as we already know. Data is stored in formof blocks in databases or data warehouses. So as you can seein row storage the block one contains all information. There is about a particularstudent has SSN his name and then age. So basically it storesall the information that there is in a single Loop. So in the first block you haveinformation about first student and in the second block you haveinformation about second student and it goes on nowthe columnist storage again. I'm using thesame database again. I have three columnsand two rows. Rose but Colin storage storesdata by columns with data for each column store together. So again, we have blocks but the first blockhere has all the data that is there in First Column. So you have all assistantstored in first block and all named store in second block and allthe ages Stone in third block. So it goes on there are a lot of advantages of usingthis column storage firstly since and column storagea single block contains same type of data. You can achievebetter data compression. As you can see columnist storage can hold values3 times the records as robe a storage because of this the number of input/outputoperations decreases and thirdly by storingall the records for one field togethercolumnar database can query and perform analysis on similar type of data farquicker than row storage. So this is how the conceptof columnar storage which is used by Amazon redshift providesus a better performance. And then we havemassively parallel processing. I'm sure you might haveor of parallel processing and computer science. It's just that number of differentprocessors walk together or compute togetheror in Palin similarly massive parallel processing in Amazon redshift is nothing but cluster we have alreadydiscussed this earlier. We have a cluster and this clusterhas a leader node and one or more compute nodes and this compute nodes isfurther divided into something called note slices. So when this leader nodereceives a query it develops execution plan andthis compute nodes and computes. Isis walk together or in parallel to executethis plan and later. Thus leader nodesends the results back to client application. So basically this compute slices and compute nodes work in parallel to achievebetter performance moreover Amazon redshift is also ableto smartly recognize the data or notes before running a query which dramaticallyboost the performance. So that's how we can getour ten times better performance using Amazon redshift and then the costand traditional data. A bear houses peoplehad to spend a lot of money to set up and then later to maintainthe data warehouse. But Amazon redshift is the most cost-effectivecloud-based data warehouse. If you rememberin traditional data warehouse, they had to spendon Hardware real estate man, power electricity and deployment costand many others and as their data warehousegrew they had to spend again on meeting the storageand compute needs but an Amazon redshift. We don't have to payany upfront cost. So Amazon, Redshift ismost cost effective and it cost one tenthof traditional data warehouse. You can start small fishes pointtwo five dollars per hour without any commitments and youcan gradually scale up later. If you need in additionto all those advantages Amazon redshift allowsyou to query data from data leak data leakis a storage repository that holds a vast amountof raw data in its native format until it is needed. So in data Lake you have data in different formatsyou can Can load data from Amazon S3 intoyour Amazon redshift cluster for analysis very easily that is from data leakyou can store easily 20 or Amazon redshiftbut it needs more effort and cost the first because loading data intoAmazon redshift cluster involves extract transform and load which we simply calledETL process and this process is very time-consuming and compute intensiveand it's costly because uploading lotsof data cold data from Amazon S3 for analysis. Is growing your clusters, which is again costlyand requires a lot of resources. So as a solution, we have something calledAmazon redshift Spectrum, which acts as the interfacebetween your Amazon S3 or data Lakeand Amazon redshift. So you can directly querydata stored in Amazon S3 or data lake with this red shiftSpectrum without need for Unnecessary data movement. I hope that was clear andfinally with Amazon redshift. Your data is safeand secure it offers. Backup and recovery. So as soon as data is created or stored in Amazon redshifta copy of that data is made and through secure connectionsa snapshot of it a sin to Amazon S3 for later. So suppose you lose your data or if you have deleted the datafrom Amazon redshift by mistake, you can restore the data easily from Amazon S3 serviceAmazon redshift also provides you with an optionto encrypt your data. So when you enablethis encrypts option all the data in your clusterin your leader node, and Compute nodesand nodes slices is encrypted. And this way your datais very safe and secure. So Guys, these areall the advantages of using Amazon redshift. So now you have a basic ideaof its architecture. Its various key Concepts, like clusters nodesleader node note slices now, it's time to workon a demo in this demo. We'll see how to transport data from Amazon S3 to Amazonredshift data warehouse and perform simple queries. So I hope that wasclear to you guys. Let's get started the first First thingthere are certain software's which you need to pre-install so that you can start working onAmazon redshift first suppose. You want to perform querieson the data on Amazon redshift. Then you need a SQL work bench where you can performyour queries and as we learned earlierthe client application need a connectionto communicate with redshift. So we need to installa jdbc driver and for that jdbc driverto run we need to have a Java runtime environment. So we have three things toinstall your now I'll show you how to install it. And I have this Java runtimeenvironment download link by Soft tunic.com. So it says free downloadand you click on that. It will be downloaded. You can store it anywhereand once you're done with that search forAmazon redshift documentation. So here it is. Okay, not that not that just one and when you scroll downit says Amazon redshift get started click on thatand in the step one, we have prerequisite UPS. Okay, scroll down and Chase in the Step2 you have an option where you can download a goto SQL work bench website and download it. So click on that and here itsays build current version and you have download genericpackages for all systems. You can download it. Once you click on that it'll start downloadingand there is one more thing which is jdbc driver. Go back to documentation partscroll down in the step 4, you can see configurea jdbc connection click on that it will take youto a page where you have. I've jdbc driversof different version. You can downloadthe first one click on this and it will be downloaded. So once all these three thingsare downloaded stored them in a file of your choice. Well, I have storedthem on my desktop. I have this AWS folder and in that which ifftso here's my workbench. Zip file. It was a zip file. So extracted all the filesand then I have my jdbc driver your well Java runtimeenvironment as in download, so that's okay. So I hope that was easy to justinstall all these things and you are set to go And your backdoorAmazon Management console? I have previously usedthe Amazon redshift. So I have this