CSP ASSIGNMENT

SYSTEM ID - 2021344925
NAME – AKASH GANDHAR
CLASS – CSE- F
SUBMISSION DATE – 22-JAN-2022
SUBMITTED TO – MRS. RAMA MALIYA MAM
What is Cloud Computing?
The phrase "cloud computing" refers to the process of storing and accessing data
through the internet. It does not save any information on your computer's hard
drive. You may access data from a remote server using cloud computing.
Cloud computing allows users to easily access servers, storage, databases, and a
wide range of application services through the Internet. The network-connected
hardware necessary for these application services is owned and maintained by a
cloud services platform like Amazon Web Services, while you provide and utilise
what you need via a web application.

Advantages Of Cloud Computing?

Cost Savings
Cost saving is one of the biggest Cloud Computing benefits. It helps you to save
substantial capital cost as it does not need any physical hardware investments.
Also, you do not need trained personnel to maintain the hardware. The buying and
managing of equipment is done by the cloud service provider.

Strategic edge
Cloud computing offers a competitive edge over your competitors. It is one of the
best advantages of Cloud services that helps you to access the latest applications
any time without spending your time and money on installations.

High Speed
Cloud computing allows you to deploy your service quickly in fewer clicks. This
faster deployment allows you to get the resources required for your system within
fewer minutes.

Back-up and restore data

Once the data is stored in a Cloud, it is easier to get the back-up and recovery of
that, which is otherwise very time taking process on-premise.

Automatic Software Integration

In the cloud, software integration is something that occurs automatically.
Therefore, you don’t need to take additional efforts to customize and integrate
your applications as per your preferences.
Reliability
Reliability is one of the biggest benefits of Cloud hosting. You can always get
instantly updated about the changes.

Mobility
Employees who are working on the premises or at the remote locations can easily
access all the could services. All they need is an Internet connectivity.

Unlimited storage capacity

The cloud offers almost limitless storage capacity. At any time you can quickly
expand your storage capacity with very nominal monthly fees.

Collaboration
The cloud computing platform helps employees who are located in different
geographies to collaborate in a highly convenient and secure manner.

Quick Deployment
Last but not least, cloud computing gives you the advantage of rapid deployment.
So, when you decide to use the cloud, your entire system can be fully functional in
very few minutes. Although, the amount of time taken depends on what kind of
technologies are used in your business.
What is Amazon Web Services (AWS)?
AWS (Amazon Web Services) is Amazon's complete cloud computing platform,
which comprises infrastructure as a service (IaaS), platform as a service (PaaS), and
packaged software as a service (SaaS) products. AWS services may provide a
company with resources like computational power, database storage, and content
distribution.
Amazon Web Services (AWS) was founded in 2006 as an extension of Amazon.com's
internal infrastructure for handling its online retail activities. AWS was one of the
first firms to provide a pay-as-you-go cloud computing model, which expands to
meet users' needs for computation, storage, and throughput.
AWS provides a variety of tools and solutions for businesses and software
developers that may be utilized in data centers throughout the globe. AWS services
are available to government agencies, educational institutions, charities, and
private businesses.
How Exactly AWS Works?
AWS consists of a variety of cloud computing products and services. Servers,
storage, networking, remote computing, email, mobile development, and security
are all provided by Amazon's extremely successful segment. EC2, Amazon's virtual
machine service, Glacier, a low-cost cloud storage service, and S3, Amazon's
storage system, are the three primary products offered by AWS.
AWS has considerably surpassed its competitors in terms of size and presence in
the computing industry. According to one independent analysis, AWS holds over a
third of the market (32.4 percent), followed by Azure (20 percent), and Google
Cloud (9 percent) in the first quarter of 2021.
AWS's servers are spread over 81 availability zones. These served regions are
segregated to allow customers to put geographical boundaries on their services (if
desired), as well as to ensure security by distributing data over many physical sites.
AWS covers 245 nations and territories in total.

Advantages Of Amazon Web Services (AWS)?

Easy To Use
AWS is meant to let application providers, ISVs, and suppliers host their
applications fast and securely, whether they're current or new SaaS-based apps.
To access AWS's application hosting platform, you can utilise the AWS
Management Console or well-documented web services APIs.

Flexible
AWS gives you the flexibility to choose your operating system, programming
language, web application platform, database, and other services. AWS provides
you with a virtual environment in which you may install the applications and
services that your application requires. This simplifies the transfer of current apps
while keeping the ability to create new ones.

