Understanding AWS Cloud Principles and Key Characteristics

Categories

Recent Comments

No comments to show.

Archives

April 2025
M T W T F S S
 123456
78910111213
14151617181920
21222324252627
282930  

What is AWS cloud computing? – Understanding AWS Cloud Principles and Key Characteristics

What is AWS cloud computing?

AWS is the undisputed market leader in cloud computing today. Even though there are few worthy competitors, it doesn’t seem like anyone will push them off the podium for a while. Why is this, and how can we be sure they will remain a top player for years? Because this pattern has occurred in the history of the technology industry repeatedly. IN THEIR BOOK THE GORILLA GAME: PICKING WINNERS IN HIGH TECHNOLOGY, Geoffrey A. Moore, Paul Thompson, and Tom Kippola explained this pattern best a long time ago.Some important concepts covered in their book are listed here:

  • There are two kinds of technology markets: Gorilla Games and Royalty Markets. In a Gorilla Game, the players are dubbed gorillas and chimps. In a Royalty Market, the participants are kings, princes, and serfs.
  • Gorilla Games exist because the market leaders possess proprietary technology that makes it difficult for competitors to compete. This proprietary technology creates a moat that can be difficult to overcome.
  • In Royalty Markets, the technology has been commoditized and standardized. In a Royalty Market, it’s challenging to become a leader, and it’s easy to fall off the number one position.
  • The more proprietary features a gorilla creates in its product, the bigger the moat they establish. The more difficult and expensive it becomes to switch to a competitor, the stronger the gorilla becomes.
  • This creates a virtuous cycle for the market leader or gorilla. The market leader’s product or service becomes highly desirable, meaning they can charge more and sell more. They can then reinvest that profit to improve the product or service.
  • Conversely, a vicious cycle is created for second-tier competitors or chimps. Their product or service is not as desirable, so even if they charge as much money as the market leader because they don’t have as many sales, their research and development budget will not be as large as the market leader.
  • The focus of this book is on technology, but if you are interested in investing in technology companies, the best time to invest in a gorilla is when the market is about to enter a period of hypergrowth. At this point, the gorilla might not be fully determined, and it’s best to invest in the gorilla candidates and sell stock as it becomes obvious that they won’t be a gorilla and reinvest the proceeds of that sale into the emerging gorilla.
  • Once a gorilla is established, the way a gorilla is vanquished is by a complete change in the game, where new disruptive technology creates a brand new game.

To better understand, let’s look at a King Market and an example of a Gorilla Game.Personal computers and laptops – Back in the early 1980s, when PCs burst onto the scene, many players emerged that sold personal computers, such as these:

  • Dell
  • Gateway
  • IBM
  • Hewlett Packard

I don’t know about you, but whenever I buy a computer, I go to the store, see which computer is the cheapest and has the features I want, and pull the trigger regardless of the brand. This is the perfect example of a King Market. It is difficult to differentiate yourself and stand out, and there is little to no brand loyalty among consumers.Personal computer operating systems – Whenever I buy a new computer, I make sure that the computer comes with Microsoft Windows, the undisputed market leader in the space. Yes, the Macintosh operating system has been around for a long time. Linux has been around for a while, making some noise. The Google Chrome operating system is making some inroads, especially in the educational market. But ever since it was launched in November 1985, Microsoft Windows has kept the lion’s share of the market (or should we say the gorilla’s share?).Of course, this is a subjective opinion, but I believe we are witnessing the biggest Gorilla Game in the history of computing with the advent of cloud computing. This is the mother of all competitive wars. Cloud vendors are not only competing to provide basic services, such as compute and storage but are continuing to build more services on top of these core services to lock in their customers further and further. Vendor lock-in is not necessarily a bad thing. Lock-in, after all, is a type of golden handcuff. Customers stay because they like the services they are being offered. But customers also realize that as they use more and more services, it becomes more and more expensive to transfer their applications and workloads to an alternate cloud provider.Not all cloud services are highly intertwined with their cloud ecosystems. Take these scenarios, for example:

  • Your firm may be using AWS services for many purposes, but they may be using WebEx, Microsoft Teams, Zoom, or Slack for their video conference needs instead of Amazon Chime. These services have little dependency on other underlying core infrastructure cloud services.
  • You may be using Amazon Sagemaker for artificial intelligence and machine learning projects, but you may be using the TensorFlow package in Sagemaker as your development kernel, even though Google maintains TensorFlow.
  • If you are using Amazon RDS and choose MySQL as your database engine, you should not have too much trouble porting your data and schemas over to another cloud provider that supports MySQL if you decide to switch over.