Amazon redshiftin recently visited Services. Anyway, you can search forAmazon redshift here your it is whether it's takingtime to load. Okay. This is my Amazon redshiftconsole page and you have different kind of optionson your navigation pane on the left side and there are two ways to createa launcher cluster first. You have quicklaunch cluster option and launch cluster option. This is the very easy wayto launch a cluster but suppose you wantthe freedom to specify all the details as in the vp's. He's the security groupsdifferent type of notes username password and all that. You can go for launchclustered option. Let's go ahead an Explorer. So first it asks for a name. Let's say my clusterand database day T1. And the poor this is defaultPort 5 4 3 9 is a default Port which would be handledby Amazon redshift you then the master user name. Let's say AWS user and password. That's it and confirmyour password and click on continue option. So cluster details are done and dusted then youhave note configurations. Well for the free tire, you only have DC too largebut suppose you have a premium membership. Then you can choose anyof this for this DC to large. This is the CPU capacitymemory and storage and the input output performancehas moderate you can go ahead and choose the cluster type. We discussed this. We have multi nodeand single load and single node. We have both the leaderand the compute nodes. Note responsibilities handledby single note the multi node. We have a single leader nodeand use a specified number of compute notesclick on continue and then here it asks forthe VPC details parameter group in suppose you want encryptionor not and all the details. So basically in thislaunch cluster option, you have the freedomto specify all the details, but for this demo, I'm going to usequick launch cluster option. So again as for the free tire, I'm using DC too largeand again for the free tier. I'm using DC to large typeit says Our to compute nodes and let's retainthe same cluster name as for the masteruser AWS user now. Let me give the password. And the default Port is 5 4 3 9 and last option we haveto choose among the viable. I am users or IM roads, but the question is why we needour I am role here in this demo. I said that we're tryingto import data from Amazon S3, but you need certain setof permissions to access data, which is storedin Amazon S3 for that. We need to create a I am roll. So let's go backto I am service. Let me close all the steps. Okay, here youhave roles option. You can click on thatand click create true. And since we're dealingwith Amazon redshift select red shift, let's shift customizableand click on next permissions. So we want Amazon redshiftto access data from Amazon S3. So search for S3 ofand you have a permission which says Amazon S3 read-onlyaccess well for this demo, this is an if but thereis one more permission, which is Amazon S3 full access so you can perform read and write operations aswell as for this demo. I'm going tochoose this permission, which is Amazon S3 read-only access provides read-onlyaccess to all the buckets and Amazon S3 and click on nextto view give you a role in name. Let's say my redshift roleto and click on create rule. So now our Amazon redshiftdatabase as permission to access data from Amazon S3. Let's go backto redshift console. Okay, let me refresh thisand now it's showing the role which has been createdby showing your so as you can see unlikeother launch option in this I didn't have to specify By much details just the nodetype the number of notes and then the master user namecluster identifier and password and the default database port and you can clickon launch cluster option. So with one click youhave easily deployed a database on Amazon redshift. If you remember when we try to usethis launch cluster option we had option to selecta default database or use or create our own database, but when you use this quicklaunch cluster option a default database calleddeath will be created for us. So guys this clusterhas been created. So before we connectedto your SQL work bench. Let's try to explore here. You need to make sure that the database health status and in maintenance state iseverything is in green color as for the clustera cluster status. It should be available. And for the database Health, it should be healthyonly then you can make a perfect connectionwith your SQL work bench. So you have this iconhere click on that. Well, you get allthe information there is about your cluster or you can just go aheadand click on this cluster. So this is the end pointthis tells me all about how to make a connectionwith this cluster. I have this when I click on thatit says publicly accessible. Yes in the username as AWS userand the security groups. Apparently, it justshows the TCP rules which are set so that's about the end point then the cluster name you havecluster type node type and it shows the nodes andthe zone and the date and time when it was created and you have cluster versionas well on the right side. You have cluster status, which is why Syllabledatabase health healthy. So is it currentlyin maintenance mode? No, and then you haveparameter group apply status which is in sync with your database and thereare few other features as well. But here you can seethis VPC group click on that go for inboundand make sure it is set for TCP. Okay edit make this custom TCP Rule and hereare five four three nine. Custom that's itand click on Save option. So that's the default port with which you can accessthe redshift and it's go back. Clusters. Okay, where werewe we will change the default group of a PC. So this is the URL with which you can connectto the SQL work bench. So let's copy thisand paste it in our x file I pasted over there. Well, if youusing odbc connection and you can use this URL when you scroll down youhave capacity details of your entire cluster, it's DC too large. So seven easy to compute units total memory storageand platform, okay. Let's go back to the I am role but I should havean IM roll option here. Let me see check it out. Okay, there's an option. It's acim rules. You can copy this entire thingand paste it again the editor so that while connectingit will be easy for us to find it. Okay, then so now wehave cluster has created your database or datawarehouse is set up now. You can just connect itwith SQL work bench and start working on it. So let's go back to the folder where I storedmy Workbench here it is. When you scrolldown there's a file which says SQL work benchexecutable jar file. Open so here it is. It's asking fora default profile name. Let's say new profile one. Okay, then driver that was Amazon redshift driveronly jdbc driver. And this was the yarol. We copied it earlierin the editor. So I'm going to pasteit over here. Now. This is the URL control C and pests AWS userin the password. Okay, that should work make Sure that you selectthis order commit save it and then click on OK it saysconnecting new database now, it's successfully connectedso I can easily perform queries. Now first. Let's create some tables. Well, I'm using the sampledatabase from Amazon S3. So you have this AWSredshift documentation. Go back to that and hereit says get started and in the step 6 you havethis default SQL queries and tables provided. You can go ahead and usethat I have it stored in my data. So I'm going to copy first. I'm going to createall the tables. Control C and pasteit over there. Let's check what tables