If you have ever wondered what are the most essential AWS services, I bet you are not alone. I have always wondered too. AWS is blessed with hundreds of services to choose from. All the services are as good as any other. Therefore, it becomes a little challenging to pick one for your application.

However, there are a handful of services that are very popular and works well with most used cases. These services are very essential and you will need to know them for your daily responsibility as AWS cloud engineer. Some of the essential services includes AWS Elastic Beanstalk, EC2 instance, SNS, Relational Database (RDS). The VPC, Subnet, Security Group, IAM, Elastic Block Storage, AWS Outpost, SQS, Code Pipeline. Also, the AWS Elastic Container Registry, AWS Apprunner, Elastic Container Service, Elastic Kubernetes Service, and so on.

I selected these essential aws services and briefly described them here. Moreso, I recommend you bookmark this page for future reference.

Why Should You choose from the Most Essential AWS Services?

Low Ongoing Cost: AWS offers a pay-as-you-go pricing with no up-front expenses or long-term commitments for all of the services. AWS also offers good discount for upfront commitments on services should you choose to do so.
Instant Elasticity & Flexible Capacity: In addition to low cost, you can eliminate guessing on your infrastructure capacity needs. AutoScaling automatically increase or decrease your AWS compute capacity to meet the most essential needs of your application use case.
Speed & Agility: AWS services equip you to develop and deploy your applications faster. So, no more waiting weeks or months for hardware to arrive and get installed. The AWS ecosystem of services facilitate fast deployments to production with very minimal or no downtime.
Apps not Ops: Also with AWS services, you can focus on essential projects. AWS enable you shift resources away from data center investments and operations and move them to innovative new projects.
Global Reach: In addition, you can take advantage of the AWS Regions and launch your apps to global audience in minutes.
Open and Flexible: You choose the development platform or programming model that makes the most sense for your business.
Secure: Your application can take advantage of the multiple layers of operational and physical security in the AWS data centers. This ensures the integrity and safety of your data.

quick overview of common terminologies

HIGH AVAILABILITY
This refers to systems that are durable and likely to operate continuously without failure for a long time. It means making sure your application is always available when a user/customer tries to access it.
FAULT TOLERANCE
This property enables your system to continue operating properly in the event of the failure of one or more of its components. A fault tolerant application is built so one of it’s web servers can fail and still serve traffic to visitors and auto-repair itself i.e self healing.
ELASTICITY
This is the ability of a system or an application to increase and decrease server capacity in size based on usage demand. It is this flexibility that distinguishes cloud technology from traditional models. In most cases, AWS services can automate the elasticity of the services you used.
COST EFFICIENT
Choose the correct services to make a system as inexpensive as possible. The AWS Pricing Calculator can give you an overview of the cost estimate your infrastructure will incur before you deploy them for free.
SECURE
Following proper security guidelines and practices to secure a system is an essential in cloud technology. AWS though have robust security plan and compliance plan for her services, it ensures security as a partnership between the AWS and her customers. This birth the AWS Shared responsibility model.
AWS BEST PRACTICES
A set of AWS guidelines and precautions to note when provisioning and using their services.
SCALABILITY
This is the ability of a system to easily increase in size and capacity in a cost-effective way (usually based on usage demand) just like elasticity.
PRINCIPAL OF LEAST PRIVILEGE
This is one important practice to have a very secure infrastructure. It involves giving a user or service only the rights/access to only the most essential AWS services and resources they need to do their job and nothing more.

the most essential aws services

aws simple storage service (S3)

When you talk of the most essential of AWS services, one service that comes to mind in a flash is the AWS object storage flagship service – S3. The Amazon S3 has a simple web services interface that you can use to store and retrieve any amount of data, at any time, from anywhere on the web.
It gives any user access to the same highly scalable, reliable, fast, inexpensive data storage infrastructure that Amazon uses to run its own global network of websites. The service aims to maximize benefits of scale and to pass those benefits on to users.
You can also use the S3 service to host a static website together with cloudfront. Read more on the powerful features of AWS S3 from the post here.

AWS Virtual Private Cloud

The next popular service will be the service that allows you to create your own logical portion of the cloud where you can deploy every of your services closer to your customers. This is more like having your own scalable datacenter in the cloud.
The AWS VPC allows you to configure your own virtual network, and infrastructures, including selecting the region where you deploy your application just like in a traditional network. However, the VPC is very much scalable unlike the traditional network solution.
There’s no additional charge for using a VPC. Although, AWS can charge you for some VPC components, such as NAT gateways, IP Address Manager, traffic mirroring, Reachability Analyzer, and Network Access Analyzer that you deployed in VPC.
See how to deploy and configure services in VPC here.

subnet

The subnetwork or subnet is a component of in a VPC which further divides the network into different range of IP addresses called CIDR block. Each subnet MUST be pass through a route table. The subnet is where you create each resources in your VPC. Each subnet must reside entirely within one Availability Zone and cannot span zones. In addition, you can protect your applications from the failure of a single Availability Zone by launching AWS resources in separate Availability Zones.
The Subnet can be Public Subnet, which allows traffic from the internet into the resources through the Internet Gateway. Also, the subnet can be Private Subnet, which does not allow public traffic and has not public IP address. Traffic gets into a Private Subnet through the NAT Gateway or NAT Instance deployed in the Public Subnet. Lastly, the VPN Subnet allows a site-to-site traffic through the virtual private gateway only.
By default, AWS will attach any newly created Subnet to the main route table for the VPC, however, you can associate a custom route table which you created.

