Overview of Amazon Web Services AWS Whitepaper

AWS Secrets Manager ........................................................................................................................ 133

AWS Security Hub .............................................................................................................................. 134
AWS Shield ........................................................................................................................................... 134
AWS IAM Identity Center .................................................................................................................. 135
AWS WAF .............................................................................................................................................. 136
AWS WAF Captcha .............................................................................................................................. 136
Storage ....................................................................................................................................................... 136
AWS Backup ......................................................................................................................................... 138
Amazon Elastic Block Store .............................................................................................................. 138
AWS Elastic Disaster Recovery ......................................................................................................... 138
Amazon Elastic File System .............................................................................................................. 139
Amazon File Cache ............................................................................................................................. 139
Amazon FSx for Lustre ...................................................................................................................... 140
Amazon FSx for NetApp ONTAP ..................................................................................................... 140
Amazon FSx for OpenZFS ................................................................................................................. 141
Amazon FSx for Windows File Server ............................................................................................ 141
Amazon Simple Storage Service ..................................................................................................... 141
AWS Storage Gateway ....................................................................................................................... 142
Next steps .................................................................................................................................... 144
Are you Well-Architected? ..................................................................................................................... 144
Conclusion .................................................................................................................................... 146
Resources ...................................................................................................................................... 147
Document history ........................................................................................................................ 148
..................................................................................................................................................................... 148
AWS Glossary ............................................................................................................................... 153

x
Overview of Amazon Web Services AWS Whitepaper

Overview of Amazon Web Services

Publication date: August 27, 2024 (Document history)

Amazon Web Services offers a broad set of global cloud-based products including compute,
storage, databases, analytics, networking, mobile, developer tools, management tools, IoT,
security, and enterprise applications: on-demand, available in seconds, with pay-as-you-go pricing.
From data warehousing to deployment tools, directories to content delivery, over 200 AWS services
are available.

New services can be provisioned quickly, without the upfront fixed expense. This allows enterprises,
start-ups, small and medium-sized businesses, and customers in the public sector to access the
building blocks they need to respond quickly to changing business requirements. This whitepaper
provides you with an overview of the benefits of the AWS Cloud and introduces you to the services
that make up the platform.

Introduction
In 2006, Amazon Web Services (AWS) began offering IT infrastructure services to businesses as web
services—now commonly known as cloud computing. One of the key benefits of cloud computing
is the opportunity to replace upfront capital infrastructure expenses with low variable costs
that scale with your business. With the cloud, businesses no longer need to plan for and procure
servers and other IT infrastructure weeks or months in advance. Instead, they can instantly spin up
hundreds or thousands of servers in minutes and deliver results faster.

Today, AWS provides a highly reliable, scalable, low-cost infrastructure platform in the cloud that
powers hundreds of thousands of businesses in 190 countries around the world.

This video explores how millions of customers use AWS to take advantage of the efficiencies of
cloud computing: What is AWS? | Amazon Web Services

Introduction 1
Overview of Amazon Web Services AWS Whitepaper

What is cloud computing?

Cloud computing is the on-demand delivery of compute power, database, storage, applications,
and other IT resources through a cloud services platform via the internet with pay-as-you-go
pricing. Whether you are running applications that share photos to millions of mobile users or
you’re supporting the critical operations of your business, a cloud services platform provides rapid
access to flexible and low-cost IT resources. With cloud computing, you don’t need to make large
upfront investments in hardware and spend a lot of time on the heavy lifting of managing that
hardware. Instead, you can provision exactly the right type and size of computing resources you
need to power your newest bright idea or operate your IT department. You can access as many
resources as you need, almost instantly, and only pay for what you use.

Cloud computing provides a simple way to access servers, storage, databases and a broad set of
application services over the internet. A cloud services platform such as Amazon Web Services
owns and maintains the network-connected hardware required for these application services, while
you provision and use what you need via a web application.

