AWS services and resources ========================== An AWS service is a managed capability provided by AWS that exposes APIs to perform a specific class of tasks on AWS resources. We never directly interact with AWS services. Instead, we call AWS service APIs to perform actions on resources. An AWS resource is a concrete object created and managed by an AWS service. Resources can be created, described, modified, and deleted via AWS APIs, typically using the AWS Console, CLI tools, or SDKs (for example, the ``boto3`` Python package). Examples of AWS resources ------------------------- For example, an EC2 instance is an AWS resource managed by the EC2 service. It can be: - Created (``run-instances``) - Described (``describe-instances``) - Modified (``stop-instances`` / ``start-instances``) - Deleted (``terminate-instances``) Example AWS services and resources ---------------------------------- The table below summarizes common AWS services and the resources they manage. =========================== ================== ===================================== Need AWS service AWS resource =========================== ================== ===================================== Virtual machines EC2 Instances, AMIs, volumes, security groups Object storage S3 Buckets, objects File systems FSx File systems Networking VPC VPCs, subnets, route tables Infrastructure automation CloudFormation Stacks Identity & access IAM Users, roles, policies Batch/HPC orchestration ParallelCluster (No native resources; orchestrates others) Logs CloudWatch Log groups, log streams, metrics, alarms =========================== ================== ===================================== Miscellaneous clarifications ---------------------------- CloudFormation ~~~~~~~~~~~~~~ CloudFormation is a first-class AWS service that owns *stacks*. A CloudFormation stack creates, updates, and deletes other AWS resources defined in its template. ParallelCluster ~~~~~~~~~~~~~~~ AWS ParallelCluster is not a resource-owning service by itself. Instead, it is an orchestration tool that generates CloudFormation stacks to create and manage an HPC cluster on AWS. ParallelCluster operates on top of services such as CloudFormation, EC2, IAM, FSx, and VPC. VPC ~~~ Relationship between region, VPC, subnet, and availability zone (AZ): - A region (for example, ``us-east-1``) can have many VPCs - A VPC belongs to a specific region - A subnet is a slice of a VPC’s IP address space and is associated with a single Availability Zone (for example, ``us-east-1a``) - A VPC or AZ can contain many subnets An EC2 instance (such as a head node or compute node) is launched into a subnet and therefore physically resides in that subnet’s Availability Zone. Although a region may contain many AZs, we typically specify a **subnet ID** rather than an AZ directly, which implicitly selects the AZ.