
AWS Explained: The Basics - mijndert
https://www.inqdo.com/aws-explained-the-basics/
======
mooreds
This is a good high level overview of AWS, though like all overviews there are
some details glossed over.

I was asked at an interview what developers need to know about AWS. I think
there are three things to keep in mind:

Consider higher level services for operational simplicity. Unless you are at a
certain scale, you'd never run your own object store, you'd use s3. I always
say if you are thinking about downloading and installing any software system
on a server, see if AWS has a managed offering and at least evaluate it.

Use the elasticity of the cloud. Shut things off. Build scaling systems but
make sure they scale both ways.

If you aren't automating you aren't doing it right. Tools like cloudformation
and terraform let you really treat your infrastructure like software and force
attitude changes.

Bonus: keep an eye on bandwidth costs, especially between AZs as these can be
shocking and can drive architecture.

Source: user of AWS for 10 years and former AWS instructor.

~~~
mijndert
Hi, Mijndert here, the writer of the article. Thanks for sharing your
insights. I agree I glossed over a few topics. I will expand on these from
here on out and go into more detail on some of the points you touched on.

~~~
mooreds
Just to be clear, I don't blame you for glossing over some of the
complexities. When I ask my auto mechanic what is wrong with the car I don't
want to know about the fundamentals of combustion and differentials. (Until I
do.)

~~~
mijndert
That's why this article will act as a starting point for an entire series on
different AWS services where I will go into greater detail.

------
jypepin
You know what I think is missing on internet?

A good guide to transition from heroku, where everything is handled and you
don't need to know anything, to AWS (or similar) where you end up having to
either manage _everything_ , or at least be aware of how things work and what
are all the tools available (beanstalk, etc).

I find it missing, and it makes me scared of transitioning, while still be
interested in learning more about server management / linux.

~~~
abledon
When __would__ one exactly transition from Heroku to AWS? Any specific metrics
to look at?

~~~
gaius
_When __would__ one exactly transition from Heroku to AWS?_

When they screw you on price/performance [https://genius.com/James-somers-
herokus-ugly-secret-annotate...](https://genius.com/James-somers-herokus-ugly-
secret-annotated)

~~~
abledon
Wow, their rap genius platform with inline annotations and comments is
actually one of the best blogging interfaces I've used. Blows medium out of
the water.

------
giarc
I'm reminded of this site, AWS In Plain English.

[https://www.expeditedssl.com/aws-in-plain-
english](https://www.expeditedssl.com/aws-in-plain-english)

------
niemyjski
AWS Explained ELI5: User Interface was written by an interns intern with the
only thing being consistent is how bad it is.

~~~
balls187
Yet, it's still heaps above better than their nearest competitors in Azure and
GCP.

The UI is great for learning about services, but automating via CLI (or
related services) is the ideal goal.

~~~
dijit
Can't speak for Azure as I don't use it, but I really have to call bullshit on
AWS UI being better than GCP.

GCP is discoverable and follows the principle of least surprise quite
consistently, and they show REST/CLI references for everything you're doing in
the web UI too.

I mean imagine you're a new user and ask yourself "what does route53 do?".
Then ask yourself "what does cloud DNS do?"

~~~
whorleater
GCP's services are nicely named, but the console dashboard is still a mess,
with them shifting around the items all the time. The half-foot into
stackdriver is also kinda weird.

~~~
mooreds
For naming in AWS, this is a must have resource:
[https://www.expeditedssl.com/aws-in-plain-
english](https://www.expeditedssl.com/aws-in-plain-english)

------
balls187
"Security groups allow you to set inbound and outbound firewall rules on your
network."

This is not correct. A SG is used to define per-instance inbound/outbound
firewall rules. To say this applies to the network is misleading. To use an
analogy--SG is like Windows Firewall.

Network-level "firewall" rules are done via Network ACL.

~~~
rellimevad
Yes and no. NACLs are, indeed, associated with a subnet so more of a
networking construct. It's somewhat a firewall, but it's also stateless which
is different than many (non-network engineer) people's mental model of a
firewall.

Security Groups have some key differences from a host-based firewall. A packet
destined for an EC2 instance will not make it to the instance IP stack and be
evaluated there, it will be evaluated before it gets there.

It depends on your audience. A web dev that's relatively new to syadmin
tasks... sure, it's like a host based firewall. For a syadmin or network
admin, that explanation might be more confusing than helpful.

~~~
felipelemos
But SG are related to a network interface, not with your network (which would
the VPC).

------
k__
Pretty cool!

I'm trying to get AWS certification next month and sucking up all info I can
get :D

Doing a cloud guru courses right now.

It's a whole new world for me coming from 10 years of front-end development.

~~~
davymac
Cloud guru courses seem like something I want to do but the first time I
watched one on Udemy (via work subscription), I couldn’t stand the presenter
because he spent half the time promoting his other products.

I’ll have to give it another go and see if I can make an “ignore this sales
pitch section” for others to save their ears/time.

~~~
hiddevb
Yeah, i feel you. I had the same problem in the beginning, but the promoting
mostly stops after the 10000 feet overview videos.

However, He likes to ramble on about stuff not so relevant to the course, so
setting your player speed to 1.5x is a good tip.

~~~
justadudeama
Yeah, the only thing I really found annoying by the end was him apologizing
for the same pronunciation at the beginning as at the end.

------
Androider
One thing I've noticed having worked with many clients, is that legacy
architectures that get moved to AWS start by creating subnets, NACLs, etc.
while for almost all AWS-first developed applications the Security Group is
the smallest unit you tend to address.

So a legacy architecture will for instance specify the "frontend servers
subnet" (and a unique SG, hopefully!), while a cloud-native architecture will
only specify a SG. I think, asking which subnet some machine is in, is kind of
like asking which core some process is running on at the moment: any one of
the subnets for any one of the availability zones in that region, and the next
one will automatically and on purpose be assigned to a different one by the
ALB/ASG combination.

------
syndacks
Hi,

Thanks for putting this together. I think you did a good job conveying a high
level overview of AWS while also giving enough detail to satisfy those who
want/need it.

This balance is a tricky thing to get right. I have a few pieces of feedback
I'd be happy to share with you if you'd like. Grammatical and story-arch wise,
not technical.

As a teacher turned developer who loves writing, these things fascinate me.

~~~
mijndert
Thanks for the kind words. I will gladly take your feedback. You can reach me
on [my hn username]@mijndertstuij.nl.

------
robohoe
I think a good bullet point would be to stress the differences between Region
vs Availability Zone vs Global services.

~~~
mijndert
Hi, Mijndert here, the writer of the article. From here on out this will be a
series in which I will go into detail on more AWS services. I will make sure
to include Regions vs AZ's in future articles. Thank you!

------
gamina
As a next step, check out this guide which dives in details within the
multitude of AWS components and their purposes, strengths, weaknesses, and
alternatives:

[https://github.com/open-guides/og-aws](https://github.com/open-guides/og-aws)

------
k__
Does anyone know how the PSI test centers work?

Can I schedule 3 exams at the same time and simply take them all at once?

