AWS For Admins For Dummies
Book image
Explore Book Buy On Amazon
Amazon Web Services (AWS) started as a relatively small web service designed to make programmatic access of Amazon data easier. You could do all sorts of interesting things, such as search for products, upload your own product listings, perform sales tasks, and make purchases, but at the outset, everything focused on Amazon. Today AWS is a huge undertaking that focuses on your organization and its needs.

You can move all or part of your organization's computing needs to the cloud using AWS. You can interact with other organizations as well. In fact, almost anything you can do with a homegrown solution, you can do with AWS.

Because AWS can do so much, getting up and running with AWS could take longer than you want, prove to be error prone in some cases, and create frustration. The point of this article is to provide you with ten methods you can use to reduce the learning-curve time, keep errors to a minimum, and minimize your frustration.

Start Slowly

You get 12 months in which to try specific AWS services free. If you start with one of the harder services, such as EFS, you risk spending a good amount of that time overcoming obstacles rather than getting useful work done — a recipe for frustration. Begin by using one of the simpler services, such as S3, instead. After that, move on to services with progressively greater learning requirements to discover how AWS works before you make any decisions about it. Even though every IT endeavor today seems to have a "due yesterday" date on it, trying to tackle something like AWS without enough ramp-up time can waste more time than it saves.

After you've gained enough experience with AWS, start working with small test sets of your organization's data and performing simple tasks on AWS with it. Look at AWS with a critical eye, because you need to determine whether some moves are even feasible (or prudent, if so). For most administrators, working in the cloud is an entirely different experience from what they're used to, so moving too quickly is potentially the worst possible way to get started.

Research AWS Interactivity with Third-Party Products

You likely have a number of third-party solutions already in place for your organization. For example, you probably have a favored Database Management System (DBMS) that you use. Although AWS provides a broad range of support for various products, it doesn't support every product out there. In fact, no single cloud vendor can support every possible combination of products and services.

Consequently, you need to determine whether AWS provides support for all the products you use. Don't be tempted to move to other products in an effort to force AWS as a cloud-based solution for your organization. Even if you believe that doing so could result in better efficiencies and lower costs, making this strategy work is nearly impossible. Therefore, always ensure that AWS supports your products of choice before you begin doing anything with it.

The problem with AWS is that, even when you find out that a service seems to provide the kind of support you need, it may not provide full support, or it may provide variant support that could create compatibility issues with yet other third-party products.

Develop a Plan for Sensitive Data

The various storage solutions also give you information about sensitive data. Just what constitutes sensitive data depends on your organization requirements. You may have legal or other requirements beyond those defined as best business practices to meet. Any plan you create for using AWS as your cloud solution must include a strategy for meeting these requirements.

Many businesses fail to realize that no cloud solution will fulfill their legal requirements with regard to data safety. The cloud works only when you can maintain the proper (and legally required) data safety net. It's best to determine these requirements sooner than later in your AWS adventure because making changes to a data solution later is extremely expensive when it comes to time and resources. Unfortunately, Amazon can't advise you in this regard: Data safety is a requirement that you must address as part of your own cloud strategy planning.

Use Tools to Enhance Productivity

Tools enable you to focus more fully on getting a task done than on how to perform the task. Having the right tools in your toolbox can significantly reduce the time required to perform a task because you rely less on your memory to know how to perform the task and more on the capabilities of the tool. Fortunately, you have access to all sorts of tools when working with AWS, including the following:
  • Built-in: You have access to all the built-in tools.
  • Third party: Vendors such as Scalr, RightScale, Hybridfox, CloudMGR, and Enstratius all offer strong management platforms for AWS.
  • Developer: Some developer tools can lend themselves to administrator use as well.

Choose the Right Service

Amazon often offers multiple services that can answer a particular need. The issue is one of choosing the right service at the outset so that you don't waste time trying to set up and configure a service that Amazon didn't design to do the job. Because of the extreme level of monitoring that Amazon uses when you work with its services, you shouldn't be surprised to see that Amazon anticipates your future needs. Each of these storage options comes with myriad configuration options, so you can easily become lost just by trying to make a choice of which storage option to use, never mind the other services you might need to use.

The Amazon documentation often leaves you wondering about the various service options. Even watching the videos and interacting with the other kinds of information that Amazon makes available may not help you make a decision. The secret to the problem of which service to choose is to look at who else is using that service, define how they're using it, and consider what restrictions they put in place when using it. Other organizations have already paved the way to using many of the AWS services you need for your organization, so learning from the mistakes these other organizations have made is key in reducing the time it takes to create your own solution.