arethere first we have user table. Well, this is likean auction data schema. So you haveuser table many users. When you have category users the category differentcategories to which users belong to then you have a date date on whicha particular event occurred. Then you have eventable all the details regarding an eventlisting as in the items, which are being sold are listed here all the detailsabout the items. Then you have salesas in which user is Sighing how much which itemin on that details? So basically we havesix to seven tables. I'm going to select allthat and say run option. So here it saystable users created table when you created categorydate event listing and sales. So all the tablesare easily created now as for the next part, we need to copy the dataor the data for the database from Amazon S3to Amazon redshift. Let's go back to the editorand I have this copy command. I'll explain you the format. Control C. And let's paste it at herb. Okay, let's explorethis copy command. It says copy to the table users, which you just created fromthis path that is from the file, which is toward an S3 bucket. But this is the credential AWS. I am role which we copiedto the editor the earlier. Apparently, we justgiving a permission to access the data from S3. So we need to copythis I am rollio and then we have delimiter as then let me go backto a return show you an example. Amber Okay, let's sayI've added all the child's name. Archana space some h b. Hobbiesso you can see the straight line This is the delimiteras in the thing which are using two separate. All the fields are the columns. So going back. So that's delimiterwhich separates the data and this is region in whichyou are S3 bucket is located. So that's it. We have to replace diam roll. This is the AR and ifthe role I'm going to copy it and wherever this is youneed to just paste it ctrl-v. Can the dawn last oneso select everything and click on the execute button. It might take a while because the data setwhich was stored in Amazon S3 might containlarge number of rows. So it might take a while asfar as you can see it states executing statement here. It says one outof seven finished so we have six more to go. So this is good work benchhas successfully executed all the scriptwhich we have written here. Let's go and start performingsome simple queries. Let's say I want to extractthe metadata of user table. I have this query OK select starfrom page table definition. So since we are extractingmetadata from table name, let's say users and clickon execute option. So you have so many columns. You ought to tasteFirst Column user ID of type integerand coding Delta. Then you have user name firstname last name city state email. So basically that's the metadataor the structure of user table. So we have sales ID listID seller ID by your ID and many other details. Let's execute another command. Let's say I want to findtotal sales on a given date. Okay some the countyour have some function. Which will count the numberof sales from sales and date where the sales data is date ID and the date on which I wantto calculate a specified here and then click. Okay the summit at your number. Let's just walking on itthat is not working. I've selected the user table and I've asked themto display all the all that dairies in the user table. So this has the data sayselect star from users. So I want to extractthe names of people who are from let'ssay some states. Let's consider some State. Let's take an edgeso s Tage Like and hatch it should work nowit is executing statement. So these are the peoplewho are from State and Edge. So basically once you if the perfect connectionfrom your SQL work bench to your Amazon redshift, you can performwhatever queries you like. So let's go backto our Amazon redshift console. Well, So this is the cluster. I'm going to clickon this here you have queries when you click on thatall the queries, which you performedtill now will be shown. So this is the query so it says first namefrom users was from State NH. This was the querywhich we performed earlier. So you have all the data or all the informationregard the queries which are executed. Well, that's allabout Amazon redshift. So guys, this is how easy it is to createa data warehouse using Amazon redshift go ahead and explore different many otherfeatures of Amazon redshift. Well, I've just showeda part of them here. So go ahead and createa database perform various queries and have fun. So when you talkabout software development, you have to mention develops. Now. Let's try to understandwhy to do that. Let me give youthis basic definition first. So it is nothing but a setof practices intended to reduce the time between committingthe change to a system and the change being placedinto normal production while ensuring high quality. Yes, very text bookishand again for people who do not know what devops has thismight seem a little way. So let me just simplify thisdefinition for you people again. See an image here what you see isyou see a developer. You see an operatorand there is a deployment wall which none of these twois ready to take responsibility of they're pushing theresponsibility on someone else. So yes, this iswhat the scenario is when you talk aboutsoftware development again, let me give you a little moreidea about this particular term. So let's try to understandhow developers work and how operators work andwhen you talk about developers, their responsibility isto create code to update this code whenever required waitfor the next releases and if there are any changescommit those changes submit those changes and again move itto the production environment where the operators take careof it then wait for the feedback from The Operators if there is any and then again gothrough the changes if there are any likewise wait for newer software isnewer products to work on. So, yes, this is whattheir responsibility is create code create applications, right? So what happens here iswhen you do create a software, so there are constant releasesthat you need to focus on. We all know that every now and then you'd be gettinga Windows update or Our mobile phone updatesaying that okay, you have a new operating systemnew release new version updated. So this ishow the technology is working. Everything gets updated everynow and then so the reason this is happening is people want tostay competitive in the market. The software company is at leastand they want to ensure that the product hasthe latest features. So this puts burdenon the developers because they have to constantlyupdate the software now once they updatea particular software. It has to go and workin the production environment, but at times it does not workin the production environment because the developerenvironment And the production environment might bea little different. So something that worksin the developer environment might not workin the production environment. So again, some changesare thrown back by The Operators and developers again get stuck. So they have to wait till they get the responsefrom The Operators and if it takes a longerwhile their work is stuck. Now if you take a look at itfrom The Operators perspective the job is to ensure that whatever is workingin the developer environment. It has to work in the productionenvironment as well. They deal with the customersget their feedback and if there are any changeswhich need to be implemented. At times theimplemented themselves if there are any