Thursday, 24 March 2022

AWS vs Azure Services Comparison

 To help you learn the different Microsoft Azure services, we’ve come up with this AWS vs Azure services comparison. If you already have some background in AWS (or cloud computing in general) either through work experience or AWS certifications then you won’t have a hard time learning Microsoft Azure.

The following shows the related AWS and Azure services based on function and capabilities. Each AWS service in this list has a similar service in Azure. 

Compute

Amazon EC2 vs. Azure Virtual Machine

 

Amazon EC2

Azure VM

Description

A virtual server that supports both Linux and Windows operating systems.

A Linux-based / Windows-based virtual server that you can provision.

Configurations

EC2 configurations are called instance types.

Virtual machines configurations are called VM series

Images

AMI or operating systems are stored in a root volume. 

VM Images or operating systems are stored in an OS disk.

OS Volumes

Root volume type: General purpose SSD (gp2), Provisioned IOPS SSD (io1 and io2), and Magnetic (standard

OS disk type: Standard HHD, Standard SSD, and Premium SSD

Storage Volumes 

Persistent storage volumes for your data using Elastic Block Storage volumes.  

Persistent storage volumes for your data using Azure Disk. 

Encryption

Encrypt EBS volumes with AWS KMS.

Encrypt OS and data disks with Azure SSE.

Script 

Add a script that will be run on an instance boot called user-data.

Add a script that will be run into the virtual machine while it is being provisioned called custom data.

Security

Security group enables you to create security rules to allow the traffic going to your instances.

NIC network security group  enables you to create security rules to allow or deny the traffic going to your virtual machine. 

Monitoring

Monitor the performance of your EC2 instances with Amazon CloudWatch.

Monitor the performance of your virtual machines with Azure monitor.

Network

All EC2 instances are launched in an isolated network called VPC.

All virtual machines are launched in an isolated network called VNet.

Other Compute Services Comparison

  • AWS Batch and Azure Batch – provision tens, hundreds, or thousands of compute resources based on the job requirements.
  • AWS Auto Scaling and Azure VM Scale Sets – increase or decrease the number of your resources as demand changes.
  • AWS Lambda and Azure Functions – a serverless computing platform to run code in response to events.
  • Amazon ECS, AWS Fargate, and Azure Container Instances – run containerized applications without managing any servers.
  • Amazon ECR and Azure Container Registry – a repository to store and manage container images.
  • Amazon EKS and Azure Kubernetes Service – simplify the management of your containerized applications across a cluster of nodes.

Storage

Amazon S3 vs. Azure Blob

 

Amazon S3

Azure Blob

Description 

Object storage service of AWS

Object storage service of Azure.

Components

S3 is composed of Buckets and objects.

Blob storage resources: Storage Account, Container, and Blob

Max File Size 

The maximum file size for each object is 5 TB.

The maximum file size for each blob: Block (190.7 TiB), Append (195 GiB), and page (8 TiB).

Max Storage Size

Bucket capacity is virtually unlimited.

Single blob container size is the same as the maximum storage account capacity.

Tiers

S3 tiers: Standard, Standard-IA, One Zone-IA, Intelligent – Tiering, Glacier, Deep Archive

Blob tiers: Hot, Cool, and Archive.

Durability

Data durability across multi-AZ is 11 9’s.

Data durability across LRS (11 9’s), ZRS (12 9’s), GRS, and RA-GRS, and RA-GRS (16 9’s).

Replication 

Copy objects across S3 buckets in different AWS Regions using Cross-Region Replication. 

Copy block blobs between a source and destination account using Object Replication.

CDN 

Cache content from a static website with Amazon CloudFront.

Cache content from a static website with Azure CDN.

Encryption 

Encrypt objects using Client-Side and Server-Side Encryption.

Encrypt storage account using Microsoft- and Customer-manage keys.