It will be a lot more difficult to switch to some other services. Here are some examples:

  • Amazon DynamoDB is a NoSQL proprietary database only offered by AWS. If you want to switch to another NoSQL database, porting it may not be a simple exercise.
  • Suppose you are using CloudFormation to define and create your infrastructure. In that case, it will be difficult, if not impossible, to use your CloudFormation templates to create infrastructure in other cloud provider environments. Suppose the portability of your infrastructure scripts is important to you, and you are planning on switching cloud providers. In that case, Terraform by HashiCorp may be a better alternative since Terraform is cloud-agnostic.
  • Suppose you have a graph database requirement and use Amazon Neptune (the native Amazon graph database offering). You may have difficulty porting out of Amazon Neptune since the development language and format can be quite dissimilar if you decide to use another graph database solution like Neo4j or TigerGraph.
  • As far as we have come in the last 15 years with cloud technologies, I believe. I think vendors realize that these are the beginning innings, and locking customers in right now while still deciding who their vendor is will be a lot easier than trying to do so after they pick a competitor.

However, looking at a cloud-agnostic strategy has its pros and cons. You want to distribute your workload between cloud providers to have competitive pricing and keep open your option like old days. But each cloud has different networking needs, and connecting distributed workloads between clouds to communicate with each other is a complex task. Also, each major cloud provider like AWS, Azure, and GCP has a breadth of services, and building a workforce with all three-skill sets is another charge. Finally, Cloud-like AWS provides you economy of scale, which means the more you use, the price goes down, which may not benefit you if you choose multi-cloud. Again, it doesn’t mean you cannot choose a multi-cloud strategy, but you have to think about logical workload isolation. It will not be wise to run the application layer in one cloud and the database layer in other, but you can think about logical isolation like running the analytics workload and application workload in a separate cloud.A good example of one of those make-or-break decisions is the awarding of the Joint Enterprise Defense Infrastructure (JEDI) cloud computing contract by the Pentagon. JEDI is a $10 billion 10-year contract. As big as that dollar figure is, even more important is that it would be nearly impossible for the Pentagon to switch to another vendor once the 10-year contract is up.Let’s delve a little deeper into how influential AWS currently is and how influential it has the potential to become.