SECURITY GROUP

This service controls the inflow and outflow of public traffic to your application through a port, from an origin which could be an IP address or another services. The Security Group functions at the server level of your infrastructure. This means, you can attach a security group with specific rules to an EC2 instance, a Load Balancer, Relational Database, or related services that uses inbound and outbound traffic. It is essential to many AWS services to have a Security Group rule configured for it.
By default, a Security Group will automatically allow the outbound or outflow of any inbound or inflow traffic. And that is why it is referred to as a Stateful service.

NETWORK ADDRESS ACCESS CONTROL LIST (NACL)

So, we talked about Security Group controlling traffic at the server level, the NACL controls inbound and outbound traffic at the Subnet level. You can create an additional layer for your VPC using NACL. However, you have the option to use the default NACL which AWS creates for you. The NACL does not automatically allows the outflow or outbound of all traffic. For NACL, you need to explicitly state the traffic that you want allow for both inbound and outbound flow. Otherwise, NACL does not automatically allows the outbound of inbound traffic. That is why you refer to it as a Stateless service.
Also, AWS evaluate NACL rules in order, starting with the lowest numbered rule, when deciding whether allow or deny traffic. NACL rule starts from 1 to 32766

AWS Identity and access management

AWS IAM is another essential service helps you securely control access to AWS resources or services. You can use IAM to control who and what a user or service can do in your account. That means you authenticate and authorize what goes on in your account using the IAM. How cool?
You grant other people permission to administer and use those essential resources in your AWS account without having to share your password or access key.
AWS IAM give you the granular permissions where you can give some users write access to services Amazon EC2, Amazon Redshift, and other AWS services. For other users, you can allow read-only access to just some AWS S3, buckets, or permission to only access your billing information but nothing else. In addition, it is free to use at no extra charge. However, AWS will charge you only when you access other AWS services using your IAM users or AWS STS temporary security credentials. 
Moreso, you can use IAM features to securely provide credentials for applications that run on EC2 instances. I strongly recommend you add two-factor authentication to your account and to individual users for extra security. IAM also comes with API Keys for programmatic (CLI) Access, and Identity federation. In all, IAM give your application a PCI DSS compliant feature.

AWS ELASTIC CLOUD COMPUTE

Elastic Cloud Compute or EC2 instance or simply EC2 is an AWS Service that provides secure and resizable compute capacity in the cloud. It is a device (powerful computer) designed to make web-scale cloud computing easier for developers. You can create an EC2 instance through AWS console, command-line interface or the AWS SDK with the least amount of friction. By default you create root user when you lauch an instance, and also a default sudo privileged user giving you total control of your compute infrastructure. That means you have the capacity to increase the size, stop, restart, reboot, or terminate your instance.
The AWS EC2 essentially provides Flexible Cloud Hosting Services, Highly Secure, with Easy Integration With Most AWS Solutions.
You can launch this server to host many type of application. This could be a simple static site, to a complex API or a dockerized application, or a database. It is one of the most essential service any AWS Cloud Engineer have to know among the other services. Read all you need to know about EC2 instance from here.

AMAZON MACHINE IMAGE

An Amazon Machine Image (AMI) is a master image for the creation of virtual servers also known as EC2 instances. The images which are more like a snapshot of a server, contains information which are configured with an operating system and other software that determine the user’s operating environment. Therefore, you can say they are templates from where an EC2 instance can be launched. Also, You can launch multiple instances from a single AMI when you require multiple instances with the same configuration. And, you can also launch multiple instance from different AMI if the server configuration of the instances are different.
There are three (3) categories of AMI an Engineer can create from.
The Community AMIs: With these AMIs you are just selecting the OS you want. They are free to use.
AWS Marketplace AMIs: They come with additional a packages like licensed software, Volumes, and . And you Pay to use them.
My AMIs: These are AMIs that you create yourself. It can be from an running instance, or a newly created instance with the configuration you want to replicate. Also, you can launch an AMI in a different region from where you create it.
In addition to the above, AMI creator can specify the permission policy to use AMI. You can have the:
Public: Where the owner grants launch permissions to all AWS accounts.
Explicit: Here, the owner grants launch permissions to specific AWS accounts, organizations, or organizational units (OUs).
Implicit: The owner has implicit launch permissions for an AMI.
Use your AMI to launch general purpose instances, compute optimized instances, GPU optimized, Memory optimized instances, Storage optimized instances, High Memory instances.

