WavebreakmediaMicro - Fotolia
One of the most powerful features of Amazon Web Services isn't a product per se, but rather what the public cloud provider offers for free. I've personally given thought to how to integrate AWS into my technology learning for the coming year. The exercise has helped expand my understanding of the value and uses for AWS.
I've approached AWS from a traditional enterprise perspective. In a traditional infrastructure, resources are spun up and rarely designed to shut down. Virtualization has enabled power management via the consolidation of workloads during non-peak periods. However, the VMs remained running. AWS charges for the time that those instances run -- regardless of usage.
One of the most difficult concepts for me to overcome has been the ephemeral nature of Elastic Compute Cloud (EC2) instances. My mindset marries services to an always-running OS instance. To log in to my VM management platform to manage the hypervisor, my directory services must be available, meaning that all three infrastructure components must reside on OS instances that run continuously.
From a pure infrastructure perspective, AWS' free tier offers a compelling amount of resources to begin the journey to understanding how to support ephemeral workloads while maintaining a persistent infrastructure state.
Manage resources with AWS' free tier of service
Beginning at the basic level, it's easy to overlook a simple but powerful concept. Creating an AWS account is free. As a result, the AWS Management Console is free, which gives you an inventory and control center for all AWS resources from EC2, AWS Lambda, Simple Storage Service (S3) and AWS Identity and Access Management (IAM). AWS doesn't charge customers to interface with the management layer of the platform.
From a practical perspective, it enables you to build some interesting integrations between your lab and AWS. A simple example is creating a script that spins up an EC2 instance based on a CloudFormation template. The template can use a service, such as a script that checks your Network Time Protocol settings throughout your ESXi infrastructure. Without spending a cent on AWS, this lab helps you understand EC2, CloudFormation and the AWS Management Console API. As a bonus, you understand network integration between your lab and AWS to deploy the script.
Limit access to resources
Another service available on the AWS free tier is IAM, which is the AWS equivalent to Active Directory in some respects and offers some bonus features, such as encryption key management.
Whether you are dealing with your lab or production infrastructure, it's never a good idea to use the root user to manage your infrastructure. IAM enables you to create users that are unique to your AWS account. You are then able to apply access control to all AWS tools, such as S3 buckets. IAM also has a robust encryption key management system that enables administrators to manage keys within and external to AWS.
Go serverless with Lambda
Event-driven computing, also known as serverless computing, allows for the abstraction of code from dedicated infrastructure. In this model, an event triggers the execution of a function. Lambda is AWS' event-driven function service. AWS allows up to one million free Lambda calls per month, which is a significant amount for a lab environment.
Lambda functions are triggered based on AWS events, which can include CloudFormation. For example, an AWS user can kick off a Lambda function at the start or stop of a CloudFormation workflow. By using CloudFormation and Lambda together, an infrastructure engineer can generate some creative batch processes that reduce the cost of computing in a lab environment.
AWS' free tier provides a powerful platform to extend your lab and begin the transition to understanding hybrid infrastructure.
Against outages, AWS reliability remains supreme
How do AWS' free tiers stack up against the competition?
Know the principles of AWS cost management
Dig Deeper on AWS pricing, cost and ROI
AWS month in review: Explore the CloudFormation CLI, Savings Plans
Tailor and create compliance rules with this AWS Config tutorial
3 reasons privilege escalation in the cloud works
Follow this step-by-step guide to use AWS Lambda with PowerShell