2
Overview of Amazon Web Services AWS Whitepaper

Six advantages of cloud computing

• Trade fixed expense for variable expense – Instead of having to invest heavily in data centers
and servers before you know how you’re going to use them, you can pay only when you consume
computing resources, and pay only for how much you consume.
• Benefit from massive economies of scale – By using cloud computing, you can achieve a lower
variable cost than you can get on your own. Because usage from hundreds of thousands of
customers is aggregated in the cloud, providers such as AWS can achieve higher economies of
scale, which translates into lower pay as-you-go prices.
• Stop guessing capacity – Eliminate guessing on your infrastructure capacity needs. When you
make a capacity decision prior to deploying an application, you often end up either sitting on
expensive idle resources or dealing with limited capacity. With cloud computing, these problems
go away. You can access as much or as little capacity as you need, and scale up and down as
required with only a few minutes’ notice.
• Increase speed and agility – In a cloud computing environment, new IT resources are only a
click away, which means that you reduce the time to make those resources available to your
developers from weeks to just minutes. This results in a dramatic increase in agility for the
organization, since the cost and time it takes to experiment and develop is significantly lower.
• Stop spending money running and maintaining data centers – Focus on projects that
differentiate your business, not the infrastructure. Cloud computing lets you focus on your own
customers, rather than on the heavy lifting of racking, stacking, and powering servers.
• Go global in minutes – Easily deploy your application in multiple regions around the world with
just a few clicks. This means you can provide lower latency and a better experience for your
customers at minimal cost.

3
Overview of Amazon Web Services AWS Whitepaper

Types of cloud computing

Cloud computing provides developers and IT departments with the ability to focus on what
matters most and avoid undifferentiated work such as procurement, maintenance, and capacity
planning. As cloud computing has grown in popularity, several different models and deployment
strategies have emerged to help meet specific needs of different users. Each type provides you with
different levels of control, flexibility, and management.

Deployment models

Cloud
A cloud-based application is fully deployed in the cloud and all parts of the application run in
the cloud. Applications in the cloud have either been created in the cloud or have been migrated
from an existing infrastructure to take advantage of the benefits of cloud computing. Cloud-
based applications can be built on low-level infrastructure pieces or can use higher level services
that provide abstraction from the management, architecting, and scaling requirements of core
infrastructure.

Private cloud (on-premises)

The deployment of resources on-premises, using virtualization and resource management tools, is
sometimes called the private cloud. On-premises deployment doesn’t provide many of the benefits
of cloud computing but it is sometimes sought for its ability to provide dedicated resources. In
most cases, this deployment model is the same as legacy IT infrastructure while using application
management and virtualization technologies to try and increase resource utilization. For more
information on how AWS can help, refer to Use case: Cloud services on-premises.

Hybrid
A hybrid deployment is a way to connect infrastructure and applications between cloud-based
resources and existing resources that are not located in the cloud. The most common method
of hybrid deployment is between the cloud and existing on-premises infrastructure to extend,
and grow, an organization's infrastructure into the cloud while connecting cloud resources to the
internal system. For more information on how AWS can help you with your hybrid deployment, visit
our Hybrid Cloud with AWS page.

Deployment models 4
Overview of Amazon Web Services AWS Whitepaper

Global infrastructure
The AWS Cloud infrastructure is built around AWS Regions and Availability Zones. An AWS
Region is a physical location in the world where we have multiple Availability Zones. Availability
Zones consist of one or more discrete data centers, each with redundant power, networking, and
connectivity, housed in separate facilities. These Availability Zones offer you the ability to operate
production applications and databases that are more highly available, fault tolerant, and scalable
than would be possible from a single data center. For the latest information on the AWS Cloud
Availability Zones and AWS Regions, refer to AWS Global Infrastructure.

5
Overview of Amazon Web Services AWS Whitepaper

Security and compliance

Security
Cloud security at AWS is the highest priority. As organizations embrace the scalability and flexibility
of the cloud, AWS is helping them evolve security, identity, and compliance into key business
enablers. AWS builds security into the core of our cloud infrastructure, and offers foundational
services to help organizations meet their unique security requirements in the cloud.

As an AWS customer, you will benefit from a data center and network architecture built to meet
the requirements of the most security-sensitive organizations. Security in the cloud is much like
security in your on-premises data centers—only without the costs of maintaining facilities and
hardware. In the cloud, you don’t have to manage physical servers or storage devices. Instead, you
use software-based security tools to monitor and protect the flow of information into and out of
your cloud resources.

An advantage of the AWS Cloud is that it allows you to scale and innovate, while maintaining a
secure environment and paying only for the services you use. This means that you can have the
security you need at a lower cost than in an on-premises environment.

As an AWS customer you inherit all the best practices of AWS policies, architecture, and operational
processes built to satisfy the requirements of our most security-sensitive customers. Get the
flexibility and agility you need in security controls.

