• The Amazon Web Services Virtual Private Cloud (VPC) provides customers with a logically isolated section of the AWS cloud.
• The customer's VPC, by default, is unable to access the internet, and unable to access executables from the internet
  • The customer can fully control their virtual network environment
  • Certified and easy-to-understand network concepts:
  • Customers can set the IP range
  • ACL/security group
  • Subnetworks
  • Routing table
  • Network gateway
• Possesses an agile and sufficient security policy

• VPC can logically isolate their local environments section (development/testing/production)
• The customer can cease using a specific VPC environment (such as testing) at any time they do not want to use it, and thereby control costs

• The customer can use direct connection to establish a connection with AWS. Then, connecting their datacenter, office, or host administrator environment to AWS, they can cut costs and enhance their bandwidth delivery capacity. And in addition, the connection is more secure and stable than that over the internet

• Combining Chunghwa Telecom's IDC and international backbone network, Chunghwa Telecom can provide the customer with access to global cloud services
• Multiple line types, multiple nodes, multiple routes, distributed backup, high quality direct connect access services

• Dedicated Connection

Dedicated connection uses a 1G or 10G physical Ethernet port for a single customer. Customers can order a dedicated connection directly from AWS through the control panel, CLI, or API

• Hosted Connection

A variety of capacities are provided, from 50M to a maximum of 10G. Chunghwa Telecom deploys each host connection on the network connection shared by AWS and multiple customers, while AWS ensures that the entire hosted connection capacity of the network connections between Chunghwa Telecom and AWS is sufficient. The customer completes acceptance through the AWS management console, CLI, or API to enable the managed connection

• The CDN (Content Delivery Network) refers to computer network systems interconnected through the Internet, using the servers closest to each user to provide faster and more reliable music, pictures, videos, applications, and files to users. This provides high-performance, expandable, and low-cost network content for users

• Is a content delivery network that can transmit data, video, application, and API content securely with low latency and high transmission speeds
• CloudFront save the content the customer wants to deliver to the Edge Server closets to the customer, allowing the customer to access the content nearby
• Accelerates the transmission of content
• Lowers the burden from serve access
• Billing models
• Data transfer, file size, traffic distribution for the edge server location (U.S., Canada, Europe, Japan, Hong Kong, Singapore...), SSL certification

• All connected devices (computers, mobile phones, tablets...) use numbers, called IP addresses, to find and communicate with each other. In other words, when you open a browser to view a website, you don't need to remember the lengthy number; instead, just enter a domain name like "example.com" to connect to the correct location

• Domain name system (DNS) services
• High accessibility and expandability; 100% usable SLA
• Billing models
• Host administration region (domain name and number, e.g., example.com and domain.com), number of user-initiated inquiries, name of net domains purchased through AWS

Routing according to the health status of services

Routing according to weight

Routing according to latency

Routing according to the geographical location

• Objective
• The customer's VPC, by default, is unable to access the internet, and unable to access executables from the internet
• Reason
• After multiple users open EC2 / RDS resources, they become habitually used without much adjustment based on actual user conditions
• Pay as you go is one of the advantages of the cloud. Most IT personnel, when making hardware specification requirements, overestimate hardware in the cloud era because of peak usage.

• Strengths
• Maximized investment efficiency
• Added accuracy for projected usage and billing amounts
• Since usage is regularly monitored, cooperation in teams can be open and transparent
• Both accounts and efficiency are optimized

• User timing
• Ordinary: Long-term collection of the user's conditions, such as CPU, memory, storage I/O, networking.
• Regular: Regular review of the use scenario for efficacy Once per month recommended

• Method
• User billing report and tagging
• Appropriate specifications are selected to replace anything that is deemed ineffective
• A tool is used to assist in right sizing that collects usage data and determines user efficiency

• AWS's built-in resource management function can perform right sizing

All instances are tagged; some common tags include:

• User
• Application
• Environment
• Development environment
• Testing environment
• Production environment

• Instance families are chosen for the particulars of each case
• EC2
  • General purpose
  • Compute optimized
  • Memory optimized
  • Storage optimized
  • Accelerated computing
• RDS
  • General purpose: Standard Performance, Burstable Performance
  • Memory Optimized
  
  

• In AWS, EC2 and RDS are used to delineate several instance families based on multiple applications
• Instances in an instance family each have their own pricing standards. And so in different application cases, the most appropriate and beneficial solution should be chosen to reflect the actual use condition data. For example: If you use choose C (Computation optimized), the unit CPU computational resources are cheaper than other types.
• A newer and cheaper device is chosen for the same type and level of instance. For example: c4.8xlarge EC2 is converted to c4.4xlarge; and US$570 can be saved per month.
• EC2 or RDS burstable devices can be used if your service usage is concentrated over small segments of time.

For example: Uses T instance devices. Uses few computations during off-peak hours to accumulate credits. When more computations are made during peak hours, the credits are used.

• Principle for collection of usage data
• Long-term monitoring of the following situations (over at least two weeks, and preferably over a month)
• vCPU, memory, network
• Attempts to analyze usage characteristics, such as:
• Periodic peak use (daily work-hours email system)
• Predictable instantaneous traffic (bursts of traffic from short-term marketing events)

• Amazon CloudWatch
• Free quota and charges for over-quota use（charging standards)
• Observing CPU usage, network traffic, and hard disk I/O to adjust to suitable instance
• Provides customized dashboard charges; dashboard for US$3/month

• AWS Compute Optimizer
• This function is free (set price on official site)
• Automated analysis of instance usage; and produces a recommendation for device type with one-key switching

• AWS Trusted Advisor
• Paid value-added services are evaluated by AWS certified experts.
• Including best practice inspection and recommendation for five items: cost optimization, security, fault tolerance, efficiency, and services