Amazon Web Services (AWS)
Cloud Platform
Amazon Web Services (AWS)
Overview
Amazon Web Services (AWS) is the world's largest cloud service provider, offering a comprehensive cloud platform with over 200 services. Since its launch in 2006, AWS has established itself as a core enabler of digital transformation for enterprises, providing cloud solutions across computing, storage, databases, networking, machine learning, analytics, security, and many other areas. Operating 33 regions and 105 availability zones globally, AWS enables businesses worldwide to access reliable, scalable, and cost-effective cloud services.
Details
As of 2025, AWS maintains approximately 33% market share as the cloud leader, continuing its innovation and new service rollouts. Key services include Amazon EC2 for virtual servers, Amazon S3 for object storage, Amazon RDS for managed databases, Amazon SageMaker for machine learning platforms, and AWS Lambda for serverless computing. Notable 2025 features include 25% power efficiency improvements with Graviton3 processors, enhanced S3 Glacier fast data retrieval, expanded SageMaker pre-trained models, and strengthened real-time analytics capabilities. The pay-as-you-use pricing model provides flexible cost structure, charging only for resources consumed, accommodating businesses from startups to large enterprises. Enterprise-level security, compliance certifications, and 24/7 support are also key characteristics.
Pros and Cons
Pros
- Extensive Service Portfolio: Over 200 comprehensive cloud services for unified management
- Global Infrastructure: Wide coverage with 33 regions and 105 availability zones
- High Reliability: 99.9%+ SLA guarantee and enterprise-grade availability
- Flexible Pricing: Cost optimization through pay-as-you-go, reserved instances, and spot instances
- Rich Ecosystem: Vast community, educational resources, and partner networks
- Advanced Machine Learning: Comprehensive AI/ML solutions with SageMaker, Rekognition, and Comprehend
- Security: Multi-layered defense architecture with extensive compliance certifications
Cons
- Complexity: High learning curve due to numerous services and configuration options
- Unexpected Billing: Risk of unexpectedly high charges due to complex pricing structure
- Vendor Lock-in: Difficulty migrating to other clouds due to AWS-specific service dependencies
- Console Operations: Complex UI with frequent changes making operations difficult to master
- Support Costs: Additional fees required for production support
- Regional Constraints: Some new services available only in specific regions
Reference Pages
- AWS Official Site
- AWS Documentation
- AWS Pricing
- AWS Well-Architected Framework
- AWS Free Tier
- AWS Training and Certification
Code Examples
Basic Setup and Account Configuration
# Install AWS CLI
curl "https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip" -o "awscliv2.zip"
unzip awscliv2.zip
sudo ./aws/install
# Configure AWS CLI
aws configure
# AWS Access Key ID: YOUR_ACCESS_KEY
# AWS Secret Access Key: YOUR_SECRET_KEY
# Default region name: us-east-1
# Default output format: json
# Profile configuration (multiple account management)
aws configure --profile production
aws configure --profile development
# Verify configuration
aws sts get-caller-identity
aws sts get-caller-identity --profile production
# List available regions
aws ec2 describe-regions --output table
# Display current AWS account information
aws sts get-caller-identity --query 'Account' --output text
Compute Services (VMs, Containers)
# EC2 instance creation with Boto3
import boto3
from datetime import datetime
ec2 = boto3.resource('ec2', region_name='us-east-1')
# Create EC2 instance
instances = ec2.create_instances(
ImageId='ami-0c3fd0f5d33134a76', # Amazon Linux 2023
MinCount=1,
MaxCount=1,
