Day 20: AWS Services for Windows
AWS Cloud Practitioner With Neel Patel
Windows on AWS
Windows Servers on EC2
You can select from a number of Windows Server versions including the latest version, Windows Server 2019.
SQL Server on RDS
You can select from a number of SQL Server database versions.
AWS Directory Service
Lets you run Microsoft Active Directory (AD) as a managed service.
AWS License Manager
Makes it easier to manage your software licenses from software vendors such as Microsoft.
Amazon FSx for Windows File Server
A fully managed scalable storage built for Windows.
AWS Software Development Kit (SDK)
Allows you to write code in your favorite language to interact with AWS API. The SDK supports .NET, a language favorite for Windows Developers.
Amazon WorkSpaces
Allows you to run a virtual desktop. You can launch a Windows 10 desktop to provide a secure and durable workstation that is accessible from anywhere you have an internet connection.
AWS Lambda
Supports PowerShell as a programming language to write your serverless functions.
AWS Migration Acceleration Program (MAP) for Windows
A migration methodology for moving large enterprises. AWS has Amazon Partners that specialize in providing professional services for MAP.
AWS License Manager
What is Bring-Your-Own-License? (BYOL)
The process of reusing an existing software license to run vendor software on a cloud vendor's computing service. BYOL allows companies to save money since they may have purchased the license in bulk or at a time that provided a greater discount than if purchased again.
- e.g., License Mobility is for Microsoft Volume Licensing customers with eligible server applications covered by active Microsoft Software Assurance (SA).
AWS License Manager Features
Makes it easier to manage your software licenses from software vendors centrally across AWS and your on-premises environments.
Manages software that is licensed based on virtual cores (vCPUs), physical cores, sockets, or the number of machines. This includes a variety of software products from Microsoft, IBM, SAP, Oracle, and other vendors.
Works with:
EC2: Dedicated Instances, Dedicated Hosts, Spot Instances
RDS: Only for Oracle databases
For Microsoft Windows Server and Microsoft SQL Server licenses, you generally need to use a Dedicated Host.
Logging Services
CloudTrail
Logs all API calls (SDK, CLI) between AWS services.
Examples:
Who created this bucket? Detect developer misconfiguration.
Who spun up that expensive EC2 instance? Detect malicious actors.
Who launched this SageMaker Notebook? Automate responses.
CloudWatch
A collection of multiple services:
CloudWatch Logs: A centralized place to store your cloud services log data or application logs.
CloudWatch Metrics: Represents a time-ordered set of data points. A variable to monitor.
CloudWatch Events (EventBridge): Triggers an event based on a condition, e.g., every hour take a snapshot of the server.
CloudWatch Alarms: Triggers notifications based on metrics.
CloudWatch Dashboard: Creates visualizations based on metrics.
AWS X-Ray: A distributed tracing system. Pinpoints issues with your microservices. See how data moves from one app to another, how long it took to move, and if it failed to move forward.
AWS CloudTrail
Enables governance, compliance, operational auditing, and risk auditing of your AWS account.
Monitors API calls and actions made on an AWS account.
Easily identify which user to monitor API calls and actions made on an AWS account.
Where: Source IP Address
When: EventTime
Who: UserAgent
What: Region, Resource, Action
Logs by default and collects logs for the last 90 days via Event History. For more than 90 days, you need to create a Trail.
To analyze a Trail, you can use:
Amazon CloudTrail Insights: Automatically detects and flags unusual API activity.
Amazon Athena: Allows you to run SQL queries on your CloudTrail logs for detailed analysis.
Trails are output to S3 and do not have a GUI like Event History.
CloudWatch Services
CloudWatch Alarms
Set alarms on specific metrics.
Notifies when metrics cross specified thresholds.
Can trigger actions like sending notifications or performing automated actions via AWS Lambda or Auto Scaling.
CloudWatch Metrics
Collects and tracks metrics for AWS services and custom metrics from your applications.
Provides a unified view of operational health.
Supports aggregation and mathematical transformations of metrics.
CloudWatch Logs
Collects and stores logs from AWS services, applications, and custom sources.
