Cloud Security Principles and Frameworks - focodecided/ops401-cybersecurity GitHub Wiki
Explain the levels of abstraction in AWS to someone without a technical background.
In simple terms, abstraction refers to hiding complex details and only showing what's necessary to the user. AWS offers different levels of abstraction for computing services based on how much complexity users want to handle:
At the lowest level, AWS provides virtual machines (called EC2 instances) where the user has to manage everything related to installing and maintaining the operating system, applications, security etc. This offers flexibility but requires more effort.
At higher abstraction levels, AWS takes care of more complexity behind the scenes so the user doesn't have to worry about it. This makes things simpler but reduces flexibility. Examples are containers which bundle together applications and their dependencies, and serverless computing (AWS Lambda) where AWS runs short snippets of code automatically without users managing any servers.
So in essence, higher AWS abstraction levels allow less technical users to focus on their business logic rather than managing infrastructure. The tradeoff is reduced control and customization ability.
What are the control plane and data plane responsible for in container abstraction?
The control plane handles deploying and managing containers lifecycles - things like starting, monitoring and stopping containers. AWS offers fully managed control plane services like ECS and EKS.
The data plane provides the actual compute capacity for containers to run on, traditionally clusters of Amazon EC2 virtual machines. With a recent service called AWS Fargate, AWS now also offers managed data plane for containers, removing the need for users to provision and manage EC2 clusters.
Control plane manages containers, data plane provides the infrastructure for containers.
Where does AWS Lambda fall in the layers of abstraction and what makes it so special?
AWS Lambda offers the highest level of abstraction where users just provide code snippets while AWS runs them automatically without worrying about servers at all. This auto-scaling serverless model allows very simplified and cost-efficient computing.
What makes Lambda special is its event-driven execution model. Lambda functions can be triggered automatically to run in response to lifecycle events in various AWS services rather than having to be called directly. This enables innovative event-driven architectures and automation workflows.
Lambda offers the highest abstraction on AWS and its event-driven serverless capabilities make it very unique.