Endpoint 

Endpoint:

<tutorialsdojo> .s3. <region> .amazonaws.com

Endpoint:

<tutorialsdojo> .blob.core.windows.net

Other Storage Services Comparison

  • Amazon EBS and Azure Disk – a disk storage to store your data and operating system.
  • Amazon EFS  and Azure Files – create and configure file systems and share your files across multiple resources.
  • AWS Storage Gateway and Azure StorSimple – simplify storage management by using a hybrid cloud storage solution.
  • AWS Snow Family and Azure Data Box – transfer petabytes and exabytes of data to the cloud.

Database

Amazon RDS vs. Azure SQL

 

Amazon RDS

Azure SQL

Description

Configure and scale a relational database in the cloud.

Fully managed and intelligent relational database in the cloud. 

DB Engines 

Database engines: Amazon Aurora, PostgreSQL, Oracle, MariaDB, and Microsoft SQL Server 

Database Engine: Microsoft SQL Server

Serverless

The serverless database is called Amazon Aurora Serverless.

The serverless database is called Azure SQL Database serverless,

Templates 

DB templates are Free Tier, 

Dev/Test, and Production.

DB templates are Basic, Standard, and Premium.

Performance

DB performance: Standard, Memory-Optimized, and Burstable Classes

DB performance: General Purpose, Hyperscale, and Business Critical

High Availability 

Eliminate a single point of failure with Multi-AZ deployment.

Eliminate a single point of failure with zone redundant configuration.

Secondary DB

Create readable secondary databases in the same or different region with read replicas 

Create readable secondary databases in the same or different region with active geo-replication

Backup

Automated backups retention period up to 35 days.

Monitoring 

Monitor the metrics of your database with Amazon CloudWatch

Monitor the metrics of your database with Azure Monitor.

Endpoint 

Endpoint: 

rds. <region> .amazonaws.com

Endpoint: 

<server_name> .database.windows.net

Other Database Services Comparison

  • Amazon DynamoDB and Azure Cosmos DB – a database model for document and key-value stores.
  • Amazon Redshift and Azure Synapse Analytics – a cloud data warehouse service used for analytics and business intelligence tools.
  • Amazon ElastiCache and Azure Cache for Redis – an in-memory-based caching service to improve the performance of your existing database.
  • AWS DMS and Azure DMS – automate the migration of your data from multiple databases.

Networking

Amazon VPC vs. Azure VNet

 

Amazon VPC

Azure VNet

Description

A virtual network service in AWS where you can launch your resources.

An isolated network service in Azure to run your VMs and applications.

Default

Default VPC in each region. 

Default VNet is not existing.

Reserved  IP address 

AWS reserves 5 IP addresses within each subnet.

Subnets

Subnets are from /28 to /16.

Subnets are from /29 to /8.

Subnet Types

Subnets types: Private, Public and VPN-only

Subnets types: Private, Public and Gateway 

Static IP address

You can assign a static IPv4 to your resources with Elastic IP address 

You can assign a static IPv4 and IPv6 address to your resources.

Security 

Secure your network using NACLs and Security Groups.

Secure your network using NSGs and ASGs.

Gateways

Types of gateways: Internet Gateway, Egress-only, NAT Gateway, Virtual Private Gateway, and Customer Gateway

Types of gateways: VPN Gateway and ExpressRoute Gateway 

Route Table

By default, subnets are automatically associated with the main route table.

Route tables are not automatically associated with your subnets.

Peering 

VPC peering enables communication between two VPCs.

VPC peering enables the communication between virtual networks. 

Other Networking Services Comparison

  • AWS VPN Gateway and Azure VPN Gateway – secure connection from your on-premises network to your cloud private network.
  • Amazon Route 53 and Azure DNS – helps you manage your DNS records.
  • AWS Direct Connect and Azure ExpressRoute – dedicated private connection between the cloud provider and your data center.
  • Amazon ELB: NLB and Azure Load Balancer – layer 4 load balancer for TCP and UDP protocols.
  • Amazon ELB: ALB and Azure Application Gateway – load balancer for layer 7 traffic (SSL termination, cookie stickiness, and round-robin routing).