coreor important changes that are required those have tobe forwarded to the developers. So yes, what happensat time says what works as I've already mentioned worksin the developer environment does not workin the production environment and operators might feel that this was the responsibilityof the developer which they did not do andprobably they are facing problem because of it againthe customer inputs. If those are forwarded backto the developers team. The operator team has to depend on the developers to makethose changes, right? So as you can you seethese two teams are interdependent on each otherand at times they feel that somebody else's work. The developers work is pushedupon the administrators or the developers feel that the administrators teamswork is pushed up on their side. So there is this constant teslwith the company owners have to take care of theyhave to think as an okay if this goes onhow can I generate or produce new releasesnew software's every now and then this could bea problem, right? So this is what devops doesas the name suggests. It is deafplus Ops that meansit combines the operation. Team and the devops team when I say combinedthey bring in this approach where integrationand deployment and delivery. It happens continuouslyand the fact that these thingshappen continuously. We do not see the tusslebetween these two teams. So yes as you move furtherdevelops helps you unite these two teams and theycan work happily together. So this is what happens in devops you code your planyou release this deployment. There's operations. There's monitoring this testingeverything happens in a Pipeline and these are someof the popular devops tools that let you take careof all these things. But now again this is the warps in general you have getyou have puppet you have Chef you have ansible saltstack that help you automatethis process of integration and deployment of your software, but the fact that everything is movingto Cloud these days we are thinking about how can wedo all these things from cloud. Do I need to movein these many tools if you want definitely youcan move all these tools but a platform. Ew s which is a popularcloud service provider what they have doneis that ensured that all the requirementsof develops can be taken care on the platform itself and youhave various services that are made available to you that help you in this processnow say for example, you have easyto write instances. Now you can launch servers at your will you can launchinstances at your will so if your concernis scaling up and down, aw takes care of it youhave various Services, which help youmonitor your process. So monitoring is somethingthat is taken care of. There's auto-scalingtheir various other services which this cloudfront which actually lets you createcontent delivery networks. I mean, you canhave temporary caches where you can store your dataand stuff like that. So there arevarious AWS services that actually helpyou carry out the divorce or the CI CD processwith a lot more ease and that is why it develops an AWS. They form a very goodcombination or a combo, hence. We are talkingabout this term today. That is AWS develops. Not that we have some ideaabout what AWS is what devops is let's try to understand how continuous integrationdelivery and deployment work with AWS and how they incorporatethe devops approach to do that. Lets try to understandcontinuous integration and delivery first. So let's take a lookat this diagram to understand this process. So these are the four steps that are there youhave split the entire chunk of code into segments. So guys think of it as more of your mapreduce kindof an action. I mean, I mean what happens is in your continuousintegration and delivery. We are trying to bridge the gapbetween the developer team and the operations team, right? So we try and automate this processof integration and delivery. So the fact that continuously you havevarious software updates, which I just mentioned right? So what if I have like50 or maybe a hundred developers who are working parallely now, there are certain resources that need to beused by everyone. Right? So what problem itcreates is suppose if I'm workingon a particular code. I work on that piece of code. And if somebody else is workingon that piece of code and we have this Central system where the dataneeds to be stored. So I'm workingon this piece of code. I make a particular changeand I store it there now someone else is workingon this piece of code and that someonemakes a change and he or she stores it there, right? So tomorrow if I come backprobably I need a fresh copy of this piece of code. What if I just start workingon the piece of code that I'm working and thenI submit that code there so there would be an ambiguityright whose coat to be accepted who's codes copy should be made so we need this Central systemto be so smart that each time. I submit a quote it updates. It runs tests on it and see is whether it's the mostrelevant piece and if someone else submits that deputies of code then testsare run on that piece of code. This system shouldbe able to ensure that each of us next time when we go and pickthe piece of code. We get the latest piece of code and we get the most updatedone are the best piece of code. So this process of meetingthe code putting in that piece of code and automatingthis whole process so that as it moves further, it also gets deliveredand deployed to the production in the similar mannerwith the tests that need to be conducted iscalled as continuous integration and delivery now integration as I've mentioned herethe continuous updates in the source code or the code that I'm building the codeis built compiled and when I talk about delivery anddeployment the pieces of code once they're ready to moveto the production environment, those are continuouslyhe deployed to the End customer now deployment seemsa very easy process, right? I mean picking up the codeand giving to the End customer. No, it's not that easydeployment actually involves taking care of all the servers and stuff like thatand spawning up. These servers isa difficult task. So automating this processbecomes very important. And if you do it manuallyyou're going to suffer a lot. So yes, this iswhere continuous integration and delivery comesinto picture code. It is continuously generated. It is compiled it is builtand compiled again then tested. And then delivered and made sure that it gets deployedto the End customer the way it was supposedto be so you can see that there are certain steps areit says split the entire chunk into codes or into segmentskeep small segments, of course into manageable form basically integrate thesesegments multiple times a day, which I mentioned that there should bea central system and then adopt a continuousintegration methodology to coordinate with your team. So this is what happens. I mean you havea source code repository where the developerswork they continuously. Submit their piecesof code now repository think of it as a central place where the changesare constantly committed. Then you have a build server where everything gets compiledreviewed tested integrated and then packaged as well. Finally certain tests final tests are run to gothrough the final integrity's and then it goesto the production environment where this processthe building the staging and the committing process it gets kind of automatedto reduce your efforts. So guys when you talkabout a double Dress