Internal

• Amazon AWS

AWS Security Concepts

AWS Security Concepts

Region

AWS has data centers in different areas of the world.

Amazon regions:

• Asia Pacific (Tokyo) ap-northeast-1
• Asia Pacific (Singapore) ap-southeast-1
• Asia Pacific (Sydney) ap-southeast-2,
• EU (Frankfurt) eu-central-1
• EU (Ireland) eu-west-1
• South America (Sao Paulo) sa-east-1
• US East (N. Virginia) us-east-1
• US West (N. California) us-west-1
• US West (Oregon) us-west-2

This is how it can be configured:

Setting AWS Region

Availability Zones

An availability zone is a distinct location within a region engineered to be isolated from failures in other availability zones. Think about it as location: by placing resources in different availability zones you can protect the application from the failure of a single location. Each region provides low-latency network connectivity with other zones within the same region. Example of availability zones within a region: us-west-2b.

The list of zones and their codes is available here:

http://docs.aws.amazon.com/gettingstarted/latest/awsgsg-intro/gsg-aws-what-services-first.html

An auto-scaling group can span multiple availability zones.

Availability zone operations:

ec2-describe-instances

Amazon Resource Name (ARN)

Tags

AWS Tagging Strategies

AWS resources can be tagged with key-value pairs. This is useful for tracking cost allocation among your AWS resources.

AWS Service

As part of a service configuration, the user may be in the situation to pass an IAM role to the service.

Services:

• CloudFormation Service
• CodeBuild Service