Unpacking the AWS Toolbox
June 14th, 2024 by Gage Pacifera
Amazon Web Services (AWS) can seem like a confusing mess the first time you are tasked with using it. The UI isn’t great, the categorization of concerns isn’t particularly intuitive and the rabbit hole of settings for every little thing goes deep.
But there are some good reasons for its popularity. AWS has a broad range of useful and powerful features and its scalable nature makes it a practical choice for projects big and small.
Harmonic Northwest has been working on a couple of web application projects lately that are built on AWS and we have had a chance to get a bit more familiar with the platform. I thought I’d share some info that might be useful to others who are new to it.
Where is my site?
AWS doesn’t organize things by website or particular project, but rather they steer you to their various service offerings individually. So if you have a website that uses AWS for the DNS records, hosting and database, you’re going to have to look in three different places to find and manage those individual parts of your site.
Where is my service?
The Recently visited list shows you services you have used lately, but it’s not a comprehensive list of services that might be used by your project. To find a service not on this list, your best bet is using the Search tool up top. And if you don’t know the name of the service you’re after, you can wade through their rather long list of All services.
What services does my application use?
There are a whole lot of AWS services, but most projects probably only use a handful. Here are some popular ones that were relevant to projects we’ve been working on:
- IAM — Stands for “Identity and Access Management”. This is where you manage users of your AWS account. You can assign user-level permissions to various servies, reset passwords and add or remove users here.
- Route 53 — This handles DNS and is comparable to the feature set of a standard registrar like NameCheap or GoDaddy.
- EC2 — These are the individual cloud servers you’ll likely be hosting your application on. You can connect to these servers via an online console in the AWS admin area.
- RDS — Stands for “Relational Database Service”. These are virtual servers that host database installations like MySQL or PostgreSQL. The data for your application is probably here.
- S3 — This is used for media storage. Images and videos from your website can live here.
- Elastic Beanstalk — This service manages clusters of servers for load balancing, scalability and multi-server applications.
- CodeCommit — This service acts as your Git repository for a project. You can use your commits to deploy your application. And you can employ adjacent services like CodeBuild and CodeDeploy to manage your build/deploy pipeline.
Security Groups
You’ll need to add entries to the security groups for your EC2 and RDS instances to allow developers to directly connect to those servers. Specifically, you’ll need to pick what kind of connection is needed (SSH, MySQL, etc.) and the IP the developer is working from. That IP will then be added to a whitelist.
The format required by AWS for these entries isn’t the most obvious. You’ll need to list the IP followed by “/32” to tell it to pay attention to all four parts. Use “/16” if you want it to allow for variation in the last two parts (i.e. 123.456.*.*).
Also note that you can use the same security groups for multiple servers, which can save you the hassle of applying the same rules to multiple servers.