AWS: Understanding the Global Infrastructure

Overview

The AWS Global Infrastructure is a worldwide infrastructure owned and operated by Amazon Web Services (AWS), a leading provider of cloud computing services. This infrastructure consists of numerous data centers spread across various locations worldwide.

Designed to deliver cloud computing services to customers across different geographic regions, the AWS Global Infrastructure enables AWS to provide fast and reliable access to their services, including computing, data storage, networking, databases, and other services.

What are AWS Regions?

AWS Regions are separate geographic areas that AWS uses to house its infrastructure. These are distributed around the world so that customers can choose a region closest to them in order to host their cloud infrastructure there. The closer your region is to you, the better, so that you can reduce network latency as much as possible for your end-users. You want to be near the data centers for fast service.

AWS Regions introduced before March 20, 2019, are enabled by default. However, Regions introduced after March 20, 2019, such as Asia Pacific (Hong Kong) and Middle East (Bahrain), are disabled by default. You must enable these Regions before you can use them. You can use the AWS Management Console to enable or disable a Region.

What AWS Regions are currently available?

As of November 2019, there are 23 AWS Regions:

Region NameRegionUS East (Ohio)us-east-2US East (N. Virginia)us-east-1US West (N. California)us-west-1US West (Oregon)us-west-2Asia Pacific (Hong Kong)ap-east-1Asia Pacific (Mumbai)ap-south-1Asia Pacific (Osaka-Local)ap-northeast-3Asia Pacific (Seoul)ap-northeast-2Asia Pacific (Singapore)ap-southeast-1Asia Pacific (Sydney)ap-southeast-2Asia Pacific (Tokyo)ap-northeast-1Canada (Central)ca-central-1China (Beijing)cn-north-1China (Ningxia)cn-northwest-1EU (Frankfurt)eu-central-1EU (Ireland)eu-west-1EU (London)eu-west-2EU (Paris)eu-west-3EU (Stockholm)eu-north-1Middle East (Bahrain)me-south-1South America (Sao Paulo)sa-east-1AWS GovCloud (US-East)us-gov-east-1AWS GovCloud (US-West)us-gov-west-1

Each AWS Region offers a range of AWS services, and customers can select the Region that best suits their needs for deploying and running their applications and data. Additionally, AWS continues to expand its global reach by establishing new Regions in various locations worldwide.

Best practices for choosing AWS Regions

In general, try to follow these best practices when you choose a region, to help ensure top performance and resilience:

• Proximity: Choose a region closest to your location and your customers’ location to optimize network latency.
• Services: Try and think about what are your most needed services. Usually, the newest services start on a few main regions then pop up in other regions later.
• Cost: Certain regions will cost more than others, so use built-in AWS calculators to do rough cost estimates to inform your choices.
• Service Level Agreement (SLA): Just as with cost, your SLA details will vary by region, so be sure to be aware of what your needs are and if they’re being met.
• Compliance: You may need to meet regulatory compliance needs such as GDPR by hosting your deployment in a specific — or multiple regions.

What are AWS Availability Zones?

An AWS Availability Zone (AZ) is the logical building block that makes up an AWS Region. There are currently 69 AZs, which are isolated locations — data centers — within a region. Each region has multiple AZs and when you design your infrastructure to have backups of data in other AZs you are building a very efficient model of resiliency, i.e. a core concept of cloud computing.

See the below image from AWS documentation for a visual representation of Availablity Zones within Regions.

Availability Zones are integral in building highly available applications. When an application is partitioned across Availability Zones, companies are better isolated and protected from issues such as lightning, tornadoes, earthquakes, and more.

Customers are responsible for selecting the Availability Zones where their systems will reside. Systems can span multiple Availability Zones, and AWS recommends replicating across Availability Zones for resiliency. Designs should be implemented to withstand the temporary or prolonged failure of an availability zone in the event of a disaster.

Advice for using AWS Availability Zones

There are several reasons why a good strategy with regard to AZs comes in handy in several different situations. Just to cite some of the most common use cases, if you distribute your instances across multiple Availability Zones and one instance fails, you can design your application so that an instance in another Availability Zone can handle requests. This is like an emergency load balancer without using an actual load balancer.