The AWS Cloud enables a shared responsibility model. While AWS manages security of the cloud,
you are responsible for security in the cloud. This means that you retain control of the security you
choose to implement to protect your own content, platform, applications, systems, and networks
no differently than you would in an on-site data center.

AWS provides you with guidance and expertise through online resources, personnel, and partners.
AWS provides you with advisories for current issues, plus you have the opportunity to work with
AWS when you encounter security issues.

You get access to hundreds of tools and features to help you to meet your security objectives. AWS
provides security-specific tools and features across network security, configuration management,
access control, and data encryption.

Security 6
Overview of Amazon Web Services AWS Whitepaper

Finally, AWS environments are continuously audited, with certifications from accreditation bodies
across geographies and verticals. In the AWS environment, you can take advantage of automated
tools for asset inventory and privileged access reporting.

Benefits of AWS security

• Keep Your data safe — The AWS infrastructure puts strong safeguards in place to help protect
your privacy. All data is stored in highly secure AWS data centers.
• Meet compliance requirements — AWS manages dozens of compliance programs in its
infrastructure. This means that segments of your compliance have already been completed.
• Save money — Cut costs by using AWS data centers. Maintain the highest standard of security
without having to manage your own facility
• Scale quickly — Security scales with your AWS Cloud usage. No matter the size of your business,
the AWS infrastructure is designed to keep your data safe.

Compliance
AWS Cloud Compliance helps you understand the robust controls in place at AWS for security and
data protection in the cloud. Compliance is a shared responsibility between AWS and the customer,
and you can visit the Shared Responsibility Model to learn more. Customers can feel confident in
operating and building on top of the security controls AWS uses on its infrastructure.

The IT infrastructure that AWS provides to its customers is designed and managed in alignment
with best security practices and a variety of IT security standards. The following is a partial list of
assurance programs with which AWS complies:

• SOC 1/ISAE 3402, SOC 2, SOC 3

• FISMA, DIACAP, and FedRAMP
• PCI DSS Level 1
• ISO 9001, ISO 27001, ISO 27017, ISO 27018

AWS provides customers a wide range of information on its IT control environment in whitepapers,
reports, certifications, accreditations, and other third-party attestations. More information is
available in the Risk and Compliance whitepaper and the AWS Security Center.

Benefits of AWS security 7

Overview of Amazon Web Services AWS Whitepaper

AWS services by category

AWS consists of many cloud services that you can use in combinations tailored to your business
or organizational needs. This section introduces the major AWS services by category. Choose a
category to explore its services.

To access the services, you can use the AWS Management Console, the AWS Command Line
Interface (AWS CLI), or Software Development Kits (SDKs).

Topics
• Accessing AWS services
• Analytics
• Application integration
• Blockchain
• Business applications
• Cloud Financial Management
• Compute
• Customer enablement
• Containers
• Databases
• Developer tools
• End user computing
• Frontend web and mobile services
• Game tech
• Internet of Things (IoT)
• Machine Learning (ML) and Artificial Intelligence (AI)
• Management and governance
• Media
• Migration and transfer
• Networking and content delivery
• Quantum technologies
• Robotics

8
Overview of Amazon Web Services AWS Whitepaper

• Satellite
• Security, identity, and compliance
• Storage

Accessing AWS services

AWS Management Console

Access and manage Amazon Web Services through the AWS Management Console, a simple and
intuitive user interface. You can also use the AWS Management Console Application to quickly
view resources on the go.
AWS Command Line Interface (AWS CLI)

The AWS Command Line Interface (AWS CLI) is a unified tool to manage your AWS services.
With just one tool to download and configure, you can control multiple AWS services from the
command line and automate them through scripts.

AWS CloudShell, which can be found next to the search bar in the AWS Management Console,
provides a browser-based shell that is pre-authenticated with your console credentials. Using
CloudShell, you can quickly run AWS commands and scripts without leaving your web browser.
Software Development Kits (SDKs)

Our Software Development Kits (SDKs) simplify using AWS services in your applications with an
Application Program Interface (API) tailored to your programming language or platform.

Analytics

AWS provides a comprehensive set of analytics services that fit all your data analytics needs and
enables organizations of all sizes and industries to reinvent their business with data. From storage
and management, data governance, actions, and experiences, AWS offers purpose-built services
that provide the best price-performance, scalability, and lowest cost.

Each service is described after the diagram. To help you decide which service best meets your
needs, see Choosing an AWS analytics service. For general information, see Analytics on AWS.

Accessing AWS services 9