The market share, influence, and adoption of AWS

It is hard to argue that AWS is not the gorilla in the cloud market. For the first nine years of AWS’s existence, Amazon did not break down its AWS sales and profits. As of January 2021, Microsoft does not fully break down its Azure revenue and profit in its quarterly reports. They disclosed their Azure revenue growth rate without reporting the actual revenue number instead of burying Azure revenues in a bucket called Commercial Cloud, which also includes items such as Office 365 revenue. Google has been cagey about breaking down its Google Cloud Platform (GCP) revenue for a long time. Google finally broke down its GCP revenue in February 2019.The reason cloud providers are careful about reporting these raw numbers is precise because of the Gorilla Game. Initially, AWS did not want to disclose numbers because it wanted to become the gorilla in the cloud market without other competitors catching the wind. And if Microsoft and Google disclosed their numbers, it would reveal the exact size of the chasm between them and AWS. This practice of most cloud providers leaves the rest of us guessing the exact market share and other numbers. AWS has done a phenomenal job of protecting their market share by adding more and more services, adding features to existing services, building higher-level functionality on top of the core services they already offer, and educating the masses on how to best use these services. We are in an exciting period when it comes to cloud adoption. Until a few years ago, many C-suite executives were leery of adopting cloud technologies to run their mission-critical and core services. A common concern was that they felt having on-premises implementations was more secure than running their workloads on the cloud.Most of them have become apparent that running workloads on the cloud can be just as secure as running them. There is no perfectly secure environment, and it seems that almost every other day, we hear about sensitive information being left exposed on the internet by yet another company. But having an army of security experts on your side, as is the case with the major cloud providers, will often beat any security team that most companies can procure on their own.The current state of the cloud market for most enterprises is a state of Fear Of Missing Out (FOMO). Chief executives are watching their competitors jumping on the cloud, and they are concerned that they will be left behind if they don’t leap.Additionally, we see an unprecedented level of disruption in many industries propelled by the power of the cloud. Let’s take the example of Lyft and Uber. Both companies rely heavily on cloud services to power their infrastructure, and old-guard companies in the space, such as Hertz and Avis, that depend on older on-premises technology are getting left behind. Part of the problem is the convenience that Uber and Lyft offer by being able to summon a car on demand. Also, the pandemic that swept the world in 2020 did not help. But the inability to upgrade their systems to leverage cloud technologies undoubtedly played a role in their diminishing share of the car rental market.Let’s continue learning some of the basic cloud terminologies and AWS terminology.

Basic cloud and AWS terminology

There is a constant effort by technology companies to offer common standards for certain technologies while providing exclusive and proprietary technology that no one else offers. An example of this can be seen in the database market. The Standard Query Language (SQL) and the ANSI-SQL standard have been around for a long time. The American National Standards Institute (ANSI) adopted SQL as the SQL-86 standard in 1986. Since then, database vendors have continuously supported this standard while offering various extensions to make their products stand out and lock in customers to their technology.Cloud providers provide the same core functionality for a wide variety of customer needs, but they all feel compelled to name these services differently, no doubt in part to try to separate themselves from the rest of the pack. As an example, every major cloud provider offers to compute services. In other words, it is simple to spin up a server with any provider, but they all refer to this compute service differently:

  • AWS uses Elastic Cloud Computing (EC2) instances.
  • Azure uses Azure Virtual Machines.
  • GCP uses Google Compute Engine.

The following tables give a non-comprehensive list of the different core services offered by AWS, Azure, and GCP and the names used by each of them:

 Figure 1.2 – Cloud provider terminology and comparison (part 1)

These are some of the other services, including serverless technologies services and database services:

 Figure 1.3 – Cloud provider terminology and comparison (part 2)

These are additional services:

 Figure 1.4 – Cloud provider terminology and comparison (part 3)

If you are confused by all the terms in the preceding tables, don’t fret. We will learn about many of these services throughout the book and when to use them.The next section will learn why cloud services are becoming popular and why AWS adoption is prevalent.

Why is cloud computing so popular?

Depending on who you ask, some estimates peg the global cloud computing market at around USD 445 billion in 2021, growing to about USD 950 billion by 2026. This implies a Compound Annual Growth Rate (CAGR) of around 17% for the period.There are multiple reasons why the cloud market is growing so fast. Some of them are listed here:

  • Elasticity
  • Security
  • Availability
  • Faster hardware cycles
  • System administration staff
  • Faster time to market
  • Access to emerging technologies

Let’s look at the most important one first.

