AWS at a Glance
AWS at a Glance — Categories, Regions, Cost
AWS effectively defined the cloud services market. The service catalog tops 200, but at the category level it boils down to a handful of larger groupings.
1. About AWS
The starting point was Amazon's internal infrastructure tooling.
| When | Event |
|---|---|
| 2002 | Started as Amazon's internal infrastructure tooling. |
| 2006-03 | S3 launches — the first external service. |
| 2006-04 | SQS. |
| 2006-08 | EC2 — the kickoff of the IaaS era. |
| 2014 | ECS · Lambda — containers and serverless. |
| 2018 | EKS — managed Kubernetes. |
It holds the #1 market position by revenue. It sits in the Leader quadrant of Gartner's Magic Quadrant for Cloud IaaS year after year.
2. Core categories
The console shows hundreds of services, but the commonly used ones boil down to nine groupings.
| Category | Representative services |
|---|---|
| Compute | EC2 · Lambda · ECS · EKS · Fargate · Lightsail · App Runner · Beanstalk |
| Storage | S3 · EBS · EFS · FSx · Storage Gateway · Glacier |
| Database | RDS · Aurora · DynamoDB · ElastiCache · Redshift |
| Networking | VPC · Route 53 · CloudFront · API Gateway · ELB |
| Security & identity | IAM · KMS · Secrets Manager · ACM · GuardDuty · WAF · Shield |
| Observability | CloudWatch · X-Ray · CloudTrail |
| Messaging & events | SQS · SNS · EventBridge · Kinesis · MSK |
| AI/ML | SageMaker · Bedrock · Rekognition · Transcribe · Polly |
| Developer tools | CodeCommit · CodeBuild · CodeDeploy · CodePipeline |
New services are added regularly, and some are absorbed into others over time.
3. Regions, Availability Zones, edge
- Region — A geographically isolated AWS infrastructure area. Seoul is
ap-northeast-2. - Availability Zone (AZ) — A bundle of isolated data centers within a region. Usually three or more per region.
- Edge Location — PoPs used by CloudFront · Route 53 · Global Accelerator. 200+.
Spreading across AZs is the most basic answer to single-data-center failure. Production workloads are recommended to span at least 2 AZs.
4. The place of IAM
Almost every AWS call passes through IAM. Identities (users, roles, groups, policies) decide which actions are permitted on which resources. To let EC2 read S3, attach an IAM role to the instance profile.
The standard practice is to avoid daily work with the root account. Enable MFA and operate via separate IAM users or roles.
5. Cost model
Most services bill on demand. Units differ per service.
- EC2 — Instance hours + EBS GB·IOPS + network egress.
- S3 — Storage GB · request count · egress GB · storage class.
- Lambda — Invocation count + execution time (GB·seconds).
- Data transfer (egress) — Free within the same AZ; cross-AZ, cross-region, and external egress are billed. A major operational cost line.
Pricing options:
| Option | Notes |
|---|---|
| On-Demand | Pay for what you use. |
| Reserved Instance · Savings Plans | 1- or 3-year commitment with steep discounts. |
| Spot | Use spare capacity at low cost. Subject to interruption. |
There is a Free Tier — 12 months free plus an always-free allowance. Overages bill automatically, so alarms are needed.
6. Neighboring clouds
| Provider | First appeared | Notes |
|---|---|---|
| Google Cloud | 2008 (App Engine) | Strengths in BigQuery and Kubernetes. |
| Microsoft Azure | 2010 | Friendly to the Microsoft ecosystem. |
| Cloudflare | 2010 (CDN) · 2017 (Workers) | Edge compute focus. R2 (S3-compatible). |
| Fly.io | 2017 | Multi-region container deployment at the edge. |
| Hetzner | 1997 (hosting) · Cloud since 2018 | Europe-based low-cost VPS. |
| DigitalOcean | 2011 | Simple VPS · managed services. |
AWS's strengths are service breadth and enterprise operations features; its weaknesses are the learning curve and unpredictable cost.
7. Common shapes
# Mac/Linux
brew install awscli
aws configure # access key · secret · region
# Windows
winget install Amazon.AWSCLI
aws configure
Profiles are stored under ~/.aws/config and ~/.aws/credentials. Multiple accounts and roles are switched via --profile <name>.
Start small:
- Static site — S3 + CloudFront + ACM.
- Small API — Lambda + API Gateway, or App Runner.
- One or two containers — Lightsail · App Runner. For real workloads, ECS/Fargate.
8. Common pitfalls
Egress costs — Traffic going to other regions or the internet adds up to a major line item. Stay within the same region and use VPC endpoints.
NAT Gateway — Bills both hours and processed GB. If private subnets do a lot of outbound calling, costs balloon.
CloudWatch Logs and metrics — Unbounded collection drives bills up. Set retention policies and filters explicitly.
Leftover resources — EBS, EIP, and load balancers you thought you deleted often linger and bill. Track with cost alarms and tagging policies.
Root credential exposure — Committing access keys to Git is a frequent incident. Use IAM roles and STS short-lived credentials.
Closing thoughts
AWS can do a lot, but the learning curve and cost traps grow alongside that capability. Starting small with on-demand billing inside the Free Tier is the safest path. In production, NAT, egress, and CloudWatch dominate costs, so monitoring is the first step.
Next
- vpc-and-subnet
- ec2
AWS official docs · AWS Free Tier · Well-Architected · AWS CLI v2 · LocalStack · GCP · Azure for reference.