1. Trade capital expense for variable expense 2. Benefit from massive economies of scale 3. Stop guessing capacity 4. Increase speed and agility 5. Stop spending money running and maintaining data centers 6. Go global in minutes
1. 將資本支出轉換為變動支出 2. 享受巨大的規模經濟效益 3. 停止猜測容量 4. 提高速度和敏捷性 5. 停止花錢運行和維護資料中心 6. 幾分鐘內實現全球化部署
• IaaS (Infrastructure as a Service): Highly flexible, manages servers like Amazon EC2. • PaaS (Platform as a Service): Focus on application deployment, no need to manage underlying infrastructure like AWS Elastic Beanstalk. • SaaS (Software as a Service): Complete product service like Gmail, Amazon SageMaker.
• IaaS (基礎設施即服務):高度靈活,管理伺服器 (如 Amazon EC2)。 • PaaS (平台即服務):專注應用程式部署,無需管理底層 (如 AWS Elastic Beanstalk)。 • SaaS (軟體即服務):完整的產品服務 (如 Gmail, Amazon SageMaker)。
• Public Cloud • Hybrid Cloud: Combines on-premises and cloud resources • Private Cloud / On-premises
• 公有雲 • 混合雲:結合地端與雲端資源 • 私有雲 / 地端部署
• Security OF the Cloud - AWS's responsibility: Physical data centers, hardware, global network infrastructure. • Security IN the Cloud - Customer's responsibility: Customer data, IAM access management, OS patching, network firewalls like Security Groups, and data encryption.
• 雲端本身的安全性 (Security OF the Cloud) - AWS 的責任:實體資料中心、硬體、全球網路基礎設施。 • 雲端內部的安全性 (Security IN the Cloud) - 客戶的責任:客戶資料、IAM 權限管理、作業系統修補、網路防火牆 (如安全群組) 與資料加密。
Controls who can access AWS resources. Core principle is the "Principle of Least Privilege". • Users: People or applications. • Groups: Collections of users. • Roles: Assumed by AWS services to gain temporary permissions. • Policies: JSON documents defining permissions.
控制誰能存取 AWS 資源。核心原則是「最小權限原則」。 • 使用者 (Users):人員或應用程式。 • 群組 (Groups):包含使用者的集合。 • 角色 (Roles):分配給 AWS 服務以暫時獲得權限。 • 政策 (Policies):定義權限的 JSON 文件。
• AWS WAF (Web Application Firewall): Protects web applications from common attacks like SQL Injection. • AWS Shield: Protects against DDoS attacks; Standard tier is free. • Amazon Macie: Uses machine learning to discover and protect sensitive data in S3.
• AWS WAF:保護 Web 應用程式免受常見攻擊 (如 SQL 注入)。 • AWS Shield:防止 DDoS 攻擊 (Standard 版本為免費提供)。 • Amazon Macie:利用機器學習發現與保護 S3 中的敏感資料。
• Amazon EC2: Provides virtual servers with full control of the OS. • AWS Lambda: Serverless compute, pay only for code execution time, no servers to manage. • Amazon ECS/EKS: Services for container orchestration.
• Amazon EC2:提供虛擬伺服器,對作業系統有完全控制權。 • AWS Lambda:無伺服器 (Serverless) 運算,只需為程式碼執行時間付費,無需管理伺服器。 • Amazon ECS/EKS:用於管理 Docker 容器的服務。
• Amazon S3: Object storage, high durability, suitable for backups and static website hosting. • Amazon EBS: Block storage, must be attached to an EC2 instance, suitable for databases. • Amazon S3 Glacier: Extremely low-cost service for data archiving and long-term backup.
• Amazon S3:物件儲存,高耐久性,適合備份與靜態網站託管。 • Amazon EBS:區塊儲存,必須附加到 EC2 實例上使用,適合資料庫。 • Amazon S3 Glacier:極低成本的資料封存與長期備份服務。
• Amazon RDS: Relational database supporting MySQL, PostgreSQL, etc. • Amazon DynamoDB: Serverless, low-latency NoSQL key-value database. • Amazon Redshift: Data warehouse designed for big data analytics.
• Amazon RDS:關聯式資料庫 (支援 MySQL, PostgreSQL 等)。 • Amazon DynamoDB:無伺服器、低延遲的 NoSQL 鍵值資料庫。 • Amazon Redshift:為大數據分析設計的資料倉儲。
• Amazon VPC: Launch AWS resources in a logically isolated virtual network. • Amazon Route 53: Highly available and scalable cloud DNS web service. • Amazon CloudFront: Content Delivery Network (CDN) delivering static and dynamic content with low latency globally.
• Amazon VPC:讓您在邏輯隔離的虛擬網路中啟動 AWS 資源。 • Amazon Route 53:高可用性且可擴展的雲端網域名稱系統 (DNS) Web 服務。 • Amazon CloudFront:內容傳遞網路 (CDN),以低延遲向全球使用者交付靜態與動態內容。
• On-Demand Instances: No long-term commitment, pay by the second/hour, highest flexibility. • Reserved Instances: 1 or 3-year commitment, highest discount, suitable for predictable workloads. • Spot Instances: Uses spare AWS capacity, extremely cheap but can be interrupted, suitable for fault-tolerant workloads. • Dedicated Hosts: Physical servers dedicated to you for strict licensing and compliance needs.
• 隨需執行個體 (On-Demand):無長期承諾,按秒/小時付費,靈活度最高。 • 預留執行個體 (Reserved):承諾 1 或 3 年,享有最高折扣,適合穩定用量。 • 競價型執行個體 (Spot):利用 AWS 閒置容量,極度便宜但隨時可能被中斷,適合容錯工作。 • 專用主機 (Dedicated Hosts):實體伺服器完全供您使用,滿足嚴格的軟體授權與合規需求。
• Basic Support: Customer service and documentation access. • Developer Support: Business hours technical support. • Business Support: 24/7 technical support for production environments. • Enterprise Support: Includes a designated Technical Account Manager (TAM).
• Basic 計畫:客戶服務與文件存取。 • Developer 計畫:營業時間內技術支援。 • Business 計畫:生產環境全天候技術支援。 • Enterprise 計畫:配備專屬的技術客戶經理 (TAM)。
• AWS Cost Explorer: Visualize and forecast costs. • AWS Budgets: Set custom budgets and receive alerts when exceeding them. • AWS Pricing Calculator: Estimate monthly costs before provisioning resources.
• AWS Cost Explorer:視覺化分析與預測已經發生的成本。 • AWS Budgets:設定自訂預算,超支時發送提醒。 • AWS Pricing Calculator:在建置資源前,預估每月成本。