InstanceType='t3.micro',
KeyName='my-key-pair',
SecurityGroupIds=['sg-12345678'],
SubnetId='subnet-12345678',
TagSpecifications=[
{
'ResourceType': 'instance',
'Tags': [
{'Key': 'Name', 'Value': 'MyWebServer'},
{'Key': 'Environment', 'Value': 'Production'},
{'Key': 'Project', 'Value': 'WebApp'}
]
}
],
UserData='''#!/bin/bash
yum update -y
yum install -y httpd
systemctl start httpd
systemctl enable httpd
echo "<h1>Hello from AWS EC2!</h1>" > /var/www/html/index.html
'''
)
print(f"Instance created: {instances[0].id}")
# ECS Fargate task definition
import json
ecs = boto3.client('ecs')
task_definition = {
"family": "web-app-task",
"networkMode": "awsvpc",
"requiresCompatibilities": ["FARGATE"],
"cpu": "256",
"memory": "512",
"executionRoleArn": "arn:aws:iam::123456789012:role/ecsTaskExecutionRole",
"taskRoleArn": "arn:aws:iam::123456789012:role/ecsTaskRole",
"containerDefinitions": [
{
"name": "web-server",
"image": "nginx:latest",
"portMappings": [
{
"containerPort": 80,
"protocol": "tcp"
}
],
"essential": True,
"logConfiguration": {
"logDriver": "awslogs",
"options": {
"awslogs-group": "/ecs/web-app",
"awslogs-region": "us-east-1",
"awslogs-stream-prefix": "ecs"
}
},
"environment": [
{"name": "ENV", "value": "production"},
{"name": "DEBUG", "value": "false"}
]
}
]
}
response = ecs.register_task_definition(**task_definition)
print(f"Task definition registered: {response['taskDefinition']['taskDefinitionArn']}")
Storage and Database Services
# S3 bucket operations
import boto3
from botocore.exceptions import ClientError
s3 = boto3.client('s3')
# Create bucket with versioning and encryption
bucket_name = f"my-app-bucket-{datetime.now().strftime('%Y%m%d%H%M%S')}"
try:
s3.create_bucket(
Bucket=bucket_name,
CreateBucketConfiguration={'LocationConstraint': 'us-west-2'}
)
# Enable versioning
s3.put_bucket_versioning(
Bucket=bucket_name,
VersioningConfiguration={'Status': 'Enabled'}
)
# Enable server-side encryption
s3.put_bucket_encryption(
Bucket=bucket_name,
ServerSideEncryptionConfiguration={
'Rules': [
{
'ApplyServerSideEncryptionByDefault': {
'SSEAlgorithm': 'AES256'
}
}
]
}
)
# Upload file with metadata
s3.upload_file(
'local-file.txt',
bucket_name,
'uploads/file.txt',
ExtraArgs={
'ServerSideEncryption': 'AES256',
'Metadata': {
'author': 'user123',
'purpose': 'demo'
}
}
)
except ClientError as e:
print(f"Error: {e}")
# RDS database instance
rds = boto3.client('rds')
try:
response = rds.create_db_instance(
DBInstanceIdentifier='webapp-postgres',
DBInstanceClass='db.t3.micro',
Engine='postgres',
EngineVersion='14.9',
AllocatedStorage=20,
StorageType='gp2',
DBName='webappdb',
MasterUsername='admin',
MasterUserPassword='SecurePassword123!',
VpcSecurityGroupIds=['sg-12345678'],
BackupRetentionPeriod=7,
MultiAZ=False,
StorageEncrypted=True,
Tags=[
{'Key': 'Environment', 'Value': 'production'},
{'Key': 'Application', 'Value': 'webapp'}
]
)
print(f"RDS instance creating: {response['DBInstance']['DBInstanceIdentifier']}")
except ClientError as e:
print(f"Error creating RDS: {e}")
# DynamoDB table operations
dynamodb = boto3.resource('dynamodb', region_name='us-east-1')
table = dynamodb.create_table(
TableName='Users',
KeySchema=[
{'AttributeName': 'user_id', 'KeyType': 'HASH'},
{'AttributeName': 'created_at', 'KeyType': 'RANGE'}
],
AttributeDefinitions=[
{'AttributeName': 'user_id', 'AttributeType': 'S'},
{'AttributeName': 'created_at', 'AttributeType': 'S'}
],
BillingMode='PAY_PER_REQUEST',
Tags=[
{'Key': 'Environment', 'Value': 'production'}
]
)
# Insert data
table.put_item(
Item={
'user_id': 'user123',
'created_at': datetime.now().isoformat(),
'name': 'John Doe',
'email': '[email protected]',
'status': 'active'
}
)
Networking and Security
# VPC and Security Group setup
import boto3
ec2 = boto3.client('ec2')
# Create VPC
vpc_response = ec2.create_vpc(
