AWS (Amazon Web Services) is overwhelming. If you’re new to AWS you’ll know all too well the feeling of being lost and not knowing where to start. Today, we’re going to change that. We’re going to clear the mist of uncertainty and discuss everything you need to know to begin your learning journey on AWS.
Today we’ll talk about three things that will help you start learning AWS. And they are: focusing on the core services, getting hands-on and structuring your learning. We’ll go through each area in a decent amount of detail, so that you have a great starting point for your learning.
By the end of this article you’ll have an understanding of the core services of AWS, how to structure your learning around them and how to get up and running with some hands on experimentation.
Last week, I attended an AWS Game day. An AWS Game day is an organised event designed to be a fun hands-on way to learn AWS…
— Lou 🎅🏽 (@loujaybee) November 7, 2019
The game day was pretty impressive. The organisers setup various different AWS accounts with different services setup for the teams to experiment with. The goal was for each team to build services and consuming other teams services.
As I sat there, with our teams junior developer, I was again reminded just how overwhelming AWS is. As we flicked back and forth between areas looking at our running servers, setting up new lambda functions, debugging application logs and system logs I can’t really imagine how anyone could mentally keep track.
I found myself promising that I’d go back and explain the various services. But as always, it’s hard to find the time. The whole experience got me thinking: if I were to learn AWS again, how I would approach it. And after giving it some thought, my advice comes down to three things.
So today we’re going to discuss the three things and give you a head start for learning AWS. Sound good? Then let’s start by discussing what AWS is.
What Is AWS?
AWS stands for Amazon Web Services. AWS is a range of computing products that allow you to operate tasks in the cloud, on demand. And currently, AWS have the biggest service offering of the cloud market, so you have everything from databases, to event queues, to basic website hosting.
But, AWS is designed to be quite low-level. It’s not designed for the casual website builder. AWS is built for large enterprises to build their entire business on. And for that reason, it’s not particularly easy to get started with.
Not only is AWS low-level, but there are many different services, and most of them even substitute each other. Which gives you many different choices, but the choice is only useful if you understand all the different services, and how they work.
So given that we’ve got our work cut out for us, with all these different services, it begs the question: Where do we start? If we want to approach learning on AWS, with such a wide range of areas that we need to learn, what should we tackle first? Let’s cover that now…
Where to Start Learning AWS?
Do you remember that I mentioned the three things you should focus on when learning AWS? Let’s introduce those tips now, and they are:
- Learn core AWS services first
- Prioritise hands-on learning
- Structure your learning
Don’t worry if these seem a bit high level, because we’ll dive into each point with a lot of detail. And speaking of diving in, let’s jump straight in and take a look at the first bullet point: learning core services first.
Tip 1: Learn Core AWS Services First
Within AWS many services are built on, or around other services. By now you might be thinking what I mean by “core services”, or how services are “built on” other ones, right? The best way to understand how services built on one another is to take an example, so let’s do that.
AWS has a service called ECS (Elastic Container Service). ECS allows you to run container based services. When you run services on ECS, you can configure the host for your containers to run on. And one of the options is to run your host on EC2 (Elastic Cloud Compute). In this scenario, EC2 is the core service. And without knowing EC2, it’s going to make learning ECS is more difficult.
Do you see what I mean? There are certain services that if you learn them, make interacting with all the other services more simple. All of the other services in AWS are sort of periphery services, that compliment or build on the others.
And that’s why when it comes to learning AWS it’s really important that you learn the core services. If you spend too much time learning periphery services, you’ll struggle to see how the pieces fit together and you’ll generally have a more difficult learning experience.
So I imagine by now you must be thinking: what are those core services then? And they are: EC2, IAM and S3. But, I promised you we’d go into details, so let’s go through and understand what each of those service does, and why it’s a core service…
What is EC2?
We had to start with EC2.
EC2 is the flagship AWS product, and it’s where most of current AWS revenue comes from. So you might be wondering: Why is EC2 so popular? What does it do that’s so great?
Let’s start with the name: EC2 stands for Elastic Compute Cloud (I won’t get caught up discussing the terrible name). Think of EC2 as a way to run a computer in the cloud. You can launch Linux machines, or Windows machines all on top of EC2. EC2 is having a computer at the push of a button.
So let’s get back to our earlier question, why is EC2 so popular? And the answer is: flexibility. On EC2 you can run many different types of workloads. You can install WordPress, to run a website. Or you can install a database and store data, all directly on an EC2 machine. In fact, nearly everything you can imagine can be ran on EC2.
But you might be wondering: If EC2 is so flexible, why don’t we run everything on EC2 and not have all these other services? And that’s a big question, but the short answer is that the other services are more tailored. For instance, you can run a database on EC2, but you’ll need to manage it yourself. So AWS offer their service, RDS which takes away some of the headache of maintaining your own database. But guess what? AWS run it under the hood on EC2!