Cost-Effective
There are no long-term contracts or upfront obligations, and you just pay for the
computing power, storage, and other resources you utilise. The AWS Economics
Center has further information on comparing the costs of different hosting options
with AWS.
Reliable
With AWS, you have access to a scalable, dependable, and secure worldwide
computing infrastructure that has been perfected over a decade as the virtual
backbone of Amazon.com's multibillion-dollar online company.

Scalable And High Performance

Your application may scale up or down based on demand using AWS features, Auto
Scaling, and Elastic Load Balancing. You have access to computation and storage
resources when you need them, thanks to Amazon's vast infrastructure.

Secure
To protect and fortify our infrastructure, AWS takes an end-to-end strategy that
includes physical, operational, and software safeguards. Visit the AWS Security
Center for further information.
Amazon EC2?
A virtual server on Amazon's Elastic Compute Cloud (EC2) for executing
applications on the Amazon Web Services (AWS) architecture is known as an
Amazon EC2 instance. AWS is a comprehensive and ever-evolving cloud computing
platform, whereas EC2 is a service that allows corporate subscribers to run
application programs in a computing environment. It may be used to create an
almost infinite number of virtual machines (VMs).
To meet customer demands, Amazon offers a variety of instances with diverse CPU,
memory, storage, and networking resource options. Each kind is offered in a
variety of sizes to meet the needs of different workloads.
Amazon Machine Images are used to build instances (AMI). The graphics of the
machines are similar to templates. They have an operating system (OS) and other
applications installed that establish the user's operational environment. Users can
choose from AWS's AMIs, the user community's AMIs, or the AWS Marketplace.
Users can also design and share their own AMIs.
Benefits
ELASTIC WEB-SCALE COMPUTING
Amazon EC2 enables you to increase or decrease capacity within minutes, not
hours or days. You can commission one, hundreds or even thousands of server
instances simultaneously. Of course, because this is all controlled with web service
APIs, your application can automatically scale itself up and down depending on its
needs.

COMPLETELY CONTROLLED
You have complete control of your instances. You have root access to each one,
and you can interact with them as you would any machine. You can stop your
instance while retaining the data on your boot partition and then subsequently
restart the same instance using web service APIs. Instances can be rebooted
remotely using web service APIs. You also have access to console output of your
instances.

FLEXIBLE CLOUD HOSTING SERVICES

You have the choice of multiple instance types, operating systems, and software
packages. Amazon EC2 allows you to select a configuration of memory, CPU,
instance storage, and the boot partition size that is optimal for your choice of
operating system and application. For example, your choice of operating systems
includes numerous Linux distributions, and Microsoft Windows Server.
RELIABLE
Amazon EC2 offers a highly reliable environment where replacement instances can
be rapidly and predictably commissioned. The service runs within Amazon’s
proven network infrastructure and datacenters.

INEXPENSIVE
Amazon EC2 passes on to you the financial benefits of Amazon’s scale. You pay a
very low rate for the compute capacity you actually consume.
AWS Lambda
Before AWS Lambda function, let’s understand:

What Is Serverless ?
Serverless programs are referred to as "serverless" in general. Serverless apps are
those that don't require any server provisioning or management.
Serverless computing (or serverless for short), is an execution model where the
cloud provider (AWS, Azure, or Google Cloud) is responsible for executing a piece of
code by dynamically allocating the resources. And only charging for the amount of
resources used to run the code. The code is typically run inside stateless containers
that can be triggered by a variety of events including http requests, database
events, queuing services, monitoring alerts, file uploads, scheduled events (cron
jobs), etc. The code that is sent to the cloud provider for execution is usually in the
form of a function. Hence serverless is sometimes referred to as “Functions as a
Service” or “FaaS”. Following are the FaaS offerings of the major cloud providers:
 AWS: AWS Lambda
 Microsoft Azure: Azure Functions
 Google Cloud: Cloud Functions

What Is AWS Lambda ?

AWS Lambda is Amazon's event-driven, serverless computing technology, which is
part of Amazon Web Services. As a result, you won't have to worry about deciding
which AWS resources to deploy or how to maintain them. Instead, you must upload
the code to Lambda, where it will execute.
The code in AWS Lambda is performed in reaction to events in AWS services such as
adding/deleting files in an S3 bucket, making an HTTP call to the Amazon API
gateway, and so on. Amazon Lambda, on the other hand, can only be used to
perform background operations.
Instead of managing operating system (OS) access control, OS patching, right-
sizing, provisioning, scaling, and other tasks, the AWS Lambda function allows you
to focus on your core product and business logic.
AWS Lambda Features ?
Build custom backend services
You can use AWS Lambda to create new backend application services triggered on
demand using the Lambda application programming interface (API) or custom API
endpoints built using Amazon API Gateway. Lambda processes custom events
instead of servicing these on the client, helping you avoid client platform
variations, reduce battery drain, and enable easier updates.

