AWS Fundamentals: Understanding Compute, Storage, Database, Networking & Security

If you are just starting out on your journey toward mastering AWS cloud computing, then your first stop should be to understand the AWS fundamentals. This will enable you to get a solid foundation to then expand your knowledge across the entire AWS service catalog.  

It can be both difficult and daunting in deciphering where to start, you may find yourself asking questions like, “Where do I begin? What services should I learn about first? What principles and frameworks could help me?” Here at Cloud Academy, we have made this transition and decision easy for you in our newly updated Learning Path: Fundamentals of AWS. 

Fundamentals of AWS

This Learning Path will take you on that beginners journey to establish a sound understanding of the AWS essentials. It is comprised of:

Courses

Compute Fundamentals for AWS

The Compute category of services are key resources that allow you to carry out computational abilities via a series of instructions used by applications and systems. These resources cover a range of different services and features, including:

  • EC2 – Amazon Elastic Compute Cloud 
  • ECS – Amazon Elastic Container Service
  • ECR – Amazon Elastic Container Registry
  • EKS – Amazon Elastic Container Service for Kubernetes
  • AWS Elastic Beanstalk
  • AWS Lambda
  • AWS Batch
  • Amazon Lightsail

This course will provide the fundamental elements of all of these Compute services and features that will allow you to select the most appropriate service for your project and implementations. Each have their advantages by providing something of value that’s different to the others, which will all be discussed.

Storage Fundamentals for AWS

One of the core building blocks of Infrastructure-as-a-Service (IaaS) is storage. AWS provides a wide range of storage services that allow you to architect the correct solution for your needs. Understanding what each of these services is and what they have been designed and developed for, gives you the knowledge to implement best practices, while ensuring your data is stored, transmitted, and backed up in the most efficient and scalable way. This course focuses on each of the storage services provided by AWS and will explain the service, its key features, and when and why you might use the service within your own environment.

The objectives of this course are to provide:

  • An overview and introduction to the different AWS storage services
  • An understanding of how to transfer data into and out of AWS
  • The knowledge to confidently select the most appropriate storage service for your needs

Working with AWS Networking and Amazon VPC

This course has been designed to give you an overview of the AWS Virtual Private Cloud (VPC) and its associated networking components.  This will help you to architect and build your VPC for a variety of different work loads and use cases. The topics covered within this course include:

  • Virtual Private Clouds (VPCs)
  • Subnets
  • Route Tables
  • Network Access Control Lists (NACLs)
  • Security Groups
  • NAT Gateways
  • Bastion Hosts
  • VPN and Direct connection
  • VPC Peering
  • AWS Transit Gateway

By the end of this course, you will be able to:

  • Confidently architect a VPC across multiple availability zones within a region
  • Explain different networking components commonly used within AWS VPCs
  • Secure your VPCs to help you protect your resources within them
  • Assess which method of connectivity to your VPCs would be best in different scenarios

Database Fundamentals of AWS

This course will provide you with an introduction to the cloud database services offered by AWS. 

First, we learn to recognize and explain the basics of a cloud database service. We then learn to recognize and explain the differences between non-relational and relational databases before taking a high-level pass over the family of AWS database services available. We then dive into the non-relational databases — Amazon DynamoDB
, Amazon Elasticache, and Amazon Neptune — to explore the use cases for when we might want to use a non-relational database service. 



Next, we dive into Amazon Relational Database Service (RDS), exploring the database services provided by RDS. We then examine the services and their various use cases in the context of a scenario. 

On completing this course, you will have an understanding of the different types of database services available to you within the AWS cloud platform. You will be able to recognize and explain the various database services offered by AWS and identify and select which database service might suit a specific use case or requirement.

AWS: Overview of Identity & Access Management (IAM)

This course looks at one of the key security services within AWS, Identity & Access Management, commonly referred to IAM. This service manages identities and their permissions that are able to access your AWS resources. Understanding how this service works and what you can do with it, will help you to maintain a secure AWS environment, and IAM is an important step to ensure your resources are secure. 