in particular you have somethingcalled as AWS code pipeline, which lets yousimplify this process. It lets you create a channel or a pipeline in whichall these processes can be automated. So let's take a look atthose processes as well first. Let's get throughthe definition part. Let's see what it has to say. I wouldn't be blanklyreading this thing and then promptly we'd be having the explanationpart that follows. So as the definition saysit is a code pipeline which Is nothingbut a continuous delivery service we talked aboutcontinuous delivery already and you can use the serviceto model visualize and automate certain steps required to releaseyour software something that we've already discussed in continuousintegration and delivery. So this is basicallya continuous delivery service which lets you automateall these processes. So as I mentionedautomating these processes becomes very important. So once you do use the service, these are someof the features it provides you it lets you monitoryour processes in real-time with Comes very important because we are talkingabout deploying software's at a greater pace. So if this can happenin real time, I mean if thereis any change and if it is committed rightaway probably just saving a lot of time right you ensureconsistent release process. Yes as I've told you deployingservers is a difficult task and time-consuming task. If this can be automated a lot of effort is savedspeed of delivery while improving quality. Yes, we've talkedabout this as well and will pipeline historydetails monitoring becomes. Very important guys. So what court pipeline does isactually lets you take a look at all the processesthat are happening. I mean if yourapplication is built, it goes to the source, then it movesto the deployment. All these processescan be tracked in the pipeline. You get constantupdates as a new cat. This happened at this stage. If anything failedyou can detect as know K. This is the stage where it is feeling maybestage number 3 stage number four and accordinglyyou can edit the stuff that has happened at that stageonly so weaving the pipeline. Details actually helps a lot and this is where codeby plane comes into picture. So this is what the architectureof Code by plane looks like. It's fairly simple guys. So some of this might seem alittle repetitive to you people because the conceptsare similar the concepts which we discussedthose can be implemented by using Code pipeline. So ESF talkedabout these things, but let's try to understand how the architecture works and we will be usingsome other terms and discuss some termsin the future slides as well, which we've alreadytalked about but each of these Isis they dothis task a little differently or help you automate theseprocesses hence the discussion. So, let's see how much level can we keepit unique and let's go ahead with this discussion as well. So, let's seehow the code pipeline Works. Basically there are developers as I've already mentioned thesedevelopers would be working on various pieces of codes. So you have continuouschanges and fixes that need to be uploaded. So you have various Services. One of them is code commitwhich lets you have a initial Sourcemanagement system kind of a Which lets you basically takecare of repositories and stuff like that. So it lets you directly connect with get I wouldbe talking about get what get is but for peoplewho know what get is if you have to manageyour git repositories, you have a service calledas code commit. So this is what happens if there are any changes those go to the source developerscan commit those changes there and then it goesinto the build stage. This is where allthe development happens. Your source code is compiled and it is tested then it goesto the twist aging phase. Where it is deployed and tested now when I say testedthese are some final tests that have to be implemented before the code gets deployed. Then it has to be approved. Manually. It has to be checked manuallywhether everything is in place. And finally the code is deployedto the public servers where customers can use it againif they have any changes as I've mentioned thosecan be readily taken from them and it goes back againto the developers and the cycle continues so that there iscontinuous deployment of code. This is another look at it. It is very Simple but this is morefrom AWS perspective. So if there are any changes that developers commit those goto the source now, your data is storedin a container called as S3 that is simple storage servicein the form of objects. So if there is anything that has to happenthe data is either fetched from the storage container, which is S3 and the changesare built and then again a copy of it is maintainedin the form of zip as you can see here. There are continuous changes that are happeningand those get stored. In the S3 bucket nowS3 should preferably be on the region or in the placewhere you are pipeline. Is that helps you carry out the process of continuousintegration and delivery with he's in case if you are concernedwith multiple reasons, you need to havea bucket at each reason to simplify these processes. So again here to the codegets to the source. It is probably submittedto the build stage where the changes happena copy is maintained at S3. And then it goes to the stagingagain a copy is maintained and then it gets deployed. So this is how the Quarter pipe line worksand to actually go ahead and Implement all the actionsof quarter pipe line. You have a serviceor the services that is your code deploy builtand code commit in AWS. So these Services actuallyhelp you carry out some or most of these processesthat are there. Let's take a lookat those services and understand what do they do? So first and foremost you haveyour code deploy code built and code commit. So this is not the order in which you dealwith these things. Now these things actuallyhelp you in Automating your continuous delivery and deployment process they havetheir individual commitments. Let's talk about themone by one first. Let's talk about code commitwhich is last in the slide. So basically I talkedabout moving a piece of code to a central place where you can continuouslycommit your code and get the Fresh store the best copy. That is their rightso code commit what it does isit helps you manage? Your repository isin a much better way. I mean think of it asa central repository. So it also lets you connect with get Which itself isa central storage or a place where you can commityour code you can push and pull that pieceof code from their work on it make own copyof it submitted back to the main server or your main orCentral operating place where your code getsdistributed to everyone. So that is getand what core come it does is it lets you integratewith get in a much better way so you do not haveto worry about working on two different things. It helps younot Ematic authorization pulling in the repositories that are therein your gate account and a number of other things. He's so yeah, that is what code commit as then you have somethingcalled as code built as the name suggests. It helps you automate theprocess of building your code where your codegets compiled tested certain tests are performed. And again, making sure that artifacts of the copiesof your code are maintained in your S3 and stuff like that. So that is what code billed asand then you have code deploy as I've already mentioneddeployment is not an easy task. I mean if we are stuckin a