NTNU Tech Talks : Smartening up a Pi Zero Security Camera with Amazon Web Services and Node.js
Architecting applications on amazon web services with node.js
-
Upload
henry-fougere -
Category
Education
-
view
100 -
download
5
Transcript of Architecting applications on amazon web services with node.js
Architecting Applications on Amazon Web Services with Node.js
Speaker: Henry FougereCurrent Role:
Director, Tech Lead, Software Engineering & Delivery
Experience:15+ Years Full Stack Developer5 Years Using AWS
When I’m not doing technology stuff, I enjoy: Marathon Running
PhotographyGraphic DesignTennis, SoccerLongs walks on the beach
What are we building today???
VPC - Virtual Private Cloud10.0.0.0/26Start: 10.0.0.02^ (32-26) = 2^ 6 = 64End: 10.0.0.63
Internet Gateway: communication between instances in VPC and the Internethorizontally scaled, redundant, highly available- Default VPC has an Internet Gateway- 1 IGW per VPC- VPC spans all availability zones
Route Tables: contain a set of rules called routes that determine where traffic is directed- restricted to 1 availability zone
VPC (cont.)
VPC - Virtual Private Cloud
● Fully managed NoSQL database service
● Provides fast and predictable performance
● Don't have to worry about hardware provisioning, setup and configuration, replication, software
patching, or cluster scaling
● Core components: Tables, Items, and Attributes
● Partition key – A simple primary key
● Partition key and sort key – Referred to as a composite primary key
DynamoDB
DynamoDB
● First service launched by Amazon back in 2006
● S3 is used to store and retrieve any amount of data at any time
● Can be integrated with other services such as Lambda and CloudFront.
● Amazon S3 objects can range in size from a minimum of 0 bytes to a maximum of 5 terabytes.
● The largest object that can be uploaded in a single PUT is 5 gigabytes.
● There are three highly durable storage classes:
○ Amazon S3 Standard for general-purpose storage of frequently accessed data
○ Amazon S3 Standard - Infrequent Access for long-lived, but less frequently accessed data
○ Amazon Glacier for long-term archive.
S3 (Simple Storage Service)
S3 (Simple Storage Service)
● Amazon CloudFront is a global content delivery network (CDN) service
● Deep Integration with key AWS Services such as Amazon S3, AWS Lambda and API Gateway
● Securely delivers data, videos, applications, and APIs to your viewers with low latency and high
transfer speeds.
● Optimized for low latency and high data transfer speeds.
CloudFront (CDN)
CloudFront (CDN)
● Securely control access to AWS services and resources
● Create and manage users and groups
● Use permissions to allow and deny access to AWS resources.
● IAM is a feature of your AWS account offered at no additional charge.
● You will be charged only for use of other AWS services by your users.
IAM - Identity and Access Management
IAM - Identity and Access Management
● Run code without provisioning or managing servers.
● You pay only for time your code is running.
● Run code for any type of application or backend service - all with zero administration.
● Takes care of everything required to run and scale your code with high availability.
● Set up your code to automatically trigger from other AWS services or call it directly from any web or
mobile app.
Lambda
Lambda
● Run code without provisioning or managing servers.
● You pay only for time your code is running.
● Run code for any type of application or backend service - all with zero administration.
● Takes care of everything required to run and scale your code with high availability.
● Set up your code to automatically trigger from other AWS services or call it directly from any web or
mobile app.
API Gateway
API Gateway
● Add user sign-up and sign-in to your mobile and web apps● Federate identities and provide secure access to AWS resources● Store and sync across devices
Cognito Identity
Cognito Identity
● Secure, resizable compute capacity in the cloud. ● Configure capacity with minimal friction. ● Reduces time required to obtain and boot new server instances to minutes● Quickly scale capacity up and down, as computing requirements change. ● Pay only for capacity that you actually use.
EC2 - Elastic Compute Cloud
EC2 - Elastic Compute Cloud
Cloud Computing Tips...● Be sure to deprovision resources as needed.
● Grant Least Privilege
● Lock Away Account Access Keys, and Passwords. Don’t not share them by any means
● Create Individual IAM Users
● Use Groups to Assign Permissions to IAM Users
● Configure a Strong Password Policy
● Rotate Credentials Regularly
● Remove Unnecessary Credentials
● Monitor Activity in Your AWS Account