Within this course we will look at:

  • What is Identity & Access Management? 
  • Groups, Users & Roles
  • IAM Policies
  • Multi-Factor Authentication
  • Identity Federation
  • IAM Features

By the end of this course, you will be able to:

  • Setup and configure users, groups, and roles to control which identities have authorization to access specific AWS resources
  • Implement multi-factor authentication
  • Create and implement IAM policies allowing you to grant or restrict very granular and specific permissions across a range of resources
  • Implement a password policy to align with your internal security controls
  • Understand when and why you may use identity federation access
  • Understand how the Key Management Service (KMS) is used in conjunction with IAM

Hands-on Labs

Our labs are designed to provide you with hands-on exposure to the AWS environment through the use of Cloud Academy’s AWS credentials, meaning you do not need to have your own AWS account.

Our AWS Fundamentals Labs include the following:

  • Create your first Amazon EC2 instance (Linux)
  • Create your first Amazon EC2 instance (Windows)
  • Create your first Amazon S3 Bucket
  • Managing Instance Volumes using EBS
  • Introduction to the Virtual Private Cloud (VPC)
  • Create your first Amazon RDS Database

By working through these labs, it will help you to solidify what you have learned through the theory courses. There is no better way to learn than to perform these tasks and steps yourself. The more you work on the labs, the more confident and aware you will be of the services and the environment.  

Blog resources

We have two blog post resources within this Learning Path:

AWS Global Infrastructure: Availability Zones, Regions, Edge Locations, Regional Edge Caches

AWS is a global public cloud provider, and as such, it has to have a global network of infrastructure to run and manage its many growing cloud services that support customers around the world. In this post, I take a look at the components that make up the AWS Global Infrastructure. 

The components are:

  • Availability Zones (AZs)
  • Regions
  • Edge Locations
  • Regional Edge
  • Caches

If you are deploying services on AWS, you will need to have a clear understanding of each of these components, how they are linked, and how you can use them within your solution to your maximum benefit.

AWS Shared Responsibility Model: Cloud Security

By the very nature of the phrase “AWS Shared Responsibility Model,” we can see that security implementation on the AWS Cloud is not the sole responsibility of any one player, but is shared between AWS and you, the customer. The AWS Shared Responsibility Model dictates which security controls are AWS’s responsibility and which are yours. In short, you decide how you want your resources to sit “in the cloud” (in other words, how much access you choose to give to and from your resources), while AWS guarantees the global security “of the cloud” (i.e., the underlying network and hardware they provide to host and connect your resources).

In my experience, a solid understanding of the AWS Shared Responsibility Model makes it easier to build and maintain a highly secure and reliable environment. Without knowing where you need to step in and take control of data security, you will not be able to properly define just how secure your environment really is. AWS treats security as its top priority — and so should you.

Knowledge checks and exam

There are three knowledge checks and one final exam within this Learning Path that will assess your level of understanding.

Knowledge Check: Compute Fundamentals for AWS

This exam will test your understanding of the products, components, features, and best practices discussed in the AWS Compute Fundamentals course. 

Knowledge Check: AWS Storage Fundamentals

This exam will test your understanding of the products, components, features, and best practices discussed in the AWS Storage Fundamentals course. 

Knowledge Check: Database Fundamentals for AWS

This exam will test your understanding of the relational and non-relational databases, how cloud databases differ from those on-premises, and features and use cases for the different AWS database services discussed in the course. 

Exam: Fundamentals of AWS

This exam will test the services and concepts discussed in the Fundamentals of AWS Learning Path. You have 45 minutes to complete 30 multiple-choice questions.

Questions will focus on the following service areas in AWS:

  • AWS Platform tools and concepts
  • Compute services
  • Storage services
  • Networking services
  • Database services
  • Security services

To dive deeper into AWS Security, Cloud Academy offers an AWS Security Services Learning Path. It is designed to introduce you to many of the different AWS Security Services that are available, and to help you implement varied levels of security within your AWS environment. 

AWS Security Services Learning Path

The services covered within this Learning Path are as follows:

  • AWS Identity & Access Management (IAM)
  • AWS Key Management Service (KMS)
  • AWS CloudHSM
  • AWS Web Application Firewall
  • AWS Shield
  • AWS Firewall Manager
  • AWS CloudTrail
  • Amazon Inspector
  • AWS Config
  • Amazon Macie
  • Amazon GuardDuty
  • AWS

  • Compute

  • Database

  • fundamentals

  • networking

  • Security

  • Storage

Cloud Academy