Ensure That Your Plan Considers Loss of Control

Most administrators are used to having godlike control over the systems they manage. However, when working in the cloud, you need to consider the fact that the cloud provider now has the godlike control, and you have only a subset of the administration rights you used to have. The host determines what your rights are, when you can have them, and how you use them. This loss of control means that administrators may now find themselves in a position of having to ask permission to perform certain tasks or of requesting that the host perform the task for them

Fortunately, Amazon documents most of the cases that require you to ask permission to do something or have someone at Amazon do it for you. The documentation normally contains an email address for contact and, theoretically, you can get the task done quite quickly — usually in less than a day. That's not the point, though. The issue is that you no longer have full control, so you need to know in advance when you need to obtain permission to perform certain tasks and create a plan for asking for these permissions as soon as you are able so that your deployment isn't held up while waiting for Amazon to respond.

Look for All-in-One Solutions That Aren't

The documentation for AWS Identity and Access Management (IAM) leads you to believe that it can provide everything needed to ensure that your users can authenticate quickly and gain access to the applications and data needed to perform tasks.

However, reality is different from theory in this case. Most organizations today must deal with mobile users. A user may want to access the same application from a smartphone, tablet, and PC. The user wants the data used with that application to appear on all three devices and may even use multiple devices simultaneously to work with the data. To provide a seamless mobile experience, you also need to work with Amazon Cognito.

Unfortunately, now you have another problem. This solution provides a number of methods for authenticating users. For example, you can rely on social identity providers such as Facebook, Twitter, or Amazon. The users might be happy about this situation, but Health Insurance Portability and Accountability Act (HIPAA) requirements may make this sort of authentication impossible (or, at least, ill advised). To ensure that you can get up and running quickly, be certain that you understand the following:

  • What level of support each service provides
  • Other services that you might need to obtain a full solution
  • Limits of each service that could impact your business
  • Potential service problems that could cause legal or other issues that you must work out before using AWS

Spend Free Time Where You Need It Most

An important part of the AWS ramp-up experience is to use the free-tier time wisely. The main service that you need to know about is EC2 because so many of the other services rely on it to perform essential tasks. The more you can learn about EC2 by playing around with it on Amazon's nickel, the faster you'll get your cloud-based strategy running. To gain a basic idea of how things will work with your cloud-based solution at the outset, focus your time on these services:
  • EC2 (computing)
  • S3, EBS, and EFS (storage solutions)
  • IAM and Cognito (security)
Getting these services down will help you develop a strategy for deploying your data faster. Working through data and security issues is a requirement. Trying to work with complicated services or to deploy applications before you have a good understanding of the basics will cause you to waste considerable time and effort. The need to work through these issues in a reasonably straightforward manner is the reason that this book takes the path that it does through the various services. Yes, you can take other paths, but be sure to build a great foundation for later efforts. Doing so will make you more efficient and help you understand when moving your current needs to the cloud is not a good idea.

Work with Templates

Amazon CloudFormation enables you to automate some processes through templates. You won't really need this particular service when working with simple setups that involve just one or two EC2 instances. However, as you begin to add complexity to your setup, the need to use templates to manage application resource requirements becomes more important. In short, during your experimentation phase, you need to look at Amazon CloudFormation to determine how it will help you manage tasks as you begin to move toward a production deployment.

The various consoles and the templates provided by them will make your job considerably easier. Yes, you do gain control by using the CLI, but the advantage of using the console is that you don't have to remember a lot of arcane parameters and the precise syntax for issues commands that the CLI requires.

Discover Implied Third-Party Use

Amazon also makes use of the cloud for its services. For example, Amazon's ElasticSearch Service is part of AWS. The use of similar terms for two different products might prove confusing, and it's important that you understand when Amazon fully supports a service as opposed to merely providing an interface to someone else's service.

The implication of using a third-party service within AWS is that you need to perform additional research about that third party. All the research that you performed to ensure that AWS would work as your cloud-based solution also applies to that third party. If you don't perform the required research at the outset, you might find later that using the third-party product (even though you access it through AWS) breaks a legal or other requirement that your organization must meet.

About This Article

This article is from the book:

About the book author:

John Paul Mueller is a prolific technical writer and editor with 101 books and 600 articles to his credit. His topics range from networking and home security to database management and heads-down programming, and his editing skills have helped more than 63 authors refine their manuscripts. Visit his blog at http://blog.johnmuellerbooks.com/.

This article can be found in the category: