This "how-to" session will cover the basics to get started with AWS. After a brief overview, this session will dive into discussions of core AWS services and provide demonstrations of how to set up and utilize those services. Demonstrations and discussions will include: - Setting up and connecting to your first Elastic Compute Cloud (EC2) virtual machine - How to backup and restore your virtual machine instance - How to set an email alert for changes in your virtual machine instance - How to upload files to Amazon's Simple Storage Service (S3) and make them publicly available on the Internet
3. AWS sounds great! Let’s do this!
1. Create an account and configure basic security
2. Set up and connect to your first Elastic Compute
Cloud (EC2) instance
3. Backup and restore your virtual machine instance
4. Set an alert for changes in your EC2 instance
5. Upload files to Amazon Simple Storage Service
(S3) and make them publicly available on the
Internet
4. Free Tier
• Includes most of the AWS services
• Available for all new accounts
• Good for one year from the day the account is
created
• Everything we show today can be done
within the Free Tier!
• More details at http://aws.amazon.com/free
5. Step 1: Sign up and configure basic security
• Sign up though https://aws.amazon.com
• You need a credit card
• There will be a phone verification
6. Basic security: Creating IAM users
Using AWS Identity and Access
Management (IAM), you can
create and manage AWS users
and groups.
You can control what resources
each user has access to so you
can avoid overly permissive
accounts.
7. Enabling MFA
AWS allows you to require
Multi-Factor Authentication
(MFA) for your users through
physical-based or software-
based single use login tokens
to thwart stolen passwords and
key loggers as an attack
vector.
12. Creating a security group
• Security groups are firewalls for your instances
• By default, the security group blocks everything
• Choose which protocols & ports are open
– Can use port ranges (e.g., 22-24)
• Choose which addresses the ports
are open to
– Uses CIDR rules for IP address access
– (use /32 for allowing a single address)
14. Start a new instance
• Instances are virtual machines running in the cloud
• You have full control of the instance and can install
any software that you choose
• In this process, you define what kind of machine you
want (processing power, HD space, etc.)
• You will need:
– A key pair to connect to your instance via SSH
– A security group to put your instance in
16. Connecting to a Linux instance
• OS X
– Open a terminal window
– ssh -i {ssh private key location} ec2-user@{public DNS
name}
• Windows
– Download/Install PuTTY
– Convert .pem file to .ppk with PuTTYgen
– Create a connection in PuTTY
17. Connecting to a Windows instance
• From OS X
– Download Microsoft Remote Desktop Client (app store)
– Connect to {EC2 instance public DNS Name}
• From Windows
– Windows + r or start and then the “run” option
– mstsc /v:{EC2 instance public DNS Name}
19. Step 3: Backing up and restoring an EC2 instance
• Elastic Block Store (EBS) is block-level storage
for EC2 instances (think HDD)
• EBS volumes can be removed and re-attached
• Custom volume sizes from 16 TB – 1 GB (RAID
for larger)
• Use Provisioned IOPS for predictable I/O
• General Purpose (SSD) volumes
21. Restoring a snapshot / creating an AMI
• AMIs are Amazon Machine Images
• AMIs are bootable versions of a snapshot
(backup)
• AMIs are private, but you can choose to share
them with others
23. Step 4: Set up alerts in CloudWatch
• CloudWatch provides monitoring information for your
EC2 instances
• CloudWatch allows you to specify actions to take when a
condition is met
– Example 1: Send an email when CPU utilization >80% for 5 minutes
– Example 2: Add another machine to an Auto Scaling group if average disk
read IOPS across an Auto Scaling group exceeds 500
– Example 3: Remove a machine from an Auto Scaling group if network input
drops below 2,000 bytes
25. Step 5: Try out S3!
• S3 is Amazon Simple Storage Service
• Store and retrieve any amount of data from anywhere in
the world
• Highly scalable and durable
• Encryption available
• Storage is isolated by AWS region
• Object-level permissions
• Easily accessible
27. What we covered:
1. Creating an account and configuring basic security
2. Setting up and connecting to your first Elastic
Compute Cloud (EC2) virtual machine
3. Backing up and restoring your virtual machine
instance
4. Setting an alert for changes in your EC2 instance
5. Uploading files to S3 and making them publicly
available on the Internet
28. Your feedback is important to AWS
Please complete the session evaluation. Tell us what you think!