Elasticity

Elasticity may be one of the most important reasons for the cloud’s popularity. Let’s first understand what it is.Do you remember the feeling of going to a toy store as a kid? There is no feeling like it in the world. Puzzles, action figures, games, and toy cars are all at your fingertips, ready for you to play with them. There was only one problem: you could not take the toys out of the store. Your mom or dad always told you that you could only buy one toy. You always had to decide which one you wanted, and invariably, after one of two weeks of playing with that toy, you got bored with it, and the toy ended up in a corner collecting dust, and you have left longing for the toy you didn’t choose.What if I told you about a special, almost magical, toy store where you could rent toys for as long or as little as you wanted, and the second you got tired with the toy, you could return it, change it for another toy, and stop any rental charges for the first toy? Would you be interested?The difference between the first traditional store and the second magical store is what differentiates on-premises environments and cloud environments.The first toy store is like setting up infrastructure in your own premises. Once you purchase a piece of hardware, you are committed to it and will have to use it until you decommission it or sell it at a fraction of what you paid for it.The second toy store is analogous to a cloud environment. If you make a mistake and provision a resource that’s too small or too big for your needs, you can transfer your data to a new instance, shut down the old instance, and, importantly, stop paying for that instance.More formally defined, elasticity is the ability of a computing environment to adapt to changes in workload by automatically provisioning or shutting down computing resources to match the capacity needed by the current workload.In AWS and the main cloud providers, resources can be shut down without having to terminate them completely, and the billing for resources will stop if the resources are shut down.This distinction cannot be emphasized enough. Computing costs in a cloud environment on a per-unit basis may even be higher than on-premises prices, but the ability to shut resources down and stop getting charged for them makes cloud architectures cheaper in the long run, often in a quite significant way. The only time absolute on-premises costs may be lower than cloud costs is when workloads are extremely predictable and consistent. Let’s look at exactly what this means by reviewing a few examples.

Web storefront

A famous use case for cloud services is to use it to run an online storefront. Website traffic in this scenario will be highly variable depending on the day of the week, whether it’s a holiday, the time of day, and other factors—almost every retail store in the USA experiences more than a 10x user workload during Thanksgiving week. The same goes for boxing day in the UK, Diwali in India, Single day in china, and almost every country has some shopping festival. This kind of scenario is ideally suited for a cloud deployment. In this case, we can set up resource auto-scaling that automatically scales up and down compute resources as needed. Additionally, we can set up policies that allow database storage to grow as needed.

Apache Spark and Hadoop workloads

The popularity of Apache Spark and Hadoop continues to increase. Many Spark clusters don’t necessarily need to run consistently. They perform heavy batch computing for a period and then can be idle until the next batch of input data comes in. A specific example would be a cluster that runs every night for 3 or 4 hours and only during the working week.In this instance, you need decoupled compute and data storage where you can shutdown resources that may be best managed on a schedule rather than by using demand thresholds. Or, we could set up triggers that automatically shut down resources once the batch jobs are completed. AWS provides that flexibility where you can store your data in Amazon Simple Storage Service (S3) and spin-up Amazon Elastic Map-reduce cluster (EMR) to run spark jobs and shut them down after storing results back in decoupled Amazon S3. You will learn more about these services in upcoming chapters.

Employee workspace

In an on-premise setting, you provide a high configuration desktop/laptop to your development team and pay for 24 hours, including weekends. However, they are using one-fourth of capacity considering eight hrs. workday. Cloud provides workspaces accessible by low configuration laptop, and you can schedule them to stop during off-hours and weekends, saving almost 70% of the cost.Another common use case in technology is file and object storage. Some storage services may grow organically and consistently. The traffic patterns can also be consistent. This may be one example where using an on-premises architecture may make sense economically. In this case, the usage pattern is consistent and predictable.Elasticity is by no means the only reason that the cloud is growing in leaps and bounds. The ability to easily enable world-class security for even the simplest applications is another reason why the cloud is becoming pervasive. Let’s understand this at a deeper level.

Security

The perception of on-premises environments being more secure than cloud environments was a common reason companies big and small would not migrate to the cloud. More and more enterprises now realize that it is tough and expensive to replicate the security features provided by cloud providers such as AWS. Let’s look at a few of the measures that AWS takes to ensure the security of its systems.