We could talk for a long time about EC2, but take my word for it: EC2 is very much a core service, and it’s worth your time to understand the nuances of how it works. But, we can’t only run machines in AWS, we’ll need other tools such as user permissions. And that’s where IAM comes in…
What is IAM?
AWS IAM is how you manage permissions and access in AWS. In order to launch your EC2 instance from before, you need to have a user that has the appropriate access to do so. And to get access you need to use AWS IAM.
But, IAM is deceptively complex. IAM isn’t only how users get access to do things in AWS, it’s also how you grant machines to talk to each other. For instance, if we look at EC2 again, an EC2 machine can be assigned a role. And that role then governs what that EC2 can and can’t do. Do you see what I mean about IAM being a core service?
So let’s say that you do start digging into IAM, what should you be looking to learn? And the answer is: understanding the different IAM objects and their relationships. Within IAM you’ve got: users, groups, roles and policies and they’re all related somehow. Let me give you an example…
A user can be in a group, and that group can have access policies which are granted to the user. But, a user can also have policies directly. Both of these approaches have pro’s and con’s. For instance, attaching a policy to a user directly means that you’ll have to update many users if you want to give them the same permissions. Understanding these nuances is key to getting your head around IAM.
Again, I hope you can start to see why IAM is a core service, and why it should be worth your time to learn. But with EC2 and IAM in the bag, let’s move on now to the third core service, and that’s S3. But what is S3?
What is S3?
S3 is another deceptively versatile service, which allows you to store files in a flexible way. S3 can be used to host websites, store assets such as images, and even log files for your application. If you ever need simple persistence for files, S3 is probably the answer.
The reason that S3 is a core service to wrap your head around is again because of it’s versatility. Remember when we talked about services being built on or around others? Let me give you a few examples where S3 is the basis for other AWS services.
For instance, if you want to use AWS Redshift (a querying tool) you’ll need to put your data in S3. Want to get access logs for your AWS account? The data will be in S3. Want a backup of your RDS database? S3 again. Want to host a static website? S3. Want to turn on logs for your load balancer? Yep, you guessed it: S3.
Okay, you get the point. But in summary, so many services in AWS are built around S3. So it makes sense to learn S3 first, otherwise working with other AWS services will be more difficult when you suddenly realise that you need to understand how S3 works to be productive.
And with that discussion about S3, that wraps up this whole section on core services. But, before we move on, let’s just briefly talk about some of the other services at a high level…
What Other AWS Services Should You Keep an Eye On?
It was a tough choice picking the “core” services, as it will depend on your industry and company which services you use. But almost certain that you’ll be using EC2, IAM and S3 at some point. But, they’re not the only services, so let’s quickly give a hat-tip to the other services that should be next on your hit list after those three. And they are…
- CloudWatch — The built-in AWS monitoring tool.
- Route 53 — Domain purchasing and DNS routing. Allows you to point your website or server to a domain name.
- RDS — The AWS hosted database solutions. Has a range of databases from SQL to document-based.
- CloudFormation — AWS built-in Infrastructure as Code. Create resources by writing your infrastructure as a JSON template and tell AWS to create it.
And that concludes part one, which is to focus on core services. The take home point is: AWS has central services that the other services depend on. If you establish which services these are, and prioritise focusing your time and energy on those, you’re going to get to grips with AWS much faster.
Now that you know the core services, you’ll want to know a place to start learning. But, before you dive in there are a few things you should know so that you don’t make some fatal mistakes in your setup…
Tip 2: Get Hands on With AWS
Put simply: the best way to get setup and learning AWS is by getting hands-on.
But in order to get hands-on, you’ll need to ensure that everything in your account is setup correctly. Many first-time users of AWS make the same mistakes. Their mistakes usually lead to them getting a large bill, or getting their accounts hacked simply because they didn’t know about a few precautionary steps they should take to secure their accounts.
Unfortunately everything doesn’t simply come out of the box with AWS, so you’re going to have to put in some work to get your account setup.
But before we dive into the details, let me just share with you what we’re going to talk about:
- The root account, and why you shouldn’t use it.
- Access keys, and why you should be very careful where you store them.
- MFA, and how it protects your account from getting hacked.
- Infrastructure As Code, and how it makes your hands-on learning easier.
Sound good? Okay, let’s jump in…
The Root Account
Your root account is the one you sign up to AWS with. The reason the root account is so important is because it has god access to everything. If your root account is compromised the attacker can do pretty much whatever they want.
To counter-act the problem of getting your root account hacked, the first thing you’ll want to do when you’ve setup your AWS account is to create a new user and restrict it’s access. Then you will use that newly created user to access AWS, not your root account.
AWS Credentials and Access
The next topic we need to talk about, is your access to AWS. There are two main ways to interact with AWS, programatically, and through the interface. You’ll likely start off by poking around in the AWS interface for a while, but there’ll come a time where you need to access a resource and you’ll need programatic access.
