What I have learned about Applications on AWS

This is the tenth post of content for preparing yourself for becoming an AWS Solutions Architect Associate.

In this post, we are going to focus on application features within AWS.

As I have done previously let’s look at the similarities and differences to the closest equivalent in Azure. As I go through this section, I will point out some of the similar platforms.

SQS - Simple Queue Service

• Oldest service in AWS

• Message queue service

• Temporary repository for processing messages

• Similar to Azure messaging service

• Decoupled of the applications, compute, or storage services.

• 256kb of text max to store in SQS. Larger messages are stored in S3.

• Retrieved with SQS API

Types of SQS queues

• Standard - nearly unlimited transactions per second

  • Multiples copies and out of order messages delivered, so application must be able to handle this

• FIFO - in sequence, only delivered once

  • Limited to 300 transitions per second

• Pull-based service, EC2 instance must be pulling queues

• Messages kept in queue 1 minute to 14 days. Default is 4 days.

• Visibility timeout - if job is not processed within the time period, the message becomes visible again. Max is 12 hours.

• Long polling - won’t return a response to EC2 until a message arrives to save cost.

Simple workflow service

• Different from SQS

• Coordinate work across multiple services and processing steps

• Applications and manual processes with executable code. Similar to Amazon ordering.

• Example use case is Warehouse orders.

• Workflow execution is up to one year

• Task oriented API

• Tasks assigned only once and never duplicated

• Keeps track of all tasks and events

SWF Actors

• Starters - initiate the workflow

• Deciders - flow of activities

• Activity workers - carry out the tasks

Simple notification service

• SNS - web service to send notifications from the cloud

• Push notifications to mobile devices

• Any HTTP endpoint

• SMS

• Topics - allows subscribers to multiple users

• Redundantly stored across AZ

• No polling

• PAYG

• Web based management console

• Similar to Azure Messaging Service

Elastic transcoder

Converting media files to different formats to play on different devices

Pay based on minutes and resolution

API gateway

• Fully managed service

• Doorway into AWS - front door to applications to access data and business logic

• Usually to communicate with Lambda functions

• Similar to Azure APIM

• Restful API from HTTP

• Scales effortlessly and automatically with traffic

• Runs efficiently with low choose

• Throttle requests to prevent attacks

Steps to deploy:

• Define an API

• Define resources and nested resources (URL paths)

• For each resource:

  • HTTP methods

  • Security settings

  • Targets

• Set request and response

API caching

• Reduces the number of calls for a response

Cross origin resource policy

• same origin policy. Protects against XSS by making sure that the web URL is from the same origin

CORS

• relaxes the same origin policy by allowing resource restriction on a web page to be requested from another domain

• Origin resource error means that CORS is not enabled

• Enforced by the browser

Kinesis

• Streaming data continuous from thousands of resources

• Small sizes of data (in KB)

• Transactional data
  • Purchases
  • Stock prices
  • Game data (as the gamer plays, levels, etc)
  • Social network data
  • Geospatial data (where you are in a map, ex: Uber)
  • IoT sensor data
• Platform to send the streaming data. Similar to Azure Streaming Service or even IoT Hub.

Three types of Kinesis:

• Kinesis Streams - Producers from multiple sources. Stores data 24 hours to 7 days. Data contained in individual Shards depending on the type of data. EC2 instances are the producers that analyze the data. Present the analyzed data to a storage account
• Kinesis Firehose - No persistent storage, must do something with the data as it comes in and outputs it to a storage account.
• Kinesis Analytics - Works with Streams and Firehose. Analyzes data on the fly to a storage account.

Web Identity Federation and Cognito

• Web Identity Federation - access to AWS resources using web-based identity providers (Amazon, Facebook, Google)

• Amazon Cognito is AWS’ Web Identity Federation
  • Acts as the identity broker
  • Synchronizes on multiple devices
  • Recommended for all mobile application development
  • Brokers between the App and the identity provider to provide a seamless experience
• User Pools - sign in directly to Cognito. Json web token (JWT) for successful authentication. User names and passwords.

• Identity Pools - provide temporary AWS credentials. Grants the AWS IAM role to access AWS resources. Granting of access and authorization to resources with the JWT.

• Push synchronization sends an SNS to all devices to synchronize any changes in Cognito.

Event Processing Patterns

• Event-drive architecture - Pub/Sub messaging - decoupling systems running in response to events. ex: SNS topics.

  • Publisher - Messages - SNS topic - Subscriber
• Dead-letter Queue (DLQ) - unclaimed messages
  • SNS - held for further analysis.
  • SQS - exceeds the maxReceiveCount
  • Lambda functions - failed runtimes in asynchronous functions

• Fanout Pattern - use SNS topics and replicates to multiple SQS queues for multiple subscribers.

• S3 Event Notifications - can be sent to multiple subscribers and destinations, such as SQS, SNS, and Lambda functions. Different events are:
  • Object created events
  • Object removed
  • Object restored
  • RRS Object lost
  • Replication

I hope that you are enjoying this information so far. It is helping me to continue to comprehend these services as I prepare for the exam myself. Thank you very much.

Reference links:

What I’ve Learned about IAM on AWS

https://captainhyperscaler.github.io/amazon-web-services/2022/03/20/aws-iam

What I’ve Learned about S3 on AWS

https://captainhyperscaler.github.io/amazon-web-services/2022/03/20/aws-s3

What I’ve Learned about EC2 on AWS

https://captainhyperscaler.github.io/amazon-web-services/2022/03/22/aws-ec2

What I’ve Learned about EBS on AWS

https://captainhyperscaler.github.io/amazon-web-services/2022/03/22/aws-ebs

What I’ve Learned about Cloudwatch on AWS

https://captainhyperscaler.github.io/amazon-web-services/2022/03/22/aws-cloudwatch

What I’ve Learned about RDS on AWS

https://captainhyperscaler.github.io/amazon-web-services/2022/03/22/aws-rds

What I’ve Learned about Route 53 on AWS

https://captainhyperscaler.github.io/amazon-web-services/2022/04/01/aws-dns

What I’ve Learned about VPC on AWS

https://captainhyperscaler.github.io/amazon-web-services/2022/04/01/aws-vpc

What I’ve Learned about High Availability on AWS

https://captainhyperscaler.github.io/amazon-web-services/2022/05/01/aws-ha

What I’ve Learned about Applications on AWS

https://captainhyperscaler.github.io/amazon-web-services/2022/05/02/aws-apps

What I’ve Learned about Security on AWS

https://captainhyperscaler.github.io/amazon-web-services/2022/05/03/aws-security

What I’ve Learned about Lambda and serverless on AWS

https://captainhyperscaler.github.io/amazon-web-services/2022/05/04/aws-serverless

Twitter  facebook  Email