In general, AWS Availability Zones give you the flexibility to launch production apps and resources that are highly available, resilient/fault-tolerant, and scalable as compared to using a single data center. Having more options and backups is better!

Why Cloud Infrastructure matters

The AWS Global Cloud Infrastructure is a secure, extensive, and reliable cloud platform, offering over 200 fully featured services from data centers globally. Whether you need to deploy your application workloads across the globe in a single step or you want to build and deploy specific applications closer to your end users with single-digit millisecond latency, AWS provides you the cloud infrastructure where and when you need it.

With millions of active customers and tens of thousands of partners globally, AWS has the largest and most dynamic ecosystem. Customers across virtually every industry and of every size, including start-ups, enterprises, and public sector organizations, are running every imaginable use case on AWS.

AWS INFRASTRUCTURE LAYER

LAYER-BY-LAYER ACCESS REVIEW

Like other layers, access to the Infrastructure Layer is restricted based on business need. By implementing a layer-by-layer access review, the right to enter every layer is not granted by default. Access to any particular layer is only granted if there is a specific need to access that specific layer.

MAINTAINING EQUIPMENT IS A PART OF REGULAR OPERATIONS

AWS teams run diagnostics on machines, networks, and backup equipment to ensure they’re in working order now and in an emergency. Routine maintenance checks on data center equipment and utilities are part of our regular operations.

EMERGENCY-READY BACKUP EQUIPMENT

Water, power, telecommunications, and internet connectivity are designed with redundancy, so we can maintain continuous operations in an emergency. Electrical power systems are designed to be fully redundant so that in the event of a disruption, uninterruptible power supply units can be engaged for certain functions, while generators can provide backup power for the entire facility. People and systems monitor and control the temperature and humidity to prevent overheating, further reducing possible service outages.

Points of Presence

Amazon CloudFront serves as a content delivery network (CDN) designed to distribute content to end users and reduce latency. Similarly, Amazon Route 53 functions as a Domain Name System (DNS) service. Requests made to either of these services are automatically routed to the nearest edge location to minimize latency.

AWS Global Infrastructure Benefits

Security

Security at AWS starts with our core infrastructure. Custom-built for the cloud and designed to meet the most stringent security requirements in the world, our infrastructure is monitored 24/7 to help ensure the confidentiality, integrity, and availability of your data. All data flowing across the AWS global network that interconnects our datacenters and Regions is automatically encrypted at the physical layer before it leaves our secured facilities. You can build on the most secure global infrastructure, knowing you always control your data, including the ability to encrypt it, move it, and manage retention at any time.

Availability

AWS delivers the highest network availability of any cloud provider. Each region is fully isolated and comprised of multiple AZs, which are fully isolated partitions of our infrastructure. To better isolate any issues and achieve high availability, you can partition applications across multiple AZs in the same region. In addition, AWS control planes and the AWS management console are distributed across regions, and include regional API endpoints, which are designed to operate securely for at least 24 hours if isolated from the global control plane functions without requiring customers to access the region or its API endpoints via external networks during any isolation.

Performance

The AWS Global Infrastructure is built for performance. AWS Regions offer low latency, low packet loss, and high overall network quality. This is achieved with a fully redundant 400 GbE fiber network backbone, often providing many terabits of capacity between Regions. AWS Local Zones and AWS Wavelength, with our telco providers, provide performance for applications that require single-digit millisecond latencies by delivering AWS infrastructure and services closer to end-users and 5G connected devices. Whatever your application needs, you can quickly spin up resources as you need them, deploying hundreds or even thousands of servers in minutes.

Scalability

The AWS Global Infrastructure enables companies to be extremely flexible and take advantage of the conceptually infinite scalability of the cloud. Customers used to over provision to ensure they had enough capacity to handle their business operations at the peak level of activity. Now, they can provision the amount of resources that they actually need, knowing they can instantly scale up or down along with the needs of their business, which also reduces cost and improves the customer’s ability to meet their user’s demands. Companies can quickly spin up resources as they need them, deploying hundreds or even thousands of servers in minutes.