Security and Identity

AWS Identity & Access Management (IAM) vs. Azure Active Directory & RBAC

 

AWS IAM

Azure AD & RBAC

Description 

Create and manage users, 

Groups, roles, and policies in your account. 

Create users and group with Azure Active Directory.

MFA

Secure your account by activating MFA.

Secure your account by activating MFA in Azure AD.

Groups

IAM groups allow you to organize a large number of IAM users.

Azure AD allows you to assign a large number of users to groups.

Roles

Delegate administrator roles using identitybased policies.

Delegate administrator roles using Azure AD.

Access 

Access resources only in the AWS console

Azure AD supports hybrid identity to access resources in the cloud or on-premises.

Monitoring

Monitor the status of your user accounts with a credential report.

Monitor the security and usage patterns of your environment with Azure AD reports and monitoring.

Domain 

Unique account sign-in page URL: https://<My_AWS_Account_ID>.signin.aws.amazon.com/console/

The domain name of Azure AD tenant:

<Azure_Tenant>.onmicrosoft.com

Permission 

Grant users temporary permission using IAM roles.

RBAC enables you to grant users certain roles to access specific resources.

Policy 

A collection of permission written in JSON is called IAM policies.

A collection of permissions written in JSON is called role definition in RBAC.

Multiple roles

You can assign multiple permissions to an IAM user.

You can assign multiple roles to a resource group with RBAC.

Other Security and Identity Services Comparison

  • AWS WAF and Azure WAF on Application Gateway – protects web applications from common exploits and vulnerabilities.
  • AWS Shield and Azure DDoS Protection – protect your resources from denial of service attacks.
  • AWS KMS and Azure Key Vault – create and manage the keys used to encrypt your data.
  • AWS Trusted Advisor and Azure Advisor – provides recommendations in operational excellence, security, performance, reliability, and cost.
Posted by at No comments:

Amazon MQ

 

  • AWS offering for managed message broker service for Apache ActiveMQ. Message brokers allow different software systems–often using different programming languages, and on different platforms–to communicate and exchange information.
  • Amazon MQ also supports RabbitMQ, a popular open-source message broker. Migrate your existing RabbitMQ message brokers to AWS without having to rewrite code.

Features

    • Amazon MQ uses industry-standard APIs and protocols for messaging, including Java Message Service (JMS), .NET Message Service (NMS), AMQP, STOMP, MQTT, OpenWire, and WebSocket.
    • Amazon MQ manages administrative tasks such as hardware provisioning, broker setup, software upgrades, and failure detection and recovery.
    • Amazon MQ stores your messages redundantly across multiple Availability Zones (AZs).
    • Amazon MQ supports both single-instance brokers, suitable for evaluation and testing, and active/standby brokers for high availability in production. In the event of a failure of the broker, or even a full AZ outage, Amazon MQ automatically fails over to the standby broker.
  • ActiveMQ messaging features
    • ActiveMQ provides all the standard JMS features including:
      • point-to-point (message queues),
      • publish-subscribe (topics),
      • request/reply,
      • persistent and non-persistent modes,
      • JMS transactions,
      • and distributed (XA) transactions.
    • ActiveMQ also supports more complex patterns such as:
      • composite destinations (producers can send the same message to multiple destinations)
      • virtual destinations (publishers broadcast messages via a topic to a pool of receivers subscribing through queues)
    • ActiveMQ preserves the order of messages sent by a single producer to all consumers on a topic.
    • ActiveMQ supports message groups, which enable multiple consumers on a queue to process messages within a group in first-in, first-out (FIFO) order.
    • ActiveMQ also supports message redelivery and dead letter queues when a message cannot be delivered to its destination.