Supports real-time log monitoring, searching, and analysis.
Can create metrics from log data.
CloudWatch Events (EventBridge)
Delivers a near real-time stream of system events that describe changes in AWS resources.
Allows you to set rules to match events and route them to targets like AWS Lambda, SNS, SQS, or other AWS services.
CloudWatch Dashboards
Provides customizable visualizations of your metrics and logs.
Allows you to create dashboards to monitor operational health and performance in real time.
CloudWatch Synthetics
Allows you to create canaries, configurable scripts that monitor your endpoints and APIs.
Helps detect anomalies and measure performance continuously.
CloudWatch ServiceLens
Provides a single pane of glass for monitoring and tracing applications.
Integrates with AWS X-Ray to offer end-to-end observability for your application performance and dependencies.
CloudWatch Contributor Insights
Helps identify the top contributors impacting your system's performance.
Provides insights into high-cardinality data sets.
CloudWatch Container Insights
Provides monitoring and troubleshooting for containerized applications and microservices.
Integrates with Amazon ECS, EKS, and Kubernetes.
CloudWatch Application Insights
Monitors and troubleshoots application workloads.
Automatically discovers and sets up monitoring for applications running on AWS resources.
CloudWatch Alarms
Monitors a CloudWatch Metric based on a defined threshold.
When the alarm breaches (goes outside the defined threshold), it changes state.
When it changes state, we can define what action it should trigger.
Metric Alarm States:
OK: The metric or expression is within the defined threshold.
ALARM: The metric or expression is outside of the defined threshold.
INSUFFICIENT DATA: The alarm has just started, the metric is not available, or not enough data is available.
Anatomy of an Alarm:
Threshold Condition: Defines when a datapoint is breached.
Evaluation Periods: Number of previous periods.
Data point: Represents the metric's measurement at a given period.
Metric: The actual data we are measuring.
Networking: The volume of incoming network traffic measured in Bytes. When using 5-minute monitoring, divide by 300 to get Bytes/second.
Datapoints to alarm: 1 data point is breached in an evaluation period going back 4 periods. This is what triggers the alarm.
Period: How often it checks to evaluate the Alarm.
CloudWatch Logs - Log Streams
A log stream represents a sequence of events from an application or instance being monitored.
You can create Log Streams manually, but generally, this is automatically done by the service you are using.
Log Group for a Lambda function: Log Streams are named after the running instance. Lambdas frequently run on new instances, so the streams contain timestamps.
Log Group for application logs running on EC2: Log Streams are named after the running instance's Instance ID.
Log Group for AWS Glue: Log Streams are named after the Glue Jobs.
Log Event: Represents a single event in a log file. Log Events can be seen within a Log Stream.
You can use filter events to filter out logs based on simple or pattern-matching syntax.
Log Insights:
Enables you to interactively search and analyze your CloudWatch log data.
Advantages:
More robust filtering than using the simple Filter events in a Log Stream.
Less burdensome than exporting logs to S3 and analyzing them via Athena.
Supports all types of logs.
Commonly used via the console to do ad-hoc queries against log groups.
Has its own language: CloudWatch Logs Insights Query Syntax.
A single request can query up to 20 log groups.
Queries time out after 15 minutes if they have not completed.
Query results are available for 7 days.
AWS provides sample queries to get you started for common tasks, easing the learning of the Query Syntax. A good example is filtering VPC Flow Logs.
You can create and save your own queries to make future repetitive tasks easier.
CloudWatch Metrics
Represents a time-ordered set of data points. It’s a variable that is monitored over time.
Comes with many predefined metrics that are generally name-spaced by AWS Service.
EC2 Per-Instance Metrics:
CPUUtilization: The percentage of allocated EC2 compute units that are currently in use on the instance.
DiskReadOps: The number of completed read operations from all instance store volumes available to the instance.
DiskWriteOps: The number of completed write operations to all instance store volumes available to the instance.
DiskReadBytes: The number of bytes read from all instance store volumes available to the instance.
DiskWriteBytes: The number of bytes