situation where we are supposedto manage the repositories we're supposed to On quitea few things in that case if we are forced to kinda takea look at the servers as well for new instances painnew piece of servers that could be a tedious task. So code deployhelps you automate these processes as well. So this was some basicintroduction to these things. Let's just move furtherand take a look at the demo so that we can talk about someof these terms and the terms that we've discussed previouslyin a little more detail. Now in one ofmy previous sessions. I did give you a demoon continuous integration and delivery I believe If they were certain terms that people felt were taken careof in a speedy way hope that I've explainedmost of the terms with more finesse this timeand in more detail as we go through the demo to I will try and be as low aspossible so that you understand what is happening here. So let's just jumpinto the demo part guys. So guys, what I've doneis I've gone ahead and I've switchedinto my AWS console for people who are new to AWS again. You can have a freetier account with AWS. It's very easy. You have to go and signinput A credit card or debit card detailsa free verification would happen and probably you would be givenaccess to these Services most of these servicesare made available to you for free for one complete year and there is certain limitationon these services. So you have to followthose limitations if you cross those limitations, maybe you'd be chargedbut that happens rarely. I mean if you wantto get started definitely this one yearfree subscription is more than enough to get Hands-Onon most of the services. So I would suggest that you createthis free tier account. If you've taken a lookat my previous videos, you know that how to createa free to your account. If not, it's fairly simple. Just go to your browser and type AWS free tierand probably you would be guided as in what detailshave to be entered. It's not a complex process. It is fairly simpleand it happens very easily. So we just have to goahead and do that. Once you do that again, you'd be having accessto this console guys. So once you have an accessto this console, you have all the servicesthat you can use. So in today's session we wouldbe working on a similar demo that we worked in our oneof the previous sessions here. We would becreating an application. In a pass application platformas a service application and we would be deployingthat application using our core pipeline. So there would be talkingabout other terms as well. Like code commit codedifferent code built. So do not worry we wouldbe discussing those as well. So this is what the demo isfor today's session. So guys, let's start by creatinga pass application to do that. We would be usingelastic Beanstalk, which lets you have a readyto use template and using which you can createa simple application at this being a demo guys. We would be creating a verysimple and a basic application. So just Come hereand type elastic Beanstalk. So when I cometo this page guys, if you've createdan application, it would show youthose applications, but the fact that if you're using itfor the first time, this is the consolethat you'd be getting that is why I have createdthis demo account. So that probably we get to see how you can startfrom the scratch. So if you click on get started as creating an applicationhere is very easy, like extremely easy you haveto enter in certain details only it takes a while to createan application under Stan double I would tell you why it takesthe time but once it happens, it happens very quickly. So all you have to do isgive your application name. Let's call itsay deployment tap. I'm very badat naming conventions. Let's assume that this is good. You can choose a platform guys. You can choosewhatever platform you want. Say PHP is what I'm choosing right now as Itold you it's a pass service past that is platformas a service means that you have alreadyto use platform guys. That is why you can just chooseyour platform and your elastic. In stock would ensure that it takes care of allthe background activities. You do not have to setup your infrastructure. It takes care of it. So once I select the platform Ican use the sample application or use the codeif I have in this case, I would be using a sample code that AWS has to offerand I say create. There you go guys. This thing iscreating my application. So whatever is happening here, it shows that these arethe processes now, it is creating a bucketto store all the data and stuff like that. So it would take careof all these things guys. It might take a coupleof minutes of meanwhile. Let's just go aheadand do something else. Let me just open it uploose console again. Somewhere else. I hope it does not askme to sign in again. I've already signed in. So meanwhile thatapplication gets created. Let me just go aheadand create a pipeline guys. So code pipeline againas fairly simple guys. What happens here is very easy. I just go ahead and put incertain details here as well in my pipeline would be created. So do you want to usethe new environment or wanna stick to the old one? You can click on Old right and you can go back and createit the way it was done or you can usethe previous environment. I'm going to stick. And I was verycomfortable with that. So let's just stick with it. If you want you can usethe new interface. There's not a lot of difference certain littleare minor differences. So you can just comehere and add in the name of the pipeline that you wantto creates a demo pipeline. I see next Source provider guys. I would be using GitHub here because I want to basicallypick up a repository from GitHub that helps me in deployment. So I need to connecttogether for that. It would ask me to authorizeif you have an account. You can always do that so that it can basicallyringing all the repositories that you have. So just say authorized if not, you'll have to sign in onceso my account has been added here guys repository. I need to pick a repository. This is the repositorythat I would be picking. Do not worry. I would be sharingthis piece of cord or is what you can do is you can justgo to GitHub and type AWS - Cole pipeline -S3 - code deploy - Linux now it is a repositorygiven to you by AWS if you take a look at it, and if you type it just the wayit is named here from AWS. You should getthat repository in GitHub. You just have to goahead and Fork it into your GitHub account and probably you would be able to importthat repository directly. You can see that repositoryhas been fought. Here into my GitHub account. You just type the name hearthis name search it and probably there would bean option your fork. I fucked it. So it does not activatethis option for me in your case. It would be activated. You have to just click on itand the repository would be forkedinto your account. So I am getting or importinga fork from my GitHub. I was authorized my accountand then I can just go ahead and do the stuffBranch Master Branch. Yes, and just do the next stepbuild provider no build here. I don't have Teenager to buildso I don't need to go ahead and provide a bill provider. You can use codebuild right guys, if you want to move or basically deployyour code to ec2 instances. You can use code build. If you want in this case. I have an application in which I have an ec2 instanceand stuff like that. So I don't need to go aheadand do any building stuff. Hence no build for me. So I say next