Cloud Course

IAM, S3, CloudWatch

In this section, we'll learn about IAM and using it to access other AWS services from an EC2 instance.

We'll have the instance access S3 for file storage and CloudWatch for monitoring logs.

Up until now, we've been building everyting on a single EC2 instance. Absolutely everything we need is running on a single instance.

/iam-s3-cw/assets/ec2.svg

In reality, we will need to use seperate instance or cloud services for different parts of our infrastructure. This is a more realistic diagram of what a basic web application might look like in the cloud.

/iam-s3-cw/assets/scaled-light.svg /iam-s3-cw/assets/scaled-dark.svg

This allows us to handle each part of our infrastructure seperately. We can scale each service as needed and handle failures more gracefully. There's a lot to discuss with this, and we'll look more into each peice in later sections. But here's a few things to consider:

Application Server

An application server needs to be able to horizontally scale on demand. This means spinning up and tearning down instances on the fly without any reprocussions. There's also potential to run this kind of infrastructure using containers, or serverless functions.

This only works if the server is only running code and not persisting any data.

Database

The database is the most important part of any web application, if your data, you lose your application

A dababase needs to be highly available, scalable, and backed up multiple times in multiple ways. Databases are also complicated because they need a large amount of storage and require some amount of computing power to run queries.

Static Files

Static files like images and videos can be stored cheaper in S3, and distributed globally through CloudFront.

Monitoring

Monitoring a single instance is as easy as logging in with ssh and checking the logs or running htop. Monitoring multiple instances and multiple services is challenging without the right tools.