Brokers

    • A message broker environment running on Amazon MQ. It is the basic building block of Amazon MQ.
    • Brokers created without public accessibility can’t be accessed from outside of your VPC.
    • Broker Types
      • Single-instance broker is comprised of one broker in one Availability Zone. The broker communicates with your application and with an AWS storage location.

        Amazon MQ 2

      • An Active/standby broker for high availability is comprised of two brokers in two different Availability Zones, configured in a redundant pair. These brokers communicate synchronously with your application, and with a shared storage location.

Amazon MQ 3

    • Broker instance types
      • Mq.t2.micro
        • mq.t2.micro instances are designed for initial product evaluation
      • Mq.m4.large
      • Mq.m5.large
        • mq.m5.large instance for default production usage
      • Mq.m5.xlarge
      • Mq.m5.2xlarge
      • Mq.m5.4xlarge
    • network of brokers is comprised of multiple simultaneously active single-instance brokers or active/standby brokers. You can configure networks of brokers in a variety of topologies (for example, concentrator, hub-and-spokes, tree, or mesh).

Configuration

    • A configuration contains all of the settings for your ActiveMQ broker, in XML format.
    • Making changes to a configuration does NOT apply the changes to the broker immediately. To apply your changes, you must wait for the next maintenance window or reboot the broker.

Security and Monitoring

    • Amazon MQ provides encryption of your messages at rest and in transit.
    • Connections to the broker use SSL, and access can be restricted to a private endpoint within your Amazon VPC.
    • Authentication from applications to the ActiveMQ broker itself is provided using username and password-based authentication.
    • Amazon MQ supports LDAP authentication and authorization with directory services like Microsoft Active Directory.
    • Amazon MQ is HIPAA eligible and meets standards for PCI, SOC, and ISO compliance.
    • You can configure Amazon MQ to publish general and audit logs to Amazon CloudWatch Logs.

Pricing

    • You pay for the time your message broker instance runs (price varies depending on the size of the instance used), the storage you use monthly, and standard data transfer fees.

  • IBM MQ

    • IBM MQ is messaging middleware that simplifies and accelerates the integration of diverse applications and business data across multiple platforms.
    • It uses message queues to facilitate the exchange of information.
  • Features
      • It offers a single messaging solution for cloud, mobile, IoT, and on-premises environments.
      • The IBM MQ service on AWS supports client messaging applications from
        • within your virtual private cloud (VPC),
        • from trusted addresses on the internet,
        • and via a VPN from your on-premises environment.
      • Secure message delivery with end-to-end encryption.
      • Dynamic scaling via auto scaling groups since IBM MQ runs on an EC2 instance running on a pre-built AMI.
    • The IBM MQ server is typically placed in a private subnet, spanning across two availability zones for high availability. The only ways to access it are through two ports exposed by a public facing elastic load balancer (ELB) or, if you need to SSH to the host, via a Bastion server from the public subnet.
    • All the queue manager data is stored on Amazon EFS.
Posted by at No comments:

Amazon Mechanical Turk

 