deploymentprovider in this case. My deployment providerwould be my EBS so we have that option. Yes. Yes select EBSelastic Beanstalk. Naughty BST b standsfor elastic block storage. That is a different thing guys. Elastic Beanstalk. Make sure you dothat application name deployment a pause the name, right? Yep, and the environment. This is the environment. It creates the environmenton its own. I believe that ithas created the environment. It says it is starting. I hope the environmenthas been created. So guys, let's just see whether our applicationis up and running so that probably Ican pass in the details. Yes, the applicationhas Been created guys. So let's just go backand select this say next now create an IM role is alreadysaying so let's say sample. Okay guys, so what happens normally is and Iam user gets created each time. You create a role. So in this case it is asking meto create one taxes create a new item role database code pipelinenice shell of successful. So role has been Increated next step now. It gives me the details guys. Basically it would tellme what are the stuff that I've done. So everything is here. I don't think I needto cross check it. You might just crosscheck the stuff that has happened andsay create a pipeline. So guys, the pipelinehas been created here as you can see. These are the stagesthat have happened. If you want you can just goahead and say release a change now these thingsare happening guys, and let's hope the deploymentalso happens successfully. We've just created an eye. User let's seewhether it falls in place. Everything is in place. As far as the source partis concerned it has succeeded and now the deploymentis in progress. So it might take a while. Meanwhile just go back and takea look at this application. So if I open this applicationguys It would give me an overview of what has happenedwith this application guys, as you can see, these were the stepsthat were implemented. Now the applicationis available for deployment. It successfully launchedthe deployment environment. It started with everything that it was supposedto do like create or launch an ec2 instanceand stuff like that. So everything is mentioned here what happened at what time sothis is a passive is guys and it works in the background. I mean if you actually go ahead and launch an instanceon your own configure, I am users canAs you go to groups, it takes a longer while but what the service doesis it automate that process. It understands that you needan ec2 instance. It launches that instance. It assigns security groups. We PCS and stuff like that. All you have to do is runyour application on top of it as simple as that. So it has taken care of everything and runa PHP application for me. So yes, this iswhat has happened here. If I just go back here. Meanwhile, let's see whether our codehas successfully run you can see what has happened here. I am released the change as well and you can movethe pipeline history. If you want you can clickon this icon and all the details would be given to youwhat happened in what stage. So these are the things that have happenedtill time now guys, let's just go backand take a look at something that we could so I'm goingto come here and say service easy to because my applaunched an ec2 instance. So there should bean instance created by elastic BeanstalkC1 instances running. It has a keep your attachedto it as well. So He's any details guys. I have a public IPassociated with it. If I copy it. There you go copy this IP and I say run this IP you havesuccessfully created a pipeline that retrieved thissource application from an Amazon S3 bucket and deployed itto three instances. It did not deploy to three instancesusing Code deploy. It deployed itto only one instance. You see this message that it deployed itto three instances is because the code orthe repository that I used it. Supposed to deploytwo different instances if there are multipleinstances and hence. This message would have mademore sense than but the fact that we've deployed itto only one ec2 instance. It should actuallydisplay that message. So the message that you're supposed to giveyou can actually come back here and make change to the pieceof code that you worked on. If you go to the readme MD file, I think this iswhere the piece of code is. There you go not here. Where is that filethat needs to be edited? Let me just take a look at. Some other files as well. Yeah. This is the file. Sorry. So if you go to the index dotfile here is the message guys, so you can probably makea change to this message instead of seeing three you can sayone here edit this piece of code and then you submitthe code again. So when you do launch or type in this IP address probablythat change would be reflected. So guys, what we've doneis we've actually gone ahead and createda pipeline successfully and in that process we'veactually gone ahead and move. Move or deployedour application from here. So guys in case if I do go aheadand commit changes to the code that I just talked about those would get reflectedright away in my history when I talk about this pipeline. So it does give you a continuousintegration and deployment. So, I hope that this session madesense to you people and we've talked artistupon most of the stuff that I wanted to talk about. And as far as thesession goes guys, I would be resting it here. So let's startwith the first question. Now I first question saysI have some private servers on my premises. Also. I have distributedsome of my workload on the public Cloud. What is thisarchitecture called? So basically our workloadhas been divided between the public cloudand the private Cloud now, they're asking me what isthis architecture called? It's a prettybasic question guys, but if you look at the optionsare quite confusing, the first option isa virtual private Network then We have private Cloud, which is obviously not there. Then we have a virtual privateCloud could be the option and then we have hybrid Cloud. All right guys. So what do you think? What do you think isthe right answer for this? Come on guys, let's be more interactivein this session because if it'sa two-way thing then it's going to be interestingfor you and for me as well. So let's make itas interactive as possible and let's get the mostout of this session today. Alright, so a she says it's either virtual private cloudor hybrid cloud. So as usual, it's actually only oneout of all the for so give one answer. Okay, I can see some of you are saying the rightanswer some are confused. It's okay. I shall clear your doubts. Alright guys, so the answeris hybrid Cloud now, why hybrid Cloud because okay. So let's actually discussthe first three options which are actuallynot the right answer. So it is not a virtual private Network becausea virtual private Network. Is something that you useto connect your private cloud and your public, right? So to connect betweenyour private cloud and the public Cloudyou actually have to make a connection and that connection is doneusing a virtual private Network. Alright, then wehave private clouds or private cloud is something where in you haveyour own servers on your own premise, right, but in our case we havepublic Cloud involved. So it is obviously not privateCloud virtual private cloud is not the As well because a virtual privatecloud is basically a logical isolation kind of thing wherein youisolate your instances from the rest of the instanceson your AWS infrastructure. And this