Flexibility

The AWS Global Infrastructure gives you the flexibility of choosing how and where you want to run your workloads, and when you do you are using the same network, control plane, API’s, and AWS services. If you would like to run your applications globally you can choose from any of the AWS Regions and AZs. If you need to run your applications with single-digit millisecond latencies to mobile devices and end-users you can choose AWS Local Zones or AWS Wavelength. Or if you would like to run your applications on-premises you can choose AWS Outposts. If you are in a public sector organization or highly regulated industry, you can read our plans to launch the AWS European Sovereign Cloud.

Global Footprint

AWS has the largest global infrastructure footprint of any provider, and this footprint is constantly increasing at a significant rate. When deploying your applications and workloads to the cloud, you have the flexibility in selecting a technology infrastructure that is closest to your primary target of users. You can run your workloads on the cloud that delivers the best support for the broadest set of applications, even those with the highest throughput and lowest latency requirements. And If your data lives off this planet, you can use AWS Ground Station, which provides satellite antennas in close proximity to AWS infrastructure Regions.

AWS Service and Service Category Overview

What is AWS Web Services?

Amazon Web Services (AWS) is a cloud platform that provides customers with a wide range of services to help them build, run, and scale their businesses. These services fall into four main categories: computing, storage, database, and networking.
Having seen considerable growth, AWS offers users a scalable, accessible way to create sophisticated applications by leveraging AWS’ vast selection of cloud-based products and solutions. To learn more about AWS check what is AWS.

What are the Four Foundational Services of AWS?

AWS provides four services that form the foundation of any cloud deployment: computing, storage, networking, and database. Each service is designed to offer high availability and scalability so that you can build a robust and reliable application in the cloud. Let’s take a closer look at each service and know how it can benefit your business.

In 2024, AWS continues to thrive as a leading cloud provider, offering a robust set of services that serve as the cornerstone of its cloud ecosystem. These Four Foundational Services of AWS, often referred to as the bedrock of the AWS platform, include Compute, Storage, Database, and Networking. These services collectively provide the building blocks for virtually any cloud-based application or infrastructure, enabling businesses to harness the power of AWS Platform as a Service (PaaS) while establishing a solid Cloud Foundation AWS. AWS Compute services such as EC2 offer scalable computing power, while Storage services like S3 provide flexible data storage options. AWS’s Database offerings, like RDS and DynamoDB, cater to a variety of data management needs, and Networking services ensure seamless connectivity and security. These foundational services not only form the backbone of AWS but also empower organizations to innovate and scale their operations in the cloud with confidence.

Compute

Compute resources are the brains and processing power needed by applications and systems to carry out computational tasks. So Compute is essentially the same as common server components, such as CPU and RAM, which many of you are already familiar with. Physical servers within a data centre are considered compute resources as they may contain multiple CPUs and tons of RAM to process instructions given by the operating system and applications. Below are the computing services provided by AWS:

• AWS EC2

Amazon Elastic Compute Cloud (EC2) is a web service that provides secure, resizable computing capacity in the cloud. It is designed to make web-scale cloud computing easier for developers. Amazon EC2’s simple web interface allows you to obtain and configure capacity with minimal friction. It provides you with complete control of your computing resources and lets you run on Amazon’s proven computing environment.
You can use Amazon EC2 to launch as many applications as you want — whether they’re running on Linux, Windows, or Oracle — and manage all of them using a single API call. And since it’s scalable and pay-as-you-go, Amazon EC2 reduces up-front investment costs while providing flexibility and control over resource allocation.
With Amazon EC2, there are no upfront investments required — instead, you simply pay per hour of usage. So if your application needs more computing power, you can increase capacity right away without having to wait for an IT department to order and install new hardware.

• AWS Lambda

Amazon Web Services Lambda is a serverless computing platform that runs your code in response to events and automatically manages the underlying compute resources for you. You can use Lambda to build applications that respond quickly to new information. Plus, Lambda is scalable so you can process events as they happen, without having to provision or manage any servers.

For example, an e-commerce company might use Lambda functions to analyze incoming customer data for marketing purposes. Or an enterprise IT organization might use it to keep their systems up-to-date with security patches and fixes.
With Lambda, you don’t have to worry about capacity planning because it scales seamlessly along with your needs. It also lets developers spend more time on development and less time on managing infrastructure — perfect for fast-moving startups!

