Blog by Vivek

Day 3 of AWS essentials

Day 3 of AWS essentials

Vivek Potdar's photo
Vivek Potdar
·

4 min read

Contents :

  • Aws Console

  • Aws CLI

  • Aws SDK's

  • Aws Responsibility & Security

Interacting with AWS

When you own the infrastructure, it's easy to understand how you interact with it because you can see it, touch it, and work with it on every level. If I have a server that I've stood up in my closet, interacting with that server is easy because it's mine. I can touch it. When I remove the ability for me to touch and see something, like when the infrastructure becomes virtual, the way that I work with that infrastructure has to change a bit. Instead of physically managing my infrastructure, now I logically manage it through the AWS Application Program Interface, or API. So now when I create, delete, or change any AWS resource, whether it's a virtual server or a storage system for employee photos, I use API calls to AWS to do that.

Every action that you make in AWS is an API call that is authenticated and authorized. In AWS, you can make API calls to services and resources through the AWS Management Console, AWS Command Line Interface (AWS CLI), or AWS SDKs.

AWS Management Console

One way to manage cloud resources is through the web-based console, where you log in and choose the desired service. This can be the easiest way to create and manage resources when you first begin working with the cloud. The following is a screenshot that shows the landing page when you first log in to the console. In the upper-left corner, you can choose Services to view AWS services grouped by categories, such as Compute, Storage, Database, and Analytics.

AWS CLI

Consider the scenario where you run many servers on AWS for your application’s frontend. You want to run a report to collect data from all the servers. You need to do this programmatically every day because the server details might change. Instead of manually logging in to the console and then copying and pasting information, you can schedule an AWS CLI script with an API call to pull this data for you.

The AWS CLI is a unified tool that you can use to manage AWS services. You can download and configure one tool that you can use to control multiple AWS services from the command line, and automate them with scripts. The AWS CLI is open source, and installers are available for Windows, Linux, and macOS.

AWS SDKs

API calls to AWS can also be performed by running code with programming languages. You can do this by using AWS SDKs. SDKs are open source and maintained by AWS for the most popular programming languages, such as C++, Go, Java, JavaScript, .NET, Node.js, PHP, Python, Ruby, Rust, and Swift.

Developers commonly use AWS SDKs to integrate their application source code with AWS services. For example, consider an application with a frontend that runs in Python. Every time the application receives a photo, it uploads the file to a storage service. This action can be achieved in the source code by using the AWS SDK for Python (Boto3)

Security and the Responsibility

In order to begin using AWS effectively, it's important to understand how security works in the cloud. You already know that by using AWS, you won't be managing every single aspect of hosting your solutions. You will rely on AWS to manage portions of your workloads for you taking care of that undifferentiated heavy lifting, like running the day-to-day operations of the data centers and managing the various virtualization techniques employed to keep your AWS account isolated from, say my AWS account. When you work with the AWS Cloud, managing security and compliance is a shared responsibility between AWS and you. To depict this shared responsibility, AWS created the shared responsibility model. The distinction of responsibility is commonly referred to as security of the cloud as compared to security in the cloud.

AWS responsibility

AWS is responsible for security of the cloud. This means that AWS protects and secures the infrastructure that runs the services offered in the AWS Cloud. AWS is responsible for the following:

  • Protecting and securing AWS Regions, Availability Zones, and data centers, down to the physical security of the buildings

  • Managing the hardware, software, and networking components that run AWS services, such as the physical servers, host operating systems, virtualization layers, and AWS networking components

AWSCloud