logicalisolation cloud is called a virtual private cloudand then you have hybrid Cloud which I think fits aptlyby its name as well. We're in it's a mixtureof your public cloud and your privateCloud infrastructure, right? So, let's see the answer. So the answer is hybrid cloudand the nation is like this because we are usingboth the public cloud and you're on from Isis servers, which is a privateCloud be called and hybrid architecture, right and it says herethat if you want to be better if your private andpublic Cloud were all on the same network, right? So basically when youconnect your public cloud and private Cloud togetherusing virtual private Network, you basically are accessingone network and you feel that all your resources. Is it says deadon the public cloud and the private Cloudare actually there in one network, right? So it seems It'sa virtual private and virtually you feel that you areon the same network, but it's they are actuallytwo different resources or two different locations from where you areaccessing your resources. Alright guys, so guys any questions regardingto the first question that we have discussed anythingthat you're not clear whether it wasa very basic question, but then we are gettinga very lot of Concepts. Here, we have a virtual privateNetwork concept then we have the virtual privateCloud concept, right so it can be confusing and this is how they askedto you in interviews as well. Right? So you have to bevery clear in your answer. You have to be very clearin your thoughts that what shall bethe right answer. All right, so I can see that people are givingme a go there all clear. Okay guys, so let's move onto the next question then so our next question starts withour Section 1 which is easy. Questions, so it's from here. We'll be talking all about AWS. So let's startwith the question first. So we have a videotranscoding application and the videos are processedaccording to work you with the processing of a videois interrupt in one instance. It is resumedin another instance. Okay, good enough. Then currently there isa huge backlog of videos which needs to be processed. But this you needto add more instances, but you need these as mrs. Only until their backlogis Oost right. So once your backlogis reduced you don't need those many servers. So which pricing optionshould be the efficient should be the mostcost efficient for this? Okay guys, so first of all, when you havequestion like this, a lot of things are addedinto it to make it confusing. So first of all, the things is the firstline reads that it's a video transcoding application. So it is not relevantto your question, right? It is not relevant towhat is being asked so you Discard that out and then it says the videos are processedaccording to work you again, it's their confuse. You don't the first thingthat you should look out into a question, which are trying to menare trying to figure out an answer is the important part. What is important in the question youshould be able to unfair that so according to me. The thing that is important is that there is a hugebacklog of a video. So there is a lotof pending work and this pending work hasto be reduced right and one. Is it is reduced we will not be needingthose many servers. So basically we are increasingour number of servers to actually reduce the numberof backlogs that we have. And once we have reduced that we have an applicationwherein we don't need those too many servers anymore so we should get rid of them. Right? So now it is askingme which pricing option should be efficientfor this seller. Now, you have three kindof pricing options you have on demand pricing thenyou have spot pricing. And then you havereserved place, right? So you spot pricingis basically used when you want serversat the minimum cost. So basically what happens is why spot pricing hasan introduced is because of this that new AWS has centers, right? It has service zones where it has a lotof servers now not all the time that the serversare actually being used. Some of the timesare idle, right. So in times like this when the serversare ideal, what eight? SS does is it givesyou a discount that since no server is being used. I shall give you a discount. If you want to usemy servers now in this case you use pot pricing. So if you are goingfor spot pricing you see these reduced rates from AWSwhenever their servers are idle and you should bid rate, right? So say example serversare being offered at some particular price. And you say Okay. I want these many servers,but I can only afford $10. So as long as the serverAnd be allotted to me for $10. I shall use them. Right so you setyour price a $10 and then you use the service but the momentthe demand increases in that particular serverlocation the prices go up again. All right, and if the price crosses $10your server shall be shut down, right you will not be ableto access that server anymore. Right? So this is what spot pricing isyou basically bid for the minimum priceand whenever the price. Co- op your server is takenfrom you right then second type of pricingis called reserved pricing. When you reserve your serversfor a particular amount of time say a one-year termor a three-year term, right? So it the applicationfor this could be when say I have a company right? And my company has a website. So my website is hosted on AWS. Now, my websiteis going to be there till my company is there right? So it makes sense for me to actuallyreserved the instances for like maximum Dome. Possible because I haveno plan to sell my company and hence take downmy website right now. The reason people offerreserved instances is because as comparedto the on demand pricing the reserve pricing isactually pretty cheap, right? So if you reserve your instancesfor a longer term, you get discountsfrom AWS, right and then we haveon demand pricing where and we can getas many servers as you want at the time what we want asper your requirement at whatever time you Choir and the pricing for themare standard right? I'll not say they are highbut they are standard but they are morethan reserved pricing and your spot pricing. Now. Our question says that we have to reducethe backlog and once a backlog has been reduced. We'd have to get ridof the service. So obviously will not beusing reserved instances because we cannot save and our backlogwill be ending right? We cannot be using spot prices because we want that backlog tobe reduced as soon as possible. So what we'll dois we'll be using on-demand instances or ondemand pricing and using that we will reduce the workload or will reduce the backlogof the videos. And once it's been reduced wewill reduce the server size for our instance. Right? So the answer for thisshould be on-demand instances and if you read the explanation, you should be using an on-demandinstance for the same because the workloadhas to be processed now meaning it is urgent. Secondly you don't need them. Once you havea backlog is cleared. Therefore is evidence isout of the Picture and since the work is urgent. You cannot stop the workon engines just because the spot price by right. So therefore spot pricein can also not be used and hence will be usingon demand has. All right guys, so any doubt in this questionanything that you're not clear with by are we usingon demand pricing?
If you like my review go and see this website here: https://gumroad.com/l/ghszg and watch what the world has to give while visitting with that url.
ReplyDelete