Application Service

ECS (Elastic Container Service)

EC2 Launch Type

  • EC2 instances run in ECS Cluster

  • Allow to manage the underlying infrastructure

  • Make API calls to ECS service

  • Send log to cloudwatch logs

Fargate Launch Type

  • Based on the task definition (the image that want to run)

  • Increase numbers of tasks for scaling

  • Supports auto-scaling, but it requires manual configuration. You need to define and manage scaling policies based on metrics like CPU utilization or request count. ECS gives you more control over the scaling behavior and allows you to customize it according to your application's needs.

ECS VS EKS

Similarity

  • Both are used docker container as the smallest unit, task (ECS) & pod (EKS)

  • Both are container orchestration service

  • Highly available and scalable. Also supports both manual configuration and automated scaling without running out of control

Difference

  • EKS is a managed K8s service you can run on any infrastructure — cloud or on-premises, increasing portability between vendors and lowering vendor-lock in

  • Applying namespace , ingress, service , etc is needed for EKS, but ECS has simple API eliminates complexity while using Route 53 , Elastic Load Balancer , IAM and Cloud Watch for logging

App runner

  • Fully managed service that make it easy to deploy

  • Suitable for Container-based application

  • Automatically scaling, highly available, load balacing are included

Lambda

  • Its nature is actually event listener, listen for SQS message, HTTP request, ...

  • Paid per request and compute time

  • Free tiers of 1000000 requests and 40000 GBs

  • Memory Allocation: 128MB - 10GB

  • Maximum execution time: 900s

  • Max. env variable: 4KB

  • Concurrent execution: 1000

  • Compressed deployment size: 50MB

  • Uncompressed deployment size: 250MB

  • Max. 10 messages from queue can handled for each invocation

  • RDS PostgresDB and Aurora MYSQL can send event notification about DB instance itself (created, stopped, ...) to trigger

  • Suitable for event-driven application, such as report function

Amplify

  • Similar with firebase, supabase

  • providing whole set of function as amplify SDK , but also including CI/CD

  • Amplify can be used in frontend side to conduct CRUD, authentication logic

  • Suitable for fast "full stack" development

CloudFront Function & Lambda Edge

  • Used to change the request and response

  • On CloudFront Function, It can create token for authentication and authorization

API Gateway

  • There are 2 endpoint types

  • Edge-Optimized (default): for global client, request is routed through cloud front edge location, the gateway lives in 1 region

  • Regional: For regional client

  • Private: Need to access from VPC

Event Bridge

  • As an inter-communication channel between different services within the application.

  • Can be triggered by action of aws service to react to trigger the logic in the destination

  • Can be triggered by schedule job

Amazon Cognito

Introduction

  • Provide users' identity for accessing application or aws resources

Cognito User Pools

  • Integrated with API Gateway or load balancer for authentication to application

Cognito Identity Pool

  • To grant the temporary access for aws resources

  • The IAM policy applied to access is defined

PreviousMessage QueueNextServerless Framework

Last updated

Was this helpful?