Cloud Security Principles and Frameworks (AWS) - Salem73616C656D/reading-notes GitHub Wiki

Key Takeaways

AWS(and most clouds) are divided into two parts. Consumer Space(managed by customer) and Provider Space(managed by AWS).

Instance Abstraction: EC2, Lightsail

Container Abstraction: Elastic Container Service, Elastic Container Service for Kubernetes

Function Abstraction: AWS Lambda

Bare Metal Abstraction: Bare Metal

Full Container Abstraction: AWS Fargate

Modern containers-based solutions are usually implemented in two main logical pieces:

A containers **control plane** that is responsible for exposing the API and interfaces to define, deploy, and lifecycle containers. This is also sometimes referred to as the container orchestration layer.

A containers **data plane** that is responsible for providing capacity (as in CPU/Memory/Network/Storage) so that those containers can actually run and connect to a network. From a practical perspective this is typically a Linux host or less often a Windows host where the containers get started and wired to the network.

Vocabulary

No new vocabulary

Conclusion

AWS offers multiple services for virtualized cloud resources, with as little or as much AWS involvement that you want.