CidrBlock='10.0.0.0/16',
TagSpecifications=[
{
'ResourceType': 'vpc',
'Tags': [
{'Key': 'Name', 'Value': 'MyVPC'},
{'Key': 'Environment', 'Value': 'production'}
]
}
]
)
vpc_id = vpc_response['Vpc']['VpcId']
# Create Internet Gateway
igw_response = ec2.create_internet_gateway(
TagSpecifications=[
{
'ResourceType': 'internet-gateway',
'Tags': [{'Key': 'Name', 'Value': 'MyIGW'}]
}
]
)
igw_id = igw_response['InternetGateway']['InternetGatewayId']
# Attach Internet Gateway to VPC
ec2.attach_internet_gateway(
InternetGatewayId=igw_id,
VpcId=vpc_id
)
# Create public subnet
public_subnet = ec2.create_subnet(
VpcId=vpc_id,
CidrBlock='10.0.1.0/24',
AvailabilityZone='us-east-1a',
TagSpecifications=[
{
'ResourceType': 'subnet',
'Tags': [
{'Key': 'Name', 'Value': 'PublicSubnet'},
{'Key': 'Type', 'Value': 'Public'}
]
}
]
)
# Create private subnet
private_subnet = ec2.create_subnet(
VpcId=vpc_id,
CidrBlock='10.0.2.0/24',
AvailabilityZone='us-east-1b',
TagSpecifications=[
{
'ResourceType': 'subnet',
'Tags': [
{'Key': 'Name', 'Value': 'PrivateSubnet'},
{'Key': 'Type', 'Value': 'Private'}
]
}
]
)
# Create security group
sg_response = ec2.create_security_group(
GroupName='WebServerSG',
Description='Security group for web servers',
VpcId=vpc_id
)
sg_id = sg_response['GroupId']
# Add inbound rules
ec2.authorize_security_group_ingress(
GroupId=sg_id,
IpPermissions=[
{
'IpProtocol': 'tcp',
'FromPort': 80,
'ToPort': 80,
'IpRanges': [{'CidrIp': '0.0.0.0/0', 'Description': 'HTTP access'}]
},
{
'IpProtocol': 'tcp',
'FromPort': 443,
'ToPort': 443,
'IpRanges': [{'CidrIp': '0.0.0.0/0', 'Description': 'HTTPS access'}]
},
{
'IpProtocol': 'tcp',
'FromPort': 22,
'ToPort': 22,
'IpRanges': [{'CidrIp': '10.0.0.0/16', 'Description': 'SSH from VPC'}]
}
]
)
Serverless and Functions
# Lambda function creation and deployment
import boto3
import json
import zipfile
import io
lambda_client = boto3.client('lambda')
# Lambda function code
lambda_code = '''
import json
import boto3
from datetime import datetime
def lambda_handler(event, context):
# Log the incoming event
print(f"Received event: {json.dumps(event)}")
# Process the request
body = json.loads(event.get('body', '{}')) if event.get('body') else {}
name = body.get('name', 'World')
# Interact with other AWS services
dynamodb = boto3.resource('dynamodb')
table = dynamodb.Table('RequestLogs')
# Store request log
table.put_item(
Item={
'request_id': context.aws_request_id,
'timestamp': datetime.now().isoformat(),
'name': name,
'source_ip': event.get('requestContext', {}).get('identity', {}).get('sourceIp')
}
)
return {
'statusCode': 200,
'headers': {
'Content-Type': 'application/json',
'Access-Control-Allow-Origin': '*'
},
'body': json.dumps({
'message': f'Hello, {name}!',
'timestamp': datetime.now().isoformat(),
'request_id': context.aws_request_id
})
}
'''
# Create deployment package
zip_buffer = io.BytesIO()
with zipfile.ZipFile(zip_buffer, 'w') as zip_file:
zip_file.writestr('lambda_function.py', lambda_code)
zip_buffer.seek(0)
# Create Lambda function
try:
response = lambda_client.create_function(
FunctionName='hello-api',
Runtime='python3.9',
Role='arn:aws:iam::123456789012:role/lambda-execution-role',
Handler='lambda_function.lambda_handler',
Code={'ZipFile': zip_buffer.read()},
Timeout=30,
MemorySize=256,
Environment={
'Variables': {
'ENVIRONMENT': 'production',
'LOG_LEVEL': 'INFO'
}
},
Tags={
'Environment': 'production',
'Application': 'web-api'
}
)
print(f"Lambda function created: {response['FunctionArn']}")
except Exception as e:
print(f"Error creating Lambda: {e}")
# Step Functions state machine
stepfunctions = boto3.client('stepfunctions')
state_machine_definition = {
"Comment": "Order processing workflow",
"StartAt": "ValidateOrder",
"States": {
"ValidateOrder": {
"Type": "Task",