Physical security

You probably have a better chance of getting into the Pentagon without a badge than getting into an Amazon data center. AWS data centers are continuously upgraded with the latest surveillance technology. Amazon has had decades to perfect its data centers’ design, construction, and operation.AWS has been providing cloud services for over 15 years, and they have an army of technologists, solution architects, and some of the brightest minds in the business. They are leveraging this experience and expertise to create state-of-the-art data centers. These centers are in nondescript facilities. You could drive by one and never know what it is. It will be extremely difficult to get in if you find out where one is. Perimeter access is heavily guarded. Visitor access is strictly limited, and they always must be accompanied by an Amazon employee.Every corner of the facility is monitored by video surveillance, motion detectors, intrusion detection systems, and other electronic equipment. Amazon employees with access to the building must authenticate themselves four times to step on the data center floor.Only Amazon employees and contractors that have a legitimate right to be in a data center can enter. Any other employee is restricted. Whenever an employee does not have a business need to enter a data center, their access is immediately revoked, even if they are only moved to another Amazon department and stay with the company. Lastly, audits are routinely performed and are part of the normal business process.

Encryption

AWS makes it extremely simple to encrypt data at rest and data in transit. It also offers a variety of options for encryption. For example, for encryption at rest, data can be encrypted on the server-side, or it can be encrypted on the client-side. Additionally, the encryption keys can be managed by AWS, or you can use keys that are managed by you using tamper-proof appliances like Hardware Security Module (HSM). AWS provides you with dedicated cloud HSM to secure your encryption key if you want one.

AWS supports compliance standards.

AWS has robust controls to allow users to maintain security and data protection. We’ll be discussing how AWS shares security responsibilities with their customers, but the same is true with how AWS supports compliance. AWS provides many attributes and features that enable compliance with many standards established in different countries and organizations. By providing these features, AWS simplifies compliance audits. AWS enables the implementation of security best practices and many security standards, such as these:

  • STAR
  • SOC 1/SSAE 16/ISAE 3402 (formerly SAS 70)
  • SOC 2
  • SOC 3
  • FISMA, DIACAP, and FedRAMP
  • PCI DSS Level 1
  • DOD CSM Levels 1-5
  • ISO 9001 / ISO 27001 / ISO 27017 / ISO 27018
  • MTCS Level 3
  • FIPS 140-2
  • I TRUST

In addition, AWS provides enables the implementation of solutions that can meet many industry-specific standards, such as these:

  • Criminal Justice Information Services (CJIS)
  • Family Educational Rights and Privacy Act (FERPA)
  • Cloud Security Alliance (CSA)
  • Motion Picture Association of America (MPAA)
  • Health Insurance Portability and Accountability Act (HIPAA)

Another important thing that can explain the meteoric rise of the cloud is how you can stand up to high-availability applications without paying for the additional infrastructure needed to provide these applications. Architectures can be crafted to start additional resources when other resources fail. This ensures that we only bring additional resources when necessary, keeping costs down. Let’s analyze this important property of the cloud in a deeper fashion.

Availability

When we deploy infrastructure in an on-premises environment, we have two choices. We can purchase just enough hardware to service the current workload or ensure that there is enough excess capacity to account for any failures. This extra capacity and eliminating single points of failure is not as simple as it may seem. There are many places where single points of failure may exist and need to be eliminated:

  • Compute instances can go down, so we need a few on standby.
  • Databases can get corrupted.
  • Network connections can be broken.
  • Data centers can flood or hit by earthquakes.

Using the cloud simplifies the “single point of failure” problem. We have already determined that provisioning software in an on-premises data center can be long and arduous. Spinning up new resources can take just a few minutes in a cloud environment. So, we can configure minimal environments knowing that additional resources are a click away.AWS data centers are built in different regions across the world. All data centers are “always-on” and deliver services to customers. AWS does not have “cold” data centers. Their systems are extremely sophisticated and automatically route traffic to other resources if a failure occurs. Core services are always installed in an N+1 configuration. In the case of a complete data center failure, there should be the capacity to handle traffic using the remaining available data centers without disruption.AWS enables customers to deploy instances and persist data in more than one geographic region and across various data centers within a region. Data centers are deployed in fully independent zones. Each data center is constructed with enough separation between them such that the likelihood of a natural disaster affecting two of them simultaneously is very low. Additionally, data centers are not built in flood zones.Data centers have discrete Uninterruptable Power Supplies (UPSes) and onsite backup generators to increase resilience. They are also connected to multiple electric grids from multiple independent utility providers. Data centers are connected redundantly to multiple tier-1 transit providers. Doing all this minimizes single points of failure.