And that’s where the idea of access keys comes in. An access key and secret is a pairing of two strings that are used to grant access to AWS. Access keys allow you to read information about your resources, publish resources, etc. Because they grant access you should be very careful where you put these keys.
MFA stands for multi-factor authentication. With MFA enabled you cannot access your account without having another physical device that you need with you.
When you enable MFA for your account it ensures that if your password is compromised, at least your attacker needs your phone, or a device to log into your account.
Enabling MFA is as simple as a few button clicks from within the IAM interface, so you’ll want to do right as you setup your account.
Learn Infrastructure First
When it comes to learning AWS, the instinctive approach is to start clicking around in the interface to create resources. But, in my experience the poke-around type of learning process can become very frustrating and difficult very quickly.
But why is clicking around so frustrating? And there are a few reasons. The UI for AWS can be difficult, and it often undergoes change — what you learn today might be gone tomorrow. Also behind the scenes AWS can do magical things like launching many services on your behalf — good luck finding those resources to delete them later.
So if clicking around in the interface can become painful, what is a better choice? Learning infrastructure-as-code. Infrastructure as code allows you to define your resources as code, and store them in version control. With infrastructure as code setup you can easily see the changes you’ve made, roll back and delete all your resources. Which can be far less stressful than randomly clicking around in AWS.
For this type of infrastructure as code (provisioning) you have two main choices: CloudFormation and Terraform. CloudFormation is an AWS owned tool, whereas Terraform is an open source alternative. I personally recommend Terraform as it’s not tied to the AWS ecosystem and has some nice functionality.
But whole topic of setting up your account with infrastructure as code is an article in itself, which is why I’ve written it!
If you want to know more about why I recommend learning infrastructure as code before AWS, check out: 5 Important Reasons To Learn Terraform Before Cloud Computing. Or if you’re totally new to infrastructure as code, be sure to check out: Infrastructure As Code: A Quick And Simple Explanation. And lastly, if you want to follow my advice, and start with Terraform be sure to check out: Learn The 6 Fundamentals Of Terraform — In Less Than 20 Minutes.
Part 3: Structure Your AWS Learning
And the last of my three tips for today is to structure your learning. If you don’t structure your learning, you risk getting lost in a sea of details and spending more time learning unnecessary areas whilst neglecting the right ones. But how do we add that structure to our learning?
One of the best ways to add that structure is to take a look at the different AWS exams. Now, I know what you’re thinking: Lou, I don’t know the first thing about AWS, so why would I take an exam? And that’s a fair challenge, but let me explain why the exams are a great logical starting point.
AWS has done a lot of thinking about their exams, and as a result they’ve created a really useful structure. The exams start with foundational skills before becoming specialised in different areas. Which makes them a good reference to structure your learning on. Let’s me show you what I mean, and take a look at the various different exams…
Understanding the AWS exam structure
The AWS exams are broken down into different categories. The associate exams are your more entry level exams, and the professional exams build on top of the associate exams with more detail. You can also go down a specialty route and learning a specific topic like Networking or Security.
Take a look…
Okay, seeing all of the exams is nice, but we know that you’re just starting out, so where should you start as a beginner?
The best place to start as a complete beginner is with the Cloud Practitioner exam. The Cloud Practitioner exam is going to give you a solid basis in AWS. When you’ve completed the Cloud Practitioner exam, you can then take a look at one of the associate exams, Architect, SysOps or Developer depending on your preference.
So let’s say that I’ve done a decent job to convince you that the exams are a good place to start in structuring your learning. Where would you go to begin? One of the best current learning websites for these courses is ACloudGuru. ACloudGuru have a ton of resources on where to start. I’d recommend watching their certification prep guide then you could go ahead and try out the cloud practitioner course.
In the interest of fairness, there are other dedicated services for cloud training, like Cloud Academy and Linux Academy. Which might suit your needs better, so be sure to check those out too. I have just found ACloudGuru to be straight to the point, and consistent which is why I recommend it.
(Disclosure: I am not affiliated with ACloudGuru, and I have no incentive to recommend them other than the fact that I use, and really like their product).
Learn AWS the Easy Way
And that concludes todays look at where to start when learning AWS. I really do hope that helped nudge you in the right direction when it comes to learning AWS. Since we covered a lot today, before you go, let’s just recap the main points. The three tips for starting to learn AWS are:
- Focusing on the core services (EC2, S3 and IAM)
- Getting hands-on and experimenting.
- Using the AWS exams to give your learning structure.
If you stick to these three tips, you won’t go far wrong, and you’ll be up and running in no time. Just remember to setup your account properly (as we’ve already discussed) and you’re golden.
Learning AWS is tough. And you won’t learn everything overnight, so stick at it and let me know how you get on.
Speak soon, Cloud Native friend!