  • A forum where Requesters post work as Human Intelligence Tasks (HITs). Workers complete HITs in exchange for a reward. Essentially crowdsourcing.
  • You write, test, and publish your HIT using the Mechanical Turk developer sandboxAmazon Mechanical Turk APIs, and AWS SDKs.
  • Benefits
    • Optimize efficiency since MTurk is well-suited to take on simple and repetitive tasks in your workflows which need to be handled manually.
    • Increase flexibility since MTurk lets you gain access to a global, on-demand, 24×7 workforce without the difficulty associated with dynamically scaling.
    • Reduce cost by hiring and managing a temporary workforce. MTurk provides a pay-per-task model.
  • Concepts
    • Requester is a company, organization, or person that creates and submits tasks (HITs) to Amazon Mechanical Turk for Workers to perform.
    • Human Intelligence Task (HIT) represents a single, self-contained task that a Requester submits to Amazon Mechanical Turk for Workers to perform.
      • Each HIT has a lifetime, specified by the Requester, that determines how long the HIT is available to Workers.
      • A HIT also has an assignment duration, which is the amount of time a Worker has to complete a HIT after accepting it.
    • Worker is a person who performs the tasks specified by a Requester in a HIT.
      • The Requester specifies how many Workers can work on a task.
      • Amazon Mechanical Turk guarantees that a Worker can work on each task only one time.
    • Developers create the Mechanical Turk applications that Requesters and Workers use.
      • Requesters can create and advertise work using the Mechanical Turk command line interface or the Requester User Interface and thereby not need developers
    • An Assignment specifies how many people can submit completed work for your HIT. When a Worker accepts a HIT, MTurk creates an assignment to track the work to completion. The assignment belongs exclusively to the Worker and guarantees that the Worker can submit results and be eligible for a reward until the time the HIT or assignment expires.
    • reward is the money a Requester pays to Workers for the satisfactory work they do on HITs.
    • Qualification is an attribute assigned by you to a Worker. It includes a name and a number value. A HIT can include Qualification requirements that a Worker must meet before they are allowed to accept the HIT.
Posted by at No comments:

AWS DeepLens

 

  • A deep learning-enabled camera for developers
  • A wireless-enabled camera integrated with AWS Cloud
  • Capable of delivering 100GFLOPS of computing power (1 billion operations per second)
  • Contains sample projects at launch to get you started
  • Optimized for Apache MXNet, TensorFlow, and Caffe
  • Integrates with Amazon Rekognition for advanced image analysis

Common use cases

  • Developing computer vision applications such as:
    • Face Detection
    • Activity Detection
    • Object Detection
    • Bird Classification 
    • Artistic Style Transfer

AWS DeepLens needs 3 AWS services to create a project:

  • Amazon SageMaker 
    • Train/validate custom or pre-trained models 
  • AWS Lambda
    • Preprocessing 
    • Capturing inference
    • Displaying output
  • AWS IoT Greengrass
    • Deploys application project and Lambda runtime to AWS DeepLens 
    • Handles software and configuration updates

AWS DeepLens Device Library

  • awscam module
      • Runs inference code based on a project’s model.
  • mo module
      • Converts Caffe, Apache MXNet, or TensorFlow deep-learning model artifacts into AWS DeepLens model artifacts.
      • Provides optimizations for AWS DeepLens model artifacts.
  • DeepLens_Kinesis_Video module
    • Can send video feeds from the AWS DeepLens device to Amazon Kinesis Video Streams.
Posted by at No comments:

Amazon Translate

 

  • A Neural Machine Translation service that provides fluent translation with higher accuracy than traditional statistical and rule-based translation models.
  • Powered by deep learning models that deliver fast, accurate, and affordable translation between supported languages.
  • Supports batch translation, real-time, and on-demand translations.

Common Use Cases

  • Language localization
  • Translating content for text analytics
  • Cross-lingual communication

Concepts

  • Amazon Translate uses a Translation Model that consists of two (2) components:
    • Encoder
      • Read a source text one word at a time.
      • Creates a semantic representation of each word.
    • Decoder
      • Uses the constructed semantic representation of the encoded text and translates it to the target language one word at a time.
      • The decoder also uses a method called the Attention mechanism to translate obscure words or phrases correctly.
  • When Automatic Language Detection is enabled, Amazon Translate uses Amazon Comprehend on the backend to automatically detect the language used in the source text.

Features

  • Broad Language Coverage
  • Neural-Network Based
    • Produces high-quality translations by utilizing deep learning technologies.
  • Customized Machine Translation
    • Enables you to tailor your translations to suit domain-specific terminologies.
    • Useful for changing the tone, style, and word choices for the translated text.
  • Secure Machine Translation
    • Communications between Amazon Translate and your application is SSL-protected.

Pricing

  • Standard Translation
    • Billed for $15.00 per million characters
  • Active Custom Translation
    • Billed for $60.00 per million characters
Posted by at No comments:
Subscribe to: Posts (Atom)