Faster hardware cycles

When hardware is provisioned on-premises, it starts becoming obsolete from the instant that it is purchased. Hardware prices have been on an exponential downtrend since the first computer was invented, so the server you bought a few months ago may now be cheaper, or a new version of the server may be out that’s faster and still costs the same. However, waiting until hardware improves or becomes cheaper is not an option. A decision needs to be made at some point to purchase.Using a cloud provider instead eliminates all these problems. For example, whenever AWS offers new and more powerful processor types, using them is as simple as stopping an instance, changing the processor type, and starting the instance again. In many cases, AWS may keep the price the same or even cheaper when better and faster processors and technology become available, especially with their own preoperatory technology like the Graviton chip.

System administration staff

An on-premises implementation may require a full-time system administration staff and a process to ensure that the team remains fully staffed. Cloud providers can handle many of these tasks by using cloud services, allowing you to focus on core application maintenance and functionality and not have to worry about infrastructure upgrades, patches, and maintenance.By offloading this task to the cloud provider, costs can come down because the administrative duties can be shared with other cloud customers instead of having a dedicated staff.

The Six pillars of a well-architected framework

That all leads us nicely into this section. The cloud, in general, and AWS, in particular, are so popular because they simplify the development of well-architected frameworks. If there is one must-read AWS document, titled AWS Well-Architected Framework, which spells out the six pillars of a well-architected framework. The full document can be found here:https://docs.aws.amazon.com/wellarchitected/latest/framework/welcome.html AWS provides Well-Architected Review (WAR) Tool, which provides prescriptive guidance about each pillar to validate your workload against architecture best practices and generate a comprehensive report. Please find a glimpse of the tool below:

To kick off a well-architected review for your workload, first, you need to provide the workload information such as name, environment type (production or pre-production), AWS workload hosting regions, industry, reviewer name, etc. After submitting the information, you will see in the above WAR tool screenshot that there is a set of questions in relation to each well-architected pillar with the option to select what is most relevant to your workload. AWS provides prescriptive guidance and various resources to apply architecture best practices against each question asked on the right navigation.As AWS has provided detailed guidance for each WAR pillar in their document, let’s look at the main points about the six pillars of a well-architected framework.

The first pillar – Security

Security should always be a top priority in both on-premises and cloud architectures. All security aspects should be considered, including data encryption and protection, access management, infrastructure security, network security, monitoring, and breach detection and inspection.

  • To enable system security and to guard against nefarious actors and vulnerabilities, AWS recommends these architectural principles:
  • Implement a strong identity foundation
  • Enable traceability.
  • Apply security at all levels.
  • Automate security best practices.
  • Protect data in transit and at rest:
  • Keep people away from data:
  • Prepare for security events:

You can find the security pillar checklist from Well-Architected Tool below, which has ten questions with one or more options relevant to your workload:The next pillar, reliability, is almost as important as security, as you want your workload to perform its business function consistently and reliably.

The second pillar – Reliability

Another characteristic of a well-architected framework is minimizing or eliminating single points of failure. Ideally, every component should have a backup. The backup should be able to come online as quickly as possible and in an automated manner, without human intervention. Self-healing is another important concept to attain reliability. An example of this is how Amazon S3 handles data replication. At any given time, there are at least six copies of any object stored in Amazon S3. If, for some reason, one of the resources storing one of these copies fails, AWS will automatically recover from this failure, mark that resource as unavailable, and create another copy of the object using a healthy resource to keep the number of copies at six. The well-architected framework paper recommends these design principles to enhance reliability:

  • Automatically recover from failure
  • Test recovery procedures
  • Scale horizontally to increase aggregate workload availability
  • Stop guessing capacity
  • Manage change in automation

You can find the reliability pillar checklist from Well-Architected Tool below:

To retain the users, you need your application to be high performant and respond within seconds or milliseconds as per the nature of your workload. This makes performance a key pillar when building your application. Let’s learn more details on performance efficiency.