Bring your own code

With AWS Lambda, there are no new languages, tools, or frameworks to learn. You
can use any third- party library, even native ones. You can also package any code
(frameworks, SDKs, libraries, and more) as a Lambda Layer, and manage and share
them easily across multiple functions. Lambda natively supports Java, Go,
PowerShell, Node.js, C#, Python, and Ruby code, and provides a Runtime API
allowing you to use any additional programming languages to author your
functions.

Built-in Fault Tolerance

AWS Lambda maintains compute capacity across multiple Availability Zones (AZs)
in each AWS Region to help protect your code against individual machine or data
center facility failures. Both AWS Lambda and the functions running on the service
deliver predictable and reliable operational performance. AWS Lambda is designed
to provide high availability for both the service itself and the functions it operates.
There are no maintenance windows or scheduled downtimes.

Flexible Resource Model

Choose the amount of memory you want to allocate to your functions, and AWS
Lambda allocates proportional CPU power, network bandwidth, and disk
input/output (I/O).
AWS S3(Simple Storage Services)
Amazon S3, which was introduced in 2006, was AWS's first cloud service. Since
then, this storage service has been increasingly popular. Amazon now offers a
variety of additional cloud services, but Amazon S3 cloud storage remains the most
popular. AWS also provides Amazon EBS volumes for EC2 and Amazon Drive in
addition to Amazon S3 storage. However, the three services serve different goals
and have different functions.
S3 cloud storage is an object-based storage solution provided by Amazon. When
you use Amazon S3 storage, you can't install an operating system since data can't
be accessible at the block level, as an operating system requires. Use a file system
in userspace to mount Amazon S3 storage as a network drive to your operating
system. Read about how to install S3 cloud storage on various operating systems in
this blog article. Google Cloud is a cloud storage service similar to Amazon S3.

AWS S3 Features ?
Storage management and monitoring
Amazon S3’s flat, non-hierarchical structure and various management features are
helping customers of all sizes and industries organize their data in ways that are
valuable to their businesses and teams. All objects are stored in S3 buckets and can
be organized with shared names called prefixes. You can also append up to 10 key-
value pairs called S3 object tags to each object, which can be created, updated,
and deleted throughout an object’s lifecycle. To keep track of objects and their
respective tags, buckets, and prefixes, you can use an S3 Inventory report that lists
your stored objects within an S3 bucket or with a specific prefix, and their
respective metadata and encryption status. S3 Inventory can be configured to
generate reports on a daily or a weekly basis.
Storage classes
With Amazon S3, you can store data across a range of different S3 storage classes
purpose-built for specific use cases and access patterns: S3 Intelligent-Tiering, S3
Standard, S3 Standard-Infrequent Access (S3 Standard-IA), S3 One Zone-Infrequent
Access (S3 One Zone-IA), S3 Glacier Instant Retrieval, S3 Glacier Flexible Retrieval,
S3 Glacier Deep Archive, and S3 Outposts.

Access management
To protect your data in Amazon S3, by default, users only have access to the S3
resources they create. You can grant access to other users by using one or a
combination of the following access management features: AWS Identity and
Access Management (IAM) to create users and manage their respective access;
Access Control Lists (ACLs) to make individual objects accessible to authorized
users; bucket policies to configure permissions for all objects within a single S3
bucket; S3 Access Points to simplify managing data access to shared data sets by
creating access points with names and permissions specific to each application or
sets of applications; and Query String Authentication to grant time-limited access
to others with temporary URLs.