AMAZON ELASTIC BLOCK STORAGE

Provides block level storage volumes (1 GB to 1 TB ) for use with Amazon EC2 instances. You can mount multiple volumes to the same instance.
EBS volumes are network-attached, and persist independently from the life of an instance. 
Storage volumes behave like raw, unformatted block devices. It can allow users to create a file system on top of Amazon EBS volumes. You can use them in any other way you would use a block device (like a hard drive).
EBS volumes can be in a specific Availability Zone. You can then attach it to instances also in that same Availability Zone. 
Also, AWS automatically replicate each storage volume within the same Availability Zone. EBS provides the ability to create point-in-time snapshots of volumes. These snapshot can persist to Amazon S3. 
Meanwhile, you can use these snapshots as the starting point for new Amazon EBS volumes. Use it to also protect data for long-term durability. Use the same snapshot to instantiate as many volumes as you wish. Moreso, you can copy these snapshots across AWS regions.

AWS LAMBDA

AWS Lambda is serverless computing. It is the next generation of cloud computing that will replace EC2 instances for the most part.
AWS Lambda is a compute service that lets you run code without provisioning or managing servers. AWS Lambda executes your code only when needed and scales automatically, from a few requests per day to thousands per second.
You pay only for the compute time you consume there is no charge when your code is not running. 
With AWS Lambda, you can run code for virtually any type of application or backend service all with zero administration.
AWS Lambda runs your code on a high-availability compute infrastructure and performs all of the administration of the compute resources, including server and operating system maintenance, capacity provisioning and automatic scaling, code monitoring and logging.
All you need to do is supply your code in one of the languages that AWS Lambda support Node.is, Java, C# and Python.”
With Lambada, you have no servers to manage. You can continuous scale, have subsecond metering, and also integrates with almost all other AWS services.
As one of the essential AWS services, use AWS Lambda for: Data Processing, Real-time file processing, real-time stream processing, build serverless backends for web, mobile, IOT, and 3rd party API request.

AWS elastic load balancer

Among the most essential AWS services is the Elastic Load Balancer. The ELB evenly distributes traffic between EC2 instances that are associated with it.
A load balancer distributes incoming application traffic across multiple EC2 instances in multiple Availability Zones. This increases the fault tolerance of your applications. 
Elastic Load Balancing can also detect unhealthy instances and routes traffic only to healthy instances. You can choose to create an LB from any of the 4 types of AWS Load Balancer.
The Application Load Balancer which works are the layer 7 of the OSI model to route HTTP/HTTPS traffic. It also supports path-based routing, and can route requests to one or more ports in a container cluster.
The Network Load Balancer which route TCP/SSL traffic and works at the Layer 4 of the OSI model.  It can handle millions of requests per second.
Classic Load Balancer which is intended for those using the EC2-Classic Network. It is able to provide basic load balancing across multiple Amazon EC2 instances and operates at both the request level and connection level.
Gateway Load Balancer which gives you one gateway for distributing traffic across multiple virtual appliances while scaling them up or down, based on demand.

You can learn more about AWS Load Balancer and how to deploy on from here.

THE AUTOSCALING

Auto Scaling automates the process of adding i.e scaling up or removing i.e scaling down EC2 instances to handle the traffic demand and load for your application.
Also, it helps you ensure that you have the correct number of Amazon EC2 instances available to handle the load for your application. You create collections of EC2 instances, called Auto Scaling groups. You can also specify the minimum desired number of instances in each Auto Scaling group. Auto Scaling ensures that your group never goes below this size. In addition, you can specify the maximum desired number of instances in each Auto Scaling group. Also, Auto Scaling ensures that your group never goes above this size. 
If you specify the desired capacity, either when you create the group or at any time thereafter, Auto Scaling ensures that your group has this many instances. If you specify scaling policies, then Auto Scaling can launch or terminate instances as demand on your application increases or decreases. Autoscaling and AWS LoadBalancer are essential services if you want to enjoy the Elasticity scope of cloud computation on AWS. I made a comprehensive post on how to deploy the AWS Auto Scaling here.

route 53

Another service is the Route 53 is where you configure and manage web domains for websites or applications you host on AWS.
Amazon Route 53 performs three main functions which are:
Domain Registration where Amazon Route 53 lets you register domain names such as example.com.
Domain Name System (DNS) service which enables Amazon Route 53 translates friendly domains names like www.example.com into IP addresses like 192.0.2.1. Amazon Route 53 responds to DNS queries using a global network of authoritative DNS servers, which reduces latency.
And lastly Health Check which helps Amazon Route 53 send automated requests over the Internet to your application to verify that it’s reachable, available, and functional. 
You can use any combination of these functions. For example, you can use Amazon Route 53 as both your registrar and your DNS service, or you can use Amazon Route 53 as the DNS service for a domain that you registered with another domain registrar.

conclusion

AWS has a long list of services that can meet your business needs irrespective of the size and budget. In this post, we touched on some of the most essential AWS services that you will need. There is a continuation of this list with more important AWS services discussed post here.

Once again, I recommend you bookmark this page and revisit as many times as you need for the most essential services you need from AWS.