• AWS Elastic Beanstalk

Amazon Web Services Elastic Beanstalk is a platform as a service (PaaS) that streamlines the process of deploying and scaling web applications and services developed with popular programming languages and frameworks. Elastic Beanstalk provides pre-configured platforms for programming languages like Java, .NET, PHP, Node.js, Python, and Ruby.

You can simply upload your code and Elastic Beanstalk automatically handles the deployment, from capacity provisioning, load balancing, and auto-scaling to application health monitoring. Elastic Beanstalk’s no configuration mode allows you to deploy an application without worrying about the details, such as what type of environment it needs or where it should be deployed.

It also includes many features to allow developers to focus on their code rather than administrative tasks, including integrations with other AWS products. These features include Auto Scaling and Load Balancing which will scale up servers when traffic increases and automatically distribute incoming requests across all servers.

Network

Networking in cloud computing is the process of connecting computers and devices together so they can communicate with each other. The four main types of networking are: point-to-point, client-server, peer-to-peer, and mesh.

Point-to-point networking is the most basic type of networking, and it involves two devices that are connected directly to each other. Client-server networking is a bit more complex, and it involves a server that provides services to clients.
Peer-to-peer networking occurs when two or more devices share data with one another without using an intermediary device like a server. Mesh networks are built for redundancy and consist of multiple paths for messages to travel between nodes.

Let’s discuss the network services provided by AWS Cloud.

• Amazon Route 53

Amazon Route 53 is a scalable and highly available Domain Name System (DNS) service. It provides secure and reliable routing to your resources, such as websites and web applications, with low latency. Amazon Route 53 is fully compliant with IPv6 as well. You can use Amazon Route 53 to perform three main functions: Domain registration, DNS routing, and health checking.
One thing that sets Amazon Route 53 apart from other DNS services is the inclusion of various geo and routing features. An example of this would be Latency Based Routing which routes traffic depending on its proximity to the desired destination, or you could also do IP Prefix.

Hijacking Protection protects against accidental changes in prefixes at the registrar level by monitoring and blocking requests for domain registrations that conflict with your prefixes in route 53.
You could also set up Dynamic Record Sets which will automatically create records if they don’t exist when queried so there’s no need to maintain static records. Or maybe Reverse DNS Lookups which will map an IP address back to a domain name for security purposes. Other products that work well with Amazon Route 53 include AppStream 2.0, AppSync, and CloudFront CDN.

• AWS VPC

Amazon Web Services (AWS) is a cloud platform that provides customers with a wide array of infrastructure services, such as computing power, storage options, networking, and databases. One of these services is called Amazon Virtual Private Cloud (VPC), which is a secure and scalable cloud computing service that isolates your resources from those of other AWS customers. AWS VPC lets you create an isolated virtual network environment in the AWS cloud. With Amazon VPC, AWS resources can be launched into a virtual network.

Common items to define for your networks such as IP address ranges, subnet creations, route tables, gateways, and security settings are within the normal range. It integrates with many AWS services and is a foundational service of AWS. You can use both IPv4 and IPv6 in your VPC for secure and easy access to resources and applications.
VPC provides you with complete control over your virtual networking environment, including a selection of your own IP address range, creation of subnets, and configuration of route tables and network gateways. In addition, you can launch AWS resources into a VPC to provide isolation from the rest of the AWS cloud.

Cloud Storage

Cloud storage is a service that allows users to store and access data over the Internet. It is a popular choice for businesses because it is scalable, reliable, and secure. In a cloud storage model, data that is digital in format is stored, and thus it is called logical pools in the cloud.

Multiple servers are used for this storage system, which can be located throughout the country or even outside the country depending on many factors. Private companies or the cloud providers like AWS, Azure, Google Cloud, and IBM Cloud own and maintain these servers.

In addition to ensuring data is available and accessible at all times, the cloud storage services also maintain the physical environment and safeguard the data. A provider of storage capacity sells or leases storage space to individuals and companies in order to store information about their users, entities, and applications.

The storage services provided by AWS Cloud are Amazon S3 and Amazon Glacier.