Query in place
Amazon S3 has a built-in feature and complementary services that query data
without needing to copy and load it into a separate analytics platform or data
warehouse. This means you can run big data analytics directly on your data stored
in Amazon S3. S3 Select is an S3 feature designed to increase query performance
by up to 400%, and reduce querying costs as much as 80%. It works by retrieving a
subset of an object’s data (using simple SQL expressions) instead of the entire
object, which can be up to 5 terabytes in size.
AWS IAM(Identity and Access Management)
Amazon Identity and Access Management (IAM) enables you to securely control
access to Amazon Web Services and resources for your users. Using IAM, you can
create and manage Amazon Web Services users and groups and use permissions to
allow and deny their permissions to Amazon Web Services resources.
First time users should see the IAM Best Practices section of the IAM User Guide. To
get started using IAM, sign in to the Amazon Management Console.
IAM also enables identity federation between your corporate directory and Amazon
Web Services. This lets you use existing corporate identities to grant secure access
to Amazon Web Services resources, such as Amazon S3 buckets, without creating
new Amazon Web Services identities for those users. To learn more, try our sample
application.
AWS IAM Features ?
Fine-grained access control
Permissions let you specify and control access to AWS services and resources. To
grant permissions to IAM roles, you can attach a policy that specifies the type of
access, the actions that can be performed, and the resources on which the actions
can be performed.

Delegate access by using IAM roles

With IAM roles you delegate access to users or AWS services to operate within your
AWS account. Users from your identity provider or AWS services can assume a role
to obtain temporary security credentials that can be used to make an AWS request
in the account of the IAM role.

IAM Access Analyzer

Achieving least privilege is a continuous cycle to grant the right fine-grained
permissions as your requirements evolve. IAM Access Analyzer helps you
streamline permissions management as you set, verify, and refine permissions.

Permissions guardrails
With AWS Organizations, you can use service control policies (SCPs) to establish
permissions guardrails that all IAM users and roles in an organization’s accounts
adhere to. Whether you’re just getting started with SCPs or have existing SCPs, you
can use IAM access advisor to help you restrict permissions confidently across your
AWS organization.

Attribute-based access control

Attribute-based access control (ABAC) is an authorization strategy you can use to
create fine-grained permissions based on user attributes, such as department, job
role, and team name. Using ABAC, you can reduce the number of distinct
permissions that you need for creating fine-grained controls in your AWS account.
AWS VPC(Virtual Private Cloud)
Amazon Virtual Private Cloud (Amazon VPC) is a conceptually isolated section of
the AWS cloud where you may launch AWS resources in a virtual network that you
create.
You have total control over your virtual networking environment, including the
selection of your IP address range, the formation of subnets, and the design of
route tables and network gateways.
You may simply adjust the network setup for your Amazon Virtual Private Cloud.
For example, you can create a public-facing subnet for web servers that can access
to the internet and can also place your backend system such as databases or
application servers to a private-facing subnet.
You can provide multiple layers of security, including security groups and network
access control lists, to help control access to Amazon EC2 instances in each subnet.

AWS VPC Features ?

Flow Logs
You can monitor your VPC flow logs delivered to Amazon Simple Storage Service
(Amazon S3) or Amazon CloudWatch to gain operational visibility into your
network dependencies and traffic patterns, detect anomalies and prevent data
leakage, and troubleshoot network connectivity and configuration issues. The
enriched metadata in flow logs helps you learn more about who initiated your TCP
connections and the packet-level source and destination for traffic flowing through
intermediate layers (such as a NAT gateway).

IP Address Manager (IPAM)

IPAM makes it easier for you to plan, track, and monitor IP addresses for your AWS
workloads. IPAM automates IP address assignments to your Amazon VPC,
removing the need to use homegrown or spreadsheet-based planning
applications. It also enhances your network observability by showing IP usage
across multiple accounts and VPCs in a unified operational view.
IPAM (IP Address Management) is the administration of DNS and DHCP, which are
the network services that assign and resolve IP addresses to machines in a TCP/IP
network. Simply put, IPAM is a means of planning, tracking, and managing the
Internet Protocol address space used in a network.
IP Addressing
IP addresses enable resources in your VPC to communicate with each other and
with resources over the internet. Amazon VPC supports both the IPv4 and IPv6
addressing protocols. In a VPC, you can create IPv4-only, dual-stack, and IPv6-only
subnets and launch Amazon EC2 instances in these subnets. Amazon also gives you
multiple options to assign public IP addresses to your instances. You can use the
Amazon provided public IPv4 addresses, Elastic IPv4 addresses, or an IP address
from the Amazon provided IPv6 CIDRs. Apart from this, you have the option to
bring your own IPv4 or IPv6 addresses within the Amazon VPC that can be assigned
to these instances.

Ingress Routing
With this feature, you can route all incoming and outgoing traffic flowing to/from
an internet gateway or virtual private gateway to a specific Amazon EC2 instance’s
elastic network interface. Configure your virtual private cloud to send all traffic to a
gateway or an Amazon EC2 instance before it reaches your business workloads.
Learn more about this feature here.