"Resource": "arn:aws:lambda:us-east-1:123456789012:function:validate-order",
"Next": "ProcessPayment",
"Catch": [
{
"ErrorEquals": ["ValidationError"],
"Next": "OrderFailed"
}
]
},
"ProcessPayment": {
"Type": "Task",
"Resource": "arn:aws:lambda:us-east-1:123456789012:function:process-payment",
"Next": "SendConfirmation",
"Retry": [
{
"ErrorEquals": ["PaymentTimeout"],
"IntervalSeconds": 5,
"MaxAttempts": 3
}
]
},
"SendConfirmation": {
"Type": "Task",
"Resource": "arn:aws:lambda:us-east-1:123456789012:function:send-confirmation",
"End": True
},
"OrderFailed": {
"Type": "Fail",
"Cause": "Order validation failed"
}
}
}
try:
sm_response = stepfunctions.create_state_machine(
name='OrderProcessingWorkflow',
definition=json.dumps(state_machine_definition),
roleArn='arn:aws:iam::123456789012:role/StepFunctionsRole'
)
print(f"State machine created: {sm_response['stateMachineArn']}")
except Exception as e:
print(f"Error creating state machine: {e}")
Monitoring and DevOps Integration
# CloudWatch monitoring and alerting
import boto3
cloudwatch = boto3.client('cloudwatch')
# Create custom metric
cloudwatch.put_metric_data(
Namespace='MyApp/Performance',
MetricData=[
{
'MetricName': 'ApiResponseTime',
'Value': 150.5,
'Unit': 'Milliseconds',
'Dimensions': [
{
'Name': 'Environment',
'Value': 'Production'
},
{
'Name': 'ApiEndpoint',
'Value': '/api/users'
}
]
}
]
)
# Create CloudWatch alarm
cloudwatch.put_metric_alarm(
AlarmName='HighApiResponseTime',
ComparisonOperator='GreaterThanThreshold',
EvaluationPeriods=2,
MetricName='ApiResponseTime',
Namespace='MyApp/Performance',
Period=300,
Statistic='Average',
Threshold=500.0,
ActionsEnabled=True,
AlarmActions=[
'arn:aws:sns:us-east-1:123456789012:api-alerts'
],
AlarmDescription='Alert when API response time exceeds 500ms',
Dimensions=[
{
'Name': 'Environment',
'Value': 'Production'
}
]
)
# CloudFormation template for infrastructure as code
cloudformation_template = {
"AWSTemplateFormatVersion": "2010-09-09",
"Description": "Web application infrastructure",
"Parameters": {
"Environment": {
"Type": "String",
"Default": "production",
"AllowedValues": ["development", "staging", "production"]
}
},
"Resources": {
"WebServerRole": {
"Type": "AWS::IAM::Role",
"Properties": {
"AssumeRolePolicyDocument": {
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Principal": {"Service": "ec2.amazonaws.com"},
"Action": "sts:AssumeRole"
}
]
},
"ManagedPolicyArns": [
"arn:aws:iam::aws:policy/CloudWatchAgentServerPolicy"
]
}
},
"WebServerInstanceProfile": {
"Type": "AWS::IAM::InstanceProfile",
"Properties": {
"Roles": [{"Ref": "WebServerRole"}]
}
},
"LoadBalancer": {
"Type": "AWS::ElasticLoadBalancingV2::LoadBalancer",
"Properties": {
"Name": {"Fn::Sub": "${Environment}-web-lb"},
"Scheme": "internet-facing",
"Type": "application",
"Subnets": [
"subnet-12345678",
"subnet-87654321"
],
"SecurityGroups": ["sg-12345678"]
}
}
},
"Outputs": {
"LoadBalancerDNS": {
"Description": "Load balancer DNS name",
"Value": {"Fn::GetAtt": ["LoadBalancer", "DNSName"]},
"Export": {
"Name": {"Fn::Sub": "${Environment}-LoadBalancerDNS"}
}
}
}
}
# Deploy CloudFormation stack
cloudformation = boto3.client('cloudformation')
try:
response = cloudformation.create_stack(
StackName='web-app-infrastructure',
TemplateBody=json.dumps(cloudformation_template),
Parameters=[
{
'ParameterKey': 'Environment',
'ParameterValue': 'production'
}
],
Capabilities=['CAPABILITY_IAM'],
Tags=[
{'Key': 'Environment', 'Value': 'production'},
{'Key': 'Project', 'Value': 'web-app'}
]
)
print(f"CloudFormation stack creating: {response['StackId']}")
except Exception as e:
print(f"Error creating stack: {e}")
AWS provides comprehensive cloud services enabling the construction of scalable and reliable applications. With its rich service portfolio and powerful ecosystem, it can meet business needs of any scale.