• Amazon S3

Amazon S3 is an object storage service that offers industry-leading scalability, data availability, security, and performance. This means that you can store and retrieve any amount of data, at any time, from anywhere on the web. Amazon S3 is designed to make web-scale computing easier for developers.
It provides a simple web services interface that can be used to store and retrieve any amount of data, at any time, from anywhere on the web. It gives customers complete control over their data by providing robust access controls and multiple redundant storage facilities with no single point of failure. You only pay for what you use. Amazon S3 makes it easy to serve your content quickly and reliably, even when some parts of your infrastructure don’t function properly or become unavailable.

• Amazon Glacier

Amazon Glacier is a low-cost storage service that provides secure and durable storage for data backup and archival. Amazon Glacier is easy to use, with a simple web interface that you can use to store and retrieve any amount of data. Amazon Glacier is a great choice for storing data that you don’t need to access frequently, but want to keep in a safe place.

When you upload your data to Amazon Glacier, it is copied onto multiple devices at different physical locations, which means your data will stay safe even if there’s an unexpected event like a fire or flood at one of our facilities. It also helps ensure that your data stays available during regional outages since there’s no single point of failure when accessing it from another location.
With Amazon Glacier, customers pay only for what they use. Storage prices start as low as $0.01 per gigabyte per month; retrieval pricing starts at $0.001 per gigabyte. That’s considerably less than most tape libraries, so storing your archived data with us could save you money over time!

Database

Cloud databases are a new breed of database that offers all the benefits of the cloud: elasticity, scalability, and cost-effectiveness. Just like traditional databases, they can be used to store data, but they also come with a few key differences. For one, cloud databases are designed to be scalable and highly available, so they can handle large workloads without going down.

They’re also automatically replicated across regions for high availability and seamless disaster recovery. Unlike most traditional databases, which require you to set up hardware yourself in order to grow your compute power, these services are preconfigured for auto-scaling as needed so you don’t have to worry about capacity planning. Plus, there’s no upfront cost for these powerful services — pay only for what you use when you need it.
Let’s take a look at the DB services provided by AWS Cloud.

• Amazon RDS (Relational Database Service)

Amazon RDS is a managed relational database service that makes it easy to set up, operate, and scale a relational database in the cloud. It provides cost-effective and resizable capacity while automating time-consuming administration tasks such as hardware provisioning, database setup, patching, and backups.
Amazon RDS is available on several database instance types — optimized for memory, performance or I/O — and provides you with six familiar database engines to choose from, including Amazon Aurora, MySQL, MariaDB, Oracle Database, Microsoft SQL Server, and PostgreSQL. With these features, Amazon RDS gives you maximum flexibility and control over your data.
You can also use various deployment models for Amazon RDS, which include managed services (where we handle everything) and shared services (where you maintain ownership).

• Amazon DynamoDB (Non-Relational Database)

Amazon DynamoDB is a non-relational database that delivers single-digit millisecond performance at any scale. It’s a fully managed, multi-region, multi-master, durable database with built-in security, backup and restore, and in-memory caching for internet-scale applications. DynamoDB can handle more than 10 trillion requests per day and can support peaks of more than 20 million requests per second.
You don’t need to worry about backups or recovery because DynamoDB automatically provides linear scalability, high availability, durability, and predictable performance. As your data grows you can use Provisioned Capacity to automatically increase storage capacity without downtime as well as Auto Scaling to adjust your provisioned throughput capacity up or down based on usage demands.
Elasticity allows you to store and retrieve unlimited amounts of data while paying only for what you use (since there is no minimum fee). With Amazon ElastiCache, access in-memory cache anywhere in the world to power web, mobile, and IoT applications — without having to set up servers.

As you know the four most important AWS fundamental services now we can explore the AWS Data Ingestion Services.

Conclusion:

The four foundational services of AWS are Amazon Elastic Compute Cloud (EC2), Amazon Simple Storage Service (S3), Amazon DynamoDB, and Amazon Route 53. These services provide the building blocks that you can use to create applications in the cloud. Each service is designed to be highly scalable and fault-tolerant, so you can focus on building your application without having to worry about infrastructure.
Check out our AWS cloud practitioner certification course if you’re interested in cloud computing, or read our other blog posts on different AWS and Azure services.

Writer : Arifin Ardiansyah (2211110019— IT Telkom Purwokerto)