How to set up Amazon Web Services for your small business

Been reading about what the cloud has to offer? We take a closer look at how you can leverage Amazon Web Services to run a data-driven website.

1 2 Page 2
Page 2 of 2

Architecting for uptime

If you’re assuming that cloud computing means it’ll never fail, think again. While many services inside AWS are highly reliable, and AWS does offer certain capabilities that make it easier to recover from an outage, you must plan and engineer for reliability as part of your deployment.

For example, bugs were recently discovered in the underlying Xen hypervisor used by AWS, and some AWS machines had to be rebooted as part of the patching process. Also, the physical servers that do the work on the backend can, and do, fail. Without automatic safeguards built in, websites built on AWS can behave unexpectedly or even become unavailable when servers crash or reboot on the backend.

In general, you should ensure important sites can run from more than one availability zone (AZ) within a region. Typically, this entails having the database backend set up for multi-AZ deployment from the get-go. Similar to how having more than one database server in an on-premises deployment is more expensive, expect to pay more when you choose a multi-AZ database option.

The most typical setup entails setting up an Elastic Load Balancer (ELB) to distribute incoming application traffic across multiple compute instances. Traffic can be automatically diverted from unhealthy instances to healthy ones, which could span across multiple AZs in the event of a catastrophic failure of a particular AZ.

Don’t forget security

AWS takes security seriously, which is no surprise considering you can set up literally hundreds of production servers – or tear them down – with the click of a mouse. For example, at least one promising start-up was wiped away after a hacker broke into its Amazon EC2 control panel and basically erased the entire infrastructure.

[Related: 7 steps to protect your business from cybercrime]

To better manage security, AWS recommends setting up users with limited permissions to manage the resources under their charge, as opposed to a “root” user with unlimited access. Just like in a typical Linux system, users can be allocated to groups, while additional roles can be created and assigned to users or groups.

aws mfa hardware

AWS supports both virtual and, as shown by this Gemalto fob, hardware-based MFA.

In addition, AWS also offers multifactor authentication (MFA), which is available as in both hardware and virtual options. For hardware MFA, AWS supports security fobs manufactured by Gemalto, a third-party provider. Alternatively, a virtual MFA app is supported, with Google Authenticator supported as an option on Android, iPhone and BlackBerry, and an AWS Virtual MFA app on Android.

Monitoring your cost

Finally, the aspect of cloud computing that you probably hear about the most is its capability to reduce infrastructure cost. As businesses are slowly finding out, however, the corresponding increase in operational costs can in certain circumstances exceed the cost of an on-premises deployment in relatively short order.

To help users gain greater insights into the cost of their cloud deployments, AWS devised a monthly calculator where users can compute the cost of their deployments based on the services that they use, according to their estimated disk and network usage levels. This can help businesses decide if they can do without certain levels of reliability or services.

Businesses looking to optimize their cost based on their existing deployment, and are certain of their usage levels may decide to purchase either a “spot” or “reserved” compute instance. In a nutshell, the former allows businesses to leverage unused compute capacity for a lower price, while the latter lets businesses pre-book and/or pre-pay in advance for the same. For obvious reasons, spot instances may not always be available in a particular region.

aws reserved instance

You can pre-book capacity up to three years in advance, and pre-pay varying amounts so as to command a better price.

[AWSReservedInstance.jpg. Caption: “You can pre-book capacity up to three years in advance, and pre-pay varying amounts so as to command a better price.”]

AWS itself offers a Trusted Advisor service to help tweak various aspect of an AWS deployment, including security and keeping cost optimized. However, a paid support plan is required to unlock all recommendations.

We’ve only covered the tip of the iceberg in terms of the possibilities available on AWS, but this should point you in the right direction in deciding if you’d like to go with AWS, and to start asking the right questions on how to proceed next.

Copyright © 2015 IDG Communications, Inc.

1 2 Page 2
Page 2 of 2
FREE Download: Get the Spring 2019 digital issue of CIO magazine!